Privacy Policy (GDPR Compliant)

Effective Date: January 2026

1. Introduction

Welcome to Gotripcar (https://uotoma.com). We respect your privacy and are committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR). This policy explains how we handle your data when you visit our blog or purchase from our shopping mall.

2. Legal Basis for Data Processing

Under GDPR, we process your data based on the following legal grounds:

• Consent: When you subscribe to newsletters or accept cookies.
• Contract: When processing is necessary to fulfill your shop orders.
• Legitimate Interests: To improve our services, analyze traffic, and ensure site security.

3. Data We Collect & How We Use It

• Shopping Mall Data: When you buy products, we collect your name, email, shipping/billing address, and phone number to fulfill the contract. Payment info is processed via secure encrypted gateways (Stripe/PayPal); we never see your full card details.
• Media & Comments: If you upload images, please ensure they do not contain embedded location data (EXIF GPS). If you leave a comment, your IP address and browser string are collected to help spam detection.
• Embedded Content: Articles may include videos (YouTube, etc.). These third-party sites may collect data, use cookies, and monitor your interaction with that embedded content.

4. Cookie Policy & Consent Management

We use cookies to enhance your experience and serve personalized ads via Google AdSense.

• Strictly Necessary Cookies: Required for shopping cart functionality and site security.
• Analytical/Marketing Cookies: Used to understand visitor behavior.

Note to EU Users: We use a Cookie Consent Banner. You have the right to opt-out of non-essential cookies at any time.

5. International Data Transfers

As a global platform, your data may be transferred to and processed in countries outside the European Economic Area (EEA), such as South Korea or the United States (where our servers or partners like Google are located). We ensure these transfers are protected by Standard Contractual Clauses (SCCs) or similar legal safeguards.

6. Your GDPR Rights

If you are a resident of the EEA, you have the following rights:

• Access & Portability: Request a copy of your data in a machine-readable format.
• Rectification & Erasure: Request to correct or “be forgotten” (delete your data).
• Withdraw Consent: Revoke your consent for marketing at any time.
• Lodge a Complaint: You have the right to complain to a Data Protection Authority.

7. Data Retention

• Order Information: Kept as long as necessary for tax and accounting purposes (typically 5-10 years depending on local laws).
• Analytics Data: Generally anonymized or deleted after 26 months.

8. Contact Information

For any data-related inquiries or to exercise your rights, please contact our Data Controller:

• Email: qwe6973@proton.me
• Data Privacy Officer: Gotripcar Team