Legal

Privacy Policy

How EasyWithdraw collects, uses, and protects personal data on its website and Shopify app.

Last updated

Last Modified: 4 June 2026

This Privacy Policy of R11N Ventures GmbH (doing business as EasyWithdraw) ("we," "us," or "our"), describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our services ("Services"), including when you:

  • Visit our marketing website (https://www.easywithdraw.eu/), or any website of ours that links to this Privacy Notice
  • Use EasyWithdraw: The EasyWithdraw application serves as an extension for online shops, available for installation through the Shopify marketplace. The application's primary function is to enable End Users (customers of an online shop) to declare the withdrawal from a contract (statutory right of withdrawal for distance contracts) directly through a withdrawal form embedded in the online shop, and to enable shop operators ("Merchants") to receive, manage, and document such withdrawal declarations. Furthermore, we operate a marketing website targeted towards B2B customers including online shop operators and their employees.
  • Engagement with sales, customer support, marketing, or events

Understanding this Privacy Statement will give you clarity about your privacy protections and available options. Should you find yourself uncomfortable with these data handling practices, we encourage you to refrain from utilizing our platform and associated features. For any privacy-related inquiries or clarifications, our Data Protection team is available to assist you via privacy@r11n.io.

Data controller and responsible body: R11N Ventures GmbH, Glasbläserallee 6, 10245 Berlin
Duly represented by Philipp Triebel / Data Protection Officer: dpo@r11n.io

Our role (controller vs. processor): For personal data submitted through a withdrawal form embedded in a Merchant's online shop (such as your name, email address, order number, and the items you withdraw from), the respective Merchant is the data controller, and we process this data on the Merchant's behalf as a data processor under a data processing agreement. We remain the data controller for our marketing website, Merchant account and configuration data, and for technical security and diagnostic data described in this Privacy Notice.

1. Privacy of Marketing Website Visitors

The following applies to visitors of our marketing website (https://www.easywithdraw.eu/) and prospective B2B customers of our services:

1.1. Information Collected

Personal information disclosed by you

We gather personal information that you voluntarily submit when requesting details about our organization, products, or Services, engaging with platform features, or initiating contact with us.

Sensitive Data Processing: Our systems do not process sensitive personal information.

You are responsible for ensuring all personal information provided is accurate, complete, and truthful. You must promptly inform us of any changes to maintain data accuracy.

Automatically collected information

During your interaction with our platform, our systems automatically gather technical data about your visit and usage patterns. The collected technical details include your device specifications, system settings, browsing habits, and network identifiers, such as operating system version, language settings, IP address, browser type, entry pages, and timing of platform usage. While this technical data does not directly identify you as an individual, it helps us ensure platform security, maintain stable operations, analyze usage patterns, and generate internal reports. Additionally, we employ standard web tracking methods, including cookies and related technologies, to collect usage data.

The information we collect includes:

  • Log and Usage Data: Our servers track and store technical data when you use our platform. These system records capture performance metrics, service diagnostics, and interaction patterns. Your digital footprint may include: network identifiers, hardware details, browser configuration, timestamp data of platform activities (including viewed content, search queries, and feature utilization), plus system behavior logs and technical issue reports, including debugging information.
  • Device Specifications: When connecting to our platform, we receive technical details about your access device, whether it's a desktop computer, smartphone, or tablet. This encompasses: network routing data, unique device markers, app identifiers, web browser details, internet connectivity provider information, operating system specifics, and system settings.
  • Geo data: We process geographic location information that may range from general area indicators to specific coordinates. The precision depends on your device type and settings. For instance, we may determine your general area through IP address mapping. While you can prevent location tracking by adjusting device permissions or settings, some platform features may become unavailable without location access.

1.2. How We Process Your Information

Your data enables us to provide our services in the following ways:

  • Service Provision: We handle your information to fulfill your service requests and ensure proper platform functionality.
  • Customer Support: Your data helps us address your questions, troubleshoot issues, and maintain service quality.
  • Promotional Communication: With your consent and preference settings, we process your data to share relevant updates and offers.
  • Quality Improvement: We analyze your input to enhance our services and may contact you to gather platform feedback.
  • Campaign Assessment: Understanding how users interact with our marketing efforts helps us provide more relevant content.
  • Security Measures: Your data helps maintain platform integrity through security monitoring and fraud prevention protocols.
  • Platform Enhancement: We examine usage patterns to optimize features and improve user experience.
  • Safety Protocols: When necessary, we process data to prevent harm and protect vital interests of platform users.

