Privacy Policy

Effective date: 10/01/2025

1. Overview & Applicability

This Global Privacy Policy (“Policy”) governs how Jumpspree, Inc. and its affiliates (“Jumpspree,” “we,” “us,” or “our”) handle Personal Data worldwide. It applies to all users of the Jumpspree website, mobile and desktop apps, software tools, APIs, services, and offline data collection activities. This Policy covers all transactions, including standard marketplace sales and purchases or sales conducted via Jumpspree Live, our livestream selling feature. We comply with international data protection laws, including the EU GDPR, UK GDPR, CCPA/CPRA, PIPEDA, Australia’s Privacy Act, and relevant laws in India, Brazil, Japan, Mexico, and other jurisdictions.

2. Definitions

• Personal Data: Information identifying an individual (e.g., name, email, IP, transaction history).
• Processing: Any action on Personal Data, including collection, storage, use, sharing, or deletion.
• Controller: Jumpspree, which determines how and why Personal Data is processed.
• Processor: Third parties acting on Jumpspree’s behalf (e.g., Stripe, AWS).
• User Content: Information uploaded or shared by you, including livestream content, comments, and chat messages.
• Sensitive Data: Highly private data such as biometric info, political beliefs, or union membership; we do not knowingly collect this.

3. Data We Collect

We collect Personal Data through multiple sources, including voluntary submissions and automatic capture, for both standard listings and livestream transactions:

• Registration & Account Information: Name, email, password, username, date of birth (for age verification), phone, profile images.
• Business Data (Optional): For sellers, business name, address, registration, tax ID, reseller authorization, livestream credentials.
• User Content : Posts, comments, product listings, media files (photos, GIFs, videos), profile bios, search history, browsing behavior, poll responses, purchased items, livestream chat messages, and follow lists.
• Communication Data : Direct messages, chat threads, inquiry forms, livestream interactions, email feedback, call logs where recorded.
• Transactional Information : Buyer/seller records including order numbers, items sold, pricing, payment metadata, promotions, shipping, returns, livestream session purchases, Purchase Protection activity.
• Usage and Diagnostic Data : Device model, OS, unique device identifiers, IP address, geolocation (if enabled), session duration, crash logs, livestream analytics, performance metrics, app version, browser type.
• Preference Data : Notification selections, email preferences, feed filters, language/region settings.
• Third-Party Identities : OAuth/SSO tokens for integrations (Google, Apple, X, Threads).

4. How We Use Your Data (Purposes & Legal Basis)

We process Personal Data for these core purposes, including livestream-specific functionality:

a. Platform Functionality & Account Management : Registration, login, profile display, listing management, livestream creation, scheduling, and interactions.

b. Transaction Processing & Purchase Protection : Processing sales, payments, livestream orders, shipping, cancellations, refunds, disputes, and compliance with tax and consumer laws.

c. Compliance & Safety: Enforcing minimum age requirements, livestream content moderation, filtering prohibited content, and reporting illegal activity to authorities.

d. Service Improvement & Personalization: Analyzing usage trends, livestream engagement metrics, feature adoption, and providing personalized notifications and recommendations.

e. Marketing & Communications: Sending service updates, livestream announcements, promotions, newsletters, and audience-targeted campaigns.

f. Analytics & Performance Monitoring: Measuring app and livestream performance, crash reports, and user engagement metrics to optimize the experience.

g. Legal Obligations: Retaining transactional and livestream data for tax, audit, and regulatory compliance.

5. Legal Grounds for Processing

• GDPR/UK GDPR: Consent for marketing, contractual necessity for Platform and livestream features, legal obligations for taxes and child protection, legitimate interests for fraud prevention and analytics.
• CCPA/CPRA: Business or commercial processing; rights to disclosure, deletion, or opt-out; Jumpspree does not sell personal data.
• PIPEDA/Privacy Act and counterparts: Consent as required, ability to correct or delete personal data.

6. Data Sharing & Disclosure

We share data selectively:

• Service Providers: Stripe (payments/fraud), AWS/Google Cloud (hosting), SendGrid/Twilio (notifications), analytics tools (Mixpanel, Firebase, Segment).
• Social Media Integration: Cross-posting and livestream sharing via Channels (X, Threads).
• Legal & Safety Enforcement: Authorities for child protection or fraud, including livestream activity.
• Business Transactions: Mergers, acquisitions, or financing events, with confidentiality safeguards.
• Aggregated/De-identified Data: Used for analytics or promotional purposes.

We do not sell or rent Personal Data to third parties.

7. International Data Transfers

Your data may be transferred internationally using Standard Contractual Clauses, Binding Corporate Rules, adequacy decisions, or localized processing as required. Livestream data is included in these transfers.

8. Data Retention

• Account & Profile Data: Retained while account is active; deleted 90 days after deactivation unless legal obligations require retention.
• Transactional Data: Standard and livestream orders retained for 7 years for audit, tax, Purchase Protection, and customs obligations.
• Analytics: User-level data anonymized after 180 days; aggregated data retained indefinitely.
• Dispute & Livestream Data: Retained until final resolution plus 3 years.

9. Your Privacy Rights

• GDPR/UK GDPR: Access, portability, correction, deletion, restriction, objection, complaint rights.
• CCPA/CPRA: Disclosure, deletion, opt-out of sale (we do not sell), non-discrimination.
• PIPEDA & other global rights: Access, correction, and complaint procedures.

Contact privacy@jumpspree.com for inquiries; responses provided within 30 days (45 days in EU).

10. Cookies and Tracking

We use cookies, SDKs, and tracking for: functional login and livestream operation, analytics (app/livestream performance), advertising, social plug-ins, and Channels integration. Preferences are manageable via device/browser settings.

11. Security Safeguards

TLS encryption, AES-256/KMS storage encryption, RBAC access controls, penetration testing, incident response planning, staff privacy training. Users must secure their credentials and notify us immediately if compromised.

12. Child Abuse & Protection

Zero tolerance enforcement. Livestream content is actively monitored. Adult Safeguarding Teams, content filters, and reporting ensure protection of minors. Violations trigger suspension, investigation, law enforcement notification, and data preservation protocols.

13. False or Misleading Information Policy

We review and remove misleading or harmful content, including livestream content. Appeals can be made to privacy@jumpspree.com within 30 days. Repeat offenders may face suspension.

14. Automated Decision-Making

Algorithms personalize feeds, detect harmful behavior, and moderate livestream content. Users may request review or meaningful logic explanation.

15. Changes to Policy

Major updates posted in-app, emailed, and notified 30 days prior. Continued use implies consent; minor updates apply immediately.

16. Contact & Dispute Resolution

Email: privacy@jumpspree.com

Other relevant regulatory bodies as applicable