Privacy Policy
Last Updated: November 10, 2025 | Effective Date: November 10, 2025
Your Privacy Matters: At Malikoo (The Funny Rabbit), we are committed to protecting your privacy and ensuring transparency about how we collect, use, and safeguard your personal data. This Privacy Policy is fully compliant with GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Act), and applicable international data protection laws as of 2025.
Table of Contents
- 1. Company Information
- 2. Data Controller & DPO Contact
- 3. What Data We Collect
- 4. How We Use Your Data
- 5. Legal Basis for Processing
- 6. Data Sharing & Third Parties
- 7. Cookies & Tracking Technologies
- 8. Data Retention Periods
- 9. Your Privacy Rights (GDPR)
- 10. Data Security Measures
- 11. International Data Transfers
- 12. Children's Privacy
- 13. Policy Updates
- 14. Contact Us
1. Company Information
Legal Entity Name: Malikoo Technologies SARL
Trade Name: Malikoo - The Funny Rabbit
Business Registration: [Your SIRET/Company Registration Number]
Registered Address: [Your Complete Business Address with City, Postal Code, Country]
Website: https://malikoo.com
Email: contact@malikoo.com
2. Data Controller & Data Protection Officer (DPO)
Malikoo Technologies SARL acts as the Data Controller for all personal data collected through our website and services.
Data Protection Officer (DPO)
Name: [DPO Name or Position]
Email: privacy@malikoo.com
Response Time: We commit to responding to all privacy inquiries within 72 hours and resolving requests within 30 days as required by GDPR.
3. What Personal Data We Collect
3.1 Data You Provide Directly
When you interact with our website, create an account, or contact us, we may collect:
- Identity Data: Name, username, email address
- Contact Data: Email address, phone number (if provided)
- Account Data: Username, password (encrypted), account preferences
- Communication Data: Messages, feedback, support tickets, newsletter subscriptions
- Transaction Data: Download history, resource preferences, saved favorites
3.2 Data Collected Automatically
When you visit our website, we automatically collect certain technical data:
- Technical Data: IP address, browser type and version, device type, operating system, screen resolution
- Usage Data: Pages visited, time spent on pages, links clicked, download actions, search queries
- Location Data: Approximate geographic location based on IP address (country/city level)
- Referral Data: Source website or search engine that directed you to Malikoo
3.3 Data from Third-Party Sources
- Analytics Services: Google Analytics (aggregated behavior data)
- Social Media: If you interact with our social media profiles (publicly available data only)
- Security Services: Cloudflare or similar CDN/security providers (connection data for DDoS protection)
4. How We Use Your Personal Data
We use your personal data for the following purposes:
4.1 Essential Website Operations
- Providing access to our curated resources, themes, plugins, and scripts
- Managing user accounts and authentication
- Processing download requests and tracking download limits
- Responding to your inquiries and support requests
4.2 Improving User Experience
- Analyzing website usage patterns to improve navigation and content
- Personalizing resource recommendations based on your interests
- Remembering your preferences (language, display settings)
- Conducting A/B testing for website optimization
4.3 Communication & Marketing
- Sending service-related emails (account updates, security alerts)
- Delivering newsletters with new resources and tutorials (with explicit consent)
- Notifying you about important updates to our services or policies
- Conducting user surveys to gather feedback (with consent)
4.4 Security & Legal Compliance
- Detecting and preventing fraud, spam, and abuse
- Protecting against malicious activities and security threats
- Complying with legal obligations and regulatory requirements
- Enforcing our Terms of Service and investigating violations
5. Legal Basis for Processing (GDPR Compliance)
Under GDPR, we process your personal data based on the following legal grounds:
| Processing Purpose | Legal Basis |
|---|---|
| Account management & service delivery | Contract Performance: Necessary to provide services you requested |
| Marketing communications (newsletters) | Consent: You explicitly opted in (can withdraw anytime) |
| Website analytics & improvement | Legitimate Interest: Improving our services and user experience |
| Security & fraud prevention | Legitimate Interest: Protecting our users and business operations |
| Legal compliance (tax, regulatory) | Legal Obligation: Required by law in our jurisdiction |
6. Data Sharing & Third-Party Services
We NEVER sell your personal data to third parties. We only share data with trusted service providers under strict conditions:
6.1 Service Providers We Use
- Hosting Provider: [Your hosting company] - stores website data and databases (GDPR-compliant EU/EEA servers)
- Email Services: [Your email provider, e.g., SendGrid, Mailchimp] - delivers newsletters and transactional emails (with your consent)
- Analytics: Google Analytics - provides anonymized website usage statistics (IP anonymization enabled)
- CDN/Security: Cloudflare - protects against DDoS attacks and improves website speed (minimal data processing)
- Payment Processor: [If applicable, e.g., Stripe, PayPal] - processes donations or premium services (PCI-DSS compliant)
6.2 Data Processing Agreements
All third-party service providers are contractually bound to:
- Process data only according to our instructions
- Implement appropriate security measures
- Comply with GDPR and applicable data protection laws
- Delete or return data upon contract termination
6.3 Legal Disclosures
We may disclose your data if required by law, court order, or to:
- Comply with legal processes or government requests
- Enforce our Terms of Service or investigate violations
- Protect the rights, property, or safety of Malikoo, our users, or the public
- Detect, prevent, or address fraud, security, or technical issues
7. Cookies & Tracking Technologies
We use cookies and similar technologies to enhance your browsing experience and analyze website traffic.
7.1 Types of Cookies We Use
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential Cookies | Session management, authentication, security | Session or 30 days |
| Preference Cookies | Remember language, theme, display settings | 1 year |
| Analytics Cookies | Google Analytics - anonymous usage statistics | 2 years |
| Advertising Cookies | Google Ads (if applicable) - relevant ads | Up to 2 years |
7.2 Managing Cookies
You can control cookies through:
- Browser Settings: Most browsers allow you to block or delete cookies
- Cookie Consent Tool: Use our cookie banner to accept/reject non-essential cookies
- Google Analytics Opt-Out: Install Google's opt-out browser add-on
- Ad Preferences: Manage Google Ads settings at adssettings.google.com
Note: Disabling essential cookies may affect website functionality (login, security features).
8. Data Retention Periods
We retain your personal data only as long as necessary for the purposes outlined in this policy or as required by law:
| Data Type | Retention Period | Reason |
|---|---|---|
| Account Information | Duration of account + 30 days after deletion | Service delivery & recovery window |
| Download History | 2 years from last download | Analytics & abuse prevention |
| Support Communications | 3 years from last contact | Customer service quality & legal requirements |
| Website Analytics Data | 26 months (Google Analytics default) | Usage analysis & improvement |
| Security Logs (IP, access) | 12 months | Security incident investigation |
| Marketing Consent Records | Duration of consent + 3 years | Legal compliance proof |
After retention periods expire, we securely delete or anonymize your data.
9. Your Privacy Rights (GDPR Compliance)
Under GDPR, You Have the Following Rights:
1. Right to Access: Request a copy of all personal data we hold about you
2. Right to Rectification: Correct inaccurate or incomplete data
3. Right to Erasure ("Right to be Forgotten"): Request deletion of your data when:
- Data is no longer necessary for original purpose
- You withdraw consent (where processing based on consent)
- You object to processing and there are no overriding legitimate grounds
- Data was unlawfully processed
4. Right to Restrict Processing: Limit how we use your data in certain circumstances
5. Right to Data Portability: Receive your data in structured, machine-readable format (CSV, JSON) to transfer to another service
6. Right to Object: Object to processing based on legitimate interests or for direct marketing purposes
7. Right to Withdraw Consent: If processing is based on consent, withdraw it at any time (doesn't affect lawfulness of previous processing)
8. Right Not to be Subject to Automated Decision-Making: We do not use automated profiling or decision-making that significantly affects you
How to Exercise Your Rights
To exercise any of these rights, contact our Data Protection Officer:
- Email: privacy@malikoo.com
- Subject line: "GDPR Request - [Your Right, e.g., Data Access]"
- Include: Your registered email, account details, and specific request
Response Time: We will respond within 30 days (may extend to 60 days for complex requests with notification).
Verification: We may request identity verification to protect your data from unauthorized access.