1.3. Overview of Tracking Use

Non-essential tags on our marketing website are loaded through Google Tag Manager and only fire in accordance with the consent choices you make in our cookie banner (consent mode).

Essential > Security Monitoring
Purpose: We use a web application firewall to keep our services and users protected from malicious activity.
Data Processor: Cloudflare, Inc., located at 101 Townsend St., San Francisco, California 94107 United States of America
Location of processing: Global (depending on user location in a Cloudflare data center close to the user)
Data Categories: IP address, timestamps, device information, traffic information, cookie identifiers (e.g. cf_clearance).
Duration: 7 days
Legal basis: Article 6(1)(f) - Legitimate Interest

Marketing > Live Chat
Purpose: Provide customer support through live chat service integrated in the website
Data Processor: Sendinblue SAS (Brevo), 17 rue de Salneuve, 75017, Paris, France
Location of processing: European Union
Data Categories: IP address, timestamps, device information, traffic information, cookie identifiers, sent messages, name, company name, email address
Duration: Up to 2 years
Legal basis: Art. 6 (1) (a) GDPR - Consent

Marketing > Newsletter
Purpose: Provide a newsletter about products and services of EasyWithdraw
Data Processor: Sendinblue SAS (Brevo), 17 rue de Salneuve, 75017, Paris, France
Location of processing: European Union
Data Categories: IP address, timestamps, device information, traffic information, cookie identifiers, sent messages, name, company name, email address
Duration: Up to 2 years
Legal basis: Art. 6 (1) (a) GDPR - Consent

Analytics > Web Analytics
Purpose: Gather usage statistics to improve the product experience
Data Processor: Google Analytics (Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)
Location of processing: Global (incl. United States of America)
Data Categories: IP address (anonymised), pseudonymous identifiers (e.g. GA cookie ID, Client ID), timestamps, requested URLs and referrer URL, pages viewed and on-page interaction events (clicks, scroll depth, video plays), session duration and frequency, browser and device details (type, operating system, screen resolution, language), and approximate geolocation (city/region derived from IP).
Duration: Up to 2 years
Legal basis: Art. 6 (1) (a) GDPR - Consent

Analytics > Product Analytics
Purpose: Understand how visitors use our website (e.g. heatmaps, session recordings, feedback) to improve usability and content
Data Processor: Hotjar Ltd., Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141, Malta
Location of processing: European Union
Data Categories: Pseudonymous identifiers (Hotjar cookie ID), timestamps, pages viewed, mouse movements, clicks, scroll behavior, viewport and device details (type, operating system, screen resolution, browser, language), approximate geolocation (country derived from IP), and survey/feedback responses you choose to submit
Duration: Up to 12 months
Legal basis: Art. 6 (1) (a) GDPR - Consent

Advertising > Meta
Purpose: Measure the effectiveness of our advertising campaigns and show relevant advertisements (including remarketing) on Meta platforms (Facebook, Instagram)
Data Processor: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland
Location of processing: European Union and United States of America (transfers to Meta Platforms, Inc. safeguarded by the EU-U.S. Data Privacy Framework and/or Standard Contractual Clauses)
Data Categories: Pseudonymous identifiers (e.g. Meta Pixel cookie IDs, click IDs), IP address, timestamps, pages viewed, conversion events, browser and device details
Duration: Up to 2 years
Legal basis: Art. 6 (1) (a) GDPR - Consent (opt-in; only active after your explicit consent)

Advertising > Google Ads
Purpose: Measure conversions from our advertising campaigns and show relevant advertisements (including remarketing) within the Google advertising network
Data Processor: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Location of processing: European Union and United States of America (transfers to Google LLC safeguarded by the EU-U.S. Data Privacy Framework and/or Standard Contractual Clauses)
Data Categories: Pseudonymous identifiers (e.g. advertising cookie IDs, click IDs), IP address, timestamps, pages viewed, conversion events, browser and device details
Duration: Up to 2 years
Legal basis: Art. 6 (1) (a) GDPR - Consent (opt-in; only active after your explicit consent)

2. Privacy of Merchants and Administrative Users

The following applies to B2B customers of our services (online shop operators and their employees) who install and use the EasyWithdraw application (e.g. through the Shopify marketplace):

2.1. Information Collected

Personal information disclosed by you or provided through Shopify

When you install the EasyWithdraw application, we receive account and contact information from Shopify, such as the shop name and domain, the shop owner's name and email address, and shop locale settings. In addition, we process the configuration choices you make within the application (e.g. notification preferences, withdrawal settings) and any information you voluntarily submit when contacting our support.

