Effective Date: 05-08-2025
Raating (“we,” “our,” or “us”) is committed to protecting your personal data and ensuring your privacy rights under the European Union’s General Data Protection Regulation (GDPR). This policy explains how we collect, process, store, and protect your personal data, and outlines your rights under the GDPR when you use our Platform.
Raating is the data controller responsible for your personal data collected via our Platform. If you submit reviews or information requested by businesses using our services, those businesses may act as separate data controllers for that information.
We process both public and private personal data including but not limited to:
Account details: username, profile picture, language preferences
Contact details: name, email address
Review data: content, star ratings, date of experience, photos/videos
Usage data: IP address, browser information, interaction with the Platform
Verification information: documents submitted for identity verification
Communication logs: emails, support requests, call recordings
Business data (if applicable): company name, address, replies to reviews, payment info
We do not intentionally collect special categories of sensitive personal data such as racial or ethnic origin, religious beliefs, or health information.
We process your personal data under the following lawful bases:
Performance of a contract: to provide and manage your user account and services.
Legal obligation: to comply with laws and regulatory requirements.
Legitimate interests: to operate, improve, and secure our Platform, prevent fraud, and communicate with you.
Consent: where you have explicitly agreed, such as for marketing communications or newsletter subscriptions. You may withdraw your consent at any time.
Your data is used to:
Provide and improve our services.
Authenticate your identity and manage accounts.
Respond to your inquiries and support requests.
Personalize your experience and tailor content.
Detect and prevent fraud or abuse.
Communicate relevant updates and marketing messages (with your consent).
Comply with legal obligations and enforce our terms.
We may share your personal data with trusted third parties, including service providers and business partners, only as necessary to deliver our services.
Some data may be transferred outside the European Economic Area (EEA). In such cases, we ensure appropriate safeguards are in place, such as standard contractual clauses or adequacy decisions, to protect your data.
We retain your personal data only as long as necessary to fulfill the purposes outlined here, comply with legal obligations, resolve disputes, and enforce our agreements.
When no longer needed, your data is securely deleted or anonymized.
You have the following rights regarding your personal data:
Right to access: request a copy of your personal data we hold.
Right to rectification: correct inaccurate or incomplete data.
Right to erasure: request deletion of your data where no legal reason requires retention.
Right to restriction: limit the processing of your data in certain situations.
Right to data portability: obtain your data in a portable format for transfer.
Right to object: object to processing based on legitimate interests or direct marketing.
Right to withdraw consent: revoke consent where processing is based on consent.
Right to lodge a complaint: if you believe your rights have been violated, you may contact a supervisory authority.
Raating implements industry-standard security controls including encryption, access restrictions, and regular audits to protect your personal data from unauthorized access, loss, or misuse.
However, please be aware that no method of electronic transmission or storage is completely secure.
Raating does not use automated decision-making or profiling processes that have a legal or similarly significant effect on you.
Our Platform is not intended for individuals under 18 years old. We do not knowingly collect personal data from children. If we become aware that a child has provided personal data, we will promptly delete it.
We may update this policy as needed to comply with legal requirements or changes to our services. We encourage you to review it regularly.
For questions about this GDPR Privacy Policy or to exercise your rights, please contact:
Email: privacy@raating.com
