CAPTAINCYBERCHAMP.COM
Privacy Policy
Operated by Hackersjack Inc.
Effective Date: 23rd March 2026. | Last Updated: 26th March 2026
Welcome to captaincyberchamp.com (the "Website"), operated by Hackersjack Inc. ("we", "us", or "our"). This Website is a merchandise store for parents and adults purchasing KinderCyber branded products. We are committed to protecting your personal information and being transparent about how we use it.
This Privacy Policy explains what information we collect when you visit or purchase from our Website, how we use it, who we share it with, and what rights you have. Please read it carefully.
Contact us at any time: privacy@captaincyberchamp.co
1. Information We Collect
We collect personal information in the following ways when you use our Website.
1.1 Information You Give Us Directly
When you place an order, create an account, or contact us, you provide us with:
|
INFORMATION |
WHEN IT IS COLLECTED |
|
Full name |
When creating an account or placing an order |
|
Email address |
Account registration, order confirmation, newsletter signup |
|
Delivery address |
When placing an order |
|
Phone number (optional) |
If provided for delivery updates |
|
Payment information |
At checkout - processed securely by our payment provider; we do not store card details |
|
Order history |
When you purchase from us |
|
Messages you send us |
When you contact us via email or contact form |
1.2 Information Collected Automatically
When you visit our Website, we automatically collect certain technical information through cookies and server logs:
• IP address (used for security and broad geographic region detection)
• Browser type and version
• Device type (desktop, mobile, tablet)
• Pages you visit and time spent on them
• The website that referred you to us
• Date and time of your visit
This information is used to keep our Website secure, diagnose technical problems, and understand how visitors use our site in aggregate. See Section 4 for full details on our use of cookies.
1.3 Information from Third Parties
If you connect a social media account or pay through a third-party payment service, we may receive limited information from those services, such as your name and email address, consistent with their privacy policies and your privacy settings.
2. How We Use Your Information
We use your personal information only for the purposes described below. We will not use your information for any other purpose without your prior consent.
|
PURPOSE |
DETAILS |
LEGAL BASIS (GDPR) |
|
Process and fulfil your order |
Confirm payment, arrange shipping, send order updates |
Performance of contract |
|
Manage your account |
Allow you to view orders, update details, manage preferences |
Performance of contract |
|
Customer service |
Respond to your questions and resolve issues |
Performance of contract / Legitimate interests |
|
Send marketing emails |
Only if you have opted in - with easy unsubscribe at any time |
Consent |
|
Improve our Website |
Analyse anonymised traffic data to improve user experience |
Legitimate interests |
|
Fraud prevention and security |
Detect and prevent fraudulent transactions and protect our systems |
Legitimate interests / Legal obligation |
|
Legal compliance |
Meet our obligations under tax, consumer, and privacy law |
Legal obligation |
|
Shipping and delivery |
Pass your delivery address and name to our fulfilment partner |
Performance of contract |
Marketing communications: We will only send you marketing emails if you have opted in when creating an account or at checkout. You can unsubscribe at any time using the link at the bottom of any email or by contacting us at privacy@captaincyberchamp.com.
3. Legal Bases for Processing (GDPR)
If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data under the following legal bases set out in the GDPR and UK GDPR:
• Performance of a contract: processing necessary to fulfil your order or manage your account.
• Legal obligation: processing required to comply with tax, consumer protection, or other applicable laws.
• Legitimate interests: processing where we have a genuine business reason that does not override your interests, such as improving our Website, fraud prevention, and customer service record-keeping.
• Consent: where you have actively opted in, such as subscribing to our marketing emails. You may withdraw consent at any time.
If you have a question about the specific legal basis, we rely on for any particular processing activity, please contact us at privacy@captaincyberchamp.com.
4. Cookies
Cookies are small text files stored on your device when you visit a website. We use cookies to make our Website work, to remember your preferences, and to understand how visitors use our site.
4.1 Cookies We Use
|
TYPE |
EXAMPLES |
DURATION |
PURPOSE |
|
Strictly necessary |
Session ID, cart cookie, security token |
Session or up to 24 hours |
Keep your shopping cart working, maintain your logged-in session, and protect the site from malicious requests. Cannot be disabled. |
|
Functional |
Language preference, currency preference |
Up to 12 months |
Remember your preferences so you do not have to re-enter them on each visit. |
|
Analytics |
Google Analytics (anonymised) |
Up to 13 months |
Understand how visitors use our Website in aggregate. IP addresses are anonymised. No individual identification. |
|
Marketing (optional) |
Email marketing tracking pixel |
Up to 12 months |
Measure the effectiveness of our email campaigns if you have opted into marketing. Only set with your consent. |
4.2 Managing Your Cookie Preferences
When you first visit our Website, you will be shown a cookie banner. You may accept all cookies or manage your preferences. You can update your preferences at any time by clicking the 'Cookie Settings' link in the footer of our Website.
