Privacy policy

---

1. Introduction

This privacy policy outlines the types of data we collect from our users, the purposes for which we use it, and how we keep it secure. It also describes your rights regarding the personal information you provide to us. We encourage you to read this policy carefully to understand our practices regarding your personal data and how we will treat it. This document forms an integral part of our Terms of Service.

2. Definitions

Personal Data (or Data): Any information that allows for the direct or indirect identification of a natural person. This may include names, email addresses, device identifiers, and other data that can identify you, either alone or in combination with other information.

Usage Data: Information collected automatically through this Application, such as IP addresses, browser types, operating systems, the time and date of a request, and the pages visited.

User: The individual using this Application, who coincides with the Data Subject.

Data Subject: The natural person whose Personal Data is being processed.

Data Processor (or Processor): Any natural or legal person, public authority, agency, or other body which processes Personal Data on behalf of the Controller.

Data Controller (or Owner): The entity (Biblical Sermons, Dropcatcher.nl B.V., or similar) responsible for determining the purposes and means of processing Personal Data. Unless otherwise specified, the Data Controller is the Owner of this Application.

This Application: The software tool through which the Personal Data of the User is collected and processed, namely, Biblical Sermons.

Service: The service provided by this Application as outlined in the Terms of Service and accessed by the User.

European Union (EU): Unless otherwise specified, all references within this document to the European Union include all current member states of the European Union and the European Economic Area.

3. Data Controller Information

The entity responsible for processing your Personal Data is:

Name: Dropcatcher.nl B.V.

Address: Wim Duisenbergplantsoen 31, 6221SE Maastricht, Netherlands

Contact Email: contact@dropcatcher.nl

For any inquiries or concerns regarding the handling of Personal Data, please contact us through the provided email address. We are committed to addressing your questions and ensuring the protection of your privacy.

4. Types of Data Collected

We collect various types of Personal Data through this Application to enhance user experience and fulfill our service commitments. The types of data collected include:

• Diagnostics: Data relating to the performance and issues encountered on your device while using our Application, which helps us improve functionality.
• Purchase History: Records of transactions and purchases made within the Application to manage users' accounts and provide customer support.
• Payment Information: Includes data necessary to process payments, such as credit card details and billing addresses. Note: This data is collected directly by external payment service providers, and we receive only the confirmation of successful transactions.
• Device Information: Information about the user's device, including the type and configuration, which helps us tailor the application performance to user-specific device capabilities.
• Usage Data: Automatically collected data about how the Application is accessed and used, such as user interaction data, preference tracking, and geographic locations.

Please note that the provision of certain Personal Data is mandatory for the full functionality of our services, and failing to provide this data may impact your experience and the availability of specific features.

5. Purposes of Processing

The Personal Data collected through Biblical Sermons serves several essential purposes, detailed below:

• Handling Payments: To process transaction payments, we use third-party payment processors. Your payment information is directly provided to these services to ensure secure and smooth financial transactions.
• Improving Application Performance: Diagnostics data helps us identify and resolve issues, ensuring optimal application performance and user satisfaction.
• Service Delivery: Device information and purchase history are utilized to tailor and improve the delivery of our services to your specific needs and preferences.
• User Support and Communication: We use your data to communicate with you regarding your account, to resolve disputes, and to provide updates about our services.
• Compliance and Enforcement: We process data to comply with legal obligations, respond to legal requests, and enforce our terms and conditions.

6. Mode and Place of Data Processing

Methods of Processing:

The processing of your Personal Data is conducted with appropriate security measures to prevent unauthorized access, alteration, disclosure, or destruction. We use both digital technologies and organizational procedures specifically aligned with the purposes outlined in this privacy policy.

Data Access:

In addition to the Owner, certain types of personnel involved in the operations of this Application—such as administration, sales, marketing, legal, and system administration—or external parties appointed as Data Processors (e.g., technical service providers, mail carriers, hosting providers, IT companies, communications agencies) might have access to your Data. These parties are entrusted under confidentiality agreements and are involved purely to facilitate the smooth operation of the service.

Place of Processing:

The Data is mainly processed at the operating offices of the Owner and in any other places where the parties involved with the processing are located. This may involve transferring your Data to different regions or countries depending on your location and the location of our servers. Users can contact the Owner at any time to inquire about the locations where the processing takes place.

International Transfers:

If there is a need to transfer your data internationally, especially outside the European Economic Area, such transfers are conducted in compliance with applicable laws and regulations to ensure the security and confidentiality of your data.

