At GST3D (hereinafter, "GST3D"), we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and safeguard your information when you access our website, use our mobile applications (iOS and Android), or use our services.
1. Data Controller Identification
Controller: GST3D Holding BV
VAT Number (NL): NL858377263B01
Registered Address: Av. de Sant Julià, 187, 08403 Granollers, Barcelona
Email for Spain: support@gst3d.eu
General Business Email: admin@gst3d.nl
2. Personal Data We Collect
We may collect and process the following categories of personal data:
2.1. Data Collected Through Our Website:
-
Full name
-
Shipping and/or billing address
-
Email address
-
Phone number
-
Payment information (encrypted and managed by secure payment gateways)
-
Purchase and browsing history
-
IP address and technical data (cookies, browser type, device)
2.2. Data Collected Through Our Mobile Applications (iOS and Android):
Device and Technical Information:
-
Device Tokens (FCM/APNS): Unique identifiers for push notifications (Firebase Cloud Messaging for Android, Apple Push Notification Service for iOS)
-
Device Information: Device model, operating system version, app version, device language, timezone
-
Network Information: IP address, network connection status
-
Location Data (Approximate): Country, region, and city derived from IP address (we do NOT collect precise GPS location)
Authentication and Account Data:
-
Customer ID: When you log in to your account through the app
-
Email Address: Associated with your account (if logged in)
-
Session Cookies: To maintain your login session and shopping cart
App Usage Data:
-
App Activity: Interactions with the app, pages viewed, features used
-
Error Logs: Technical information to improve app performance (anonymized)
Important: We do NOT collect:
-
Precise GPS location coordinates
-
Contacts, photos, or other personal files from your device
-
Biometric data
3. Purpose of Data Processing
The data collected is used for the following purposes:
3.1. General Purposes:
-
Processing orders, payments, and product shipments
-
Responding to inquiries, requests, or complaints
-
Sending marketing communications (with user consent)
-
Improving user experience on our website and mobile applications
-
Complying with legal and fiscal obligations
3.2. Mobile App Specific Purposes:
-
Push Notifications: Sending you notifications about orders, promotions, cart reminders, and important updates (you can disable these in your device settings)
-
App Functionality: Maintaining your session, syncing your cart, and providing personalized content
-
Location-Based Services: Showing relevant content, offers, and shipping information based on your approximate location (country/region)
-
Technical Support: Diagnosing and fixing app issues, improving performance
-
Analytics: Understanding how users interact with the app to enhance features and user experience
4. Legal Basis for Processing
We process your data based on the following legal grounds:
-
Performance of a contract (product purchases, order processing, account management)
-
Your explicit consent (marketing emails, push notifications - you can opt-out at any time, non-essential cookies)
-
Legal obligations
-
Legitimate interest (service improvement, security, fraud prevention, app functionality)
Push Notifications: We request your permission to send push notifications when you first open the app. You can revoke this permission at any time through your device settings (Settings > Apps > GST3D > Notifications on Android, or Settings > GST3D > Notifications on iOS).
5. Data Recipients
Your data may be shared with:
5.1. Service Providers:
-
Firebase (Google): For push notifications, analytics, and app functionality
- Firebase Cloud Messaging (FCM) for Android
- Apple Push Notification Service (APNS) for iOS
- Firebase Analytics (anonymized usage data)
-
Hosting Providers: For storing and processing your data securely
-
Payment Processors: For secure payment processing (we do not store your full payment details)
-
Shipping Companies: For order fulfillment and delivery
5.2. Legal Requirements:
-
Public authorities when required by law or court order
We never sell or share your personal data with third parties for marketing purposes without your explicit consent.
6. International Data Transfers
Your data may be transferred to and processed in countries outside the European Economic Area (EEE), including:
-
United States: Firebase (Google) servers are located in the US. Google complies with GDPR through Standard Contractual Clauses (SCCs) and is certified under the EU-US Data Privacy Framework.
