Privacy Policy
Last updated: April 2026
This policy explains what information iscatek (iscatek.com, "we", "us") collects when you use this website or purchase from our store, and how we use it.
1. Who is responsible for your data?
The data controller is the owner of iscatek.com. For any privacy-related queries, contact us at hello@iscatek.com.
2. What data we collect and why
When you place an order, the following information is collected to fulfil it:
- Name and shipping address — required to ship your order.
- Email address — used to send your order confirmation (via Stripe).
- Payment information — card details are collected and stored exclusively by Stripe. We never see or store your card number, CVV, or expiry date.
We do not operate an account system. We do not collect data for marketing purposes and will never sell your data to third parties.
3. Legal basis (GDPR)
Processing your personal data to fulfil an order is necessary for the performance of a contract (Article 6(1)(b) GDPR). Retaining order records is necessary to comply with legal obligations such as tax and accounting requirements (Article 6(1)(c) GDPR).
4. How long we keep your data
Order records (name, address, item purchased, amount) are retained for up to 7 years to comply with financial and tax regulations. After that they are securely deleted.
5. Third-party services
- Stripe — payment processing (including card and PayPal payments). Stripe acts as a data processor on our behalf and as an independent data controller for fraud prevention. See Stripe's Privacy Policy.
- Google Analytics (GA4) — used with your consent to understand how visitors use this site. GA4 collects pages visited, session duration, approximate location, and device/browser information. No personally identifiable information is collected. Data is processed by Google LLC (USA) under the EU-US Data Privacy Framework. GA is only activated after you accept analytics cookies. See Google's Privacy Policy.
- Google Fonts — this site loads fonts from Google's servers, which may log your IP address. See Google's Privacy Policy.
6. Cookies and local storage
This site uses browser localStorage (not cookies) solely to store your shopping cart between pages. This data never leaves your device and is cleared automatically after a successful purchase.
Analytics cookies (_ga, _ga_*) are set by Google Analytics
only if you consent via the cookie banner. These cookies persist for up to
2 years and are used solely for aggregate site analytics. You can withdraw consent or change
your preferences at any time via the Cookie settings link in the footer.
Google Fonts may set cookies when loading typefaces. These are outside our control and can be blocked via your browser settings.
7. Your rights under GDPR
If you are located in the European Economic Area (EEA) or United Kingdom, you have the following rights regarding any personal data we hold about you:
- Right of access — request a copy of the data we hold about you.
- Right to rectification — ask us to correct inaccurate data.
- Right to erasure — ask us to delete your data, subject to legal retention obligations.
- Right to portability — receive your data in a machine-readable format.
- Right to restrict processing — ask us to pause processing in certain circumstances.
- Right to object — object to processing based on legitimate interests.
- Right to lodge a complaint — contact your national data protection authority.
To exercise any of these rights, email us at hello@iscatek.com. We will respond within 30 days.
8. Data transfers outside the EEA
Stripe is a US-based company and processes data outside the EEA under Standard Contractual Clauses approved by the European Commission. We do not otherwise transfer your data outside the EEA.
9. Changes to this policy
We may update this policy from time to time. The "last updated" date at the top of this page will reflect any changes. Continued use of the site after changes constitutes acceptance.
10. Contact
For any questions about this policy or your personal data:
hello@iscatek.com