Privacy Policy
1. Introduction
1.1. This Privacy Policy explains how we collect, use, and protect your personal data when you use our website.
1.2. We comply with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (GDPR), and other applicable data protection laws worldwide.
1.3 We only sell products within the UK and do not process international transactions. If you are accessing this website from outside the UK, please note that purchases are not available to international customers.
2. Data Collection & Use
2.1. If you create an account on our website using Squarespace, your personal data may be processed by Squarespace in accordance with their Privacy Policy.
2.2. We only collect data necessary for providing our services, including:
Order Information: When you purchase from us, we collect your name, email address, shipping address, and payment details.
Communication Data: If you contact us via email, we store your communications for up to 7 years for legal and accounting purposes.
When Strictly Necessary: To provide a service or allow our website to function.
2.3. We do not collect personal data for marketing purposes (e.g., newsletters).
3. Hosting & Cookies
3.1. Our website is hosted on Squarespace, and their Privacy Policy can be found here: Squarespace Privacy Policy.
3.2. Non-essential cookies are disabled. We only use essential cookies.
3.3. We do not use third-party analytics, tracking tools, or additional data-collecting services.
3.4. We use Google reCAPTCHA to protect our site from spam and bot activity. This service analyzes user interactions to determine whether a visitor is human. reCAPTCHA may collect data such as IP addresses, user behavior, and device information. This data is processed by Google and subject to their Privacy Policy. By using our website, you agree to Google’s processing of data as described in their policies.
4. Social Media
4.1. If you communicate with us via social media (e.g., Facebook or Instagram), your messages are subject to the privacy policies of those platforms. We do not control how they collect, store, or process your data. For details, please refer to their respective privacy policies.
4.2. Our social media profiles are subject to their respective privacy policies:
5. Third-Party Links
5.1. Our website may contain links to third-party websites. We are not responsible for their privacy policies or practices.
5.2. We do not sell, rent, or trade personal data to third parties. We do not participate in any data-selling activities covered by regulations such as the California Consumer Privacy Act (CCPA).
6. Data Storage & Security
6.1. We store customer communications via email for up to 7 years to comply with legal and tax obligations.
6.2. All email accounts are secured with two-factor authentication (2FA).
6.3. We do not store customer data on paper records or external hard drives.
6.4. We use Sentry for infrastructure monitoring. Personal Data collected includes various types of Data as specified in the Sentry Privacy Policy.
7. Legal Basis for Processing
7.1. We process personal data based on:
Contractual necessity: To fulfill a purchase or service requested by the user.
Legal obligation: Compliance with tax, accounting, and regulatory requirements.
Legitimate interest: Improving our services, preventing fraud, and ensuring security.
Consent: Where required, such as for direct marketing (which we do not currently engage in).
8. Security Measures
8.1. We implement security measures to prevent unauthorized access, disclosure, modification, or destruction of personal data.
8.2. Our data processing systems are secured using encryption, firewalls, two-factor authentication (2FA), and other industry-standard protections.
9. How and Where Data is Processed
9.1. We handle personal data using secure computing systems designed to prevent unauthorized access, alteration, or disclosure.
9.2. Personal data is processed at our business location and by our trusted service providers, such as hosting and payment platforms.
10. Users' Rights Under GDPR
10.1. Users have the right to:
Access, rectify, or delete their personal data.
Restrict processing or object to data processing.
Request data portability where applicable.
Lodge a complaint with the UK Information Commissioner's Office (ICO) or their local data protection authority.
11. Right to Object to Processing
11.1. Users can object to data processing when based on legitimate interest or for marketing purposes.
11.2. Users may withdraw consent at any time when data processing is based on consent.
12. How to Exercise Data Rights
12.1. To exercise any rights, users may contact us at [insert email].
12.2. Requests will be processed within one month, in accordance with GDPR regulations.
13. Data Transfers Abroad
13.1. We do not transfer data outside the UK or EEA unless:
The destination country has an adequacy decision from the UK government.
Standard contractual clauses (SCCs) or other safeguards apply.
14. Categories of Personal Data Processed
14.1. We process the following categories of personal data:
Identity data (e.g., name, email, billing details).
Transaction data (e.g., purchase history, payment details).
Technical data (e.g., IP address, browser information).
Communication data (e.g., emails, inquiries, customer support interactions).
15. System Logs and Maintenance
15.1. For operational and maintenance purposes, this website and any third-party services may collect system logs or use other personal data (such as IP addresses) for diagnostic purposes.
16. Compliance with Legal Requests
16.1. Users acknowledge that we may be required to disclose personal data to public authorities upon legal request.
17. Data Breach Policy
17.1. In the event of a data breach, we will assess the risk and notify affected users and the ICO within 72 hours, where legally required.
18. Changes to this Privacy Policy
18.1. We reserve the right to modify this Privacy Policy at any time.
18.2. Users will be notified of significant changes via a notice on our website.
19. Contact Us
19.1. If you have any questions about this Privacy Policy, your rights, or how we handle your personal data, you can contact us using the following details:
Reaction Games
www.reaction-games.co.uk
Business address;
18 Swan Road
Hailsham
East Sussex
BN27 2DG
Last updated: 04/02/2025