Right to Lodge a Complaint
If you believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local Data Protection Authority (DPA):
- EU/EEA: Find your national DPA
- France: Commission Nationale de l'Informatique et des Libertés (CNIL) - www.cnil.fr
- UK: Information Commissioner's Office (ICO) - ico.org.uk
10. Data Security Measures
🔒 How We Protect Your Data
We implement industry-standard security measures to protect your personal data:
Technical Measures:
- Encryption: SSL/TLS encryption for all data in transit (HTTPS)
- Password Security: Bcrypt hashing for stored passwords (never plain text)
- Database Security: Encrypted databases with access controls
- Firewall Protection: Web Application Firewall (WAF) to block malicious traffic
- DDoS Protection: Cloudflare or similar services to prevent attacks
- Regular Backups: Encrypted daily backups stored in secure locations
Organizational Measures:
- Access Control: Role-based access limits (principle of least privilege)
- Employee Training: Regular data protection and security training
- Confidentiality Agreements: All staff sign NDAs and data protection agreements
- Incident Response: Data breach response plan with notification procedures
- Security Audits: Regular vulnerability assessments and penetration testing
- Vendor Management: Due diligence on all third-party processors
Data Breach Notification
In the unlikely event of a data breach affecting your personal data, we will:
- Notify the relevant Data Protection Authority within 72 hours of discovery
- Inform affected users via email within 72 hours if the breach poses high risk
- Provide details about the breach, data affected, and measures taken
- Offer guidance on protective steps you can take
11. International Data Transfers
Primary Data Location: All personal data is primarily stored on servers located in the European Union/European Economic Area (EU/EEA) to ensure GDPR compliance.
Transfers Outside EU/EEA
Some third-party services may process data outside the EU/EEA (e.g., Google Analytics servers in the US). When this occurs, we ensure adequate protection through:
- Standard Contractual Clauses (SCCs): EU-approved data transfer agreements
- Adequacy Decisions: Transfers only to countries with EU-recognized adequate protection
- Privacy Shield Successors: Compliance with updated US-EU data transfer frameworks
- Additional Safeguards: Encryption, access controls, and data minimization
12. Children's Privacy (COPPA & GDPR Compliance)
Age Requirement: Malikoo's services are intended for users aged 16 years and older (or 13+ with parental consent in jurisdictions allowing it).
No Intentional Collection: We do not knowingly collect personal data from children under 16 without verifiable parental consent.
If We Discover Child Data
If we learn that we have collected personal data from a child under 16 without proper consent:
- We will delete the data immediately (within 48 hours)
- We will terminate the associated account
- We will notify the Data Protection Officer for review
Parental Rights: Parents/guardians can contact privacy@malikoo.com to:
- Request access to their child's data
- Request deletion of their child's data
- Refuse further collection or use of their child's data
13. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect:
- Changes in our data practices or services
- New legal requirements or regulations
- Improvements to our privacy protections
- Feedback from users or regulators
Notification of Changes
Material Changes: If we make significant changes affecting how we use your personal data, we will:
- Email registered users at least 30 days before the changes take effect
- Display a prominent notice on our website homepage
- Update the "Last Updated" date at the top of this policy
- Obtain renewed consent if required by law
Minor Updates: For non-material changes (clarifications, formatting), we will simply update this page with a new "Last Updated" date.
Previous Versions: We maintain an archive of previous Privacy Policy versions available upon request to privacy@malikoo.com.
14. Contact Us
Privacy & Data Protection Inquiries
For questions, concerns, or requests regarding this Privacy Policy or your personal data:
Data Protection Officer (DPO):
Email: privacy@malikoo.com
Response Time: Within 72 hours
General Support:
Email: support@malikoo.com
Website: https://malikoo.com/contact
Postal Address:
Malikoo Technologies SARL
[Your Complete Business Address]
[City, Postal Code]
[Country]
Business Hours: Monday-Friday, 9:00 AM - 6:00 PM CET
Commitment to Transparency
At Malikoo, we believe privacy is a fundamental right, not a luxury. Unlike many "free premium" sites that operate in legal gray zones with hidden agendas, we are fully transparent about:
- Who we are (real company, real team, real location)
- What data we collect and why
- How we protect your information
- Your rights and how to exercise them
- Who to contact with concerns
This comprehensive Privacy Policy demonstrates our commitment to ethical operations, legal compliance, and user trust - core values that differentiate Malikoo from questionable competitors in the open-source resource space.
Thank you for trusting Malikoo with your privacy. We earn that trust every day through transparency, security, and respect for your rights.