7. Rights of Users

As a user of Biblical Sermons, you possess specific rights regarding the processing of your Personal Data. These rights include:

• Right to Withdraw Consent: You may withdraw consent for data processing at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
• Right to Object to Processing: You have the right to object to the processing of your data if it is based on legitimate interests or the performance of a task carried out in the public interest.
• Access to Data: You have the right to ascertain whether your Data is being processed by us, receive information about aspects of the processing, and obtain a copy of the Data.
• Data Verification and Rectification: You can verify the accuracy of your Data and request updates or corrections.
• Restrict Processing: Under certain circumstances, you may restrict the processing of your Data. In this case, the Data will only be processed for storage purposes.
• Data Erasure: You have the right to have your Data erased from our systems when it is no longer necessary for the purposes for which it was collected or you have withdrawn consent.
• Data Portability: You have the right to receive your Data in a structured, commonly used format and have it transferred to another data controller.
• Right to Lodge a Complaint: If you believe that the processing of your Personal Data infringes on legal requirements, you have the right to lodge a complaint with a supervisory authority.

Exercising Your Rights:

You can exercise any of these rights by contacting us through the details provided in this policy. Requests are handled by the Owner promptly and always within a month, ensuring compliance with data protection laws.

8. Consent and Withdrawal

Obtaining Consent:

We ensure that clear, specific consent is obtained before collecting or processing your Personal Data, explaining precisely what data is collected and how it will be used. This process aligns with our commitment to transparency and legal compliance.

Withdrawing Consent:

You have the right to withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal. To withdraw your consent, please contact us using the details provided in this privacy policy. We will proceed to stop processing your data for the purposes to which you initially consented unless we have another legal basis for continuing the processing.

Impact of Withdrawal:

After withdrawing consent, you might not be able to use specific features of the Service that require the processing of certain types of Personal Data. We will inform you if such situations arise at the time of your withdrawal.

9. Data Retention and Deletion Policy

Data Retention:

We retain your Personal Data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The criteria used to determine the retention period include the duration of our ongoing relationship with you, whether there is a legal obligation to which we are subject, and whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation, or regulatory investigations).

Data Deletion:

Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification, and the right to data portability cannot be enforced after the expiration of the retention period.

• Contract Performance: Data collected for the performance of a contract to which you are party will be retained until the contract has been fully performed and for a period afterward as required by applicable law.
• Legitimate Interests: Data collected based on the legitimate interests pursued by us will be retained as long as needed to fulfill these interests. Users may obtain information regarding the specific legitimate interests by contacting us.
• Consent-Based Processing: Data processed based on your consent will be retained until such consent is withdrawn.

Exceptions to Deletion:

We may retain your Personal Data for a longer period whenever required by law or necessary to protect our interests in legal proceedings.

10. Legal Basis for Processing

We collect and handle your Personal Data based on several legal grounds, depending on the nature of the Personal Data provided and the type of processing involved:

• Consent: We may process your Personal Data if you have given us explicit consent to use your personal data for a specific purpose.
• Contract: The processing is necessary in relation to a contract you have entered into with us, or because you have asked us to take specific steps before entering into a contract.
• Legal Obligations: The processing is necessary for compliance with a legal obligation to which we are subject.
• Legitimate Interests: The processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms. These legitimate interests include providing and improving our services, administration of your account, and communications with you.

Specific Legal Basis for Each Type of Data Processing:

For more detailed information regarding the legal basis for specific processing activities involving your Personal Data, you may refer to the relevant sections of this document or contact us directly for clarification.

Responsibility to Inform:

If the legal basis for processing your Personal Data changes, we will notify you of these changes and the reasons for them. Should the changes affect processing activities performed on the basis of your consent, we will obtain new consent from you where required.

11. International Data Transfers

Scope of Data Transfers:

Due to the global nature of our operations, your Personal Data may be transferred to, stored, and processed in a country other than the one where it was collected. This may include transfers outside of the European Economic Area (EEA) to countries not deemed by the European Commission to offer an adequate level of data protection.

Safeguards and Measures:

To safeguard your Personal Data and ensure it is treated securely, we implement appropriate legal and security measures. These include:

• Standard Contractual Clauses: We use standard contractual clauses approved by the European Commission, ensuring compliance with GDPR data protection standards.
• Privacy Shield Framework: When transferring data to entities in the United States, we rely on their participation in the Privacy Shield Framework, which requires them to provide similar protection to personal data shared between Europe and the US.

User Rights:

You have the right to obtain information about the legal basis for data transfers to a non-EU country and about the security measures we take to protect your Personal Data. If your data is transferred to a third party, we will ensure they have legal and appropriate mechanisms to maintain the protection of your data.

