General Data Protection Regulation (GDPR) Compliance Policy

Effective Date: December the 26th 2024

Last Updated: December the 26th 2024

Introduction

Warasse (our Platform) is committed to protecting the privacy and personal data of our users. As a crowdfunding platform operating in Africa, we adhere to the European Union’s General Data Protection Regulation (GDPR) to ensure the proper management, protection, and lawful use of personal data.

This policy outlines how Warasse collects, uses, processes, and protects personal data, ensuring transparency and compliance with GDPR requirements.

1. Data Controller Information

Warasse is the Data Controller responsible for the personal data processed via our platform. You can contact us at:

Warasse Contact Information: Email: contact@warasse.com
Phone: [Insert Contact Number]
Address: [Insert Address]

2. Personal Data We Collect

We collect the following categories of personal data:

  • Identity Information: Name, date of birth, identification documents.

  • Contact Information: Email address, phone number, physical address.

  • Financial Information: Bank details, payment information.

  • Platform Usage Information: User-generated content, interactions on the platform, crowdfunding project details.

  • Technical Data: IP address, browser type, operating system, and device information.

3. Legal Basis for Processing Personal Data

We process personal data based on the following legal grounds:

  • Consent: Explicit consent provided by users for specific purposes.

  • Contractual Necessity: To fulfill our obligations under user agreements.

  • Legal Obligation: Compliance with applicable laws and regulations.

  • Legitimate Interests: For platform improvements, fraud prevention, and service optimization.

4. Purposes of Data Processing

We process personal data for the following purposes:

  1. Facilitating crowdfunding campaigns and transactions.

  2. Verifying user identities and conducting due diligence.

  3. Providing customer support and communication.

  4. Ensuring compliance with legal and regulatory requirements.

  5. Improving and personalizing user experience on the platform.

  6. Preventing fraudulent activities and maintaining platform security.

5. Data Sharing and Recipients

We may share personal data with:

  • Service Providers: Payment processors, IT service providers, and marketing partners, Contabo.

  • Regulatory Authorities: To comply with legal obligations.

  • Crowdfunding Project Owners: Limited information as necessary for campaign administration.

  • Other Third Parties: With explicit user consent or as required by law.

6. International Data Transfers

As a platform operating globally, we may transfer personal data to third parties located outside the European Economic Area (EEA). Such transfers are conducted under:

  • Adequacy Decisions: By the European Commission.

  • Standard Contractual Clauses (SCCs): Approved by the European Commission.

  • User Consent: When applicable.

7. Data Retention

We retain personal data only as long as necessary for the purposes outlined in this policy or as required by law. Data retention periods are as follows:

  • Financial and transaction data: [Insert Retention Period]

  • User account information: Until account deletion or [Insert Retention Period].

  • Legal compliance data: Retained as mandated by applicable laws.

8. Data Subject Rights

Under GDPR, you have the following rights:

  • Access: Request access to your personal data.

  • Rectification: Correct inaccurate or incomplete personal data.

  • Erasure: Request deletion of your personal data (subject to legal obligations).

  • Restriction: Request restriction of processing under certain conditions.

  • Portability: Receive a copy of your personal data in a structured format.

  • Objection: Object to processing based on legitimate interests.

  • Withdraw Consent: At any time, without affecting the lawfulness of prior processing.

To exercise these rights, contact us at contact@warasse.com.

9. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Data encryption

  • Secure data storage

  • Regular system audits

  • Access controls and authentication protocols

10. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance platform functionality and analyze user behavior. For more details, refer to our [Cookie Policy](link to Cookie Policy).

11. Complaints and Contact Information

If you have concerns about our data processing practices, you can:

  • Contact Us: contact@warasse.com

  • Lodge a Complaint: With your local data protection authority or the European Data Protection Board (EDPB).

12. Updates to this Policy

We may update this GDPR compliance policy periodically. Updates will be communicated through our platform and will include a revised "Last Updated" date.

Acknowledgment and Consent

By using the Warasse platform, you acknowledge that you have read, understood, and agree to this GDPR Compliance Policy