Drift Cars Parts soon Events soon Sim Drifting soon

Your email address is not verified. Please verify your email before logging in.

Privacy Policy

Last updated:

Introduction

Our Commitment

U mnie działa Jakub Mikita, operating as DriftHub ("DriftHub," "we," "us," or "our"), is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform.

Company Information

Data Controller:
U mnie działa Jakub Mikita
Strzałowa 13B/4
87-100 Toruń, Poland
VAT ID: PL6631847513
Email: [email protected]

Scope

This Privacy Policy applies to all users of the DriftHub website, mobile applications, and related services (collectively, the "Platform"), including:

  • Marketplace for drift cars and parts
  • Event listings and promotions
  • SimDrifting community features
  • Forums and social features

By using the Platform, you consent to the data practices described in this Policy. If you do not agree, please do not use our Platform.

Information We Collect

Information You Provide Directly

Account Information:

  • Name and username
  • Email address
  • Password (encrypted)
  • Phone number (optional)
  • Date of birth (for age verification)
  • Profile picture (optional)

Seller Information:

  • Business name (if applicable)
  • Tax identification numbers
  • Bank account or payment details
  • Business address
  • Verification documents

Transaction Data:

  • Purchase and sales history
  • Listing information
  • Payment information (processed by third parties)
  • Shipping addresses
  • Communication between buyers and sellers

Content You Create:

  • Listings and descriptions
  • Photos and videos
  • Forum posts and comments
  • Event information
  • Reviews and ratings
  • Messages to other users

Information Collected Automatically

Device Information:

  • IP address
  • Device type and model
  • Operating system
  • Browser type and version
  • Device identifiers
  • Mobile network information

Usage Data:

  • Pages visited and features used
  • Time spent on Platform
  • Click patterns and navigation paths
  • Search queries
  • Referral sources
  • Date and time of access

Location Data:

  • Approximate location from IP address
  • Location data from events (if provided)
  • Shipping and billing locations

Information from Third Parties

Payment Processors:

  • Transaction confirmation
  • Payment status
  • Anti-fraud verification data

Social Media (if you connect accounts):

  • Profile information
  • Contact lists (with permission)
  • Authentication tokens

Verification Services:

  • Identity verification results
  • Business verification data

How We Use Your Information

Platform Operations

We use your information to:

  • Create and maintain your account
  • Process transactions and payments
  • Facilitate communication between users
  • Provide customer support
  • Send transactional notifications
  • Enable Platform features and services

Safety and Security

We use your information for:

  • Verifying user identity
  • Detecting and preventing fraud
  • Enforcing Terms and Conditions
  • Investigating violations
  • Protecting user safety
  • Complying with legal obligations

Improvement and Personalization

We may use your information to:

  • Personalize your experience
  • Recommend relevant listings or events
  • Improve Platform functionality
  • Conduct analytics and research
  • Develop new features
  • Optimize Platform performance

Marketing and Communications

With your consent, we may use your information to:

  • Send promotional emails
  • Notify about new features
  • Share relevant offers
  • Provide newsletters
  • Conduct surveys

You can opt-out of marketing communications at any time.

We process your personal data based on:

  • Contract Performance: To provide Platform services
  • Legal Obligations: To comply with applicable laws
  • Legitimate Interests: For business operations, safety, and improvement
  • Consent: For marketing and optional features
  • Vital Interests: In emergency situations

Information Sharing and Disclosure

Public Information

The following information is publicly visible:

  • Username and profile picture
  • Listings and event postings
  • Public forum posts and comments
  • Ratings and reviews
  • Location (city/region for listings)

Sharing with Other Users

  • Buyers and sellers share necessary transaction information
  • Event organizers access attendee information
  • Forum participants see public posts

Service Providers

We share information with third-party service providers for:

  • Payment processing (Stripe, Paddle)
  • Email services
  • Analytics services
  • Cloud storage
  • Customer support tools
  • Security and fraud prevention

All service providers are contractually bound to protect your data.

Business Transfers

In case of merger, acquisition, or sale of assets, your information may be transferred to the successor entity.

We may disclose information when required to:

  • Comply with legal obligations
  • Respond to legal process
  • Protect our rights and property
  • Prevent fraud or security issues
  • Protect user safety

Aggregated Data

We may share aggregated, non-identifying information for business purposes, research, or marketing.

Data Storage and Security

Security Measures

We implement appropriate technical and organizational measures including:

  • SSL/TLS encryption for data transmission
  • Encrypted storage of sensitive data
  • Regular security audits
  • Access controls and authentication
  • Employee training on data protection
  • Incident response procedures

Data Storage Location

Your data may be stored in:

  • European Union (primary servers)
  • United States (backup and CDN)
  • Other countries where our service providers operate

Data Breach Notification

In case of a data breach affecting your personal data:

  • We will notify affected users within 72 hours
  • We will notify relevant authorities as required
  • We will take immediate steps to mitigate harm

Limitations

While we strive to protect your data, no method of transmission or storage is 100% secure. You acknowledge the inherent risks of providing information online.

International Data Transfers

Transfer Mechanisms

When transferring data outside the EU, we ensure protection through:

  • Standard Contractual Clauses
  • Adequacy decisions
  • Your explicit consent
  • Other approved transfer mechanisms

US Data Processing

For US users, data may be processed in Poland and other countries. By using the Platform, you consent to such transfers.

