en
The System That Changes the Game

Privacy Policy 

1. Data Controller

The data controller is:

[NAME / COMPANY NAME]
Registered address: [Address]
Contact: [Email]

2. Scope and Purpose of Processing

The controller processes the buyer's personal data to the following extent:

  • first and last name

  • email address

  • billing information

The purposes of processing are:

  • fulfilling the order

  • communication

  • issuing accounting documents


3. Legal Basis 

Personal data is processed on the basis of:

  • performance of the contract (order)

  • compliance with legal obligations (accounting)

  • legitimate interest (communication)

4. Data Retention

Personal data is retained:

  • for the period necessary to fulfill the contract

  • as required by legal obligations (accounting retention periods)

5. Transfer to Third Parties

Personal data may be shared with:

  • payment gateway providers

  • email service providers

  • accounting service providers

Only to the extent necessary.

6. Rights of Data Subjects

The buyer has the right to:

  • access their data

  • request correction

  • request deletion

  • request restriction of processing

  • request data portability

Requests may be submitted via email.

7. Security

The controller has implemented appropriate technical and organisational measures to secure personal data.

8. Contact

For questions regarding personal data protection:
Contact: [Email]


Use of Third-Party Services and Processing of Personal Data

The Controller uses trusted external processors to provide its services.
These processors may process the buyer's personal data solely to the extent necessary to fulfil technical and contractual functions.

The following services may process personal data:

1. SimpleShop – Order and Billing System

Processes data necessary for:

  • creating an order

  • issuing an invoice

  • confirming payment

  • delivering the digital product

Processed data: name, email, billing details, IP address.
Contracted data processor under GDPR.

2. Stripe – Payment Gateway

Processes data required for card payment processing.

Processed data: email, transaction ID, IP address, technical payment information.
Data may be transferred to third countries (USA) in accordance with Standard Contractual Clauses (SCC).

3. PayPal – Payment Provider

Processes data necessary for processing payments via PayPal.

Processed data: email, transaction details, IP address, payment information.
Data transfer to third countries (USA) may occur.

4. Webnode – Website Hosting

Processes technical data required for the operation of the website:

  • IP address

  • log files

  • technical connection information

5. Google Analytics / Google Tag Manager

Used for website traffic analysis.

Processed data: anonymized IP address, device information, on-site behaviour.
Data may be transferred to the USA based on SCC.

6. Meta (Facebook/Instagram) – Marketing and Analytics Tools

Used primarily for:

  • conversion tracking

  • ad optimisation

  • remarketing

Processed data: IP address, cookies, interactions on the website.
Data transfer to the USA is possible.

7. Google Workspace / Gmail – Communication

Used for email communication with customers.

Processed data: email address, message content, name (if provided).
Data transfer to third countries may occur and is protected under SCC.

Legal Basis for Processing

Processing of data by third-party providers is carried out on the basis of:

  • contract performance (order processing, payment),

  • legitimate interest of the controller (analytics, marketing),

  • visitor consent (cookies, remarketing)