You can also control cookies through your browser settings. Note that disabling strictly necessary cookies will prevent the shopping cart and checkout from working correctly.
To manage cookies in your browser, visit:
• Google Chrome: Settings > Privacy and Security > Cookies
• Safari: Settings > Safari > Privacy and Security
• Firefox: Options > Privacy and Security
• Edge: Settings > Cookies and Site Permissions
4.3 Google Analytics
We use Google Analytics to understand website traffic in an anonymised, aggregated form. We have configured Google Analytics with IP anonymisation enabled, meaning your full IP address is never stored or processed by Google Analytics. You can opt out of Google Analytics across all websites by installing the Google Analytics Opt-out Browser Add-on at tools.google.com/dlpage/gaoptout.
5. Sharing Your Information
We do not sell your personal information. We share it only in the limited circumstances described below.
5.1 Service Providers
We share personal information with trusted third-party providers who help us run our business. All service providers are contractually required to keep your information confidential, use it only to provide services to us, and maintain appropriate security measures.
|
SERVICE PROVIDER CATEGORY |
INFORMATION SHARED |
PURPOSE |
|
Payment processor (e.g. Stripe, PayPal) |
Order total and transaction reference. We do not pass full card details - these go directly to the payment processor. |
Secure payment processing |
|
Fulfilment and shipping partner |
Your name, delivery address, order details, and phone number if provided |
Picking, packing, and delivering your order |
|
Print-on-demand supplier (e.g. Printify) |
Name, delivery address, order details |
Manufacturing and shipping print-on-demand merchandise |
|
Email marketing platform (e.g. Klaviyo) |
Email address and name (only if you have opted into marketing) |
Sending order confirmations and marketing emails |
|
Website hosting provider |
Server logs and technical data |
Hosting and serving the Website |
|
Analytics provider |
Anonymised usage data |
Website analytics |
5.2 Legal Requirements
We may disclose your personal information if required to do so by law, a court order, or a request from a government or law enforcement authority, or where we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
5.3 Business Transfers
If we sell, merge, or transfer all or part of our business, your personal information may be transferred as part of that transaction. We will notify you by email and/or a prominent notice on our Website before your information is transferred and becomes subject to a different privacy policy.
5.4 With Your Consent
We may share your information with other third parties where you have given us your explicit consent to do so.
6. International Data Transfers
Our Website serves customers globally, including from Australia, the European Union, the United Kingdom, and the United States. As a result, your personal information may be transferred to and processed in countries outside your own.
6.1 Transfers from the EU and UK
Where we transfer personal data from the EU or UK to countries outside the EEA or UK that are not subject to an adequacy decision, we use appropriate safeguards including:
• EU Standard Contractual Clauses (SCCs) approved by the European Commission.
• UK International Data Transfer Agreements (IDTAs) approved by the ICO.
• Transfers to countries that have received an adequacy decision from the European Commission or UK Government.
To request a copy of the safeguards we apply to international transfers, contact us at privacy@captaincyberchamp.com.
6.2 Australia
Where personal data is transferred to or from Australia, we comply with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Before transferring your data overseas, we take reasonable steps to ensure the overseas recipient handles your information in a manner consistent with the APPs.
6.3 United States
We do not rely on the EU-US Privacy Framework as a sole transfer mechanism. Where data is transferred to US-based service providers, we rely on SCCs or IDTAs as described above.
7. How Long We Keep Your Data
We keep your personal information only for as long as necessary to fulfil the purpose it was collected for, or as required by law. The following retention periods apply:
|
DATA CATEGORY |
RETENTION PERIOD |
REASON |
|
Order records (name, address, items purchased) |
7 years from purchase date |
Tax and accounting obligations under Australian law and international standards |
|
Account information |
Duration of account plus 2 years after last login |
Allow account reactivation; legal record-keeping |
|
Payment records (transaction reference only) |
7 years |
Tax and accounting obligations |
|
Customer service communications |
3 years from date of correspondence |
Record of support interactions in case of disputes |
|
Marketing consent records |
Until you unsubscribe plus 3 years |
Evidence of consent for regulatory compliance |
|
Analytics data (anonymised) |
13 months |
Industry standard for web analytics |
|
Server logs |
90 days |
Security and fraud detection |
|
Deleted account data |
30 days in backup systems then permanently deleted |
Backup recovery window |
When your data reaches the end of its retention period, we will securely delete or anonymise it. If you request deletion before the end of the retention period, we will delete what we are permitted to delete by law and explain any data we are required to retain.
8. Your Privacy Rights
Depending on where you are located, you have a number of rights regarding your personal information. We take these rights seriously and will respond to all requests promptly.
