Privacy Policy

1. Introduction and Scope

Megenagna Bota LLC ("we," "us," or "our") operates habeshanetwork.com, a comprehensive classified advertisements platform that facilitates the buying, selling, and exchange of goods and services among users. This Privacy and Security Policy establishes our firm commitment to protecting the privacy and security of all individuals who interact with our platform, whether as casual browsers, registered users, or business entities. The policy governs our collection, use, storage, protection, and sharing of personal information obtained through our website, mobile applications (where applicable), application programming interfaces (APIs), and all associated services. We recognize that classified platforms inherently involve the exchange of sensitive personal and transactional data, and we have implemented robust safeguards to ensure this information remains secure while enabling the seamless operation of our marketplace services. This document provides exhaustive details about our data practices, security measures, and your rights as a user, while also outlining our compliance with various data protection regulations including the California Consumer Privacy Act (CCPA) for California residents, and other applicable privacy laws based on user jurisdiction.

2. Comprehensive Data Collection Practices

1. 2.1 SMS Privacy Policy

   Data Collection:

   We will collect your name, email address, mailing address, and mobile phone number when you sign up for SMS updates. The information will be collected on our website's contact form.

   Data Usage:

   We use your data solely for sending may include Marketing, Customer Care and Account Notifications.

   Data Security:

   We protect your data with secure storage measures to prevent unauthorized access.

   Data Retention:

   We retain your information as long as you are subscribed to our SMS service. You may request deletion at any time.

   MESSAGE AND DATA RATES MAY APPLY.

   Your mobile carrier may charge fees for sending or receiving text messages, especially if you do not have an unlimited texting or data plan. Messages are recurring, and message frequency varies Contact Habesha Network(Megenagna bota) at +1(855) 553-7873 or support@habeshanetwork.com for HELP or to STOP receiving messages.

   Opt-Out:

   You can opt out of the SMS list at anytime by texting, emailing, or replying STOP or UNSUBSCRIBE to support@habeshanetwork.com or +1(855) 553-7873. After unsubscribing, you will receive a final SMS to confirm you have unsubscribed and we will remove your number from our list within 24 hours. You can send HELP for additional assistance, and you will receive a text including our Phone number, email and website. We are here to help you.

   Non-Sharing Clause:

   We do not share your data with third parties for marketing purposes. Habesha Network(Megenagna bota) will not sell, rent, or share the collected mobile numbers

2. 2.2 Priority response to underage access reports

   We collect and process a wide array of information to provide, maintain, and improve our classified advertising services, ensure platform security, and comply with legal obligations. This includes personal data voluntarily provided by users during account registration such as full names, email addresses, telephone numbers, and physical locations, which are essential for creating and managing user profiles and facilitating communication between buyers and sellers. For certain transactions, we may collect additional verification information including government-issued identification documents, tax identification numbers, or proof of address to comply with anti-fraud regulations and payment processing requirements. Our platform automatically gathers technical information including IP addresses, device identifiers, browser types, operating system details, and network information to maintain security, prevent abuse, and optimize user experience. We employ cookies, web beacons, and similar tracking technologies to collect data about user interactions with our platform, including pages visited, advertisements viewed, search queries performed, and time spent on particular listings, which helps us personalize content and improve our services. For transactions processed through our platform, we collect payment information such as credit card details or digital wallet credentials. Sensitive payment data is typically handled by certified third-party payment processors and is not stored directly on our servers. User-generated content forms a significant portion of our data collection, including classified advertisements (such as photos, descriptions, and pricing information), private messages between users, public reviews and ratings, and any other content voluntarily submitted to our platform. We may also obtain supplemental information from third-party sources, including credit bureaus for identity verification, marketing partners for advertising optimization, and security services for fraud prevention purposes. All such data collection is conducted in compliance with applicable privacy and data protection laws.

3. Legal Bases and Purposes for Data Processing

All data processing activities conducted on habeshanetwork.com are grounded in one or more lawful bases as required by relevant data protection regulations. The primary legal basis for processing is contractual necessity, as we must process certain personal data to create and maintain user accounts, facilitate transactions, provide customer support, and deliver other essential services that users explicitly request when engaging with our platform. We rely on legitimate business interests for processing activities such as fraud detection and prevention, network and information security, service improvement through analytics, direct marketing communications about similar goods and services (where permitted by law), and the general operation and administration of our classified advertising business. Where required by specific jurisdictions or for certain types of processing, we obtain explicit user consent through clear, affirmative actions such as opt-in checkboxes for marketing communications or the use of non-essential cookies, with users maintaining the right to withdraw such consent at any time without affecting the lawfulness of prior processing. Legal obligation serves as another crucial basis for processing when we are required to retain transaction records for tax purposes, respond to lawful requests from government authorities, or comply with anti-money laundering regulations. In rare circumstances, we may process data to protect vital interests when necessary to prevent physical harm to individuals. Each processing activity is carefully evaluated to ensure it meets proportionality requirements, with data being collected only to the extent necessary for the specified purposes, which include: enabling users to create, browse, and respond to classified advertisements; facilitating secure communications between buyers and sellers; processing payments and verifying transactions; maintaining platform security and preventing fraudulent activities; personalizing user experience and improving our services; complying with legal and regulatory requirements; conducting market research and service development; and sending service-related communications and (where consented) marketing materials about relevant products and services.

