Privacy Policy
*Last updated: 10/06/2026*
## 1. Introduction 1.1. This Privacy Policy explains how Reaction Games (“we”, “us” or “our”) collects, uses, stores and protects your personal data when you visit our website, contact us, create an account, or purchase physical goods from us online.
1.2. We are committed to handling personal data responsibly and in accordance with the UK General Data Protection Regulation, the Data Protection Act 2018, the Privacy and Electronic Communications Regulations, and, where applicable, the EU General Data Protection Regulation.
1.3. We currently sell physical goods within the UK only. If you access our website from outside the UK, please note that purchases may not be available to international customers. However, some of the third-party services we use may process personal data outside the UK, as explained in this Privacy Policy.
## 2. Who We Are
2.1. The data controller for this website is: Reaction Games 18 Swan Road Hailsham East Sussex BN27 2DG United Kingdom Website: [www.reaction-games.co.uk](http://www.reaction-games.co.uk) Email: [insert email address]
2.2. If you have any questions about this Privacy Policy or how we handle your personal data, you can contact us using the details above.
## 3. Personal Data We Collect
3.1. We only collect personal data where it is necessary for running our website, processing orders, delivering physical goods, responding to enquiries, meeting legal obligations, protecting our website, or maintaining the reliability and security of our systems.
3.2. Depending on how you use our website, we may collect the following types of personal data: *Identity and contact data:* your name, email address, billing address, shipping address, and any other contact details you provide. *Order and transaction data:* details of products you purchase from us, order history, payment status, delivery information, refunds, returns, and correspondence relating to your order. *Payment data:* payments are processed by third-party payment providers such as Stripe and PayPal. We do not intentionally store your full card details or PayPal login details. We may receive limited payment-related information, such as payment confirmation, transaction ID, billing details, and payment status. *Account data:* if you create an account through our website, this may include your name, email address, order history, account login information, and account preferences. *Communication data:* information you send to us by email, contact form, social media message, or any other communication method. *Technical data:* IP address, browser type, device information, operating system, pages visited, timestamps, diagnostic information, system logs, and similar technical information. *Cookie and website functionality data:* information collected through strictly necessary cookies or similar technologies that support website functionality, security, ecommerce, checkout, spam prevention, and technical operation. *Security and fraud prevention data:* information processed by tools such as Google reCAPTCHA, Stripe, PayPal, Squarespace, Sentry, or other relevant service providers to help protect our website, prevent spam, detect fraud, process payments, and maintain website security.
## 4. How We Collect Personal Data
4.1. We may collect personal data directly from you when you: * place an order; * create an account; * complete a contact form; * contact us by email; * communicate with us on social media; * request customer support; * use our website; * click links on our website, including affiliate links.
4.2. We may also receive or access limited personal data through third-party service providers that help us operate our website, process payments, manage emails, monitor errors, prevent fraud, protect forms from spam, or provide customer support.
## 5. How We Use Your Personal Data
5.1. We use personal data for the following purposes: *To sell and deliver physical goods:* including processing orders, arranging delivery, managing customer accounts, providing customer support, and handling returns, refunds or order queries. *To process payments:* through third-party payment processors such as Stripe and PayPal. *To respond to enquiries:* including contact form submissions, emails, customer support requests, and social media messages. *To manage our website:* including hosting, account functionality, website security, troubleshooting, maintenance, and performance monitoring. *To prevent spam, fraud and abuse:* including the use of Google reCAPTCHA and payment provider fraud-prevention tools. *To monitor technical issues:* including the use of Sentry to identify errors, bugs, crashes, or security issues. *To comply with legal obligations:* including tax, accounting, record-keeping, consumer law, legal requests, and regulatory requirements. *To provide cookie information:* including using CookieYes to display information about the cookies used on our website. *To manage affiliate links:* including links to third-party websites where we may receive commission if you make a purchase through our link.
5.2. We do not currently collect personal data for email marketing newsletters. If this changes in the future, we will update this Privacy Policy and only send direct marketing where we have a valid lawful basis to do so.
