Privacy Policy

# Privacy Policy

**Last Updated: November 2024**

At Bashere Penny Auctions (“Bashere,” “we,” “us,” or “our”), we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our website and services.

## 1. Information We Collect

### 1.1 Information You Provide

**Account Information:**
– Name
– Email address
– Password (encrypted)
– Phone number
– Date of birth
– Mailing address

**Payment Information:**
– Credit/debit card details (processed securely by payment providers)
– Billing address
– PayPal account information
– Payment history

**Profile Information:**
– Username
– Profile picture (optional)
– Bidding preferences
– Communication preferences

**Communications:**
– Customer support inquiries
– Email correspondence
– Chat messages
– Phone call recordings (with notice)

### 1.2 Information Collected Automatically

**Usage Data:**
– IP address
– Browser type and version
– Device information
– Operating system
– Pages visited
– Time and date of visits
– Time spent on pages
– Referring websites
– Click patterns

**Bidding Data:**
– Bid history
– Auctions viewed
– Win/loss records
– Credits purchased
– Credits spent
– Auction participation patterns

**Cookies and Tracking:**
– Session cookies
– Persistent cookies
– Analytics cookies
– Advertising cookies
– Local storage data

### 1.3 Information from Third Parties

**Payment Processors:**
– Transaction confirmation
– Payment status
– Fraud detection data

**Social Media:**
– If you connect social media accounts (optional)
– Profile information
– Email address
– Friends list (if shared)

**Identity Verification Services:**
– Government-issued ID verification
– Address verification
– Age verification

## 2. How We Use Your Information

### 2.1 To Provide Services

– Create and manage your account
– Process your bids
– Conduct auctions
– Process payments
– Deliver won items
– Provide customer support
– Send transactional emails (confirmations, receipts)

### 2.2 To Improve Services

– Analyze usage patterns
– Optimize site performance
– Develop new features
– Conduct research
– Fix bugs and technical issues
– Enhance user experience

### 2.3 To Communicate

– Send account notifications
– Provide customer support
– Send promotional emails (with consent)
– Announce new features
– Share updates and news
– Request feedback

### 2.4 For Security and Fraud Prevention

– Detect and prevent fraud
– Monitor suspicious activity
– Verify identity
– Enforce our Terms and Conditions
– Protect against unauthorized access
– Comply with legal obligations

### 2.5 For Marketing (With Consent)

– Send promotional emails
– Display personalized ads
– Offer special deals
– Conduct surveys
– Analyze marketing effectiveness

## 3. How We Share Your Information

### 3.1 We Share Information With:

**Service Providers:**
– Payment processors (PayPal, Stripe)
– Shipping carriers (UPS, FedEx, USPS)
– Email service providers
– Customer support platforms
– Analytics providers
– Cloud storage providers
– Security services

**Business Partners:**
– Only when necessary for service delivery
– Under strict confidentiality agreements
– Never for their independent marketing

**Legal Requirements:**
– Law enforcement (when required by law)
– Courts and legal proceedings
– Government agencies
– To protect our rights
– To prevent fraud or illegal activity

**Business Transfers:**
– In case of merger or acquisition
– During bankruptcy proceedings
– Asset sales
– (You will be notified of any changes)

### 3.2 We Do NOT:

– Sell your personal information
– Rent your personal information
– Share your information for others’ marketing purposes
– Disclose your bidding history publicly
– Share your payment information
– Give your data to data brokers

## 4. Cookies and Tracking Technologies

### 4.1 Types of Cookies We Use

**Essential Cookies:**
– Maintain your session
– Remember your login
– Process your bids
– Cannot be disabled

**Analytics Cookies:**
– Track site usage
– Measure performance
– Understand user behavior
– Can be disabled in settings

**Marketing Cookies:**
– Display relevant ads
– Track ad effectiveness
– Personalize content
– Can be disabled in settings

**Preference Cookies:**
– Remember your settings
– Save your preferences
– Improve user experience
– Can be disabled in settings

### 4.2 Managing Cookies

You can control cookies through:
– Browser settings
– Our cookie preferences tool
– Opting out of third-party tracking
– Deleting existing cookies