4. Data Sharing and Third-Party Disclosures

While we strive to limit data sharing to only what is absolutely necessary, there are specific circumstances where user information may be disclosed to third parties under strict controls. Essential service providers who assist in platform operations receive limited data access through binding contractual agreements, including payment processors (such as Stripe or PayPal) for transaction facilitation, cloud hosting providers (like AWS or Google Cloud) for data storage and infrastructure, customer support platforms for handling user inquiries, and IT maintenance providers for system upkeep. Advertising and analytics partners may receive pseudonymized data to help us measure platform performance and deliver relevant advertisements, though users can typically opt out of such sharing where legally required. In cases of suspected fraudulent activity or illegal content, we may share information with specialized fraud prevention services, law enforcement agencies, or other appropriate authorities when legally obligated or when necessary to protect our rights, users, or the public. Should Megenagna Bota LLC undergo a business transition such as a merger, acquisition, or asset sale, user data may be transferred as part of the business assets, with notice provided to users as required by law. Other users of the platform naturally see certain information when you post classified advertisements, including your listed contact details and any user-generated content in your posts, though we provide privacy controls to limit visibility where possible. Importantly, we never sell personal data to third parties for their independent marketing purposes, and all third-party data sharing is conducted under strict contractual terms that mandate equivalent data protection standards and prohibit unauthorized secondary uses. We maintain a comprehensive record of all third-party data recipients and regularly audit their compliance with our privacy requirements.

5. International Data Transfers and Storage

As a global platform, habeshanetwork.com may transfer, store, and process user data in various locations worldwide to ensure optimal service performance and reliability. When transferring personal data across international borders, we implement robust safeguards and contractual measures to protect your information in accordance with applicable data protection laws. Our primary data centers are strategically located to minimize latency while maintaining robust security standards, with all storage facilities employing enterprise-grade physical security measures including 24/7 monitoring, biometric access controls, and environmental protections. We conduct thorough due diligence on all overseas service providers to verify their security postures and compliance with relevant data protection frameworks, and we maintain detailed records of all international data flows to facilitate regulatory compliance and user transparency. Users should be aware that data protection laws vary by jurisdiction, and while we implement uniform security standards globally, the legal protections available in some countries may differ from those in their home jurisdiction. Regardless of storage location, we apply the same rigorous data protection standards outlined in this policy to all user information.

6. Data Retention and Deletion Protocols

We maintain a structured data retention framework designed to balance operational needs with privacy principles, keeping personal data only as long as necessary for legitimate business purposes or as required by law. Active user accounts and associated data (including advertisement history, messages, and transaction records) are retained while the account remains in use, with inactivity triggers (typically 24 months of no login activity) initiating an automated deactivation process followed by deletion after a further grace period unless the user reactivates their account. Financial and transactional records are retained for minimum periods mandated by tax and commercial laws (generally 5-7 years from the transaction date) to comply with audit requirements and statutory obligations. User-generated content such as classified advertisements may persist on the platform for the duration of their posting period plus an additional archival period to handle potential disputes, after which they are permanently deleted from our production systems. Backups containing personal data are maintained for disaster recovery purposes for a limited duration (usually 3-6 months) before being securely overwritten or destroyed. When data is no longer needed, we employ secure deletion methods including cryptographic erasure for digital data and physical destruction for any hardware containing user information. Users may request early deletion of their personal data through our account management tools or by contacting our support team, though we may retain certain information where necessary to comply with legal obligations, resolve disputes, or maintain platform security. Our deletion processes extend across all system components including production databases, search indices, backup tapes, and any third-party systems where user data may have been replicated, with verification procedures in place to confirm complete erasure.