Your Rights and Choices

Rights Under GDPR (EU Users)

You have the right to:

  • Access: Request copies of your personal data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion ("right to be forgotten")
  • Restriction: Limit processing of your data
  • Portability: Receive data in machine-readable format
  • Object: Oppose certain processing activities
  • Automated Decision-Making: Not be subject to solely automated decisions

Rights Under CCPA (California Users)

California residents have the right to:

  • Know what personal information we collect, use, and share
  • Delete personal information (with exceptions)
  • Opt-out of the sale of personal information (we do not sell data)
  • Non-discrimination for exercising privacy rights

Rights for All Users

All users can:

  • Update account information
  • Manage privacy settings
  • Control marketing preferences
  • Delete their account
  • Export their data
  • Manage cookie preferences

Exercising Your Rights

To exercise your rights:

  • Email: [email protected]
  • Account settings: Manage preferences directly
  • Response time: Within 30 days (GDPR) or 45 days (CCPA)

We may request identity verification before processing requests.

Children's Privacy

Age Restrictions

  • Users under 13 require verifiable parental consent
  • Users 13-18 require parental consent
  • We do not knowingly collect data from children under 13 without consent

Parental Rights (COPPA Compliance)

Parents or guardians can:

  • Review their child's personal information
  • Request deletion of their child's data
  • Refuse further collection or use
  • Provide or withdraw consent

Contact us at [email protected] for parental requests.

Information Collected from Minors

We limit collection from minors to:

  • Necessary account information
  • Content they create with parental awareness
  • Usage data for safety purposes

Special Protections

For minor users, we:

  • Disable certain features by default
  • Limit data sharing
  • Provide additional safety controls
  • Do not use their data for targeted advertising

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to improve your experience on our Platform. For detailed information about our use of cookies, including types of cookies, how to manage your preferences, and your rights, please see our Cookie Policy.

Data Retention

Retention Periods

We retain personal data for:

  • Account Data: Duration of account plus 30 days
  • Transaction Records: 7 years (legal requirement)
  • Communications: 2 years
  • Marketing Data: Until opt-out plus 30 days
  • Usage Data: 2 years
  • Legal Holds: As required by law

Deletion Process

When deleting data, we:

  • Remove from active databases
  • Maintain anonymized analytics
  • Retain data required by law
  • Delete backups within 90 days

Account Deletion

When you delete your account:

  • Personal data is removed within 30 days
  • Some data may be retained for legal compliance
  • Public content may remain visible (anonymized)
  • Transaction history retained as required

Payment Processors

We use Stripe and Paddle for payments. Their privacy policies apply to payment data:

  • Stripe Privacy Policy: https://stripe.com/privacy
  • Paddle Privacy Policy: https://paddle.com/privacy

Our Platform contains links to third-party websites. We are not responsible for their privacy practices.

Social Media Features

Social features may collect your IP address and set cookies. These features are governed by the social media provider's privacy policy.

Marketing Communications

Types of Communications

We may send:

  • Service announcements
  • Promotional offers
  • Newsletter updates
  • Event notifications
  • Product recommendations

Opt-Out Options

You can opt-out via:

Transactional Emails

You cannot opt-out of transactional emails required for:

  • Account security
  • Purchase confirmations
  • Legal notices
  • Platform changes

Privacy Rights

California Privacy Rights

Shine the Light Law

California residents can request information about personal data shared with third parties for marketing purposes.

No Sale of Personal Information

We do not sell, rent, or trade personal information to third parties.

European Privacy Rights

  • Account Data: Contract - Service provision
  • Payment Data: Contract/Legal - Transaction processing
  • Usage Data: Legitimate Interest - Platform improvement
  • Marketing: Consent - Promotional communications

Data Protection Officer

While not required, privacy inquiries should be directed to: Email: [email protected]

Supervisory Authority

EU users may lodge complaints with their local data protection authority. For Poland: President of the Personal Data Protection Office (UODO) ul. Stawki 2, 00-193 Warsaw, Poland

Changes to Privacy Policy

Notification of Changes

We will notify you of material changes via:

  • Email notification
  • Platform announcement
  • Consent request for significant changes

Review of Changes

Continued use after changes constitutes acceptance, except where renewed consent is required by law.

Version History

All previous versions are archived and available upon request.

Contact Information

Privacy Inquiries

For privacy-related questions or requests:

Data Controller:
U mnie działa Jakub Mikita
Strzałowa 13B/4
87-100 Toruń, Poland
Email: [email protected]

Response Times

  • GDPR requests: Within 30 days
  • CCPA requests: Within 45 days
  • General inquiries: Within 7 business days

Identification Requirements

We may require:

  • Account email verification
  • Government ID (for sensitive requests)
  • Additional information to verify identity

Data Processing Agreements

Processor Agreements

We maintain data processing agreements with all service providers that process personal data on our behalf.

Sub-processors

Current sub-processors include:

  • Stripe (Payment processing)
  • Paddle (Payment processing)
  • Amazon Web Services (Hosting)
  • Google Analytics (Analytics)
  • SendGrid (Email delivery)

Updated list available upon request.

By using the DriftHub Platform, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and sharing of your information as described.