Privacy Policy

.   Scope and updates of this User Privacy Notice


This User Privacy Notice applies to your use of this website and services (including payment services), products and tools (collectively the "Services"), regardless of how you access or use these Services, including access via mobile devices and apps. For additional regional disclosures, please see section 12. Regional and State Privacy Disclosures below.



2. Controller

Which our group company is responsible for the collection and processing of your personal data in connection with the provision of the Services depends on how you use our Services.


2.1 Use of the Services


Depending on the region in which you are located, one of the following our group companies is responsible for the collection and processing of your personal data in connection with the provision of our Services (except payment services for sellers):


3.  Data protection officer and contact

We have appointed data protection officers in several countries to oversee the protection of your personal data. You will find the contact details of your data protection officer in the list of our data protection officers - opens in new window or tab in our Privacy Center - opens in new window or tab.


Furthermore, if you have any questions or complaints regarding this User Privacy Notice, our global data protection principles (see section 6.1 Data transfers to our Inc. corporate family members under section 6. International data transfers below) or our handling of personal data, you can contact our Privacy Team or the controller who is responsible for the processing of your personal data at any time (for further information, see section 2. Controller above). This applies regardless of whether we have appointed a data protection officer in your country or not. You can find all necessary information and contact details - opens in new window or tab in our Privacy Center - opens in new window or tab.


4.  What personal data we collect and process  

We collect your personal data when you use our Services, create a new account, provide us with information via a web form, add or update information in your account, participate in online community discussions or otherwise interact with us. We also collect personal data from other sources (such as other Inc. corporate family members, credit agencies or bureaus, and data providers).




5.  Purposes and legal basis for data processing and categories of recipients


We process your personal data for various purposes and based on several different legal bases that allow this processing. For example, we process your personal data to provide and improve our Services, to provide you with a personalized user experience on this website, to contact you about your account and our Services, to provide customer service, to provide you with personalized advertising and marketing communications, and to detect, prevent, mitigate and investigate fraudulent or illegal activity. We also share your information with third parties, including service providers acting on our behalf, for these purposes. In addition, we may share your personal data among our group companies in order to fulfill our contract with you under the User Agreement and, if applicable, the Payments Terms of Use.



6.  International data transfers  

Some recipients of your personal data are located outside your country or have offices in countries where data protection laws may provide a different level of protection than the laws in your country. When transferring personal data to such recipients, we provide appropriate safeguards.


7.  Storage duration and erasure  

Your personal data will be stored by us and our service providers in accordance with applicable data protection laws to the extent necessary for the processing purposes set out in this User Privacy Notice (see section 5. Purposes and legal basis for data processing and categories of recipients for more information on the processing purposes). Subsequently, we will delete your personal data in accordance with our data retention and deletion policy or take steps to properly render the data anonymous, unless we are legally obliged or permitted to keep your personal data longer (e.g. for legal compliance, tax, accounting or auditing purposes, or to detect and prevent fraudulent or illegal activity). In Europe, the retention periods are generally between 6 and 10 years (e.g. for contracts, notifications and business letters). As far as legally permissible or required, we restrict the processing of your data instead of deleting it (e.g. by restricting access to it). This applies in particular to cases where we may still need the data for the execution of the contract or for the assertion of or defense against legal claims, or where such retention is otherwise required or permitted by law. In these cases, the duration of the restriction of processing depends on the respective statutory limitation or retention periods. The data will be deleted after the relevant limitation or retention periods have expired.



8.  Rights as a data subject  

Subject to possible restrictions under national law, as a data subject, you have the right to access, rectification, erasure, restriction of processing and data portability with regard to your personal data. In addition, you can withdraw your consent and object to our processing of your personal data on the basis of our legitimate interests. You can also lodge a complaint with a supervisory authority.



9.  Cookies & similar technologies  

When you use our Services, we and selected third parties use cookies and similar technologies to provide you with a better, faster and safer user experience or to show you personalized advertising. Cookies are small text files that are automatically created by your browser and stored on your device when you use the Services. You can find detailed information about the use of cookies and similar technologies and your choices in our User Cookie Notice.



10.  Data security  

We protect your personal data through technical and organizational security measures to minimize risks associated with data loss, misuse, unauthorized access and unauthorized disclosure and alteration. To this end we use firewalls and data encryption, for example, as well as physical access restrictions for our data centers and authorization controls for data access. You can find further information on our data security in our Security Center - opens in new window or tab.


11.  Other important information regarding data protection


This section contains important additional information about the protection of personal data in connection with the use of our Services, including whether you are required to provide personal data.


12. Regional and State Privacy Disclosures


For additional regional disclosures for residents of certain U.S. states, including California, please review our State Privacy Disclosures - opens in new window or tab page. For additional disclosures for specific regions or countries, including Brazil and mainland of People's Republic of China, please review our Regional Privacy Disclosures - opens in new window or tab page.