7. Security Measures and Protection Protocols

We implement a multi-layered security framework encompassing technical, organizational, and physical safeguards to protect user data against unauthorized access, alteration, disclosure, or destruction. Our technical security measures include industry-standard encryption protocols (AES-256 for data at rest and TLS 1.2+ for data in transit), comprehensive network security systems (firewalls, intrusion detection/prevention systems, DDoS mitigation), and rigorous access controls (multi-factor authentication, roles-based permissions, privileged access management). All systems undergo regular vulnerability scanning and penetration testing by internal security teams and independent third-party auditors to identify and remediate potential weaknesses. We maintain strict change management procedures for system updates and employ code review processes to ensure security best practices are followed in all software development. Physical security measures at our data centers include 24/7 monitoring, biometric access controls, environmental hazard protections, and strict visitor protocols. Organizationally, we conduct mandatory security awareness training for all employees, enforce least-privilege access principles, and maintain detailed audit logs of all system access and data handling activities. Our incident response plan enables rapid detection, containment, and remediation of any security events, with defined notification procedures for affected users and regulators where required by law. Payment information receives additional protection through PCI DSS-compliant processing systems and tokenization techniques that minimize the storage of sensitive financial data on our infrastructure. For classified platforms specifically, we implement specialized anti-fraud measures including automated pattern detection for scam listings, manual review of high-risk transactions, and user verification systems to enhance marketplace trust. While no security system can be 100% impenetrable, we continuously invest in and update our security posture to address evolving threats and maintain industry-leading protection for user data.

8. User Rights and Control Mechanisms

We are committed to facilitating your control over your personal data through accessible mechanisms and transparent procedures, in accordance with applicable data protection laws. All users can access their personal data directly through their account dashboard, which provides a comprehensive view of stored information, including profile details, advertisement history, and message logs. Where required by local law, users may request a portable copy of their data in a structured, commonly used format for transfer to another service.

Accuracy rectification tools are available, allowing users to update or correct personal information directly via their account settings or by submitting a formal request to our support team. Users may also request the deletion of their personal data, subject to certain legal exceptions that may necessitate retention for compliance, fraud prevention, or ongoing dispute resolution. Processing restrictions can be requested in specific circumstances, such as when data accuracy is contested, the processing is unlawful, or the data is no longer needed for its original purpose but must be preserved for legal claims. Furthermore, objection rights enable users to challenge certain processing activities based on their particular situation, including direct marketing and automated decision-making.To exercise any of these rights, users may submit a request by contacting our Data Protection Officer through the provided channels. We implement a verification process for all requests to confirm they originate from the legitimate account holder, typically requiring authentication through the registered email address or additional identity verification for sensitive access. We aim to respond to all verifiable requests within a timely manner, typically within 30 days as required by many jurisdictions, with extensions permitted only for complex or voluminous requests where justified.We do not charge fees for the exercise of legitimate privacy rights unless a request is manifestly unfounded, excessive, or repetitive. Should a request be denied, we will provide a clear explanation for the denial and information on any available appeal processes. All user rights requests are systematically logged and tracked through our dedicated privacy management system to ensure full accountability, compliance, and timely resolution.

9. Cookies and Tracking Technologies

Our platform utilizes various tracking technologies to enable core functionalities, enhance user experience, and support our business operations, with transparency and control options provided to users. Essential cookies and similar technologies are strictly necessary for basic platform operations, including session management (maintaining user logins during browsing), shopping cart functionality, and security features like cross-site request forgery (CSRF) protection. Performance and analytics cookies collect aggregated data about platform usage patterns, feature adoption, and performance metrics, helping us optimize site architecture and identify technical issues. Marketing and advertising technologies enable personalized ad delivery based on user interests, conversion tracking for advertisers, and cross-platform measurement of campaign effectiveness. First-party cookies are set directly by our domain, while third-party cookies originate from our carefully vetted service providers such as analytics platforms and advertising networks. Most modern browsers provide settings to manage cookie preferences, including options to block certain categories or delete existing cookies, though disabling essential cookies may impair platform functionality. We honor global privacy control signals and browser-based opt-out mechanisms where technically feasible, and provide a comprehensive cookie consent management tool that allows granular control over non-essential tracking technologies. Our cookie policy is periodically reviewed to ensure alignment with evolving regulatory guidance and technological developments in digital tracking. For users subject to GDPR, we obtain explicit consent before activating any non-essential cookies through a prominent consent banner that clearly explains cookie purposes and provides easy acceptance or rejection options. Log files and similar passive tracking mechanisms record technical information such as IP addresses, browser characteristics, and timestamps for security monitoring and diagnostic purposes, with retention periods limited to operational necessities. We prohibit third-party partners from using our platform data for independent profiling or tracking beyond the specific purposes we authorize, and we regularly audit our tracking implementations to ensure compliance with our privacy commitments.

