Privacy Policy

Last updated: April 17, 2026

This Privacy Policy describes how G-Rollz (“we”, “us”, or “our”) collects, uses, and shares personal information when you use our trade and wholesale portal (the “Service”), including when you sign in with third-party providers such as Google or Apple. By using the Service, you agree to the practices described in this policy.

1. Who is responsible

The data controller for personal information processed through the Service is G-Rollz, operating the B2B trade portal made available to approved trade partners, retailers, and distributors.

2. Information we collect

We may collect the following categories of information:

  • Account and profile data: name, email address, company name, trade role, account identifiers, and similar details you or your organisation provide when applying for or maintaining a trade account.
  • Authentication data: when you use social or federated sign-in (for example Google or Apple), we receive identifiers and basic profile elements as permitted by that provider and your settings with them.
  • Commercial and transaction data: orders, cart activity, delivery preferences, billing or invoicing references, and related communications necessary to fulfil wholesale relationships.
  • Technical and usage data: IP address, device and browser type, approximate location derived from IP, log and security records, and information about how you navigate and use the Service (for example pages viewed and features used).
  • Support content: information you send us when you contact support or report an issue.

3. How we use information

We use personal information to:

  • Provide, operate, and improve the Service;
  • Authenticate users, prevent fraud, and protect the security of accounts and systems;
  • Process and fulfil orders and manage trade partner relationships;
  • Communicate about your account, orders, and service changes;
  • Comply with legal obligations and enforce our terms;
  • Analyse usage in aggregate or de-identified form to improve the product experience.

4. Legal bases (where applicable)

Where the EU or UK General Data Protection Regulation (GDPR) applies, we rely on appropriate legal bases such as: performance of a contract with you or your organisation; legitimate interests that are not overridden by your rights (for example securing the Service and understanding product usage); compliance with legal obligations; and, where required, your consent.

5. Sharing of information

We may share personal information with:

  • Service providers who host infrastructure, process payments or invoices, send email, provide analytics, or assist with customer support, under contractual obligations to protect data and use it only for instructed purposes;
  • Professional advisers where reasonably necessary (for example auditors or lawyers);
  • Authorities when required by law, court order, or to protect rights, safety, and security.

We do not sell your personal information in the conventional sense. We may use subprocessors in line with this policy and applicable agreements.

6. International transfers

If we transfer personal information across borders, we implement appropriate safeguards consistent with applicable law (such as standard contractual clauses where relevant).

7. Retention

We retain personal information for as long as needed to provide the Service, meet legal, tax, and accounting requirements, resolve disputes, and enforce agreements. Retention periods may differ by data category and context.

8. Security

We implement technical and organisational measures designed to protect personal information. No method of transmission or storage is completely secure; we encourage strong passwords and safe handling of credentials.

9. Your rights

Depending on your location, you may have rights to access, correct, delete, or restrict processing of your personal information, to object to certain processing, to data portability, and to withdraw consent where processing is consent-based. You may also have the right to lodge a complaint with a supervisory authority. To exercise rights, contact us using the business channels associated with your trade account or as directed by your account administrator.

10. Cookies and similar technologies

We use cookies and similar technologies where needed for authentication, security, preferences, and to understand how the Service is used. You can control cookies through your browser settings; disabling certain cookies may affect functionality.

11. Children

The Service is intended for business users and is not directed at children. We do not knowingly collect personal information from children.

12. Changes

We may update this Privacy Policy from time to time. We will post the updated version on this page and adjust the “Last updated” date. Material changes may be communicated through the Service or by email where appropriate.

13. Contact

For privacy-related questions, please contact us through the official business channels provided to your organisation as part of your trade relationship with G-Rollz.