## 6. Lawful Bases for Processing
6.1. We process personal data using the following lawful bases: *Contractual necessity:* where processing is needed to fulfil an order, arrange delivery, provide customer support, manage your account, or respond to a request before entering into a contract. *Legal obligation:* where processing is needed to comply with tax, accounting, regulatory, legal, or consumer protection obligations. *Legitimate interests:* where processing is necessary for running our business, maintaining website security, preventing fraud, responding to enquiries, keeping records, improving our services, and protecting our legal rights, provided those interests are not overridden by your rights and freedoms. *Consent:* where required, such as for direct marketing if introduced in the future, or for any non-essential cookies or tracking technologies if we introduce them in the future.
## 7. Selling Physical Goods Online
7.1. When you purchase from us, we collect and process the personal data necessary to complete and manage your order. This may include your name, email address, billing address, shipping address, order details, payment confirmation, and any information needed to provide customer support.
7.2. Payments are processed by third-party payment providers such as Stripe and PayPal. These providers may collect and process payment information, transaction data, fraud-prevention data, and other information needed to complete the payment.
7.3. We do not intentionally store full card numbers, card security codes, or PayPal login credentials.
7.4. We may retain order and transaction records for legal, tax, accounting, dispute-resolution, customer service, returns, refunds, and business record purposes.
## 8. Contact Forms and Email Communications
8.1. If you contact us through a website contact form, we may collect your name, email address, message, and any other information you choose to include.
8.2. Contact form submissions may be processed through Squarespace and may also be delivered to or stored in our email systems.
8.3. We use 1&1 IONOS for email and/or related business services. If you contact us by email or through a form that is delivered to our email inbox, your message and related email metadata may be processed by IONOS.
8.4. We may keep customer communications for up to 7 years where they relate to orders, legal obligations, accounting records, customer support, disputes, or business records. General enquiries may be kept for a shorter period unless we have a reason to retain them.
## 9. Website Hosting and Squarespace
9.1. Our website is hosted and operated using Squarespace.
9.2. Squarespace may process personal data in connection with website hosting, ecommerce functionality, account creation, checkout, website security, forms, system logs, and other technical services.
9.3. If you create an account, place an order, submit a form, or interact with our website, some of your personal data may be processed by Squarespace in accordance with Squarespace’s own terms and privacy documentation.
## 10. Payment Providers: Stripe and PayPal
10.1. We may offer payment options through Stripe and PayPal.
10.2. These providers process payment and transaction data in order to complete purchases, prevent fraud, manage disputes, process refunds, comply with financial regulations, and provide payment services.
10.3. When you choose to pay through Stripe or PayPal, your personal data will also be handled in accordance with that provider’s own privacy policy.
10.4. We may receive limited payment-related information from Stripe or PayPal, such as your name, email address, billing details, payment status, transaction reference, and order confirmation. We do not intentionally store your full card details or PayPal login details.
## 11. Google reCAPTCHA
11.1. We use Google reCAPTCHA to help protect our website from spam, bots, abuse, and fraudulent activity.
11.2. reCAPTCHA may analyse information such as your IP address, browser and device information, user interactions, cookies, and other technical data to determine whether an interaction is likely to be made by a human or an automated system.
11.3. Google may process this data in accordance with its own Privacy Policy and Terms of Service.
11.4. reCAPTCHA may operate when you use certain parts of our website, such as forms, account areas, or checkout-related features.
## 12. Sentry
12.1. We use Sentry for infrastructure monitoring, error tracking, debugging, and website reliability.
12.2. Sentry may collect technical data such as IP address, device and browser information, operating system, page URL, timestamps, error logs, performance data, and information about the actions that led to an error or technical issue.
12.3. We use Sentry to identify and resolve technical problems, protect our website, improve reliability, and maintain the security of our systems.
12.4. We do not intentionally send payment details, sensitive personal data, or unnecessary customer information to Sentry.
## 13. CookieYes and Cookie Information
13.1. We use CookieYes to display information about the cookies used on our website.
13.2. At present, we only use cookies that are strictly necessary for the operation, security, ecommerce functionality and technical performance of our website.
