Become a seller
EUR
  • USD
  • CAD
  • AED
  • AUD
  • AZN
  • CLP
  • CZK
  • HUF
  • IDR
  • JOD
  • KZT
  • NOK
  • NZD
  • OMR
  • PEN
  • PLN
  • QAR
  • SAR
  • UZS
FOX v.2.4.2.3
Become a seller
EUR
  • USD
  • CAD
  • AED
  • AUD
  • AZN
  • CLP
  • CZK
  • HUF
  • IDR
  • JOD
  • KZT
  • NOK
  • NZD
  • OMR
  • PEN
  • PLN
  • QAR
  • SAR
  • UZS
FOX v.2.4.2.3
0

Gleeful.me – Privacy Policy

Effective Date: 30 November 2025
Contact: help@gleeful.me

1. Introduction

This Privacy Policy explains how Gleeful.me Ltd. (“we,” “us,” or “our”) collects, uses, and protects your personal data when you use the Gleeful.me platform (“Platform”).

We are committed to complying with:

  • The UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018;
  • The EU General Data Protection Regulation (EU GDPR) (for EU users); and
  • The Payment Services Directive 2 (PSD2) and Strong Customer Authentication (SCA) rules for secure electronic payments.

By using the Platform, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller and Contact

Gleeful.me Ltd. is the data controller responsible for your personal data processed in connection with the Platform.
If you have any questions or wish to exercise your data protection rights, please contact:
📧 help@gleeful.me

3. What Personal Data We Collect

We collect and process the following categories of personal data:

3.1. Account and Identification Data

  • Name, username, email address, password;
  • Contact details (postal address, phone number, country).

3.2. Transactional and Payment Data

  • Payment method details (processed securely via third-party payment processors);
  • Billing information, payment reference numbers, transaction records, and status.

Note: We do not store full credit or debit card numbers. Payments are handled by PCI-DSS–compliant payment service providers (PSPs) that comply with PSD2 and SCA requirements.

3.3. Seller Verification Data

  • Business name, company registration, VAT number, ID verification (where required by law).

3.4. Usage and Technical Data

  • IP address, device type, browser, operating system, and activity logs;
  • Cookies and tracking data (see our [Cookies Policy]).

3.5. Communication Data

  • Messages, support requests, or other correspondence you send to us or other users.

4. Legal Bases for Processing

We process personal data under the following lawful bases (as defined in the UK/EU GDPR):

PurposeLegal Basis
Account registration and managementPerformance of a contract
Processing transactions and paymentsPerformance of a contract; Legal obligation (PSD2)
Providing customer supportLegitimate interest
Fraud prevention and authentication (SCA)Legal obligation
Marketing and promotional communicationsConsent
Analytics, website improvementLegitimate interest (site improvement)
Compliance with legal obligations (tax, AML, KYC)Legal obligation

5. Strong Customer Authentication (SCA) and PSD2 Compliance

To comply with PSD2 and ensure the security of online payments:

  • All electronic payments on Gleeful.me are subject to Strong Customer Authentication (SCA), requiring at least two factors among:
    1. Something you know (e.g., password or PIN),
    2. Something you have (e.g., phone or device token),
    3. Something you are (e.g., biometric verification).
  • We partner only with regulated payment service providers (PSPs) authorised under the UK Financial Conduct Authority (FCA) or EU equivalents.
  • Your financial data is encrypted and handled only by these PSPs; Gleeful.me never has direct access to your bank or card credentials.

6. How We Use Your Data

We use your data to:

  • Create and manage your account;
  • Enable secure payments and transactions between Buyers and Sellers;
  • Verify identity and prevent fraud;
  • Provide customer support and dispute resolution;
  • Communicate service updates and important notices;
  • Comply with legal and regulatory requirements;
  • Improve the functionality and experience of the Platform.

We will not use your data for purposes inconsistent with this Privacy Policy without notifying you first.

7. Data Sharing and Disclosure

We may share data with:

  • Payment processors (for secure transaction handling and SCA enforcement);
  • Identity verification providers (for Seller onboarding and compliance);
  • Analytics providers (for performance monitoring);
  • Law enforcement or regulators where required by law.

All third parties are bound by contractual obligations to protect your data in accordance with the UK/EU GDPR.

We never sell personal data to third parties.

8. International Data Transfers

If personal data is transferred outside the UK or European Economic Area (EEA), we ensure adequate protection through:

  • The UK International Data Transfer Agreement (IDTA) or EU Standard Contractual Clauses (SCCs); or
  • Transfers to jurisdictions recognised by the UK or EU as providing adequate protection.

9. Data Retention

We retain personal data only as long as necessary for the purposes collected or as required by law (e.g., tax and accounting records).
After the retention period, data is securely deleted or anonymised.

10. Your Data Protection Rights

Under the UK/EU GDPR, you have the following rights:

  • Right to Access – to request copies of your personal data.
  • Right to Rectification – to correct inaccurate or incomplete data.
  • Right to Erasure (“right to be forgotten”) – to request deletion in certain cases.
  • Right to Restrict Processing – to limit how we use your data.
  • Right to Data Portability – to request your data in a structured, machine-readable format.
  • Right to Object – to object to processing based on legitimate interest or for marketing.
  • Right to Withdraw Consent – if processing is based on your consent.

You can exercise these rights by contacting help@gleeful.me.
We may require verification of your identity before processing your request.

11. Marketing Communications

If you opt in, we may send you newsletters or promotional messages.
You can withdraw consent at any time by clicking “unsubscribe” in emails or contacting us directly.

We do not send marketing messages without explicit consent, in line with the Privacy and Electronic Communications Regulations (PECR).

12. Data Security

We implement technical and organisational measures to protect data from loss, misuse, unauthorised access, or disclosure, including:

  • SSL/TLS encryption for data transmission;
  • Secure data storage with access controls;
  • Multi-factor authentication for administrative access;
  • Ongoing monitoring for security vulnerabilities.

13. Children’s Data

The Platform is not intended for children under 18. We do not knowingly collect personal data from minors.

14. Changes to This Policy

We may update this Privacy Policy to reflect legal or operational changes. Updates will be posted on this page with a new effective date.
Please review this Policy periodically for the latest information.

15. Complaints

If you are unsatisfied with how we handle your data, you may contact:

  • The Information Commissioner’s Office (ICO) in the UK: www.ico.org.uk
  • Or your local data protection authority if you are in the EU.

16. Contact Information

For all privacy-related enquiries:
📧 help@gleeful.me
📅 Effective as of 30 November 2025

Sign In

Sign in with Google

Don't have an account yet? Register

Forgot password?

Register

Sign up with Google

Reset Password

Please enter your username or email address, you will receive a link to create a new password via email.