8.1 Rights for EU and UK Residents (GDPR and UK GDPR)
|
YOUR RIGHT |
WHAT IT MEANS |
|
Access |
Request a copy of the personal information we hold about you. |
|
Rectification |
Ask us to correct inaccurate or incomplete information. |
|
Erasure |
Ask us to delete your personal information where we no longer have a lawful basis to hold it. |
|
Restriction |
Ask us to restrict how we process your information while a dispute is resolved. |
|
Portability |
Receive your personal information in a structured, machine-readable format and transfer it to another provider. |
|
Object |
Object to processing based on our legitimate interests, including direct marketing. |
|
Withdraw consent |
Where we process based on consent, withdraw it at any time without affecting prior processing. |
To exercise any of these rights, email privacy@captaincyberchamp.com with the subject line 'Privacy Rights Request'. We will respond within 30 days. We may ask you to verify your identity before processing your request.
If you are not satisfied with our response, you have the right to complain to your local supervisory authority:
• UK: Information Commissioner's Office (ICO) - ico.org.uk
• EU: Your national data protection authority - a full list is at edpb.europa.eu
8.2 Rights for Australian Residents (Australian Privacy Act)
Under the Australian Privacy Act 1988 and the Australian Privacy Principles, you have the right to:
• Access the personal information we hold about you;
• Request correction of information that is inaccurate, out of date, incomplete, irrelevant, or misleading;
• Make a complaint about how we have handled your personal information.
To exercise these rights, contact us at privacy@captaincyberchamp.com. We will respond within 30 days. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
8.3 Rights for California Residents (CCPA / CPRA)
California residents have the right to:
• Know what personal information we collect, use, share, or sell;
• Delete personal information we hold (subject to certain legal exceptions);
• Correct inaccurate personal information;
• Opt out of the sale or sharing of personal information (we do not sell personal information);
• Non-discrimination for exercising any privacy right.
To submit a California privacy request, email privacy@captaincyberchamp.com with the subject 'California Privacy Request'. We will respond within 45 days.
8.4 Unsubscribing from Marketing
You can unsubscribe from our marketing emails at any time by clicking the unsubscribe link in any email we send, or by emailing privacy@captaincyberchamp.com. We will action all unsubscribe requests within 5 business days.
9. Data Security
We take reasonable and appropriate steps to protect your personal information from loss, misuse, unauthorised access, disclosure, alteration, and destruction.
Our security measures include:
• SSL/TLS encryption for all data transmitted between your browser and our Website (look for the padlock in your browser address bar);
• Secure, encrypted storage of personal data;
• Payment card information is processed directly by our PCI-DSS compliant payment provider - we never see or store your full card number;
• Access to personal data restricted to authorised staff only;
• Regular review of our security practices.
While we work hard to protect your information, no method of transmission over the internet or electronic storage is completely secure. If you have reason to believe your interaction with us is no longer secure, please notify us immediately at privacy@captaincyberchamp.com.
In the event of a data breach that is likely to affect your rights or interests, we will notify you and any applicable supervisory authority as required by law.
10. Children's Privacy
Our merchandise Website is intended for use by adults, particularly parents and guardians purchasing products for their children. We do not knowingly collect personal information directly from children under the age of 13.
If you are a parent or guardian and believe your child under 13 has provided us with personal information without your consent, please contact us at privacy@captaincyberchamp.com and we will promptly delete that information.
The KinderCyber educational content featuring Capt. CyberChamp is delivered through our YouTube channel and other platforms, not through this merchandise Website. Those platforms have their own privacy policies and terms of service.
11. Third-Party Links
Our Website may contain links to third-party websites including our social media pages, YouTube channel, and partner sites. When you click a link and leave our Website, this Privacy Policy no longer applies. We are not responsible for the privacy practices of other websites and encourage you to read their privacy policies before providing any personal information.
Our social media pages are hosted on platforms including YouTube, TikTok, Instagram, and Facebook. Your interactions on those platforms are governed by their respective privacy policies.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we do, we will:
• Update the 'Last Updated' date at the top of this page;
• Post a notice on our Website for at least 14 days if the changes are material;
• Where required by law, notify you by email if the changes significantly affect how we use your personal information.
Your continued use of the Website after any changes take effect means you accept the updated Privacy Policy. We encourage you to review this page periodically. Previous versions are available upon request.
13. How to Contact Us
If you have any questions about this Privacy Policy, how we handle your personal information, or wish to exercise any of your privacy rights, please get in touch:
|
CONTACT TYPE |
DETAILS |
|
General privacy queries |
privacy@captaincyberchamp.com |
|
Rights requests (access, deletion, etc.) |
privacy@captaincyberchamp.com - subject: Privacy Rights Request |
|
Marketing unsubscribe |
privacy@captaincyberchamp.com - subject: Unsubscribe |
|
Security concerns or data breaches |
privacy@captaincyberchamp.com - subject: Security Concern |
|
Postal address |
Hackersjack Inc., [INSERT BUSINESS ADDRESS] |
|
Response time |
We aim to respond to all enquiries within 5 business days |
We will always try to resolve your concern directly. If you are not satisfied with our response, you have the right to contact your relevant supervisory authority as described in Section 8.
(c) 2026 Hackersjack Inc. | captaincyberchamp.com | privacy@captaincyberchamp.com
.