13.3. Because we do not currently use non-essential cookies, analytics cookies, advertising cookies, or behavioural tracking cookies, we do not currently use CookieYes as a consent banner.
13.4. If we introduce non-essential cookies in the future, we will update our cookie information and request consent where required by law.
## 14. Cookies and Similar Technologies
14.1. Cookies are small files placed on your device when you visit a website. Similar technologies may also be used to store or access information on your device.
14.2. We currently use strictly necessary cookies and similar technologies only where needed for website functionality, security, ecommerce, fraud prevention, checkout, spam prevention, and technical operation.
14.3. Strictly necessary cookies may be used without consent where they are needed to provide the website or a service you request. This may include remembering items in a basket, enabling checkout, protecting forms from spam, securing the website, processing payments, or supporting core website functions.
14.4. We do not currently use third-party analytics, advertising pixels, behavioural advertising tools, or non-essential tracking cookies.
14.5. Third-party services such as Squarespace, Google reCAPTCHA, Stripe, PayPal, Sentry and CookieYes may use cookies or similar technologies for security, payment processing, fraud prevention, diagnostics, technical functionality, ecommerce functionality, or cookie information purposes.
14.6. If we introduce non-essential cookies or similar technologies in the future, we will update this Privacy Policy and request consent where required by law.
## 15. Affiliate Links
15.1. Our website may contain affiliate links to third-party websites. If you click an affiliate link and make a purchase, we may receive a commission at no extra cost to you.
15.2. Affiliate links may contain tracking identifiers that allow the third-party website or affiliate provider to recognise that you came from our website.
15.3. Once you click an affiliate link and leave our website, the third-party website’s own privacy policy, cookie policy, and terms will apply. We are not responsible for how third-party websites collect, use, store, or share personal data.
15.4. We recommend reviewing the privacy policy of any third-party website before providing personal data or making a purchase.
15.5. We do not currently use non-essential tracking cookies on our own website for affiliate tracking. If this changes in the future, we will update our cookie information and request consent where required by law.
## 16. Links to Other Websites
16.1. Our website may contain links to third-party websites, platforms, products, resources, or services.
16.2. We are not responsible for the privacy practices, content, security, or policies of third-party websites.
16.3. Clicking a third-party link may allow that website or platform to collect data about you, including technical data, cookie data, referral information, or transaction information if you make a purchase.
## 17. Social Media
17.1. If you communicate with us via social media, including platforms such as Facebook or Instagram, your messages and interactions will also be subject to the privacy policies of those platforms.
17.2. We do not control how social media platforms collect, store, use, or share your personal data.
17.3. If you contact us through social media, we may use the information you provide to respond to your message, provide support, or keep a record of the communication where appropriate.
## 18. Who We Share Personal Data With
18.1. We do not sell, rent, or trade your personal data.
18.2. We may share or make personal data available to trusted third-party service providers where necessary to run our website, sell and deliver physical goods, process payments, manage communications, maintain security, or comply with legal obligations.
18.3. These providers may include: * Squarespace, for website hosting, ecommerce, account functionality, forms, checkout, and website services; * Stripe, for payment processing and fraud prevention; * PayPal, for payment processing and fraud prevention; * 1&1 IONOS, for email and/or related business services; * Google reCAPTCHA, for spam, bot, and abuse prevention; * Sentry, for error tracking, diagnostics, and infrastructure monitoring; * CookieYes, for displaying cookie information; * delivery, postal or courier services, where needed to deliver physical goods; * professional advisers, such as accountants, legal advisers, or insurers, where necessary; * public authorities, regulators, law enforcement, or other parties where required by law.
18.4. We only share personal data where we have a lawful basis to do so.
## 19. International Data Transfers
19.1. Some of the third-party service providers we use are based outside the UK or may process personal data outside the UK.
19.2. This may include providers such as Squarespace, Stripe, PayPal, Google, Sentry, CookieYes, IONOS, and their respective affiliates, sub-processors, or service providers.
