Skip to content

JustUS Data Security & Privacy Policy

This policy explains how our organization uses the personal data we collect from you when you use being-justus.com

Who is collecting my data?

Plastic Bank Recycling Corporation, which includes our separately incorporated international Plastic Bank operations in Brazil, the Philippines, Indonesia, and Egypt.

Plastic Bank Recycling Corporation

3200 – 650 West Georgia Street

Vancouver, BC V6B 4P7

Legal basis for collecting your data

Our legal basis for collecting data is Consent.

This document discloses what we collect and how we use the data we collect so that you are able to provide informed consent before proceeding to use the website and other services. It is linked from all places where users register or submit other personally identifiable information.

What data do we collect?

Data collected varies depending on your interaction with the site.

  • Name
  • Email
  • Country
  • City
  • Address (purchases)
  • Phone Number, (purchases)

How and when do we collect your data?

You directly provide us with most of the data we collect. We collect data and process data when you:

  • Register online or place an order
  • Voluntarily complete a contact form or customer survey
  • Enter a draw or contest online or at an event,
  • Provide feedback on any of our forms or via email,
  • Use or view our website via scripts (cookieless) and your browser’s cookies as covered in our Cookie policy.

How will we use your data?

  • To process your orders and manage your account
  • To email subscribed users
  • To localize the information you see
  • To make program and impact suggestions relevant to you
  • To improve your user experience on our website
  • To follow up with users who request more information or fill out one of our contact forms

Data sharing with third party service providers

We employ services from companies and individuals to help us operate our websites as described in the previous section, and to deliver benefits to members of our recycling ecosystems.

All third parties are required to provide us with an appropriate Data Processing Agreement and take appropriate security measures to protect your data in line with our policies. We do not allow them to use your data for their own purposes. We permit them to process your data only for specified purposes and in accordance with our instructions.

Where your data is shared with third parties, we always seek to share the minimum amount necessary.

Analytics and Advertising

We employ third-party tools to monitor and analyze the use of our websites, and to automate certain processes related to the development and operation of our websites. You can opt out of tracking with your cookie settings.

PostHog

We use PostHog to track how web visitors use our website and platform. This includes IP address, browser footprint, and other identifying details shared during registration. Activity data from PostHog is combined with data from other sources into customer profiles used in our platform for customizations and experience optimization. PostHog data is stored in the United States.

Resend

We use Resend to deliver transactional and marketing emails to our users and members. This includes email address, name, and email engagement data such as opens, clicks, bounces, and unsubscribes. Resend processes this data on our behalf to ensure reliable email delivery and to help us monitor communication performance. Email engagement data may be combined with profile data stored in other systems disclosed here. Resend data is stored in the United States. You can opt out of marketing emails at any time using the unsubscribe link included in our emails.

Advertising

We use tracking pixels, scripts, and cookies to share usage information with various advertising and social media platforms including but not limited to Google, Meta, TikTok, and LinkedIn to target website users and track the effectiveness of our marketing efforts. Data for these platforms can be stored in a number of locations depending on the users location. You can opt out of tracking by these services with your cookie settings.

Video Data

We use YouTube and Wistia to host and stream videos used on our site. Both set cookies to track video statistics. You can opt out of tracking by these services with your cookie settings.

Fulfillment & Customer Service

Transaction processing

When we process your web order, we send your order data - in conjunction with location information - to Stripe or PayPal to exchange funds and prevent fraudulent purchases. Both are located in the United States.

Merchandise delivery

If you order physical goods, we share your data with fulfillment partners for delivery of purchases. These vary based on your location.

Infrastructure

Vercel

The Platform being-justus.com is an app hosted on Vercel. Vercel is SOC 2 Type II and GDPR compliant as well as ISO Certified. For details, see https://security.vercel.com/

AWS EC2

AWS protects customer data through its global cloud security program, including physical data center security, network and virtualization isolation, encryption options, IAM‑based access controls, and monitoring under the AWS Shared Responsibility Model. More information is available in AWS’s Data Protection documentation: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/data-protection.html

Convex

Convex is a Backend‑as‑a‑Service platform that hosts our application data and backend logic on its managed cloud infrastructure. It is operated with SOC 2 Type II–audited security controls. For details, see https://www.convex.dev/security

Neon

Neon is a serverless PostgreSQL database platform that stores and processes application data on its managed cloud infrastructure. Neon protects customer data through cloud‑native architectural separation of compute and storage, durable storage layers, and security controls documented in its official security guidelines. For details, see: https://neon.com/docs/security/overview

Cloudflare

Cloudflare provides proxy, security and CDN services. https://www.cloudflare.com/trust-hub/compliance-resources/

How do we store and protect your data?

