Privacy Policy
1. Data Controller
magnegameshop.com is the data controller for your personal information under UK GDPR.
2. Information We Collect
We process:
- Identity Data (name, shipping address)
- Contact Data (email only)
- Payment Data (processed securely via Stripe/PayPal)
- Technical Data (IP address, browser type)
3. How We Use Your Data
Your information helps us:
- Process orders and payments
- Improve our website and services
- Prevent fraud
- Send order confirmations (no marketing without consent)
4. Legal Basis for Processing
Under UK GDPR, we rely on:
- Contractual necessity (order fulfillment)
- Legal obligation (tax compliance)
- Consent (for newsletters)
5. Data Sharing
We only share with:
- Payment processors (Stripe, PayPal)
- Shipping carriers (Royal Mail, DPD)
- IT service providers (hosting, security)
6. International Transfers
For EU/UK customers:
- Data stays within GDPR-compliant jurisdictions
7. Your Rights
You may:
- Request access to your data
- Correct inaccuracies
- Delete your account data
- Object to processing
8. Cookies
We use:
- Essential cookies (checkout functionality)
- Analytics cookies (anonymous usage stats)
Manage preferences via browser settings.
9. Data Security
We implement:
- SSL encryption
- PCI-DSS compliance for payments
- Regular security audits
10. Retention Period
We keep data:
- Active customers: 3 years post-last purchase
- Orders: 6 years (UK tax requirement)
11. Policy Updates
Changes will be posted at magnegameshop.com/privacy.
To exercise your rights: magnegameshop.com/contact
Last Updated: [Insert Date]