Privacy Policy

Who We Are

Our website address is: https://www.alloaathletic.co.uk
In this Privacy Policy, “we”, “us” or “our” refers to the owner and operator of this website.

Our Commitment

This Privacy Policy outlines how we collect, store, use, and share your personal information, both online and offline, in accordance with the UK Data Protection Act 2018, EU General Data Protection Regulation (GDPR), and other applicable data protection laws. It also includes information about how our third-party service providers process your data.

What Personal Data We Collect

We may collect the following types of personal information:

  • Name and contact details (email, address, phone)
  • Login credentials (username, password – encrypted)
  • Payment information (via Stripe or PayPal)
  • Browser and device data (IP address, device type, OS, etc.)
  • Location data (via IP geolocation)
  • Chat messages (via live chat)
  • Usage behavior on our site (analytics, cookies)

We collect this data directly from you, via third-party services, or automatically via cookies and scripts.

How We Use Your Information

We may use your personal data to:

  • Provide and manage access to our services
  • Personalize content based on location (via GeoTargetly)
  • Offer live chat support (via tawk.to)
  • Improve our website, marketing, and analytics (via Google Analytics)
  • Process payments (via Stripe or PayPal)
  • Detect fraud, enforce terms, and comply with legal obligations

How We Protect Your Data
We implement appropriate technical and organizational measures to safeguard your personal data, including:

  • Secure HTTPS encryption of all data transmitted between your browser and our servers
  • Role-based access controls and limited internal access to personal data
  • Regular system updates, vulnerability scanning, and routine data backups

Access to your data is strictly limited to authorized personnel and verified third-party processors, and only where necessary for operational purposes.

Third-Party Services

We use trusted third parties to process data on our behalf:

GeoTargetly

We use GeoTargetly to personalize your experience based on location. GeoTargetly may collect and process your IP address, browser session, and geolocation data.
Privacy Policy: https://geotargetly.com/privacy-policy

Tawk.to

We use tawk.to for live chat functionality. tawk.to may collect data such as IP address, chat messages, browser type, and session details. Data may be processed in the United States under the EU-U.S. Data Privacy Framework (DPF) and its UK and Swiss extensions.
Privacy Policy: https://www.tawk.to/privacy-policy/

Other Services

  • Plausible Analytics (analytics and tracking)
  • Stripe & PayPal (payment processors)

These providers may store and process data in jurisdictions outside the EEA, including the United States, with appropriate safeguards such as Standard Contractual Clauses (SCCs) or DPF certification.

Cookies and TrackingCookies and Tracking

Analytics

We use Plausible Analytics to understand how visitors use our website. Plausible is a privacy-focused, open-source analytics tool that does not use cookies and does not collect or store any personal data.

Plausible does not collect:

  • Cookies or persistent identifiers
  • Personal information such as your name or email
  • Precise location or IP addresses (Plausible only processes IP addresses briefly to assign a broad, non-identifiable location, then discards them)

The data we receive from Plausible is strictly aggregated and non-personal. We use it to:

  • Understand general traffic patterns
  • Improve content and usability
  • Measure overall website performance

Analytics data is stored in aggregated form for 24 months by default.

Because Plausible does not use cookies or personal identifiers, no action is required to opt out, and your privacy is respected by default.

International Data Transfers

Your data may be transferred and stored outside your country, including in the United States. We rely on:

  • The EU-U.S. and Swiss-U.S. Data Privacy Framework
  • The UK Extension to the EU-U.S. DPF
  • Standard Contractual Clauses (SCCs)
  • Your explicit consent (when applicable)

Data Retention

We retain personal data only for as long as necessary:

  • Chat logs (tawk.to): up to 12 months or as per support needs
  • Geo-targeting data (GeoTargetly): session-based only
  • Analytics (Google): up to 14 months
  • Payments and invoices: as legally required for tax/accounting
  • User accounts: until deletion by the user or admin

Your Rights Over Your Data

You have the right to:

  • Access the personal data we hold about you
  • Request a copy of your data
  • Request correction or deletion
  • Withdraw consent (where applicable)
  • Object to or restrict certain forms of data processing

To make any such request, contact us at:

Robert Wilson
Data Protection Officer
📧 fcadmin@alloaathletic.co.uk