Saj Marketing
Sign in

Legal

Privacy Policy

Last updated: June 2026

Draft template only — not legal advice. This page is maintained by Saj Marketing to describe how the app handles personal data. Have a lawyer review it before relying on it for compliance.

Who we are

Saj Marketing ("we", "us") operates this website and the Saj Marketing Tester Programme. We act as the data controller for the personal data described below under the UK GDPR and the Data Protection Act 2018.

What we collect

  • Account & profile: name, email, password (hashed), shipping country, optional Google account identifier when you sign in with Google.
  • Order & shipping: full shipping address, contact details, order history, delivery status.
  • Payment: handled by our payment processor (Stripe). We never store your full card details on our servers; we receive a token and a payment reference only.
  • Reviews & content: the text, photos, videos, and ratings you submit, plus the display name shown alongside them.
  • Inquiries: information you provide in the brand inquiry form or the waitlist (name, email, brand, website).
  • Technical: IP address, browser type, and basic usage data used for security, fraud prevention, and service operation.

Why we use it (lawful bases)

  • Contract: to create your account, process orders, ship products, and accept reviews.
  • Legitimate interests: to prevent fraud and abuse, secure the service, and improve the platform.
  • Consent: for the waitlist and any marketing emails — you can withdraw at any time.
  • Legal obligation: to keep tax, accounting and consumer-protection records.

Who we share it with

  • Infrastructure: Supabase (database, auth, storage) and Cloudflare (hosting).
  • Payments: Stripe for card processing; PayPal for tester payouts when applicable.
  • Shipping carriers: the carrier handling your order receives the name and address required to deliver it.
  • Brand partners: aggregated, anonymised review and content data, plus published review content with its attached disclosure. Full shipping addresses are never shared with brands.

Some processors are located outside the UK/EEA. Where that is the case we rely on UK/EU Standard Contractual Clauses or equivalent safeguards.

How long we keep it

Account and order records are kept for as long as your account is active and for up to 6 years after closure to meet UK tax and consumer-protection obligations. Published reviews remain public unless you ask us to remove them.

Your rights

Under UK GDPR you have the right to access, correct, delete, restrict, or port your personal data, and to object to certain processing. To exercise any of these rights, email privacy@sajmarketing.com. You also have the right to complain to the UK Information Commissioner's Office (ico.org.uk).

Cookies

We use strictly necessary cookies for authentication and session management. We do not currently run third-party advertising or cross-site tracking cookies.

Contact

Questions about this policy? Email privacy@sajmarketing.com.

See also the Tester Terms and the Disclosure Policy.