Gidi Square Logo

Privacy Policy

Last Updated: March 01, 2025

Gidisquare Limited ("we," "us," or "our") operates an online marketplace offering products and services accessible on-the-go. We are committed to protecting your privacy and ensuring compliance with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information when you use our website, mobile application, or services (collectively, the "Platform").

Our registered office is located at 263 Princess Road, Manchester, England, M14 7LZ. You may contact us regarding any questions or concerns about this Privacy Policy at support@gidisquare.co.uk.

1. Information We Collect


We collect personal information to provide and improve our services. The types of personal information we may collect include:
  • Identity and Contact Information: First name, last name, email address, phone number, and, for Service Providers (Sellers), additional verification data such as government-issued identification (e.g., passport, driving licence) and proof of address (e.g., utility bill).
  • Location Information: Address, State, Province, ZIP/Postal code, City, and geolocation data (if permitted by your device settings).
  • Social Media Profile Information: Data obtained when you connect via features such as "Connect with Facebook" or "Sign In With Twitter" (e.g., username, profile details).
  • User-Generated Content: Pictures, text (e.g., product descriptions, review or other materials you upload to the Platform to list goods, services, communicate with users.
  • Payment Information: Transaction details processed through third-party payment providers (Stripe and PayPal); we do not store your full payment card details.
  • Non-Personal Data: Usage statistics (e.g., pages visited, time spent), device information (e.g., IP address, operating system), and analytics data to enhance your experience on the Platform.


2. How We Collect Your Information


We collect personal information in the following ways:
  • Directly from You:
    • When you register an account, providing your name, email, and contact details.
    • During identity verification for Service Providers, where you submit ID documents and address proof.
    • When you place an order, upload User Content (e.g., product photos), or contact us via the Platform or email.
  • Automatically: Through cookies, analytics tools (e.g., Google Analytics), and tracking technologies when you interact with the Platform, capturing usage data and device details.
  • From Third Parties:
    • Social media platforms (e.g., Facebook, Twitter) when you use social login features.
    • Payment processors (Stripe and PayPal) for transaction details.
    • Verification service providers assisting with identity checks for Service Providers.


3. Legal Basis for Processing (GDPR Compliance)


Under the UK GDPR, we process your personal information based on the following legal grounds:
  • Consent: Where you have provided explicit consent (e.g., for location data, marketing communications, or sharing User Content publicly).
  • Contractual Necessity: To fulfill our obligations under a contract with you (e.g., processing orders, payouts, or enabling account creation and content uploads).
  • Legitimate Interests: For purposes such as fraud prevention, verifying Service Provider identities, improving our services, operating the Platform with User Content, or direct marketing, provided your rights do not override these interests.
  • Legal Obligation: To comply with applicable laws, regulations, or court orders (e.g., retaining verification data for tax or anti-fraud purposes).


4. How We Use Your Information


We use your personal information to:
  • Facilitate Account Creation and Verification: Process registration data and verify Service Providers’ identities using submitted ID and address details to ensure Platform trust and security.
  • Enable Transactions and Payouts: Manage orders and disburse Seller payouts via Stripe and PayPal using payment and contact information.
  • Deliver Products and Services: Support the listing, buying, and selling of goods/services, including shipping coordination by Sellers within England and Wales.
  • Handle User Content: Display, store, and distribute User Content (e.g., product photos, descriptions) to operate the marketplace, personalize listings, and promote the Platform (e.g., in marketing materials).
  • Communicate with You: Send updates about orders, account status, or customer support responses via email or in-app notifications.
  • Personalize Your Experience: Use data like location or usage patterns to provide tailored recommendations or content.
  • Analyze and Improve: Assess usage trends, device data, and User Content engagement to enhance Platform functionality and user experience.
  • Send Marketing Communications: Deliver promotional offers (where consented) using your contact details.
  • Ensure Compliance and Safety: Verify identities, monitor User Content for policy violations (e.g., Child Safety Policy), and protect against fraud or misuse.