10. Children's Privacy Protections

Habeshanetwork.com is strictly intended for users aged 18 years or older. We do not knowingly collect, process, or store any personal information from individuals under 18 years of age. Our platform is designed for adult users engaging in commercial transactions, and we maintain robust measures to prevent underage access:

• Age Verification Through Terms Acceptance
• All users must explicitly accept our Terms of Service during registration, which includes a clear declaration that they are at least 18 years old. This contractual agreement serves as our primary method of age verification.
• Account Monitoring & Enforcement
• We employ automated systems and manual reviews to:
1. Detect potential underage accounts through behavioral patterns
2. Flag suspicious activity that may indicate minor usage
3. Immediately terminate any accounts found to belong to underage users
• Parental Controls & ReportingWhile we do not offer parental control features (as the platform is not intended for minors), we provide:
1. Clear reporting mechanisms for suspected underage usage
2. Priority response to underage access reports
3. Full cooperation with parents/guardians investigating potential violations
• Content Restrictions We prohibit all content that:
1. Specifically targets minors
2. Promotes products/services intended for underage users
3. Could facilitate inappropriate contact with minors
• Data Handling for Underage UsersIf we discover personal information from a minor has been collected:
1. We immediately delete all associated data
2. Terminate the account permanently
3. Implement measures to prevent re-registration
4. Limitations & Responsibilities
• While we make reasonable efforts to prevent underage access, we acknowledge:
1. The shared responsibility of parents/guardians to monitor minors' internet use
2. That our platform is not designed with child safety features

Parents/guardians with concerns about potential underage access may contact us at +1 (214) 733 0653 for immediate assistance. We cooperate fully with law enforcement and child protection agencies investigating cases involving minors on our platform. This policy reflects our commitment to maintaining an adult-oriented commercial environment while complying with all applicable child protection laws and regulations. We regularly review and update these protections as technology and legal requirements evolve.

11. Policy Updates and Notification Procedures

This Privacy and Security Policy is a living document that evolves alongside changes in our services, technology, and regulatory requirements. We reserve the right to modify this policy at any time, with material changes being communicated to users through prominent platform notices, email alerts (for registered users), or other appropriate channels based on the significance of the updates. The "Last Updated" date at the beginning of the policy indicates when the most recent revisions were made, with archived versions maintained for reference and transparency. Minor non-substantive changes (such as grammatical corrections or formatting improvements) may be implemented without separate notification, while modifications affecting user rights or data handling practices will typically be announced at least 30 days in advance when practicable. Continued use of habeshanetwork.com following policy updates constitutes acceptance of the revised terms, though for material changes affecting data processing activities requiring consent under GDPR, we may seek renewed opt-in approval where appropriate. Users who object to significant policy changes may terminate their accounts by following the deletion procedures outlined in Section 8. We maintain version control systems that track all policy modifications, including the nature of changes and their effective dates, which are available upon request. Regulatory filings for material policy updates are made where required by local laws, particularly for changes affecting our status as a data controller or processor under various jurisdictions. Our legal and compliance teams conduct periodic policy reviews (at least annually) to ensure ongoing alignment with evolving privacy regulations and industry standards, with input from cross-functional stakeholders including security, product, and customer support teams. Users are encouraged to periodically review this policy to stay informed about how we protect their information.

12. Contact Information and Dispute Resolution

For any privacy-related inquiries, requests, or concerns, users may contact us via email at support@habeshanetwork.com or by postal mail at Habesha Network P.O. Box 32 Lavon, TX 75166. We strive to acknowledge all privacy inquiries within 72 hours and resolve substantive matters within 30 days, which aligns with the requirements of many privacy regulations; however, complex or voluminous requests may require additional time, for which we will provide the requester with proper notification. Our customer support team receives specialized privacy training to properly handle, classify, and escalate data protection matters, and all privacy inquiries are systematically logged in our dedicated case management system for tracking, auditing, and quality assurance purposes. Users who are dissatisfied with our privacy practices or our response to their requests may lodge complaints with the relevant data protection or consumer protection authority within their jurisdiction. We participate in independent dispute resolution programs where available and commit to negotiating in good faith to address legitimate privacy concerns raised by users or regulators. In the event of a privacy-related dispute, our preference is to resolve matters amicably through direct communication and, where appropriate, mediation before resorting to formal legal proceedings. For urgent matters involving an imminent risk of harm or potential data security incidents, we maintain a 24/7 security operations center that can be reached through the dedicated emergency contact details provided in our separate security disclosures.

What to expect when you contact us:

• We'll respond within 3 business days to acknowledge your message
• Most requests are handled within 30 days (we'll tell you if it'll take longer)