Sensitive Data Processing: Our systems do not process sensitive personal information.

Payment Data: To facilitate purchases, we may collect payment-related data such as payment instrument details and associated security credentials. Payment processing and data storage are managed exclusively by our payment processor, Shopify Inc. Their privacy practices can be reviewed at https://www.shopify.com/ca/legal/privacy.

You are responsible for ensuring all personal information provided is accurate, complete, and truthful. You must promptly inform us of any changes to maintain data accuracy.

Automatically collected information

During your interaction with our platform, our systems automatically gather technical data about your visit and usage patterns. The collected technical details include your device specifications, system settings, browsing habits, and network identifiers, such as operating system version, language settings, IP address, browser type, entry pages, and timing of platform usage. Additionally, we employ standard web tracking methods, including cookies and related technologies, to collect usage data.

2.2. How We Process Your Information

Your data enables us to provide our services in the following ways:

  • Service Provision: We handle your information to provide the EasyWithdraw application, including receiving, managing, and documenting withdrawal declarations submitted by your customers.
  • Notifications and Digest Emails: We send transactional emails about withdrawal declarations submitted in your shop (immediate notifications and/or daily or weekly digest summaries, depending on your configuration).
  • Customer Support: Your data helps us address your questions, troubleshoot issues, and maintain service quality.
  • Quality Improvement: We analyze usage of the application to enhance our services and may contact you to gather platform feedback.
  • Security Measures: Your data helps maintain platform integrity through security monitoring and fraud prevention protocols.
  • Platform Enhancement: We examine usage patterns to optimize features and improve user experience.

2.3. Overview of Tracking Use

Analytics tags in the merchant administration interface are loaded through Google Tag Manager (Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA).

Essential > Security Monitoring
Purpose: We use a web application firewall to keep our services and users protected from malicious activity.
Data Processor: Cloudflare, Inc., located at 101 Townsend St., San Francisco, California 94107 United States of America
Location of processing: Global (depending on user location in a Cloudflare data center close to the user)
Data Categories: IP address, timestamps, device information, traffic information, cookie identifiers (e.g. cf_clearance).
Duration: 7 days
Legal basis: Article 6(1)(f) - Legitimate Interest

Essential > Error Tracking & Diagnostics
Purpose: Detect, diagnose, and fix technical errors in the application, including sampled session replays for error diagnosis
Data Processor: Functional Software, Inc. (Sentry), 45 Fremont Street, 8th Floor, San Francisco, CA 94105, USA
Location of processing: European Union (data ingestion and storage in Frankfurt, Germany)
Data Categories: IP address, timestamps, device and browser information, error messages and stack traces, requested URLs, and sampled session replay data (user interface interactions) when an error occurs
Duration: Up to 90 days
Legal basis: Article 6(1)(f) - Legitimate Interest

Essential > Transactional Email
Purpose: Deliver transactional emails (withdrawal notifications, digest summaries) and track their delivery status
Data Processor: Plus Five Five, Inc. (Resend), San Francisco, California, USA (transfers safeguarded by Standard Contractual Clauses)
Location of processing: United States of America and European Union
Data Categories: Recipient email address, email subject and content, timestamps, delivery status (sent, delivered, bounced)
Duration: For the duration of the business relationship
Legal basis: Article 6(1)(b) - Contract

Analytics > Web Analytics
Purpose: Gather usage statistics about the merchant administration interface to improve the product experience. You may object to this processing at any time (see Section 4.8).
Data Processor: Google Analytics (Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)
Location of processing: Global (incl. United States of America)
Data Categories: IP address (anonymised), pseudonymous identifiers (e.g. GA cookie ID, Client ID), timestamps, requested URLs and referrer URL, pages viewed and on-page interaction events, session duration and frequency, browser and device details, and approximate geolocation (city/region derived from IP)
Duration: Up to 2 years
Legal basis: Article 6(1)(f) - Legitimate Interest (improvement of our B2B services)

