This User Privacy Notice applies to your use of this website and services (including payment services), products and tools (collectively the ‘Services’), regardless of how you access or use these Services, including access via mobile devices and apps.
We collect your personal data when you use our Services, create a new account, provide us with information via a web form, add or update information in your account, participate in online community discussions or otherwise interact with us. We also collect personal data from other sources (such as other eBay Inc. corporate family members, credit agencies or bureaus, and data providers).
We process your personal data for various purposes and based on several different legal bases that allow this processing. For example, we process your personal data to provide and improve our Services, to provide you with a personalised user experience on this website, to contact you about your account and our Services, to provide customer service, to provide you with personalised advertising and marketing communications, and to detect, prevent, mitigate and investigate fraudulent or illegal activity. We also may share your information with third parties, including service providers acting on our behalf, for these purposes. In addition, we may share your personal data with other selling companies in order to fulfil our contract with you under the User Agreement and, if applicable, the Payments Terms of Use.
Your personal data will be stored by us and our service providers in accordance with applicable data protection laws to the extent necessary for the processing purposes set out in this User Privacy Notice for more information on the processing purposes. Subsequently, we will delete your personal data in accordance with our data retention and deletion policy or take steps to properly render the data anonymous, unless we are legally obliged or permitted to keep your personal data longer (e.g. for legal compliance, tax, accounting or auditing purposes, or to detect and prevent fraudulent or illegal activity on our site). In Europe, the retention periods are generally between 6 and 10 years (e.g. for contracts, notifications and business letters). As far as legally permissible or required, we restrict the processing of your data instead of deleting it (e.g. by restricting access to it). This applies in particular to cases where we may still need the data for the execution of the contract or for the assertion of or defence against legal claims, or where such retention is otherwise required or permitted by law. In these cases, the duration of the restriction of processing depends on the respective statutory limitation or retention periods. The data will be deleted after the relevant limitation or retention periods have expired.
Subject to possible restrictions under national law, as a data subject, you have the right to access, rectification, erasure, restriction of processing and data portability with regard to your personal data. In addition, you can withdraw your consent and object to our processing of your personal data on the basis of our legitimate interests. You can also lodge a complaint with a supervisory authority.
When you use our Services, we and selected third parties use cookies and similar technologies to provide you with a better, faster and safer user experience or to show you personalised advertising. Cookies are small text files that are automatically created by your browser and stored on your device when you use the Services. You can find detailed information about the use of cookies and similar technologies and your choices in our user cookie notice.
We protect your personal data through technical and organisational security measures to minimise risks associated with data loss, misuse, unauthorised access and unauthorised disclosure and alteration. To this end we use firewalls and data encryption, for example, as well as physical access restrictions for our data centres and authorisation controls for data access.