Privacy Policy

Last updated: June 30, 2026

1. Introduction

Bepaza ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal data when you use our e-commerce platform. Bepaza is based in Denmark and complies with the General Data Protection Regulation (GDPR).

2. Data We Collect

We collect the following types of data:

• Account data: Name, email address, and password when you register.
• Store data: Products, orders, customer information, and store settings you create through the platform.
• Payment data: Billing information processed securely through our payment provider (Stripe). We do not store credit card numbers.
• Usage data: How you interact with the Service, including page views, feature usage, and error logs.

3. How We Use Your Data

We use your data to:

• Provide and maintain the Service
• Process payments and manage subscriptions
• Send important service notifications
• Improve the platform based on usage patterns
• Provide customer support

4. Data Storage and Security

All data is stored on servers located within the European Union. We use industry-standard encryption (TLS/SSL) for data in transit and at rest. Access to personal data is restricted to authorized personnel only.

5. Data Sharing

We do not sell your personal data. We share data only with:

• Payment processors: Stripe, for processing payments securely.
• Infrastructure providers: Hosting services within the EU for platform operation.

6. Your Rights (GDPR)

Under the GDPR, you have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Export your data in a portable format
• Object to or restrict processing of your data
• Withdraw consent at any time

To exercise these rights, contact us at [email protected].

7. Cookies

We use essential cookies required for the Service to function (session management, authentication). We do not use tracking cookies or third-party advertising cookies.

8. Data Retention

We retain your account data for as long as your account is active. Upon account deletion, personal data is removed within 30 days. Anonymized usage data may be retained for analytics purposes.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email. The "last updated" date at the top reflects the most recent revision.

10. Contact

For privacy-related questions or to exercise your data rights, contact us at [email protected].

Data Controller: Bepaza, Denmark, European Union.