Privacy policy
Privacy Notice
Last revised: December 2024
As part of a collaboration with Repair.org association, BACK MARKET, Inc. (hereinafter “Back Market” or “we”) offers an online sales website available in the United States (hereinafter the “Website”) whose purpose is to bring together individuals (hereinafter “Customer”) who wish to purchase the products available on the Website (hereinafter “Product(s)”) and the seller of the Products, and allow to donate all the sales revenue of the Products directly to the Right of Repair cause.
When you use the Website to purchase the Product, your data will be processed in accordance with this privacy notice.
This privacy notice for the protection of personal data is intended to present the following terms to you:
-
Who collects your data?
-
What information do we collect and how do we collect it?
-
What do we do with your information?
-
Who do we share your information with and why?
-
How long do we keep your information?
-
What are your rights on your information?
-
How do you exercise your rights?
Who collects your data?
Back Market, Inc.,a Delaware corporation, having its headquarters office located at 41 Union Square W, 2nd Floor, New York, NY 10003, has made available the Website at http://www.backmarket2005.com.
Back Market is the data controller in relation to the use of its Website, which means that it defines the purposes and methods of processing your personal data.
Back Market acts solely as an intermediary managing online sale and the after-sale communication services on behalf of the seller Repair.org. Back Market is in no case the seller or reseller of the Product.
At Back Market, protecting your privacy is fundamental and we are committed to continually improving our approach to compliance with applicable Personal Data regulations, including the California Consumer Privacy Act, as amended (“CCPA”).
What information do we collect and how do we collect it?
We collect personal information that you voluntarily provide to us when you place an order to purchase a Product via the Website and during after-sale conversation.
Personal Data we collect are:
-
your last name, first name, e-mail address, delivery address and billing address, phone number,
-
your bank and payment details; however, only the payment service provider will have access to your full payment card details,
-
your order information and history,
-
messages and claims relating to Products you purchased via the Website.
We do not process sensitive information.
What do we do with your information?
We collect and use your Personal Data for the following primary purposes:
|
Purposes |
Legal basis |
|
- Management of orders placed via the Website - After-sales service and customer relations management |
Performance of the sale contract |
|
- Direct marketing and email newsletters |
Consent or our legitimate interest in similar products or services |
Who do we share your information with and why?
-
Seller and its logistics partners and carriers
The personal data required to manage your order will be shared with the seller Retail.org and its logistics partners (iFixit). The seller is the controller of the personal data transmitted to them.
The personal data that is necessary for the shipment of the Product ordered will be shared with the carrier's partners in charge of this shipment. In the event of a dispute regarding the delivery of a Product, we may also need to share some additional documents (complaint, copy of ID, etc.) that you are asked to provide.
-
Payment service providers & Retail.org
Some personal data will be transferred or directly collected by the payment service providers (PCI DSS certified) selected to manage the payment of Product sales via the Website and the transfer of proceeds from these sales to the Right of Repair movement via the assistance of the US Retail.org association.
-
Sub-contractors and service providers
Your personal data will also be shared with our external service providers, acting on our behalf, such as those involved in customer service management, or IT services, e.g., for data storage purposes, mainly Shopify, our e-commerce tool provider. We make sure that they offer the necessary safeguards to ensure the security and confidentiality of your Personal Data and that they only have access to the personal data necessary to perform their services; they are not authorised to process your personal data for any other purpose.
-
Authorities
Your personal data may be disclosed to the authorities pursuant to a legal or regulatory requirement or a decision by a regulatory or judicial authority.
The servers containing the data collected by Back Market are mainly hosted in Europe or the United States by our partners that comply with strict rules concerning personal data protection.
How long do we keep your information?
We’ll delete your information in a reasonable timeframe to handle your purchase of the Product via the Website.
However, at the end of the above time limits, including as needed counting from your request for deletion, your personal data may be temporarily archived to meet our legal, accounting and tax requirements, or for legal and evidence management purposes in the event of litigation. But we won’t retain them for longer than necessary.
For personal data collected for marketing and sales purposes, we retain your personal data for 3 years from the date of your last contact with Back Market.
How are your data secured?
Back Market protects your personal data by establishing all reasonable technical and organizational measures to ensure the security of the processing of personal data and its confidentiality. In this regard, Back Market takes every suitable precaution regarding the nature of the data and the risks presented by the processing to preserve the security of the data and especially to avoid that they are distorted, damaged or that non authorized third parties have access to them: physical protection of locations, authentication procedures with personalized and secure access via identifiers and confidential passwords, encryption of certain data, etc. We remind you, however, that you are responsible for the data concerning you that you transmit to Back Market and as such, you contribute to the protection of your personal data by adhering to best practices regarding the use of your computer tools.
What are your rights?
You have the right to: request access to and rectification or, where appropriate, erasure of your information. You may also, in certain cases, object to the processing of your information or request that the processing be restricted, subject to the conditions set out in the applicable privacy regulations.
Non-discrimination: Under no circumstances will Back Market discriminate against you for exercising the above privacy rights.
If you believe that your rights or our obligations are not complied with, you may lodge a complaint with the competent data protection authority or appeal to the competent judicial body in your country.
Right to unsubscribe from our commercial prospecting e-mail: You can directly and at any time oppose the processing of your personal data for commercial prospecting purposes by e-mail, by clicking on the unsubscribe link included in each of our promotional communications.
Right to opt out of the sale/sharing of your personal information for targeted advertising: Residents of certain states of the United states may also have the right to opt-out of the sale of personal information and the sharing of personal information for targeted advertising. Please be reassured that we do not sell your information to third parties or share your personal information with third parties for purposes of cross-context behavioral advertising.
How do you exercise your rights?
You may exercise your rights or ask us any questions you may have on the processing of your information by:
1) sending your request to us:
-
by email to our Data Protection officer the following e-mail address: legal@backmarket.com
-
or, by mail to our Data Protection officer at the following postal address: to Back Market, Legal Team, 41 Union Square W, 2nd Floor, New York, NY 10003,
2) and specifying your full name, email address and your status as a Total Wireless’ customer who has acquired a Device and handles a warranty claim via the online contact return form.
We’ll need to verify it’s actually you and not someone else. If we have any reasonable doubt as to your identity, we may ask you to enclose a copy of an official identification document, such as an ID card or passport, in support of your request.
A response will be sent within one (1) month from the receipt of the request. If necessary, this period may be extended by two months, depending on the complexity and number of requests. The person responsible for processing will notify the concerned party of this extension and the reasons for the postponement within one month from the receipt of the request.
If you believe that your rights or our obligations are not complied with, you may lodge a complaint with the competent data protection authority or appeal to the competent judicial body in your country.