Free Shipping on all Mystery Boxxes

Privacy Statement (ZA)

This privacy statement was last updated on October 14, 2024 and applies to citizens and legal permanent residents of South Africa.

In this privacy statement, we explain what we do with the data we obtain about you via https://galaxyboxx.co.za. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:

  • we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
  • we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
  • we first request your explicit consent to process your personal data in cases requiring your consent;
  • we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
  • we respect your right to access your personal data or have it corrected or deleted, at your request.

If you have any questions, or want to know exactly what data we keep of you, please contact us.

1. Purpose, data and retention period

We may collect or receive personal information for a number of purposes connected with our business operations which may include the following: (click to expand)

2. What if you don't provide us with your personal information?

If you don’t provide us with your personal information, we may not be able to provide you with the information, products or assistance that you are seeking.

3. Cookies

Our website uses cookies. For more information about cookies, please refer to our Cookie Policy

4. Disclosure practices

We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.

If our website or organisation is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.

5. Security

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorised access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.

The security measures we use consist of:

  • Vulnerability Detection
  • (START)TLS / SSL / DANE Encryption
  • DKIM, SPF, DMARC and other specific DNS settings
  • Login Security
  • HTTP Strict Transport Security and related Security Headers and Browser Policies
  • Website Hardening/Security Features
  • Security measures of hardware that contain, or process personal data.

6. Third-party websites

This privacy statement does not apply to third-party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.

7. Amendments to this privacy statement

We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.

8. Accessing and modifying your data

If you have any questions or want to know which personal data we have about you, please contact us. You can contact us by using the information below. You have the following rights:

  • You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
  • Right of access: You have the right to access your personal data that is known to us.
  • Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
  • If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
  • Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.

Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person.

9. Submitting a complaint

If you are not satisfied with the way in which we handle (a complaint about) the processing of your personal data, you have the right to submit a complaint to the Information Regulator South Africa:
P.O Box 31533,
Braamfontein,
Johannesburg,
2017
Complaints email:[email protected]

10. Children

Our website is not designed to attract children and it is not our intent to collect personal data from children under the age of consent in their country of residence. We therefore request that children under the age of consent do not submit any personal data to us.

11. Contact details

Galaxy Boxx Pty Ltd
Bryanston, Johannesburg
South Africa
Website: https://galaxyboxx.co.za
Email: info@galaxyboxx.co.za

We have appointed a contact person for the organization’s policies and practices and to whom complaints or inquiries can be forwarded:
E V Rooyen
27 Ebury Ave, Bryanston.

Annex

WooCommerce

This sample language includes the basics around what personal data your store may be collecting, storing and sharing, as well as who may have access to that data. Depending on what settings are enabled and which additional plugins are used, the specific information shared by your store will vary. We recommend consulting with a lawyer when deciding what information to disclose on your privacy policy.

We collect information about you during the checkout process on our store.

What we collect and store

While you visit our site, we’ll track:

  • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
  • Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!

We’ll also use cookies to keep track of cart contents while you’re browsing our site.

Note: you may want to further detail your cookie policy, and link to that section from here.

When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:

  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings
  • Send you marketing messages, if you choose to receive them

If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for XXX years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.

We will also store comments or reviews, if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.

Our team members have access to this information to help fulfill orders, process refunds and support you.

What we share with others

In this section you should list who you’re sharing data with, and for what purpose. This could include, but may not be limited to, analytics, marketing, payment gateways, shipping providers, and third party embeds.

We share information with third parties who help us provide our orders and store services to you; for example —

Payments

In this subsection you should list which third party payment processors you’re using to take payments on your store since these may handle customer data. We’ve included PayPal as an example, but you should remove this if you’re not using PayPal.

We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.

Please see the PayPal Privacy Policy for more details.

WP Mail Logging

When you use this site several actions (e.g. commenting) trigger the dispatch of emails. They contain information about you associated with your email address. Which data are part of these emails depends on the action performed. These emails are stored and accessible to the site management as log.

Solid Security

What personal data we collect and why we collect it

Cookies

Suggested text: A cookie named “itsec_interstitial_browser” is created to track a user’s login process to implement enhanced security features.

Suggested text: Visiting the login page sets a temporary cookie that aids compatibility with some alternate login methods. This cookie contains no personal data and expires after 1 hour.

Security Logs

Suggested text: The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 60 days.

Who we share your data with

When running Security Check, solidwp.com will be contacted as part of a process to determine if the site supports TLS/SSL requests. No personal data is sent to solidwp.com as part of this process. Requests to solidwp.com include the site’s URL. For solidwp.com privacy policy details, please see the SolidWP Privacy Policy.

Suggested text: This site is scanned for potential malware and vulnerabilities by the SolidWP Site Scanner. We do not send personal information to the scanner; however, the scanner could find personal information posted publicly (such as in comments) during the scan.

How long we retain your data

Suggested text: Security logs are retained for 60 days.

Where we send your data

Suggested text: This site is part of a network of sites that protect against distributed brute force attacks. To enable this protection, the IP address of visitors attempting to log into the site is shared with a service provided by solidwp.com. For privacy policy details, please see the SolidWP Privacy Policy.

Payfast

By using this extension, you may be storing personal data or sharing data with an external service. Learn more about how this works, including what you may want to include in your privacy policy.

Really Simple SSL

Really Simple SSL and Really Simple SSL add-ons do not process any personal identifiable information, so the GDPR does not apply to these plugins or usage of these plugins on your website. You can find our privacy policy here.