19.3. Where personal data is transferred outside the UK, we rely on appropriate safeguards where required by law. These may include: * adequacy regulations or adequacy decisions; * the UK International Data Transfer Agreement; * the UK Addendum to the EU Standard Contractual Clauses; * EU Standard Contractual Clauses; * Data Privacy Framework certification, where applicable; * binding corporate rules or other lawful transfer mechanisms used by the relevant provider.
19.4. By using our website, purchasing from us, or communicating with us, your personal data may be processed by third-party providers in countries outside the UK where appropriate safeguards apply.
## 20. Data Retention
20.1. We keep personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, tax, customer support, delivery, dispute-resolution, fraud-prevention, and business record purposes.
20.2. Order, transaction, delivery and customer communication records may be kept for up to 7 years where required or appropriate for legal, tax, accounting, consumer law, dispute-resolution, or business record purposes.
20.3. Contact form messages and general enquiries may be kept for as long as needed to respond to your enquiry and maintain appropriate business records.
20.4. Technical logs, error reports, cookie information records, and security data are kept for as long as needed for website security, troubleshooting, compliance, and operational purposes.
20.5. Third-party providers may retain personal data in accordance with their own privacy policies and legal obligations.
## 21. Security
21.1. We take reasonable steps to protect personal data from unauthorised access, loss, misuse, alteration, disclosure, or destruction.
21.2. These steps may include account security, two-factor authentication where available, secure service providers, access controls, system monitoring, and limiting access to personal data where appropriate.
21.3. No website, online service, or electronic transmission is completely secure. However, we take care to use reputable service providers and appropriate measures to protect personal data.
## 22. Your Data Protection Rights
22.1. Depending on the circumstances, you may have the right to: * access the personal data we hold about you; * request correction of inaccurate or incomplete personal data; * request deletion of your personal data; * request restriction of processing; * object to processing based on legitimate interests; * request data portability where applicable; * withdraw consent where processing is based on consent; * complain to the Information Commissioner’s Office.
22.2. Some rights are subject to legal limitations. For example, we may need to retain certain order, transaction, delivery, tax, accounting, legal, or fraud-prevention records.
## 23. How to Exercise Your Rights
23.1. To exercise your data protection rights, please contact us at: [info@reaction-games.co.uk]
23.2. We may need to verify your identity before responding to a request.
23.3. We aim to respond to valid data protection requests within one month, unless the request is complex or we are legally permitted to extend the response period.
## 24. Complaints
24.1. If you are concerned about how we handle your personal data, please contact us first so we can try to resolve the issue.
24.2. You also have the right to complain to the UK Information Commissioner’s Office.
## 25. Legal Requests and Disclosure
25.1. We may disclose personal data where required to do so by law, court order, regulation, legal process, law enforcement request, tax authority request, or other valid legal or regulatory obligation.
25.2. We may also disclose personal data where necessary to protect our legal rights, prevent fraud, enforce our terms, or protect the security of our website and services.
## 26. Data Breaches
26.1. If a personal data breach occurs, we will assess the nature and risk of the breach.
26.2. Where legally required, we will notify affected individuals and/or the Information Commissioner’s Office within the required timeframe.
## 27. Children’s Data
27.1. Our website and checkout are intended to be used by adults or by people using the website with the involvement of a parent or guardian where appropriate.
27.2. We do not knowingly collect personal data from children without appropriate consent.
27.3. If you believe a child has provided us with personal data without appropriate consent, please contact us so we can review and, where appropriate, delete the information.
## 28. Changes to This Privacy Policy
28.1. We may update this Privacy Policy from time to time to reflect changes in our website, products, third-party providers, legal requirements, or data practices.
28.2. The latest version will be published on our website with the updated date shown at the top of the policy.
## 29. Contact Us
29.1. If you have any questions about this Privacy Policy, your rights, or how we handle personal data, please contact us: Reaction Games 18 Swan Road Hailsham East Sussex BN27 2DG United Kingdom Email: [info@reaction-games.co.uk] Website: [www.reaction-games.co.uk](http://www.reaction-games.co.uk)