Privacy Policy

Last Updated: March 25, 2025

1. Introduction

At Loopelo ("we", "us", "our"), we are committed to protecting your personal data with the highest standards of care. This privacy policy explains how we collect, process, and safeguard your information when you use our platform.

We adhere strictly to the General Data Protection Regulation (GDPR) and other applicable data protection laws. We have designed our data practices with a "privacy by design" approach, minimizing data collection to only what is absolutely necessary for our services.

2. Data Controller

The data controller responsible for your personal data is:

Loopelo

52076, Aachen

Germany

Email: privacy@loopelo.com

3. Personal Data We Collect

We strictly limit our data collection to what is essential for providing our services:

  • Account Data: Name, email address, password (stored in encrypted form), profile picture (optional).
  • Children's Information: Age ranges and interests of your children (no names or other directly identifying information).
  • Location Data: Approximate location (city/area level only) to facilitate local exchanges, never precise GPS coordinates.
  • Item Data: Information about items you list for exchange.
  • Communication Data: Messages exchanged with other users through our platform.
  • Usage Data: Anonymized information about how you interact with our platform.

4. Special Category Data and Children's Data

We do not collect any special category data (such as health information, religious beliefs, etc.).

Regarding children: Our service is designed for parents, not for direct use by children under 16. We never knowingly collect data directly from children. The limited information we collect about children (age ranges and interests) is provided by their parents/guardians and is used solely to offer appropriate item and content recommendations. This information is handled with additional protections.

5. Legal Basis for Processing

We process your personal data only on the following legal grounds:

  • Contract Performance: Processing necessary to provide our services to you.
  • Legitimate Interests: Processing that serves our legitimate interests while respecting your rights (e.g., improving our services).
  • Consent: Processing based on your specific, informed, unambiguous consent, which you can withdraw at any time.
  • Legal Obligations: Processing required to comply with our legal obligations.

For each type of data we collect, we clearly identify the specific legal basis for processing.

6. How We Use Your Data

We use your data strictly for the following purposes:

  • Enabling item exchanges between users
  • Providing personalized AI recommendations for items and content
  • Calculating carbon footprint savings
  • Ensuring platform safety and security
  • Communicating essential service updates

We do not use your data for any purpose beyond what is necessary to provide our core services.

7. AI and Automated Decision-Making

Our platform uses AI to provide personalized recommendations. This involves processing your data and your children's interest data to suggest relevant items and content. This processing:

  • Does not use any special category data
  • Does not make significant decisions that affect you legally or similarly
  • Uses only the minimum data necessary
  • Is designed to exclude any bias or discrimination

You can opt out of personalized recommendations at any time in your account settings.

8. Data Sharing and Recipients

We apply strict controls on any sharing of your personal data:

  • Other Users: Limited profile information (username, approximate location, exchange history) is shared with other users you interact with.
  • Service Providers: We use a small number of trusted service providers who process data on our behalf, bound by strict data processing agreements. These include hosting providers, customer support tools, and analytics services.
  • Legal Requirements: We may disclose data when legally required.

We do not sell your data to third parties under any circumstances.

9. International Transfers

We primarily store and process your data within the European Economic Area (EEA). In the limited cases where data might be transferred outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

10. Data Retention

We store your personal data only for as long as necessary:

  • Account data is retained while your account is active
  • Message data is retained for 12 months after the exchange is completed
  • Transaction records are kept for 3 years for legal compliance

When data is no longer needed, it is securely deleted or anonymized.

11. Data Security

We implement robust technical and organizational measures to protect your data, including:

  • Password hashing using industry-standard algorithms
  • Regular security audits and vulnerability testing
  • Strict access controls for all staff
  • Regular data protection training for team members

We have procedures in place to handle any suspected data breach and will notify you and the relevant supervisory authority within 72 hours if required by law.

12. Your Rights

Under the GDPR and applicable data protection laws, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data
  • Restriction: Limit how we use your data
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Revoke previously given consent

To exercise these rights, contact us at privacy@loopelo.com. We will respond to all requests within 30 days.

13. Cookies and Tracking

We minimize the use of cookies:

  • Essential cookies only for basic platform functionality
  • No third-party marketing or advertising cookies
  • Minimal analytics that respect privacy (anonymized data only)

You can manage cookie preferences through your browser settings.

14. Complaints

If you have concerns about our data practices, please contact us first at privacy@loopelo.com. You also have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your residence.

15. Changes to This Privacy Policy

We may update this privacy policy occasionally. When we make significant changes, we will notify you through the app or by email and obtain consent where required. The current version will always be available on our website with the effective date clearly indicated.

16. Contact Us

For any questions about this privacy policy or our data practices, please contact our data protection officer:

Email: privacy@loopelo.com