Analytics > Product Analytics
Purpose: Understand how merchants use the administration interface (e.g. heatmaps, session recordings) to improve usability. You may object to this processing at any time (see Section 4.8).
Data Processor: Hotjar Ltd., Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141, Malta
Location of processing: European Union
Data Categories: Pseudonymous identifiers (Hotjar cookie ID), timestamps, pages viewed, mouse movements, clicks, scroll behavior, viewport and device details, approximate geolocation (country derived from IP)
Duration: Up to 12 months
Legal basis: Article 6(1)(f) - Legitimate Interest (improvement of our B2B services)

Support > Live Chat
Purpose: Provide customer support through a live chat service integrated in the administration interface (only active when you use the chat)
Data Processor: Sendinblue SAS (Brevo), 17 rue de Salneuve, 75017, Paris, France
Location of processing: European Union
Data Categories: IP address, timestamps, device information, traffic information, cookie identifiers, sent messages, name, company name, email address
Duration: Up to 2 years
Legal basis: Article 6(1)(b) - Contract / Article 6(1)(f) - Legitimate Interest

3. Privacy of End Users of the Withdrawal Form

The following applies to customers of online shops that embed the EasyWithdraw withdrawal button and form, to recipients of withdrawal confirmation emails, and to visitors of our public document verification page:

Our role: When you submit a withdrawal declaration through a Merchant's online shop, the Merchant is the data controller for your withdrawal data, and we process this data on the Merchant's behalf as a data processor. Please direct privacy requests concerning your withdrawal data primarily to the respective Merchant (the operator of the online shop); we support Merchants in fulfilling such requests. We remain the data controller for the technical security and diagnostic processing listed below.

3.1. Information Collected

Personal information disclosed by you

When you use the withdrawal form, we process the information you submit in order to declare your withdrawal:

  • Order number
  • Email address (used to verify the order)
  • Your name (as recorded in the order)
  • The items you select for withdrawal (including quantities)
  • An optional free-text reason for the withdrawal, if you choose to provide one

Sensitive Data Processing: Our systems do not process sensitive personal information. Please do not include sensitive personal information in free-text fields.

You are responsible for ensuring all personal information provided is accurate, complete, and truthful.

Automatically collected information

When you use the withdrawal form, our systems automatically gather technical data, including:

  • Log and Usage Data: Our servers track and store technical data when you use the withdrawal form, including network identifiers (IP address), browser and device details (user agent), language settings, timestamps of your interactions, and technical issue reports, including debugging information.
  • Geo data: We may determine your approximate location (e.g. country or region) through IP address mapping, for security purposes and to present the form in an appropriate language.

3.2. How We Process Your Information

Your data enables us to provide our services in the following ways:

  • Receiving and transmitting your withdrawal declaration: We process your information to receive your withdrawal declaration, verify it against the order, and transmit it to the Merchant.
  • Withdrawal confirmation: We send you an email confirming the receipt of your withdrawal declaration (statutory acknowledgement of receipt) on behalf of the Merchant.
  • Documentation and evidence: We maintain a tamper-proof record of your withdrawal declaration and its delivery (including email delivery status) so that the Merchant can document and prove the declaration and its timing, as required for statutory withdrawal rights.
  • Document export and verification: We generate cryptographically signed PDF exports of withdrawal records for the Merchant and operate a verification page that allows the authenticity of such documents to be confirmed.
  • Security Measures: Your data helps maintain platform integrity through security monitoring and abuse prevention protocols.

No advertising or analytics tracking: We do not use any advertising, marketing, or analytics tracking on the withdrawal form.

