Data Protection Policy

Data Protection Policy

Last updated: 20 March 2026

1. Introduction

Garage Floor Flake (“Garage Floor Flake,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal information. This Privacy & Data Protection Policy explains how we collect, use, disclose, and safeguard information when you visit our website, amazinggaragefloors.com (the “Site”), make a purchase, or interact with our marketing and communications.

By using our Site or providing information to us, you agree to the practices described in this Policy, in addition to our Terms of Use and other posted policies. If you do not agree, you should not use our Site or services.

2. Information We Collect

We may collect the following categories of personal information when you interact with us or use the Site:

  • Contact information: Name, email address, phone number, billing address, shipping address.

  • Account and order information: Account login details (if you create an account), order history, products purchased, invoices, support requests.

  • Payment‑related information: Payment method type and limited billing details; full card details are processed by Stripe and not stored by us.

  • Marketing and communication data: Form submissions, inquiries, communication preferences, marketing consent status, and interactions with our emails and campaigns.

  • Technical and usage data: IP address, browser type and version, device identifiers, operating system, pages visited, time spent on pages, referring URLs, and other diagnostic data collected via cookies and similar technologies.

  • User‑generated content: Reviews, testimonials, and any other information you choose to submit through forms or communication channels.

We collect information directly from you, automatically when you use the Site, and from certain third parties (for example, payment processors, analytics, advertising, and marketing platforms).

3. How We Use Your Information

We use personal information for the following purposes:

  • To process, fulfill, and manage orders, including payment, shipping, returns, and customer support.

  • To create and manage your account (if applicable), including order history and saved details.

  • To send transactional communications such as order confirmations, invoices, shipping updates, and policy notifications.

  • To send marketing and promotional communications (email, SMS, or other channels), where permitted by law and your preferences.

  • To manage customer relationships, respond to inquiries, and provide product information and support.

  • To operate, maintain, secure, and improve our Site, products, and services, including analytics, performance monitoring, and troubleshooting.

  • To detect, prevent, and address fraud, abuse, security incidents, and other harmful or unlawful activity.

  • To comply with legal, regulatory, tax, and accounting obligations and to enforce our Terms of Use and other policies.

Where privacy laws require a legal basis (for example, GDPR‑style frameworks), we rely on one or more of the following:

  • Performance of a contract: Processing your orders and providing services you request.

  • Legitimate interests: Operating and improving our business and Site, communicating with you as a customer, preventing fraud and misuse.

  • Legal obligations: Meeting tax, accounting, regulatory, and other legal requirements.

  • Consent: For certain marketing communications and non‑essential cookies/trackers, depending on your jurisdiction.

You may withdraw consent for marketing at any time via the unsubscribe link in our emails or by contacting us.

5. Data Sharing and Service Providers

We do not sell your personal information. We may share it with trusted third parties who process data on our behalf or support our business operations, under contracts that limit their use to our purposes. These include:

5.1 Go High Level (HighLevel)

We use Go High Level as our CRM and marketing automation platform. Your contact details, communication history, form submissions, and marketing preferences may be stored and processed within Go High Level so we can manage leads and customers, respond to inquiries, and send marketing and follow‑up communications where permitted.

5.2 Stripe

We use Stripe as our secure payment processor. When you provide payment details on our Site, your card information is transmitted directly to Stripe over an encrypted connection. Stripe processes payment data in accordance with PCI‑DSS and its own security and privacy practices. We do not store full payment card numbers on our systems; we receive limited transaction details to confirm and manage your orders, refunds, and billing.

5.3 Shipping, Professional, and Other Partners

We may share information with:

  • Shipping carriers and logistics partners to deliver orders and handle returns.

  • Professional advisers (such as lawyers, accountants, and auditors) as needed for business and compliance.​

  • Government authorities, regulators, law enforcement, or other third parties where required by law, legal process, or to protect our rights or safety and that of others.

If we are involved in a merger, acquisition, or sale of all or part of our business, your information may be transferred as part of that transaction, subject to appropriate safeguards.​

6. Cookies, Analytics, and Tracking Technologies

We use cookies and similar technologies to operate our Site, remember your preferences, understand usage, and improve performance and marketing. Cookies are small data files stored on your device that help us recognize your browser and certain behaviors.

6.1 Types of Cookies We May Use

  • Strictly necessary cookies: Required for core functionality (e.g., shopping cart, secure checkout, basic security).

  • Performance/analytics cookies: Help us understand how visitors use the Site (e.g., pages visited, time on site) so we can improve user experience.

  • Preference cookies: Remember your settings and choices.