We ensure all service providers provide adequate safeguards under GDPR, such as:
-
Standard Contractual Clauses (SCCs)
-
Adequacy decisions by the European Commission
-
Binding Corporate Rules
-
EU-US Data Privacy Framework certification
7. Data Retention Period
We will retain your data:
-
Account Data: For as long as your account is active or as needed to provide services
-
Order Information: For the period required by legal or fiscal obligations (typically 7 years for tax purposes)
-
Device Tokens: Until you uninstall the app, disable push notifications, or request deletion
-
Location Data (IP-based): Temporarily processed and not stored long-term
-
Marketing Data: Until you withdraw your consent or unsubscribe
-
Technical Logs: For up to 90 days for troubleshooting purposes (anonymized)
8. Your Rights
You may exercise the following rights at any time:
-
Access: Find out what data we hold about you
-
Rectification: Correct inaccurate or incomplete data
-
Erasure: Request deletion of your personal data
-
Objection: Object to the processing of your data
-
Restriction of processing
-
Data portability
-
Withdraw consent: Revoke consent for marketing or push notifications at any time
How to Exercise Your Rights:
For Website/Account Data:
📩 Contact us at support@gst3d.eu with the subject line "GDPR Rights Request" and attach a copy of your ID for verification purposes.
For Mobile App Data:
-
Push Notifications: Disable through your device settings (Settings > Apps > GST3D > Notifications)
-
App Data: Contact us at support@gst3d.eu with your request
-
Uninstall the App: Uninstalling the app will stop data collection, but account data will be retained as per our retention policy
9. Data Security
We implement all necessary technical and organisational measures to ensure the security and integrity of your personal data, including:
-
Encryption: Data transmitted between the app and our servers uses HTTPS/TLS encryption
-
Secure Storage: Personal data is stored on secure servers with access controls
-
Authentication: Secure authentication mechanisms for app access
-
Regular Updates: We regularly update our apps and systems to address security vulnerabilities
-
Access Controls: Limited access to personal data on a need-to-know basis
However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
10. Children's Privacy
Our mobile applications are not intended for children under the age of 16. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at support@gst3d.eu.
11. Third-Party Services
Our mobile applications may contain links to third-party websites or services. This Privacy Policy does not apply to third-party services. We encourage you to review the privacy policies of any third-party services you access.
Third-Party Services Used:
-
Firebase (Google): For push notifications and analytics
-
Shopify: For e-commerce functionality (if applicable)
-
Payment Processors: For secure payment processing
12. Push Notifications
Android:
-
We use Firebase Cloud Messaging (FCM) to send push notifications
-
You can control notifications through: Settings > Apps > GST3D > Notifications
-
You can also disable notifications for specific categories
iOS:
-
We use Apple Push Notification Service (APNS) to send push notifications
-
You can control notifications through: Settings > GST3D > Notifications
-
You can customize notification types and delivery methods
Notification Types:
-
Order updates and shipping notifications
-
Promotional offers and discounts (with your consent)
-
Cart reminders
-
Account-related notifications
-
Important service updates
13. Cookies and Local Storage
Website:
We use cookies to enhance your browsing experience, maintain your session, and provide personalized content.
Mobile App:
-
Local Storage: We use local device storage (AsyncStorage on React Native) to:
- Store your login session
- Save your shopping cart
- Remember your preferences
- Cache app data for offline functionality
-
Cookies: When you access our website through the app's WebView, we use the same cookies as the website for session management and functionality.
You can clear app data through your device settings if you wish to remove locally stored information.
14. Location Services
Important: We do NOT use GPS or precise location services.
We only collect approximate location data derived from your IP address, which provides:
-
Country
-
Region/State
-
City (approximate)
This information is used to:
-
Show relevant shipping options and prices
-
Display location-appropriate content
-
Comply with regional regulations
We do NOT track your precise location, movement, or real-time position.
15. Policy Changes
We may update this Privacy Policy to reflect changes in legislation, improvements to our services, or new features in our mobile applications. In case of significant changes, we will inform you by:
-
Email (if you have an account)
-
Push notification (if enabled)
-
Notice on our website or within the app
We encourage you to review this Privacy Policy periodically.
16. Contact Information
For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:
Email: support@gst3d.eu
Subject Line: "Privacy Policy Inquiry" or "GDPR Rights Request"
Address: GST3D Holding BV, Av. de Sant Julià, 187, 08403 Granollers, Barcelona, Spain
Response Time: We will respond to your inquiries within 30 days as required by GDPR.
Last updated: 15 April 2025
App Version: 2.30
Effective Date: This policy applies to all users of GST3D mobile applications (iOS and Android) and website as of the date above.