3.3. Overview of Tracking Use

The following processing happens automatically without explicit consent based on the specified legal basis and minimal privacy impact on users:

Functional Session Information
Purpose: We store certain information that is important for the correct functioning of the withdrawal form and security (e.g. language preference, a session token securing your form submission).
Data Processor: R11N Ventures GmbH (on Cloudflare, Inc. infrastructure)
Location of processing: Global (depending on user location in a Cloudflare data center close to the user)
Data Categories: Language preferences, session tokens
Legal Basis: Article 6(1)(b) - Contract
Duration: Session (expires when closing your browser or shortly after)

Security Monitoring
Purpose: We use a web application firewall to keep our services and users protected from malicious activity.
Data Processor: Cloudflare, Inc., located at 101 Townsend St., San Francisco, California 94107 United States of America
Location of processing: Global (depending on user location in a Cloudflare data center close to the user)
Data Categories: IP address, timestamps, device information, traffic information, cookie identifiers (e.g. cf_clearance).
Duration: 7 days
Legal basis: Article 6(1)(f) - Legitimate Interest

Error Tracking
Purpose: Detect, diagnose, and fix technical errors in the withdrawal form
Data Processor: Functional Software, Inc. (Sentry), 45 Fremont Street, 8th Floor, San Francisco, CA 94105, USA
Location of processing: European Union (data ingestion and storage in Frankfurt, Germany)
Data Categories: IP address, timestamps, device and browser information, error messages and stack traces, requested URLs
Duration: Up to 90 days
Legal basis: Article 6(1)(f) - Legitimate Interest

4. General Privacy Notice

The following applies to all data subjects: marketing website visitors, Merchants and administrative users, and End Users:

4.1. Hosting and General Service Providers

We use the following service providers to operate our Services. They process personal data on our behalf under data processing agreements:

  • Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA): hosting, content delivery network, and web application firewall. Location of processing: Global (depending on user location in a Cloudflare data center close to the user). Legal basis: Article 6(1)(b) - Contract / Article 6(1)(f) - Legitimate Interest.
  • Neon, Inc.: managed PostgreSQL database hosting. Location of processing: European Union (Frankfurt, Germany). Legal basis: Article 6(1)(b) - Contract.
  • Functional Software, Inc. (Sentry) (45 Fremont Street, 8th Floor, San Francisco, CA 94105, USA): error tracking. Location of processing: European Union (data ingestion and storage in Frankfurt, Germany). Legal basis: Article 6(1)(f) - Legitimate Interest.
  • Datadog, Inc. (620 8th Avenue, 45th Floor, New York, NY 10018, USA): error tracking and infrastructure monitoring (server-side logs and metrics). Location of processing: European Union (EU site, Frankfurt, Germany). Data Categories: IP addresses, timestamps, request metadata, error messages. Legal basis: Article 6(1)(f) - Legitimate Interest.
  • Plus Five Five, Inc. (Resend) (San Francisco, California, USA): transactional email delivery (e.g. withdrawal confirmations, Merchant notifications). Location of processing: United States of America and European Union (transfers safeguarded by Standard Contractual Clauses). Legal basis: Article 6(1)(b) - Contract.
  • Google Fonts (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland): web fonts loaded from Google servers. When fonts are loaded, your IP address and technical request data are transmitted to Google. Legal basis: Article 6(1)(f) - Legitimate Interest (consistent and performant display of our Services).

This section applies to you, when located in the EU or UK:

Under data protection laws, including European and UK regulations, we must establish valid legal grounds for processing your personal data. Our processing activities are based on and are referenced with the respective activity in Sections 1, 2 and 3:

  • Consent: Processing occurs when you provide explicit permission for specific uses of your data. You retain the right to revoke this permission anytime.

  • Performance of a Contract: We process data necessary to deliver our services and meet our contractual commitments to you, including pre-contract preparations at your request.

  • Legitimate Interest: When our legitimate operational needs don't override your fundamental rights, we may process data to:

    • Provide promotional offers and service updates
    • Create relevant user content and advertising
    • Evaluate and enhance service performance
    • Conduct marketing initiatives
    • Maintain technical functionality
    • Prevent misuse
    • Improve user experience through platform analysis

  • Legal Obligations: We handle data as required by applicable laws, including cooperation with authorities, protection of legal interests, and participation in legal proceedings.

  • Vital Interests: Processing may occur to protect essential individual interests during safety-critical situations.

This section applies to you, when located in Canada:

Your personal information may be processed based on either explicit authorization (express consent) or reasonably presumed permission (implied consent) for specified purposes. You maintain the right to revoke such consent at any time.

