Privacy Policy
Last Updated: 01.05.2025
At Belvagio, the protection of your personal information and your privacy rights are of utmost importance to us. This Privacy Policy is intended to provide you with a detailed and transparent explanation of how we collect, use, store, and protect your personal data when you access or interact with our website, engage with our services, or participate in any of our reward-based digital experiences.
1. Data Controller
Belvagio is the data controller responsible for determining the purposes and means by which your personal data is processed, in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and other relevant data protection laws.
Legal Entity: Belvagio Grand Rewards
Contact Address: [email protected]
2. Categories of Data We Collect
We collect various types of personal information through our platform in both automated and manual ways. These categories include but are not limited to:
a. Identity and Contact Information
Full legal name
Email address
Date of birth / age confirmation
Residential and/or shipping address
Nationality and jurisdiction of residence
Telephone number (where applicable)
b. Account and Transaction Data
Usernames and encrypted passwords
User ID and account metadata
Credit purchase and usage history
Reward Event participation logs
Shipping and fulfillment status
c. Technical and Usage Data
Device identifiers and browser user agent strings
IP address, geolocation estimates, time zone settings
Browsing patterns, page response times, download errors
Referring URLs and interactions within the platform
d. Special Categories (if applicable)
We generally do not collect sensitive personal data (e.g., biometric or health data). In rare cases where identity verification requires additional documentation, such data is handled with strict confidentiality and processed only when legally mandated.
3. Purpose and Legal Grounds for Processing
We process your data exclusively in alignment with applicable data protection legislation and under the following legal bases:
Performance of a contract: To fulfill obligations under the user agreement and deliver our services, including account management, reward participation, and product fulfillment.
Legal obligations: To comply with regulatory requirements related to age verification, anti-fraud, taxation, and lawful processing mandates.
Legitimate interests: To enhance user experience, secure our platform, and prevent fraudulent behavior, provided such interests are not overridden by your fundamental rights.
Consent: For the provision of marketing communications, non-essential cookies, and any other processing activity not covered under the above bases.
Where consent is the legal basis, you have the right to withdraw it at any time without affecting the legality of prior processing.
4. Data Sharing and Third-Party Access
We do not sell your personal data under any circumstance. However, we may share your information with select third parties who act as data processors or joint controllers under strict contractual agreements, including:
Payment processors: For secure and compliant handling of monetary transactions.
Shipping and logistics providers: To fulfill and track the delivery of physical rewards.
Identity verification services: For regulatory compliance where high-value prizes or legal mandates require such validation.
IT infrastructure and security services: To ensure platform integrity, performance, and protection against threats.
Regulatory authorities and legal advisors: Where required by law, court order, or lawful governmental request.
All third-party partners are subject to binding data protection agreements and undergo due diligence assessments.
5. International Transfers
If your data is transferred outside of the European Economic Area (EEA), we ensure that one or more of the following legal safeguards are in place:
Adequacy decisions from the European Commission
Standard Contractual Clauses (SCCs) as approved by the European Commission
Binding Corporate Rules (BCRs) where applicable
6. Retention of Personal Data
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements. Standard retention periods are as follows:
Account data: Retained while your account is active and for up to 6 years thereafter
Transactional records: Retained for 10 years as required by financial law
Marketing preferences: Retained until you withdraw consent
7. Security Measures
We implement a wide array of organizational, administrative, and technical safeguards to protect your data, including:
SSL encryption for data transmission
Multi-factor authentication (MFA) for account access
Continuous monitoring of infrastructure
Role-based access control
Regular security audits and vulnerability assessments
8. Your Privacy Rights
Subject to verification, you have the following rights under GDPR and related legislation:
Right to Access: Obtain a copy of the personal data we hold about you
Right to Rectification: Request correction of inaccurate or incomplete data
Right to Erasure: Request deletion where processing is no longer necessary
Right to Restrict Processing: Temporarily block processing under certain conditions
Right to Data Portability: Receive a structured, machine-readable copy of your data
Right to Object: Oppose processing based on legitimate interests
Right to Withdraw Consent: Applicable where consent is the basis for processing
To exercise any of the above rights, please contact us at [email protected]. We endeavor to respond to all legitimate requests within 30 days.
9. Cookies and Similar Technologies
We use cookies and similar technologies to enhance your experience, analyze traffic, and provide tailored content. You can manage cookie preferences via our cookie banner or your browser settings. Please refer to our [Cookie Policy] for full details.
10. Changes to This Policy
We reserve the right to amend this Privacy Policy at any time in response to evolving legal, technological, or business developments. Material changes will be communicated via email or prominent platform notifications. The updated version will always be accessible on our website.
11. Contact and Complaints
If you have any questions or concerns about this policy or your personal data, please contact:
Belvagio Data Protection Officer
Email: [email protected]
If you are not satisfied with our response, you may lodge a complaint with your local data protection authority.
12. Alternative Dispute Resolution
In accordance with Article 14 of Regulation (EU) No. 524/2013 on Online Dispute Resolution for Consumer Disputes, we inform you that the European Commission provides a platform for online dispute resolution (ODR), which can be accessed at: https://ec.europa.eu/consumers/odr.
Consumers may use this platform to resolve their disputes. However, we are neither obliged nor willing to participate in a formal dispute settlement procedure before a consumer arbitration board. In case of any issues, we strongly encourage direct contact via [email protected] so we can find a swift and fair resolution.
By accessing or using our services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your data as described.
_NsX_fQRgIB70dFzI0FlYR.png?width=48&quality=80&format=auto){kind=small}
_IqLfyuKy_DfpFS3D023hr.png?width=48&quality=80&format=auto){kind=small}
_8rwn6VIx8AI6FDmnd9H42.png?width=48&quality=80&format=auto){kind=small}