Privacy Policy

Privacy Policy
Last Updated: 01/04/2025

Bao Cards ("we," "our," "us") values your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you visit our website (https://baocards.com) or use our services. This Policy is designed to comply with the General Data Protection Regulation (GDPR) and applicable Dutch privacy laws.

1. Data We Collect

Personal Data You Provide

We collect personal data that you voluntarily provide, including:

  • Name

  • Email address

  • Billing and shipping address

  • Payment information (processed securely via third-party payment providers)

  • Contact preferences

  • Any other data you provide when contacting us or making purchases

Automatically Collected Data

We automatically collect certain information when you use our website, such as:

  • IP address

  • Browser type and version

  • Device information

  • Pages visited and time spent on the website

  • Cookies and similar tracking technologies (see Cookies & Tracking Technologies section below)

Sensitive Data

We do not collect or process sensitive personal data (e.g., race, religion, political beliefs, health data) unless required by law.

2. Why We Collect Data

We collect and process your data based on the following legal grounds:

  • Contractual necessity: To process your purchases and provide requested services.

  • Legitimate interests: To improve our services, prevent fraud, and analyze trends.

  • Consent: For marketing communications and cookies requiring explicit user consent.

  • Legal obligation: To comply with Dutch and EU laws regarding record-keeping and tax reporting.

3. How We Use Your Data

We use your data to:

  • Process orders and payments.

  • Provide customer support.

  • Send promotional emails (only with your consent).

  • Improve website functionality and security.

  • Conduct market research and analyze user trends.

4. Data Retention

We store personal data only as long as necessary for:

  • Providing our services.

  • Fulfilling legal and tax obligations (e.g., Dutch tax laws require retention of invoices for 7 years).

  • Maintaining customer accounts (deleted upon request).

When data is no longer required, we securely delete or anonymize it.

5. Sharing Your Data

We do not sell, rent, or trade your personal data. However, we may share it with:

  • Service providers (e.g., payment processors, hosting providers, email services).

  • Legal authorities when required by law (e.g., fraud prevention, compliance with legal requests).

  • Third-party analytics providers (e.g., Google Analytics) for website improvement.

All third parties are GDPR-compliant and required to protect your data.

6. International Data Transfers

As a Dutch-based company, we primarily store and process data within the European Economic Area (EEA). However, if we work with non-EU service providers, we ensure compliance through:

  • EU Standard Contractual Clauses (SCCs).

  • Data Processing Agreements (DPAs).

  • Other GDPR-approved mechanisms.

7. Your Rights Under GDPR

As an EU resident, you have the following rights:

  • Right to access – Request a copy of your personal data.

  • Right to rectification – Correct inaccurate or incomplete data.

  • Right to erasure ("Right to be forgotten") – Request data deletion.

  • Right to restrict processing – Limit how we use your data.

  • Right to data portability – Receive your data in a structured format.

  • Right to object – Opt out of direct marketing.

  • Right to withdraw consent – If processing is based on consent.

  • Right to lodge a complaint – File a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe your rights have been violated.

To exercise these rights, contact us at hello@baocards.com.

8. Cookies & Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience. Upon your first visit, we request your consent for non-essential cookies. You can manage or disable cookies via your browser settings or our cookie preferences tool.

For detailed information, see our Cookie Policy [Insert Link].

9. Children's Privacy

Our website is not intended for children under 16 years old. We do not knowingly collect personal data from minors. If we learn we have collected data from a child under 16, we will delete it immediately.

10. Security Measures

We implement strict security measures to protect your data:

  • Encryption (HTTPS, SSL/TLS)

  • Access controls & authentication

  • Regular security audits

Despite our efforts, no system is 100% secure. If we experience a data breach, we will notify affected users as required by law.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any significant changes will be communicated via email or website notice. Please review this page periodically to stay informed.

12. Contact Information

If you have questions or concerns about this Privacy Policy, you can contact us at:

Bao Cards
Email: hello@baocards.com
Website: https://baocards.com

For GDPR-related inquiries, you may also contact the Autoriteit Persoonsgegevens (Dutch Data Protection Authority) at https://autoriteitpersoonsgegevens.nl.