Applicable law permits certain exemptions where we may process your information without obtaining consent, including but not limited to:

  • Emergency situations where obtaining consent is impracticable and collection serves individual interests
  • Detection, prevention, and investigation of fraudulent activities
  • Qualified business transactions meeting statutory requirements
  • Insurance claim processing requiring witness statement evaluation
  • Emergency contact and identification of individuals in medical distress or deceased
  • Reasonable suspicion of financial exploitation or abuse
  • Investigative purposes where consent requirements would impair information integrity or availability regarding contract breaches or legal violations
  • Compliance with judicial orders, warrants, subpoenas, or court-mandated record production
  • Professional or business records collected within scope of original purpose
  • Legitimate journalistic, artistic, or literary endeavors
  • Publicly accessible information as defined by regulatory provisions

4.3. Sharing of Personal Information

We share personal information with the service providers (data processors) listed in this Privacy Notice, in each case under a written data processing agreement and only to the extent necessary to provide our Services.

In connection with corporate transactions, we reserve the right to transfer your personal data as part of any merger, asset sale, financing arrangement, or acquisition, whether during preliminary negotiations or upon completion of such transactions, where your information may be among the transferred business assets or be subject to ownership changes.

4.4. Use of Tracking and Cookies

Our platform employs cookies and related tracking mechanisms (including but not limited to web beacons and pixel tags) to collect usage data during your interaction with our Services. Certain tracking technologies are essential for maintaining platform security, preventing system failures, addressing technical issues, retaining user preferences, and enabling core functionality.

On our marketing website, we additionally authorize third-party service providers to deploy tracking technologies for analytical and advertising purposes, subject to your consent. Such technologies enable these providers to manage advertisement delivery and implement remarketing campaigns (subject to your communication preferences). These authorized providers utilize their proprietary technologies to deliver relevant advertisements about products and services, which may appear within our Services or across other digital properties.

Please review the specific tracking and cookie use under Sections 1.3, 2.3 and 3.3 depending on your data subject group.

What are Cookies: Cookies are small text files that websites place on your device to store information about your preferences, improve your experience, and help the website operator understand how people use their site. Similar tracking technologies like web beacons, pixels, and tags work in comparable ways.

Cookie Management: You can control cookies through your browser settings:

  • Block all cookies
  • Allow only first-party cookies
  • Delete cookies when closing your browser
  • Accept cookies from specific websites

Popular browsers provide these controls at:

  • Chrome: Settings > Privacy and Security > Cookies and other site data
  • Firefox: Options > Privacy & Security > Enhanced Tracking Protection
  • Safari: Preferences > Privacy > Cookies and website data
  • Edge: Settings > Cookies and site permissions

Please note that blocking certain cookies may impact website functionality.

Each third-party partner processes data according to their own privacy policies, which we encourage you to review.

4.5. How long we keep personal information

Your personal information shall be retained only for the duration necessary to fulfill the purposes outlined in this Privacy Notice, except where extended retention periods are mandated or permitted by law, including but not limited to tax regulations, accounting requirements, or other legal obligations. For marketing and analytics data, the purposes described herein do not necessitate retention beyond a period of two years.

Withdrawal records: Withdrawal declarations, the associated audit trail (including email delivery records), and cryptographically signed export records serve as evidence of statutory withdrawal declarations and their timing. These records are retained on behalf of the respective Merchant for the duration of our contractual relationship with the Merchant plus applicable statutory limitation and retention periods (up to 10 years under applicable commercial and tax law). Where an erasure request is verified and no overriding retention obligation applies, we redact personal data (such as name and email address) from these records while preserving the non-personal evidentiary record.

Upon cessation of legitimate business necessity for processing your personal information, we shall either permanently delete or irreversibly anonymize such data. In instances where immediate deletion or anonymization is not technically feasible (such as data stored in backup systems), such personal information shall be securely maintained in isolation from active processing until permanent deletion becomes technically practicable.

4.6. Security

Our organization maintains comprehensive technical and organizational security protocols designed to safeguard all personal information under our control. These security measures are regularly evaluated and updated to protect data during processing, transmission, and storage.

Notwithstanding these protective measures, please be advised that no method of electronic transmission or digital storage system can ensure absolute security. While we employ industry-standard protections, we cannot guarantee complete immunity from unauthorized access, acquisition, or alteration of your information by third parties who may circumvent our security infrastructure. Therefore, any transmission of personal information in connection with our Services carries inherent risks. We recommend accessing our Services only through secure networks and environments to minimize potential vulnerabilities.

