Bin Search Lookup provides BIN and IIN lookup services via our website and API. This Privacy Policy explains how we collect, use, disclose, and protect personal data when you use our services. By using the services, you agree to this policy and to our Terms and Conditions. If you do not agree, you must not use the services.

We are based in Montreal, Quebec, Canada, and we comply with applicable privacy laws, including GDPR, CCPA, and Quebec privacy requirements.

• Account data: email address, password hash, and basic profile settings.
• Billing data: transaction identifiers, subscription plan, limited billing details processed by our payment processor. We do not store full card numbers.
• Service usage: query counts, timestamps, success or error codes, and general performance metrics that help us operate and secure the service.
• Device and technical data: browser type, operating system, and basic device attributes needed for compatibility and security.
• Communications: support messages and feedback that you provide.

• Provide, maintain, and improve the website and API.
• Authenticate users and secure accounts.
• Process subscriptions and payments via Stripe.
• Monitor reliability, performance, and abuse.
• Communicate with you about service updates and support.
• Comply with legal obligations and enforce our terms.

Where GDPR applies, we rely on the following legal bases: contract performance, legitimate interests such as security and service improvement, compliance with legal obligations, and your consent where required, for example certain cookie categories.

We use essential cookies to operate the site and maintain sessions. With your consent, we may use preference cookies to remember settings such as theme or language. You can control cookies through your browser settings. If you disable essential cookies, some features may not function.

We use privacy-focused analytics to understand feature usage and reliability. Our analytics use aggregated or anonymized data. We do not log users’ IP addresses for analytics, and we do not build profiles for advertising.

• Service providers: payment processing by Stripe, secure infrastructure, email delivery, and analytics providers that act on our instructions.
• Legal and safety: to comply with law, enforce our terms, or protect rights, property, or safety.
• Business transfers: in connection with a merger, acquisition, or asset sale, subject to this policy’s protections.

We do not sell personal information. We do not use personal data for targeted advertising.

We retain personal data only as long as necessary for the purposes described in this policy, including service operation, security, legal compliance, and dispute resolution. Retention periods vary by data type and applicable law.

No method of transmission or storage is completely secure. You are responsible for safeguarding your account credentials.

• Access and portability: request a copy of your personal data.
• Rectification: request correction of inaccurate data.
• Deletion: request deletion where permitted by law.
• Restriction and objection: request limits on processing or object to certain processing.
• Consent withdrawal: where we rely on consent, you may withdraw it at any time.
• Regional rights: California residents may exercise rights under CCPA. EEA, UK, and Swiss users may exercise rights under GDPR. Quebec residents may exercise rights under applicable provincial law.

To exercise rights, contact us using the information in the Contact section. We may ask you to verify your identity before responding.

We may process data outside your jurisdiction. Where required, we use appropriate safeguards such as standard contractual clauses or equivalent mechanisms to protect personal data during transfers.

Our services are not directed to children under the age required by applicable law. We do not knowingly collect personal data from children. If you believe a child has provided personal data, contact us and we will take appropriate steps to remove it.

The service may contain links to third party sites. We are not responsible for their privacy practices. Review the privacy policies of those sites before providing personal data.

Bin Search Lookup is the data controller for personal data processed in connection with the services, unless stated otherwise in a specific context.

We may update this Privacy Policy from time to time. If changes are material, we will provide reasonable notice before they take effect. Continued use of the services after the effective date means you accept the updated policy.

If you have questions about this Privacy Policy or our data practices, contact us: