SellAuth Shop

Privacy Policy

Last updated: 4th of March 2026


This Privacy Policy explains how we collect, use, and protect personal data when you purchase products from our shop.


The shop is operated by:

Zagorski oglasnik j.d.o.o. za usluge
Hum Zabočki 88, 49210 Zabok, Croatia
Email: [email protected]


We comply with the EU General Data Protection Regulation (GDPR).

 

1. What we collect

When you make a purchase, we collect the following information:

  • email address
  • IP address
  • browser/user agent
  • ASN (network information related to IP)

We do not require account creation to complete a purchase, although our products assume you separately hold a SellAuth account and have agreed to its terms.

We do not collect or store payment card details. Payments are processed through third-party payment providers (Stripe for card payments and PayCek for cryptocurrency payments).

We do not use cookies, third-party analytics, customer-tracking tools, or third-party error tracking.

We do not knowingly collect data from children and our services are not intended for users under 16.

 

2. Why we collect this data (legal bases)

We use personal data only for the following purposes:

  • to process and deliver your order
  • to issue invoices and meet accounting obligations
  • to prevent abuse and ensure the security of our service
  • to provide support if you contact us

The legal bases under GDPR are:

  • performance of a contract (purchasing our products), and
  • legal obligation (tax and accounting compliance), and
  • legitimate interest (service security and fraud prevention).

We do not use personal data for profiling or automated decision-making.

 

3. Payments (Stripe and PayCek)
Payments are handled by third-party payment processors.

Card payments are processed by Stripe, Inc. and its EU affiliates through Stripe Checkout. When you complete a purchase, certain data (such as your email, IP address, billing details and transaction information) is shared with Stripe so that the payment can be processed.

Stripe may transfer data outside the EU, including to the United States. Such transfers are protected using Standard Contractual Clauses (SCCs) or other lawful safeguards.
Stripe’s privacy policy:
https://stripe.com/privacy

Cryptocurrency payments are processed through PayCek, a payment processing service operated by Electrocoin d.o.o. When you choose cryptocurrency as a payment method, certain transaction-related information (such as order reference, payment amount, and wallet transaction details) may be processed by PayCek in order to complete the payment.

PayCek processes personal data according to its own privacy policy, available here:
https://paycek.io/privacy

 

4. Data storage and retention

We keep:

  • order and invoice information for as long as required by Croatian tax law (generally up to 10 years),
  • other purchase-related metadata (IP, user agent, ASN) for as long as necessary to fulfill the purposes described above.

If you contact support, emails are retained as needed to respond and for record-keeping.

When retention periods expire, data is securely deleted or anonymized.

 

5. Sharing of data

We do not sell or rent personal data.

Data may be shared only with:

  • payment processors (Stripe and PayCek)
  • professional advisers where legally required
  • authorities if required by law

Data is otherwise kept under our control.

 

6. International transfers

Because we work with global infrastructure and payment providers, some personal data may be transferred outside the European Economic Area.

Where this occurs, we use lawful safeguards such as Standard Contractual Clauses to ensure an adequate level of protection.

 

7. Security

We take appropriate technical and organizational measures to protect personal data, including:

  • encrypted connections (HTTPS)
  • restricted access controls
  • secure server configurations

We do not store passwords, and we do not store full payment card numbers.

While no system is perfectly secure, we continuously work to protect your information.

 

8. Your rights (GDPR)

You have the following rights, subject to legal limitations:

  • access your personal data
  • correct inaccurate data
  • request deletion (“right to be forgotten”)
  • restrict or object to processing in certain cases
  • request data portability
  • lodge a complaint with a supervisory authority

To exercise your rights, email us at:

[email protected]

We may need to verify your identity before fulfilling your request.

You also have the right to complain to the Croatian Personal Data Protection Agency (AZOP) or your local data authority.

 

9. Deletion requests

If you wish to have your purchase data deleted, contact:

[email protected]

We will delete all personal data that we are not legally required to retain for accounting or tax purposes.

 

10. Changes to this policy

We may update this Privacy Policy from time to time. Significant changes will be posted on this page with an updated “Last updated” date.

Continued use of our shop after changes means you accept the revised policy.

 

11. Contact

For any questions about privacy or data protection:
Email: [email protected]