**Note:** Disabling essential cookies may affect site functionality.

### 4.3 Third-Party Tracking

We use:
– Google Analytics (opt-out: [https://tools.google.com/dlpage/gaoptout](https://tools.google.com/dlpage/gaoptout))
– Facebook Pixel
– Other advertising networks

## 5. Data Security

### 5.1 Security Measures

We implement industry-standard security measures:
– SSL/TLS encryption for all data transmission
– Encrypted password storage
– Secure payment processing
– Regular security audits
– Firewall protection
– Intrusion detection systems
– Access controls and authentication
– Employee training on data security

### 5.2 Payment Security

– We do NOT store complete credit card numbers
– Payment data is tokenized
– PCI DSS compliant payment processing
– Two-factor authentication available

### 5.3 Data Retention

We retain your data:
– As long as your account is active
– As required by law
– As needed for legitimate business purposes
– Until you request deletion (subject to legal requirements)

**Deletion Timeline:**
– Inactive accounts: Deleted after 3 years of inactivity
– Deleted accounts: Data removed within 30 days
– Some data retained for legal/accounting purposes (7 years)

### 5.4 Data Breaches

In the event of a data breach:
– We will notify affected users within 72 hours
– We will notify relevant authorities as required
– We will provide details of the breach
– We will explain steps we’re taking to prevent recurrence

## 6. Your Privacy Rights

### 6.1 Right to Access

You have the right to:
– View your personal data
– Download your data
– Request a copy of your data
– Verify the data we hold about you

**How:** Visit [My Account](/my-account/) or email privacy@bashere.com

### 6.2 Right to Correction

You have the right to:
– Correct inaccurate data
– Update outdated information
– Complete incomplete data

**How:** Edit directly in [My Account](/my-account/) or contact support

### 6.3 Right to Deletion

You have the right to request deletion of your personal data, subject to:
– Legal retention requirements
– Pending transactions
– Ongoing disputes
– Fraud prevention needs

**How:** Email privacy@bashere.com with subject “Data Deletion Request”

### 6.4 Right to Restrict Processing

You have the right to request that we limit how we use your data.

**How:** Contact privacy@bashere.com with specific restrictions

### 6.5 Right to Data Portability

You have the right to:
– Receive your data in a machine-readable format
– Transfer your data to another service

**How:** Request data export at privacy@bashere.com

### 6.6 Right to Object

You have the right to object to:
– Processing for marketing purposes
– Automated decision-making
– Profiling

**How:** Opt-out via account settings or email privacy@bashere.com

### 6.7 Right to Withdraw Consent

You can withdraw consent at any time for:
– Marketing emails (click unsubscribe)
– Optional data processing
– Cookie usage (via cookie settings)

## 7. Children’s Privacy

### 7.1 Age Restriction

– Our services are NOT intended for users under 18
– We do not knowingly collect data from minors
– If we discover we have collected data from a minor, we will delete it immediately

### 7.2 Parental Notice

If you believe we have collected information from a minor, please contact us immediately at privacy@bashere.com.

## 8. International Data Transfers

### 8.1 Data Location

– Our servers are located in the United States
– Your data may be transferred to and processed in other countries
– We ensure adequate protection through:
– Standard contractual clauses
– Privacy Shield frameworks (when applicable)
– Other approved transfer mechanisms

### 8.2 EU Users

If you are in the European Economic Area (EEA):
– We comply with GDPR
– You have additional rights under GDPR
– Contact our Data Protection Officer: dpo@bashere.com

### 8.3 California Residents

Under the California Consumer Privacy Act (CCPA), you have additional rights:
– Right to know what data we collect
– Right to know if we sell data (we don’t)
– Right to delete data
– Right to opt-out of data sales (not applicable)
– Right to non-discrimination

**How:** Email privacy@bashere.com with “CCPA Request”

## 9. Third-Party Links

### 9.1 External Websites

Our Site may contain links to third-party websites:
– We are not responsible for their privacy practices
– We encourage you to read their privacy policies
– These sites are not controlled by us

