Summary
This Privacy Policy describes how GBSaaS ("we," "us," or "our") collects, uses, and protects your personal information when you use our services. We are committed to maintaining the privacy and security of your data and complying with applicable data protection laws including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Information We Collect
1.1 Information You Provide Directly
We collect information that you voluntarily provide when using our service, including:
- Account Information: Name, email address, password, and profile details when you create an account
- Payment Information: Billing address, payment method details (processed securely through our payment providers)
- Communications: Messages, feedback, and support requests you send to us
- User Content: Any content, data, or materials you upload, create, or store through our service
1.2 Information Collected Automatically
When you access or use our service, we automatically collect:
- Device Information: Device type, operating system, browser type, unique device identifiers
- Log Data: IP address, access times, pages viewed, referring URL, and actions taken
- Usage Data: Features used, interactions with the service, and performance metrics
- Location Data: General geographic location based on IP address
1.3 Information from Third Parties
We may receive information about you from:
- Authentication Providers: When you sign in using third-party services (e.g., Google, GitHub)
- Payment Processors: Transaction confirmations and fraud prevention data
- Analytics Services: Aggregated usage patterns and demographics
2. How We Use Your Information
We process your personal information for the following purposes:
2.1 Service Provision
- Provide, maintain, and improve our services
- Process transactions and manage your subscription
- Authenticate your identity and secure your account
- Provide customer support and respond to inquiries
2.2 Communication
- Send transactional emails (confirmations, receipts, security alerts)
- Provide service updates and announcements
- Send marketing communications (with your consent, where required)
2.3 Safety and Security
- Detect, prevent, and address fraud, abuse, and security issues
- Enforce our terms of service and protect our legal rights
- Comply with legal obligations and law enforcement requests
2.4 Analytics and Improvement
- Analyze usage patterns to improve user experience
- Develop new features and services
- Conduct research and generate aggregated insights
3. Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA), UK, or Switzerland, we process your personal data based on the following legal grounds:
| Legal Basis | Purpose |
|---|---|
| Contract Performance | Processing necessary to provide our services and fulfill our contractual obligations |
| Legitimate Interests | Analytics, security, fraud prevention, and service improvements |
| Legal Obligation | Compliance with applicable laws and regulations |
| Consent | Marketing communications and optional features (you may withdraw consent at any time) |
4. Information Sharing and Disclosure
We do not sell your personal information. We may share your information in the following circumstances:
4.1 Service Providers
We engage trusted third-party service providers to perform functions on our behalf, including:
- Cloud hosting and infrastructure
- Payment processing
- Email delivery
- Analytics and monitoring
- Customer support tools
These providers are contractually bound to protect your information and use it only for the specified purposes.
4.2 Legal Requirements
We may disclose your information when required by law, court order, or governmental authority, or when we believe disclosure is necessary to:
- Comply with applicable laws or legal process
- Protect our rights, privacy, safety, or property
- Prevent fraud or security issues
4.3 Business Transfers
In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.
4.4 With Your Consent
We may share your information in other circumstances with your explicit consent.
5. Data Retention
We retain your personal information for as long as necessary to:
- Provide our services and maintain your account
- Comply with legal obligations (e.g., tax, accounting requirements)
- Resolve disputes and enforce our agreements
When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are legally required to retain it for longer periods.
6. Your Privacy Rights
6.1 General Rights
You have the right to:
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your personal data
- Portability: Receive your data in a structured, machine-readable format
- Objection: Object to processing based on legitimate interests
- Restriction: Request restriction of processing in certain circumstances
6.2 Rights for EEA, UK, and Swiss Residents
In addition to the above, you have the right to:
- Withdraw consent at any time (where processing is based on consent)
- Lodge a complaint with your local data protection authority
6.3 Rights for California Residents (CCPA/CPRA)
California residents have additional rights including:
- Right to Know: Categories and specific pieces of personal information collected about you
- Right to Delete: Request deletion of personal information
- Right to Correct: Request correction of inaccurate personal information
- Right to Opt-Out: Opt out of the sale or sharing of personal information (we do not sell your data)
- Non-Discrimination: We will not discriminate against you for exercising your rights
To exercise any of these rights, please contact us using the information provided below.
7. Data Security
We implement industry-standard security measures to protect your personal information, including:
- Encryption: Data encrypted in transit (TLS) and at rest
- Access Controls: Role-based access controls and authentication
- Monitoring: Continuous security monitoring and threat detection
- Regular Audits: Periodic security assessments and vulnerability testing
While we strive to protect your personal information, no method of transmission or storage is 100% secure. We encourage you to use strong passwords and keep your account credentials confidential.
8. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. When we transfer data internationally, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses approved by the European Commission
- Data processing agreements with our service providers
- Compliance with applicable data protection frameworks
9. Children's Privacy
Our service is not intended for individuals under the age of 16 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
10. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to collect information about your browsing activity. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.
11. Third-Party Links
Our service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify you of material changes by:
- Posting the updated policy with a new "Last Updated" date
- Sending an email notification (for significant changes)
We encourage you to review this policy periodically to stay informed about how we protect your information.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
Email: support@gabrielbacha.one
Data Protection Officer: For GDPR-related inquiries, you may contact our Data Protection Officer at support@gabrielbacha.one
We will respond to your request within 30 days (or sooner as required by applicable law).
14. Supervisory Authority
If you are located in the EEA, UK, or Switzerland and believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection supervisory authority.
Last Updated: December 22, 2025