Privacy Policy for BizHub365

1. Data Controller

BizHub365 is the Data Controller responsible for processing your personal data.

2. Personal Data We Collect

We may collect and process the following types of personal data:

• Account Information: Name, email address, contact information, and business information (such as business name and address).
• Authentication Data: We use Firebase Authentication to secure your account, which collects your email address, encrypted password, and may collect other authentication data.
• Usage Data: IP address, browser type, device information, and activity logs (such as pages viewed and time spent on the platform).
• Communication Data: Any records of communications you send to us, such as support requests, emails, or feedback.

3. How We Use Your Data

We process your data to provide, improve, and secure BizHub365. Specifically, we may use your data for the following purposes:

• Account Management: To register and manage your account, including authentication and verification.
• Service Delivery: To provide and enhance platform features, tools, and functionality.
• Communication: To send you service-related updates, notifications, and responses to support requests.
• Analytics: To monitor usage patterns and gather insights into how the platform is used, helping us improve BizHub365.
• Security: To protect against fraud, security incidents, and other unauthorised activities.
• Legal Compliance: To comply with any applicable legal obligations or respond to lawful requests from public authorities.

4. Legal Bases for Processing

Under GDPR, we rely on the following legal bases to process your data:

• Performance of a Contract: To provide and manage your account on BizHub365.
• Legitimate Interests: For security, analytics, and platform improvement.
• Consent: For specific uses where you have explicitly given consent (e.g., optional email marketing).
• Legal Obligation: Where processing is required to comply with applicable laws.

5. Data Sharing and Disclosure

• Service Providers: We use Google Firestore and Firebase Authentication, provided by Google, Inc., to securely store data and manage user authentication. Google’s Privacy Policy and data processing terms apply to these services.
• Legal Requirements: We may disclose your data if required by law or in response to valid legal processes.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity, provided that the terms of this Privacy Policy continue to apply.

6. Data Storage and Security

• Data Storage: Your data is stored securely on Google Firestore, a cloud service managed by Google that complies with GDPR standards.
• Security Measures: We implement technical and organisational measures to protect your data, including encryption in transit and at rest, firewalls, access control, and regular security reviews.
• Data Retention: We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy or as required by law. When your data is no longer needed, we securely delete it.

7. Your Rights

Under GDPR, you have the following rights concerning your personal data:

• Access: You have the right to request access to the personal data we hold about you.
• Rectification: You may request that we correct any inaccuracies in your personal data.
• Erasure: You may request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected.
• Restriction: You may request that we restrict the processing of your personal data in certain circumstances.
• Portability: You have the right to obtain a copy of your personal data in a structured, commonly used, and machine-readable format.
• Objection: You may object to the processing of your data based on legitimate interests.
• Withdraw Consent: If we process your data based on consent, you have the right to withdraw your consent at any time.

To exercise your rights, please contact us at [Your Contact Email]. We will respond to your request within one month, as required by GDPR.

8. Data Transfers Outside the UK, Isle of Man, or Channel Islands

Your data is stored in Google’s servers, which may be located outside the United Kingdom, Isle of Man, or Channel Islands. Google complies with the EU-U.S. Data Privacy Framework and other mechanisms under GDPR to ensure your data is adequately protected. By using BizHub365, you consent to this transfer.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on BizHub365. Cookies are small text files that are stored on your device. You can manage cookies through your browser settings, though disabling cookies may affect your experience on our platform.

For more information, please refer to our Cookie Policy [Link to Cookie Policy].

10. Children’s Privacy

BizHub365 is not intended for children under 18 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with their data, please contact us, and we will take steps to delete this information.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of any material changes by posting a notice on the platform or contacting you via email. Your continued use of BizHub365 after changes have been made will signify your acceptance of the revised policy.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your data, please contact us: