Privacy Policy

1. Introduction

MyKit operates the mykit.ie platform, providing e-commerce and merchandise management services for sports clubs, teams, and organisations. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Full name
• Email address
• Password (stored securely using industry-standard hashing)
• Account type (Customer, Client, or Admin)

2.2 Order Information

When you place an order, we collect:

• Contact details (name, email, phone number)
• Shipping address (street address, city, postal code, country)
• Billing address
• Order details (products, quantities, customisations such as initials or sizing)
• Payment information (processed securely by Stripe - we do not store card details)

2.3 Organisation Information

For organisation accounts, we also collect:

• Company/organisation name
• Business contact information
• VAT number (where applicable)
• Company registration number (where applicable)
• Business address

2.4 Contact Form Submissions

When you submit a contact form, we collect your name, email, phone number, company name, and the content of your message.

2.5 Automatically Collected Information

We store authentication tokens and shopping cart data in your browser's local storage to provide a seamless shopping experience. We do not use third-party analytics or tracking cookies.

3. How We Use Your Information

We use the information we collect to:

• Process and fulfil your orders
• Send order confirmations and shipping updates
• Manage your account and provide customer support
• Process payments securely
• Generate invoices and receipts
• Respond to your enquiries and contact form submissions
• Improve our platform and services
• Comply with legal obligations

4. Third-Party Services

We share your information with the following third-party service providers who assist us in operating our platform:

4.1 Stripe (Payment Processing)

We use Stripe to process payments securely. When you make a purchase, your payment information is sent directly to Stripe. We do not store your full card details on our servers. Stripe's privacy policy can be found at stripe.com/privacy.

4.2 Resend (Email Services)

We use Resend to send transactional emails such as order confirmations, password resets, and account notifications. Your email address and name are shared with Resend for this purpose.

4.3 Cloudinary (Image Hosting)

We use Cloudinary to host product images and organisation logos. No personal customer data is shared with Cloudinary.

4.4 Social Login Providers

If you choose to sign in using Google or Facebook, we receive basic profile information (name and email) from these providers to create or link your account. We do not post to your social media accounts or access additional information beyond what is needed for authentication.

5. Data Security

We implement appropriate security measures to protect your personal information:

• Passwords are hashed using industry-standard bcrypt encryption
• Sensitive data is encrypted
• All data transmission is encrypted using HTTPS/TLS
• We implement security headers to protect against common web vulnerabilities
• Access to personal data is restricted to authorised personnel only

6. Data Retention

We retain your personal information for as long as necessary to fulfil the purposes outlined in this policy, unless a longer retention period is required by law. Order records are retained for accounting and legal compliance purposes. You may request deletion of your account and associated personal data by contacting us.

7. Your Rights

Under applicable data protection laws (including GDPR), you have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate information
• Request deletion of your personal information
• Object to or restrict processing of your information
• Request portability of your data
• Withdraw consent where processing is based on consent

To exercise any of these rights, please contact us using the details below.

8. Cookies and Local Storage

We use browser local storage to store your authentication token and shopping cart contents. This data remains on your device and is used to keep you logged in and preserve your cart between visits. We do not use third-party tracking cookies or analytics services that track your behaviour across websites.

9. Children's Privacy

Our platform is not intended for children under the age of 16. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: