Last updated: August 12th, 2024
At PyBazaar, we are committed to protecting the privacy and rights of our users. This GDPR Compliance Statement outlines our practices concerning the collection, use, and protection of personal data in accordance with the General Data Protection Regulation (GDPR) of the European Union.
1. Data Controller
PyBazaar acts as the data controller for personal data collected through our platform. We do not currently have a designated Data Protection Officer (DPO).
2. Data Processing Location
PyBazaar is hosted on a DigitalOcean server located in Frankfurt, Germany. While our services are accessible worldwide, user data is not explicitly exported outside this location.
3. Personal Data Collection and Processing
3.1 Types of Data Collected
We collect and process the following personal data:
Mandatory information:
- Name
- Username
- Email address
- Password (encrypted)
Optional information:
- Bio
- City, state, and country
- Skills
- Avatar
- Education
- Experience level
- Spoken languages
- Website
- Social links
- Technical preferences
- Working preferences
3.2 Legal Basis for Processing
The processing of personal data is based on user consent, which is obtained through the acceptance of our Privacy Policy and Terms of Use during account creation.
3.3 Purpose of Data Processing
Personal data is processed for the following purposes:
- Providing and maintaining user accounts
- Offering personalized job and resource recommendations based on user preferences
3.4 Automated Decision-Making and Profiling
PyBazaar uses automated processing to provide users with recommended job offers and resources based on their profile preferences. This processing does not produce legal effects or similarly significant impacts on users.
4. Data Security Measures
To ensure the security of user data, we implement the following measures:
- All data transfers to and from our servers are secured using SSL certificates.
- Regular security audits and updates are performed on our systems.
5. Data Retention and Deletion
- User data is retained for the duration of account activity.
- Upon account deletion, personal data is immediately removed from our main database.
- Backup copies containing user data are retained for 7 days after deletion for system integrity purposes.
6. User Rights Under GDPR
Users have the following rights regarding their personal data:
- Right to Access: Users can view their stored information through their account interface at any time.
- Right to Rectification: Users can modify their personal information directly through the platform's user interface.
- Right to Erasure: Users can delete their account and associated data at any time through the platform.
- Right to Data Portability: While we do not currently offer data portability, users can contact us to request their data.
- Right to Object: Users can object to the processing of their personal data by contacting us.
7. Exercise of User Rights
Users can exercise most of their rights directly through the PyBazaar user interface. For additional assistance or inquiries:
- Contact us
- We will respond to all requests within 2 working days
8. Data Breach Notification
In the event of a data breach that may expose personal data to unauthorized parties, we will:
- Notify affected users via email within 72 hours of becoming aware of the breach
- Provide information about the nature of the breach and steps taken to address it
9. Third-Party Data Sharing
PyBazaar does not share personal user information with third parties, except as required by law or with explicit user consent.
10. International Data Transfers
While PyBazaar is accessible worldwide, we do not explicitly transfer user data outside the EU/EEA. All data is processed and stored on our servers in Frankfurt, Germany.
11. Changes to This Statement
We may update this GDPR Compliance Statement from time to time. We will notify users of any significant changes by posting a prominent notice on our platform and updating the "Last updated" date at the top of this statement.
12. Contact Us
If you have any questions about our GDPR compliance or wish to exercise your data protection rights, please contact us.
We are committed to addressing your concerns and ensuring our compliance with GDPR regulations.