Privacy and Security

GRGR Global Privacy Policy

Last Updated: [Insert Date]

GLIMRA&GEMORA ("we", "us", or "our") operates the international e-commerce platform [yourwebsite.com]. We are committed to protecting your privacy while delivering seamless global shopping experiences. This policy explains how we collect, use, disclose, and safeguard your personal information across all jurisdictions we serve.

1. Information We Collect

A. Directly Provided Data

  • Account Information: Name, email, shipping/billing addresses, phone number, password

  • Order Details: Payment methods (processed via secure gateways like Stripe/PayPal), transaction history, product preferences

  • Communications: Customer service inquiries, product reviews, survey responses

B. Automatically Collected Data

  • Technical Data: IP address, device ID, browser type, operating system

  • Usage Data: Pages visited, clickstream patterns, cart activity (via cookies/pixels)

  • Location Data: Country-level geolocation for tax/trade compliance

C. Third-Party Sources

  • Social media profiles (when using social login)

  • Fraud detection services (e.g., Signifyd)

  • Marketing partners (with your consent)

2. Legal Bases for Processing (GDPR Compliance)

We process data based on:
 Contractual Necessity: Order fulfillment, account maintenance
 Legal Obligations: Tax reporting, customs documentation
 Consent: Marketing communications, non-essential cookies
 Legitimate Interests: Fraud prevention, website optimization

3. How We Use Your Information

Purpose Examples
Order Processing Shipping, customs clearance, payment processing
Customer Support Returns, complaints, product inquiries
Personalization Recommended products, localized pricing
Security Fraud monitoring, account authentication
Legal Compliance VAT/GST calculations, export controls
Marketing*

Email campaigns, retargeting ads (*opt-out available)

4. International Data Transfers

As a global business:

  • Data may be transferred to/processed in countries outside your residence (e.g., US servers for all transactions)

  • We implement safeguards like:
    ▶ EU Standard Contractual Clauses
    ▶ Encryption during transit
    ▶ Vendor GDPR-compliance audits

5. Data Sharing & Disclosure

We only share data with:

  • Logistics Partners: DHL, FedEx (for delivery)

  • Payment Processors: Stripe, PayPal (PCI-DSS compliant)

  • Analytics Providers: Google Analytics (anonymized where possible)

  • Legal Authorities: When required by customs/tax laws

6. Your Rights by Region

Region Key Rights
EU/UK (GDPR) Access, rectification, erasure, portability, objection
California (CCPA/CPRA) Know/delete data, opt-out of sales, limit sensitive data use
Other Countries Contact us for local law compliance

To exercise rights: Email [privacy@yourdomain.com] with "Privacy Request" and proof of identity.

7. Cookies & Tracking Technologies

We use:

  • Essential Cookies: Session management, shopping cart

  • Performance Cookies: Load balancing, error tracking

  • Marketing Cookies: Facebook/Google ads (manage via [Cookie Settings] link)

8. Data Retention

We retain information:

  • Active accounts: Until deletion request

  • Order records: 7 years for tax compliance

  • Marketing data: Until consent withdrawal

9. Children's Policy

We do not knowingly collect data from minors under 16 (or 13 in non-GDPR countries).

10. Policy Updates

Material changes will:

  1. Be notified via email (for account holders)

  2. Display a banner on-site for 30 days

11. Contact Information

Data Controller: [Your Legal Entity Name]
Address: [Physical address required for EU compliance]
DPO Contact: [dpo@yourdomain.com]