Profile and registered Member data is stored in an encrypted database protected by industry standard firewalls and anti-virus software.

Subscriber data is stored and processed by Resend

Plastic Bank and our third party data partners protect your data by following industry standard best practices for maintaining up to date security software on our servers, conducting regular risk assessments, encrypting and securely backing up data. Our staff are trained on the importance of protecting all personal data and we ensure that our vendors and partners have similar practices in place.

Plastic Bank will keep your data for a maximum of 5 years or as required by law from the last date of user activity, or upon a verified request for deletion (see below). We may choose to delete some types of data that are no longer required for our operations or to comply with regulations. Any such deletions will be logged.

All agreements with our data processing partners include Data Processing Agreements (DPA’s) where they commit to protecting your data and assisting us to fulfill our obligations under the GDPR and other privacy frameworks.

Use of Artificial Intelligence (AI) and Automated Profiling

We use Artificial Intelligence (AI) systems to support our delivery of personalized services and experiences. These systems may use automated profiling to evaluate certain aspects about you—such as preferences, behaviors, and engagement patterns—to provide tailored content, recommendations, and communications that are more relevant to your needs.

This processing may involve automated decision-making that affects how services or content are presented to you. However, no such decisions have legal or similarly significant effects as defined under applicable laws (e.g., affecting your contractual rights or access to essential services).

We ensure that:

No personal data is stored by our AI service providers—data shared with them is transient and controlled.

AI processing is conducted under a privacy-by-design framework, using secure, auditable, and purpose-limited mechanisms.

Individuals have the right to request human intervention, express their point of view, contest automated decisions, or opt out of profiling where applicable, as provided under:

GDPR Article 22 (European Union),

LGPD Article 20 (Brazil),

and similar national data protection laws.

To exercise these rights or learn more about how we use AI, please contact our Data Protection Officer at privacy@plasticbank.com.

International Data Transfer Disclosure for Brazil

We may transfer your personal data to countries outside of Brazil in the course of providing our services. This includes storage and processing by our trusted partners and service providers, such as cloud hosting, CRM, and communication platforms, some of which are located in the United States, the UK and other jurisdictions as noted above in our section entitled “Data sharing with third party service providers”.

Data transferred depends on the nature of your interaction with Plastic Bank as outlined in the section entitled “What data do we collect?”.

These transfers are carried out to fulfill contracts, ensure the security and reliability of our infrastructure, and operate our global business. When transferring data internationally, we implement appropriate safeguards to ensure your data is treated with the same level of protection required by the LGPD.

You have the right to request additional information about these transfers, including a copy of the relevant safeguards, by contacting us at: privacy@plasticbank.com

To learn more about your rights under the LGPD or to file a complaint, you may also contact the ANPD at Português (Brasil).

What are your data protection rights?

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

  • The right to be informed - Through this document we publicly disclose how and why we are collecting your data.
  • The right to access & portability - You have the right to request copies of your personal data.
  • The right to rectification - You have the right to request that Our Company correct any information you believe is either inaccurate or incomplete.
  • The right to restrict data processing and reject automated individual decisions with regards to your data.
  • You have the right to be notified in the event of a breach that might have exposed your data. Plastic Bank abides by the regulations in all of our operating regions with regards to notification and remediation.
  • You have the right to be forgotten - You can submit an erasure request following the process below.

How do I see what data you have about me?

You can send your request for your data file to privacy@plasticbank.com

If you make a request by email, we will send you a message to confirm your request and/or your identity before we handle your request.

All requests will be handled within 30 days.

How can I request my data to be corrected?

If you would like us to correct errors in the data we have collected and are not able to do so yourself through the services, please contact us through privacy@plasticbank.com

If you make a request by email, we will send you a message to confirm your request and/or your identity before we handle your request.

All requests will be handled within 30 days.

How can I request my data to be deleted?

You can send your request for deletion to privacy@plasticbank.com

If you make a request by email, we will send you a message to confirm your request and/or your identity before we handle your request.

All requests will be handled within 30 days.

Data Privacy Officer

Any questions or concerns about the above or any other issue related to privacy can be sent to our Data Privacy Officer, Rob Stocks, dpo@plasticbank.com

Cookie preferences

Analytics cookies help us understand how the movement is spreading. You can change your choice here whenever you like.

Current setting: Loading…