4.7. Collection of information of minors

Our Services are intended solely for users aged 18 and above. We neither intentionally gather information from nor direct marketing activities toward individuals under 18 years of age. Furthermore, we do not engage in the sale of personal information belonging to minors under 18.

Your use of our Services constitutes an affirmation that you have reached the age of majority (18 years) or are a parent/legal guardian consenting to a minor dependent's use of the Services. Upon discovery of any personal information collected from users under 18, we shall promptly terminate the associated account and implement reasonable procedures to delete such data from our systems. Please notify our Data Protection team at dpo@r11n.io if you become aware of any information we may have inadvertently collected from individuals under 18.

4.8. Data Subject Rights

Residents of certain jurisdictions (including the EEA, UK, Switzerland, and Canada) are entitled to specific rights under their respective data protection laws. These rights encompass: accessing and obtaining copies of your personal information; requesting corrections or deletion; limiting information processing; objecting to processing based on legitimate interest; exercising data portability where applicable; and exemption from automated decision-making. To exercise these rights, contact us through the methods outlined in our "Contact Information" section.

For personal data submitted through a withdrawal form in a Merchant's online shop, please address your request primarily to the respective Merchant, who is the data controller for this data; we assist Merchants in fulfilling such requests.

Each request will be evaluated and addressed in compliance with applicable data protection regulations.

EEA and UK residents may file complaints with their respective data protection authorities (EU and for UK) if they believe our processing activities violate applicable laws. Swiss residents may seek recourse through the Federal Data Protection and Information Commissioner.

  • Withdrawing consent: Where consent forms the basis of processing, whether expressed or implied as permitted by law, you maintain the right to withdraw such consent. Contact us via the methods detailed in our "Contact Information" section to withdraw consent. Note that withdrawal of consent: (1) does not impact the legitimacy of prior processing activities, and (2) where legally permitted, does not affect processing conducted under alternative legal bases.
  • Objecting to processing based on legitimate interest: Where we process your personal data based on legitimate interest (e.g. analytics in the merchant administration interface), you may object to such processing at any time on grounds relating to your particular situation by contacting us via the methods detailed in our "Contact Information" section.
  • Opting out of marketing and promotional communications: You may discontinue receipt of marketing communications by utilizing the unsubscribe mechanism in our emails or by contacting us directly. While marketing communications will cease, we reserve the right to send administrative messages necessary for account management, service delivery, or other non-promotional purposes.
  • Cookie Management: Browser settings typically accept cookies by default. You may modify these settings to remove or reject cookies, though this may impact service functionality.

Direct privacy-related inquiries to dpo@r11n.io.

4.9. Do-not-track Features

We acknowledge that various web browsers, mobile operating systems, and applications offer Do-Not-Track ("DNT") functionality to indicate your tracking preferences for online activities. However, due to the current absence of a standardized implementation protocol for DNT signals across the digital ecosystem, our systems do not presently recognize or process such signals. Should industry-wide standards for DNT signal processing be established and legally mandated, we will update our practices accordingly and notify you through revisions to this Privacy Notice.

5. Policy Updates

This Privacy Notice may be periodically revised to reflect changes in our practices. Material updates will be indicated by a new "Last Modified" date at the beginning of this Notice. We reserve the right to notify you of significant changes either through prominent website notifications or direct communications. Regular review of this Privacy Notice is recommended to stay informed about our data protection practices and your privacy rights.

6. Review, Edit or Delete Personal Information

Subject to the privacy laws of your jurisdiction (country or U.S. state of residence), you may be entitled to: request details about your personal information in our systems, understand our processing activities, rectify inaccurate data, obtain copies of your information, or request its deletion. Additionally, you may have the right to revoke previously granted authorization for processing your personal information. Please note that certain legal restrictions may limit the exercise of these rights.

To exercise your data privacy rights or manage your personal information, please submit your request to dpo@r11n.io.

We're launching soon

Our app is not listed yet, please reach out via chat or email at support@easywithdraw.eu

By accepting, you agree to our use of cookies and similar technologies to enhance your browsing experience and analyze site traffic. Read our Privacy Policy for more information.

Necessary (Security and functionality)Analytics (Improving our product)Marketing (Ads and retargeting)