5. Disclosure of Personal Information to Third Parties


We may share your personal information with:
  • Affiliates: Our parent company, subsidiaries, or related entities.
  • Third-Party Service Providers: Entities assisting us in operating the Platform, including:
    • IT service providers, data storage, hosting, and server providers (e.g., cloud services for storing User Content).
    • Analytics providers (e.g., Google Analytics), ad networks, and error logging services.
    • Maintenance and problem-solving providers.
    • Marketing and professional advisory services.
    • Payment systems operators (e.g., Stripe and PayPal for transactions).
    • Identity verification providers (e.g., to process Service Provider ID checks).
  • Employees and Contractors: Our staff or related entities involved in delivering services, including content moderation.
  • Business Partners: Existing or potential agents or partners for operational purposes.
  • Legal and Regulatory Bodies:
    • You fail to pay for goods or services we facilitate.
    • Required by law or in connection with legal proceedings (e.g., sharing verification data).
    • Necessary to establish, exercise, or defend our legal rights.
  • Third-Party Assistants: Agents or subcontractors aiding in service delivery or marketing.
  • Data Processors: Third parties collecting and processing data on our behalf (e.g., verification or analytics firms).
  • Business Transfers: An entity that acquires all or substantially all of our assets or business.

We ensure that any third party receiving your data adheres to UK GDPR requirements through contractual agreements, such as Standard Contractual Clauses (SCCs) for international transfers.

6. Third-Party Links and Services


The Platform may contain links to third-party websites or services not operated by Gidisquare Limited (e.g., Stripe, PayPal). This Privacy Policy does not apply to those third parties, and we are not responsible for their data practices. We encourage you to review their privacy policies.

7. User Generated Content


If you upload pictures, text, or other content to the Platform, it may be visible to other users depending on your privacy settings (e.g., public listings vs. private messages). We use this content as outlined in Section 4 and may share it with service providers (e.g., cloud storage) to operate the Platform. We are not responsible for how other users use this content once shared. Exercise caution when uploading personal or sensitive information.

8. International Data Transfers


As a UK-based company, your data is primarily processed within the UK or the European Economic Area (EEA). However, some service providers (e.g., Stripe, PayPal, or verification firms) may be located outside these regions, such as in the United States. When transferring data internationally, we ensure compliance with UK GDPR through:
  • Use of Standard Contractual Clauses (SCCs).
  • Verification of adequate data protection safeguards in the recipient country.


9. Security of Your Personal Information


We take reasonable technical and organizational measures to protect your personal information—including verification data and User Content—from unauthorized access, loss, misuse, or alteration. These measures include encryption, secure servers, and access controls. However, no system is entirely secure, and we cannot guarantee absolute protection against all risks.

10. Your Rights Under GDPR


As a data subject under UK GDPR, you have the following rights:
  • Access: Request a copy of your personal data, including verification records or User Content.
  • Rectification: Correct inaccurate or incomplete data (e.g., outdated address or name).
  • Erasure: Request deletion of your data ("right to be forgotten"), though we may retain verification data or User Content for legal purposes (e.g., tax records).
  • Restriction: Limit how we process your data.
  • Portability: Receive your data (e.g., account info, transaction history) in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests (e.g., marketing) or content use.
  • Withdraw Consent: Revoke consent at any time where processing relies on it (e.g., marketing emails).

To exercise these rights, contact us at support@gidisquare.co.uk. We will respond within one month, thoughmonths for complex requests. You may also lodge aCommissioner’s Office (ICO) at www.ico.org.uk.

11. Retention of Personal Information


We retain your personal information only as long as necessary to fulfill the purposes outlined in this Policy, comply with legal obligations, or resolve disputes. For example:
  • Account Data: Kept while your account is active and for 7 years after closure for tax and audit purposes.
  • Verification Data: Retained for 7 years post-account termination to comply with UK financial and anti-fraud regulations.
  • User Content: Stored while relevant to active listings or transactions, and potentially longer if used in marketing (unless you request removal, subject to legal retention needs).
  • Transaction Data: Kept for 7 years to meet UK financial regulations.

Data no longer needed is securely deleted or anonymized.

12. Changes to This Privacy Policy


We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The updated version will be posted on the Platform with the “Last Updated” date revised. We encourage you to review this Policy periodically.

13. Contact Us


For any questions, concerns, or requests regarding your personal information or this Privacy Policy, please reach out to:

Gidisquare Limited

263 Princess Road, Manchester, England, M14 7LZ

Email: support@gidisquare.co.uk