Notification of Transfers:

You will be notified if there are any changes in the way we transfer or handle your data internationally, including potential new countries we might transfer data to, which may have different data protection standards than your country of residence.

12. Security Measures

Commitment to Security:

We prioritize the security of your Personal Data. To prevent unauthorized access, use, alteration, and destruction of personal information, we implement robust technical and organizational measures. These security practices are designed to provide a level of security appropriate to the risk associated with the processing of Personal Data.

Technical Measures:

• Encryption: We employ encryption technologies to protect data in transit and at rest.
• Access Controls: Strict access controls are placed to ensure that only authorized personnel have access to your Personal Data, and only for permitted business functions.
• Secure Infrastructure: Our data storage and processing infrastructure are secured using up-to-date firewall and antivirus technologies.

Organizational Measures:

• Training: All employees receive training on the importance of data protection and security policies.
• Policies and Procedures: We maintain and regularly review security policies and procedures to manage and mitigate risks effectively.
• Data Privacy Impact Assessments: Regular assessments are conducted to evaluate the risks associated with various data processing activities.

Incident Management:

In the event of a data breach, we have procedures in place to promptly address and mitigate any potential impact. We will notify you and any relevant regulators of a breach where we are legally required to do so.

Continuous Review:

Our security practices are regularly reviewed and enhanced as necessary to meet the evolving threats and challenges and to comply with applicable laws and regulations concerning data protection.

13. Use of Cookies and Similar Technologies

Purpose and Use:

We use cookies and similar tracking technologies to enhance your experience while using our Application. These technologies help us understand how you interact with our services, improve your user experience, and personalize content and advertisements.

Types of Cookies Employed:

• Essential Cookies: Necessary for the basic functioning of the Application and are required for navigation and access to secure areas.
• Performance Cookies: Collect information about how you use our Application, such as pages visited and traffic sources. We use this data to improve our Application's performance and user interface.
• Functional Cookies: Enable enhanced functionality and personalization, such as remembering your preferences and settings.
• Advertising Cookies: Used to deliver advertisements more relevant to you and your interests, as well as to help measure the effectiveness of advertising campaigns.

Control and Consent:

Upon your first visit to our Application, you will be prompted to accept or decline the use of cookies. You can also customize your preferences through the cookie consent manager accessible from our Application. Additionally, you can manage cookie preferences via your browser settings, where you can refuse, restrict, or delete cookies.

Third-Party Cookies:

Some cookies may be placed by third-party services that appear on our pages. We do not control the dissemination of these cookies.

14. Changes to This Privacy Policy

Policy Updates:

We reserve the right to update this privacy policy at any time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any significant changes by posting the updated policy on this page and, where appropriate, through other communication channels. We encourage you to review this policy regularly to stay informed about how we are protecting your data.

Effective Date:

The updates will take effect immediately upon being posted on this page, unless specified otherwise. The date of the latest changes will be noted at the top or bottom of the privacy policy, ensuring transparency about the last revision date.

Continued Use:

Your continued use of our Application after any changes signifies your acceptance of these changes. If you do not agree with the changes to our privacy policy, you should discontinue your use of our service.

Consent Renewal:

Should the changes affect processing activities based on your previous consent, we will contact you to renew your consent to the processing of your Personal Data under the new terms.

15. Contact Information

For any questions, concerns, or requests related to your Personal Data and this privacy policy, please contact us at:

Owner: Dropcatcher.nl B.V.

Address: Wim Duisenbergplantsoen 31, 6221SE Maastricht, Netherlands

Email: contact@dropcatcher.nl

We are committed to resolving any privacy issues promptly and transparently. Our team is available to provide clarifications, handle data access requests, or assist in any matter related to your personal rights under this policy. Please feel free to reach out to us with any inquiries. Your privacy and the protection of your data are a priority, and we are dedicated to offering you support and information as needed.

16. Complaints and Regulatory Authority Information

Right to Lodge a Complaint:

If you believe that the processing of your Personal Data infringes on your rights under applicable data protection laws, you have the right to lodge a complaint with a supervisory authority. Each EU member state has one or more supervisory authorities responsible for enforcing data protection laws and handling related complaints.

Contacting the Supervisory Authority:

If you wish to exercise this right, the complaint should be directed to the data protection authority in the country where you reside, where you work, or where the alleged infringement occurred. Contact details for these authorities can typically be found on their respective websites.

Assistance with Complaints:

We encourage you to reach out to us first with any concerns or issues regarding your data processing, as we are committed to resolving any disputes amicably and efficiently. However, if you feel your concerns have not been adequately addressed, you have the right to contact the relevant supervisory authority.