### 9.2 Social Media

If you interact with our social media:
– Your interactions are governed by the platform’s privacy policy
– We may receive limited data from these platforms
– You can control what data is shared in the platform’s settings

## 10. Marketing Communications

### 10.1 Email Marketing

We send marketing emails only with your consent:
– Promotional offers
– New feature announcements
– Special deals
– Newsletters

**Opt-Out:** Click “unsubscribe” in any marketing email or adjust settings in [My Account](/my-account/)

### 10.2 Transactional Emails

We will always send transactional emails (regardless of marketing preferences):
– Order confirmations
– Shipping notifications
– Account security alerts
– Bid confirmations
– Win notifications
– Password resets

### 10.3 SMS/Text Messages

We only send SMS with your explicit consent:
– Auction alerts
– Bid notifications
– Win confirmations

**Opt-Out:** Reply “STOP” to any message or adjust settings in [My Account](/my-account/)

## 11. Automated Decision-Making

### 11.1 Profiling

We may use automated systems to:
– Detect fraud
– Recommend auctions
– Personalize content
– Set credit limits
– Identify suspicious activity

### 11.2 Your Rights

You have the right to:
– Object to automated decisions
– Request human review
– Challenge the outcome

**How:** Contact privacy@bashere.com

## 12. Changes to This Privacy Policy

### 12.1 Updates

We may update this Privacy Policy:
– Changes will be posted on this page
– We will update the “Last Updated” date
– Significant changes will be notified via email
– Continued use after changes constitutes acceptance

### 12.2 Notification

For material changes:
– Email notification to all users
– 30-day notice period before changes take effect
– Opportunity to review and accept

## 13. Contact Information

### 13.1 Privacy Questions

For privacy-related questions or concerns:

**Privacy Team:**
Email: privacy@bashere.com
Phone: (555) 123-4567
Response Time: Within 48 hours

**Data Protection Officer:**
Email: dpo@bashere.com
(For GDPR-related inquiries)

**Mailing Address:**
Bashere Penny Auctions
Attn: Privacy Department
[Your Business Address]
Phoenix, AZ [ZIP]

### 13.2 Exercising Your Rights

To exercise any privacy rights:
1. Email privacy@bashere.com
2. Include your account email
3. Specify which right you wish to exercise
4. Provide any necessary verification
5. We will respond within 30 days

## 14. Accessibility

We are committed to making our Privacy Policy accessible to everyone. If you need this policy in an alternative format:
– Large print
– Audio
– Braille
– Other accessible format

Contact: accessibility@bashere.com

## 15. Consent

By using Bashere, you consent to:
– Collection of your information as described
– Use of cookies and tracking technologies
– Processing of your data as outlined
– Transfer of data as necessary for services
– This Privacy Policy

If you do not agree, please do not use our services.

## 16. State-Specific Rights

### 16.1 California (CCPA/CPRA)

California residents have specific rights:
– Right to know
– Right to delete
– Right to opt-out
– Right to non-discrimination
– Right to correct
– Right to limit sensitive data use

### 16.2 Virginia (VCDPA)

Virginia residents have rights to:
– Confirm processing
– Access data
– Delete data
– Obtain data copy
– Opt-out of targeted advertising

### 16.3 Colorado (CPA)

Colorado residents have rights similar to Virginia residents.

**Exercise State Rights:** Email privacy@bashere.com with “State Privacy Rights” in subject

## 17. Data Protection Impact Assessments

For high-risk processing activities, we conduct Data Protection Impact Assessments (DPIAs) to ensure:
– Privacy risks are identified
– Mitigation measures are implemented
– Compliance with regulations
– User rights are protected

## 18. Your Responsibilities

You are responsible for:
– Keeping your password secure
– Updating your information
– Using the Site lawfully
– Protecting your account
– Notifying us of security issues

## 19. Acknowledgment

BY USING BASHERE, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY AND AGREE TO ITS TERMS.

*This Privacy Policy was last updated on November 13, 2024.*

*We are committed to protecting your privacy and will continue to update our practices to ensure your data is secure.*

**Questions? Contact us at privacy@bashere.com** 📧

This will close in 0 seconds