PRIVACY POLICY
Effective date: 28 Aug 2025
GLOSSARY
"CCPA/CPRA": California privacy laws granting rights to know/delete/correct, opt-out of selling/sharing, and limit use of sensitive data.
"Cookie Preferences & GPC": User controls for cookie consent and recognition of Global Privacy Control signals where required by law.
"Cookies & Similar Technologies": Necessary, analytics, and marketing/remarketing tools used for storage/identifiers and measurement.
"Controller/Processor": Entity deciding purposes/means of processing vs. entity processing personal data on behalf of a controller.
"DPA (Data Processing Agreement)": Contract governing processing by service providers on our behalf.
"GDPR/UK GDPR": EU/UK data protection regimes providing rights such as access, erasure, objection, and portability.
"PDPA (Singapore)": Singapore Personal Data Protection Act.
"Personal Data": Information that identifies or can reasonably identify a person.
"Processing": Any operation performed on personal data (collecting, storing, using, disclosing, deleting, etc.).
"SCCs (Standard Contractual Clauses)": EU-approved clauses used to safeguard cross-border transfers of personal data.
1) DATA WE COLLECT
You provide: name, email, phone, shipping/billing, account data, support messages, sizing/options, design
files (UGC).
Automatic: cookies, IP, device/browser, language, region, logs, interaction data.
Third parties: PayPal (payment results), fulfillment/shipping partners (production & delivery status), analytics/marketing vendors.
2) PURPOSES & LEGAL BASES
Contract performance; security/fraud prevention; legal compliance; service communications; analytics & improvements; (with consent where required) marketing. Legal bases include Art. 6(1)(b), (f), (c), and (a) for consent.
3) SHARING & TRANSFERS
With fulfillment/shipping partners, PayPal, IT/analytics/support vendors under DPAs, authorities as required, and in business transfers. Cross-border transfers use appropriate safeguards (e.g., SCCs) as required by law.
4) RETENTION & SECURITY
Keep data only as needed or as required by law/disputes.
• Orders: ≥5 years (or per tax/accounting).
• Accounts: until deletion request or after 12 months of inactivity.
Use reasonable technical/organizational measures; no system is 100% secure.
5) COOKIES & ADS
We use necessary, analytics, and marketing/remarketing cookies. Where required, we present a consent banner and a Preferences center for granular choices. We honor GPC/Do Not Track to the extent required. Under CPRA, you may opt out of selling/sharing via “Do Not Sell or Share My Personal Information.”
6) YOUR RIGHTS
Depending on location: access, rectify, erase, restrict, object, port, withdraw consent (without affecting prior
lawful processing). Under CCPA/CPRA, you may know/delete/correct/opt out/limit sensitive data use. We do not “sell” personal data as commonly defined; if ad tech is deemed a sale/share, you can opt-out as above.
7) CHILDREN; THIRD-PARTY LINKS; UPDATES
Not directed to children under 13 (or local minimum). We are not responsible for third-party sites. We may update this Policy and post a new effective date.
8) Contact
Support: Support@squad4gear.com
Privacy: Support@squad4gear.com
Mail (correspondence only): 3 Coleman Street, #03-24, Peninsula Shopping Complex, Singapore (179804) (no returns)
Support hours: 9:00 AM – 5:00 PM (Vietnam Time | GMT+7)
