Ball Star
Dad Star
DB Classics
Purestar
Runnig Sole
Sky-Star
Space Star
Stardan
Super-Star
True Star
V-Star
Forty2
Hi Star
Lightstar
Super-Star SabotPrivacy Policy
Welcome to ggoose.org (“Site”, “we”, “us”, “our”).
Protecting your privacy and explaining, in plain language, how and why we collect, use, share, and store data is central to our relationship with you. This Policy applies to visitors, customers, suppliers, and any other users who interact with our Site or purchase goods or services (“you”, “your”).
1. Who we are & how to reach us
| Data Controller | GGOOOSE (“ggoose.org”) |
|---|---|
| [email protected] |
For any privacy-related question—or to exercise your rights—please email [email protected].
2. What data we collect
| Category | Examples | Legal basis* |
|---|---|---|
| “Order Data” | Name, postal & billing address, phone, email, items purchased, PayPal transaction ID, last 4 digits of card, VAT or tax ID | Contract performance |
| “Device Data” | IP address, browser type & version, OS, time-zone, referring URL, Microsoft Clarity session recordings, Google Analytics identifiers | Legitimate interest (site security & analytics); Consent—see Cookies |
| “Usage Data” | Pages viewed, clicks, time on page, scroll depth, errors, marketing campaign source | Legitimate interest; Consent |
| “Marketing Prefs” | Email opt-in/-out, cookie choices | Consent |
| “Support Records” | Emails, chat transcripts, attachments, screenshots | Legitimate interest (customer service) |
* If EU/UK GDPR applies, we rely on the bases indicated; in the US and other jurisdictions we apply the closest equivalent.
3. How we obtain data
- Directly from you when you: place an order, create an account, fill in a form, email us, or join a mailing list.
- Automatically via cookies, pixels, and log files as you browse.
- From payment providers (PayPal) to confirm a successful transaction and detect fraud.
We do not purchase third-party marketing lists.
4. Why & how we use your data
- Process and fulfil orders – create invoices, arrange shipment, send confirmations.
- Payment processing & fraud prevention – via PayPal, Stripe, or other gateways. Card numbers are never stored on our servers.
- Customer support – respond to questions, handle returns or warranty claims.
- Analytics & site optimisation – understand traffic patterns, improve UX, debug errors.
- Marketing – send product updates or special offers, only if you have opted in (or where soft-opt-in is permitted).
- Legal & compliance – keep tax records, enforce our Terms of Service, respond to lawful requests.
We never use personal data for automated decision-making that produces legal or similarly significant effects.
5. Sharing & international transfers
We share only what is necessary, under contractual safeguards (e.g. Standard Contractual Clauses for EU/UK).
| Recipient | Purpose | Location |
|---|---|---|
| PayPal Holdings Inc. | payment processing, charge-back management | USA |
| Microsoft Clarity | session analytics | USA (with EU data centre replication) |
| Google LLC (Analytics, reCAPTCHA) | analytics, bot prevention | Worldwide |
| Logistics partners (UPS, USPS, DHL, FedEx, Yun Express) | shipping labels & tracking | Country of delivery |
| Cloud host & CDN | secure hosting of the Site and image assets | USA & EU nodes |
| Legal or tax advisers, authorities | compliance with law, dispute resolution | As required by jurisdiction |
6. Data retention
- Orders – 6 years (tax/contract law).
- Analytics logs – 26 months (Google default) or sooner if you withdraw consent.
- Marketing lists – until you unsubscribe or we learn an address is invalid.
- Support tickets – 3 years after last interaction.
Back-ups are overwritten on a rolling 30-day cycle.
7. Your rights
Depending on your jurisdiction (EU GDPR, UK GDPR, CCPA/CPRA, Australia Privacy Act, etc.) you may have the right to:
| Right | What it means | How to exercise |
|---|---|---|
| Access | Obtain a copy of personal data we hold | Email [email protected] |
| Rectification | Correct inaccurate or incomplete data | Same as above |
| Deletion | Ask us to erase data (“right to be forgotten”) | Same |
| Restrict / object | Limit or stop certain processing | Same |
| Portability | Receive data in a machine-readable format | Same |
| Lodge a complaint | EU/UK: Supervisory Authority; elsewhere: local regulator | Contact details depend on country |
We will respond within 30 days (or the shorter period required by local law).
8. Security
We employ:
- HTTPS/TLS 1.3 encryption
- PCI-DSS compliant payment gateways (no card data touches our servers)
- Server-side firewalls, malware scanning, least-privilege access
- Regular patching and penetration testing.
No online service can guarantee 100 % security, but we continually review and improve our controls.
