Privacy Policy

You’re reading this because you’ve either checked out our site, used our app, or snagged one of our products or services. This policy also applies if you’re just visiting our site or interacting with us casually, even if you don’t have an account. If that sounds like you, this policy applies.

For data protection purposes, Secret.Broker (referred to as “we,” “us,” “our”) is the organization that determines how and why your personal data is processed—in other words, we act as the “data controller.” Our contact information can be found in the “Updates and Contact Info” section below.

We collect personal and non-personal information to provide and improve our services:

Personal Information

• Information that directly identifies you, such as your name, email address, and payment details.
• Information you share when registering, placing orders, or submitting forms.

Non-Personal Information

• Data that does not directly identify you, such as IP addresses, browser types, device information, and activity on our website or app.

Derived Data vs. Non-Personal Information

Our [Terms of Service] reference “Derived Data,” which is aggregated, anonymized, or otherwise transformed data that no longer directly identifies you. Any mention of non-personal information in this Privacy Policy includes Derived Data. We use such data to improve our services, run analytics, and develop new features.

Exclusions

• We do not collect sensitive personal information (e.g., social security numbers, genetic data, health information, or religious beliefs).
• If you’re making a payment, we may collect financial info (e.g., credit card details) to process your transaction, but we won’t store it longer than necessary.
• If you’re handing over someone else’s info, make sure they’re okay with it.

We collect data in two main ways:

1. Automatically (The Techy Stuff)

• Website: IP addresses, browser details, and user activity.
• App: System details, app usage, and analytics.

2. When You Share It

• During registration, placing orders, or submitting forms.

Consent and Legal Basis

• Consent: When you explicitly agree to specific uses of your data.
• Contractual Necessity: To fulfill our obligations and deliver the services or products you request.
• Legal Obligation: To comply with applicable laws or regulations that require data processing.
• Legitimate Interests: For improving services, ensuring security, fraud prevention, or other reasonable business purposes, provided it doesn’t override your privacy rights.

• Deliver features and services.
• Personalize your experience.
• Ensure smooth operation and security of our platform.

We don’t knowingly collect personal info from kids under 13. If we find out that a child has shared data, we’ll delete it. Parents, if you suspect this has happened, contact us at [email protected].

1. Our Group Companies: For operational purposes and to enhance your experience across our services.
2. Service Providers: Contractors helping us deliver and improve our services (payment processors, IT support, analytics providers).
3. Legal Authorities: If required by law, such as in response to subpoenas, court orders, or other valid legal processes. When permitted, we’ll notify you before sharing your data unless prohibited by law.
4. Marketing: We might share aggregated, non-personal stats with advertisers or partners. Your personal data will not be shared for marketing without your consent.
5. Ownership Changes: If we’re acquired or merge with another company, your data may be transferred under the same terms. You’ll be notified of such changes.

Depending on where you live, you may have certain rights regarding your personal data, including:

• Access: Request a copy of your data.
• Correction: Fix inaccurate or incomplete data.
• Deletion: Request deletion of your data (subject to legal requirements).
• Portability: Request a portable copy of your data.
• Objection: Object to processing, including for marketing.

To exercise these rights, contact us at [email protected]. We’ll respond within 30 days.

Lodging Complaints with Authorities

If you believe your personal data has been processed unlawfully or your rights have been infringed, you have the right to lodge a complaint with the supervisory authority responsible for data protection in your country of residence.

• EU/EEA: You may contact the data protection authority in the EU member state where you live, work, or where the alleged infringement occurred. A list of EU supervisory authorities is available here.
• UK: You may contact the Information Commissioner’s Office (ICO) via ico.org.uk.
• Other Regions: If your local jurisdiction provides a similar mechanism, you can file a complaint according to your local data protection laws.

Retention

We’ll keep your data only as long as necessary or legally required. Non-personal or aggregated data may be retained for analytics, security, or other operational purposes. You can delete your account, and we’ll remove your personal data within 30 days unless retention is legally mandated.

Additional Security Measures

• Encryption of data in transit and at rest (where applicable).
• Firewalls and Secure Servers to protect against unauthorized access.
• Role-Based Access Controls, granting system privileges only to authorized personnel who need it.
• Periodic Monitoring and Testing of our systems for vulnerabilities.

While we strive to keep your data safe, no method of data transmission or storage can be guaranteed 100% secure. In the event of a data breach, we’ll notify affected individuals and authorities as required by law.

Your data may be processed in countries outside your own, including regions that may not have the same level of data protection as your home country. To safeguard your information during these transfers, we will implement measures like Standard Contractual Clauses (SCCs) and secure transfer protocols, ensuring your data is handled securely and in accordance with applicable privacy laws.

We may update this policy from time to time. By continuing to use our services, you agree to the latest version. If you have questions, reach out to us at:

Email: [email protected]