Privacy Policy

1. Introduction

Welcome to WeCare!

Protecting your personal data is very important to us.

This Privacy Policy explains how we collect, process, and protect your information when you use our website (wecare.md) and our mobile applications (WECARE for Apple iOS and Google Android).

WECARE complies with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

2. Data Controller

The responsible entity (controller) for all data processing is:

3. Data We Collect

We collect and process the following categories of personal data when you use WECARE:

4. Purposes of Data Processing

We process your data to:

• Provide, operate, and improve the WECARE platform
• Verify user accounts and dealer profiles
• Facilitate communication between buyers and sellers
• Manage subscriptions and billing
• Ensure technical security and prevent fraud
• Comply with legal obligations (e.g., tax records, KYC verification)

5. Legal Basis

Data processing is carried out on the following legal grounds:

• Art. 6 (1) b GDPR – Performance of a contract or pre-contractual measures
• Art. 6 (1) a GDPR – User consent (e.g., for marketing emails, cookies)
• Art. 6 (1) c GDPR – Legal obligations
• Art. 6 (1) f GDPR – Legitimate interests (e.g., platform security, fraud prevention)

6. Cookies and Tracking

WECARE uses cookies and similar technologies to:

• Enable website and app functionality
• Save language and login preferences
• Analyze usage to improve performance

You can manage or disable cookies at any time in your browser or device settings.

Analytics and tracking tools are implemented in GDPR-compliant mode (e.g., anonymized IP, opt-out options).

7. Third-Party Services

We may use selected third-party providers to support platform operations, including:

• Hosting & Cloud: Vercel, AWS, Supabase
• Email & Notifications: Resend Inc.
• Payments: Stripe Inc., PayPal Europe
• Analytics: Google Analytics (GDPR compliant mode)

All partners process data under signed Data Processing Agreements (DPAs) in accordance with Art. 28 GDPR.

8. Data Retention

We store personal data only as long as necessary for the purposes stated above or as required by law.

After the retention period expires, your data will be deleted or anonymized.

9. Data Sharing and International Transfers

Data may be transferred to service providers within the EU / EEA or, if necessary, to countries with adequate data protection standards.

For transfers outside the EU/EEA, Standard Contractual Clauses (SCCs) approved by the EU Commission are applied.

10. Your Rights under the GDPR

You have the right to:

• Request access to your stored data (Art. 15 GDPR)
• Request correction of incorrect data (Art. 16 GDPR)
• Request deletion ("right to be forgotten") (Art. 17 GDPR)
• Restrict processing (Art. 18 GDPR)
• Object to processing based on legitimate interest (Art. 21 GDPR)
• Data portability (Art. 20 GDPR)

To exercise these rights, contact us at: support@wecare.md

You also have the right to lodge a complaint with your local Data Protection Authority, e.g. the Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW).

11. Data Security

WECARE uses industry-standard encryption (SSL/TLS) and secure server infrastructure.

Access to personal data is restricted to authorized employees and contractual partners bound by confidentiality agreements.

12. Children's Privacy

WECARE is not directed at children under 16 years of age.

We do not knowingly collect data from minors.

If we become aware that data were collected from a child, such data will be deleted immediately.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect technical or legal changes.

Users will be notified of significant updates.

The current version is always available at: www.wecare.md/privacy

14. Contact