  • Marketing/tracking cookies: Used to measure campaign effectiveness and, where applicable, to tailor advertising and follow‑ups.

6.2 Google Analytics

We use Google Analytics to collect and analyze information about how visitors use our Site, such as pages visited, time spent, and how users arrive at the Site. Google Analytics may collect your IP address, device information, and on‑site activities and provides aggregated statistics to us. You can learn more about how Google uses data at its “How Google uses cookies” and related pages and may opt out of Google Analytics with the Google Analytics opt‑out browser add‑on where available.

6.3 Meta Pixel (Facebook Pixel)

We use Meta Pixel to help measure the effectiveness of our advertising, understand actions visitors take on our Site, and build audiences for future ads. Meta may use this information (together with its own data) to show you more relevant ads across its platforms and network, in line with Meta’s own privacy policies.

6.4 Microsoft Clarity

We use Microsoft Clarity to gain insights into how users interact with our Site through anonymized or pseudonymized session recordings, heatmaps, and usage analytics. Clarity may collect data such as page views, clicks, scrolls, and device/browser information, in accordance with Microsoft’s privacy practices, to help us improve usability and performance.​

6.5 Managing Cookies and Tracking

These third parties may set their own cookies or use similar technologies and may independently collect and process information according to their own privacy policies. Where required by law, we will request your consent before placing non‑essential analytics or marketing cookies and provide options to manage your preferences. You can also manage or delete cookies through your browser settings; however, disabling certain cookies may affect Site functionality and performance.

7. Marketing Communications

If you provide your contact information and opt in (where required), we may send you marketing communications about products, promotions, offers, and updates via email, SMS, or other channels.

  • You can unsubscribe from marketing emails at any time by clicking the “unsubscribe” link in those emails or by contacting us.

  • If we send SMS/text marketing, you may opt out by following the instructions in the messages.

  • Even if you opt out of marketing, we may still send you non‑marketing communications related to your orders, account, or ongoing business relationship.

8. Data Security

We implement reasonable technical and organizational measures to protect personal information from unauthorized access, loss, misuse, or disclosure. These may include access controls, secure systems, and limiting access to data to personnel and service providers who need it for legitimate business purposes.

Stripe uses PCI‑DSS‑compliant security measures for payment processing, and Go High Level maintains its own security controls and compliance programs for CRM and marketing data. While no method of transmission or storage is completely secure, we strive to protect your information in a commercially reasonable manner.

9. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes described in this Policy, including:

  • Providing products and services and maintaining customer relationships.

  • Meeting legal, tax, accounting, and regulatory requirements.

  • Resolving disputes and enforcing our agreements.

When information is no longer needed, we will delete or anonymize it, subject to any legal obligations that require longer retention.

10. Your Rights and Choices

Depending on your location and applicable law (for example, GDPR, CCPA/CPRA, or similar laws), you may have some or all of the following rights regarding your personal information:

  • The right to know what personal information we collect, use, and share.

  • The right to access the personal information we hold about you.

  • The right to request correction of inaccurate or incomplete information.

  • The right to request deletion of your personal information, subject to legal and contractual limitations.

  • The right to object to or restrict certain processing, including direct marketing.

  • The right to withdraw consent where processing is based on consent.

  • In some regions, the right to data portability and to lodge a complaint with a data protection authority.

To exercise these rights, please contact us using the details in Section 13. We may request information to verify your identity before fulfilling your request.

If we ever engage in “selling” or “sharing” personal information as defined under CCPA/CPRA, we will update this Policy and provide any required “Do Not Sell or Share My Personal Information” mechanisms.

11. Children’s Privacy

Our Site and services are not directed to children under the age of 16, and we do not knowingly collect personal information from children under that age. If we become aware that we have collected information from a child under 16 without appropriate consent, we will take steps to delete it. If you believe a child has provided us with personal information, please contact us.​

12. International Data Transfers

Our use of Stripe, Go High Level, Google, Meta, Microsoft, and other service providers may involve storing or processing your information in countries outside your own, including the United States. Where required by law, we rely on appropriate safeguards (such as data privacy frameworks, standard contractual clauses, or equivalent mechanisms) used by those providers to protect transferred data.

13. Contact Information

If you have questions about this Privacy & Data Protection Policy or wish to exercise any privacy rights, please contact us using the contact information provided on the Contact page of our Site. Please include enough detail for us to understand and respond to your request.

14. Changes to This Policy

We may update this Policy from time to time to reflect changes in our practices, technologies, or legal requirements. Any updates will be posted on this page with an updated “Last updated” date. Your continued use of the Site and our services after changes are posted constitutes your acceptance of the revised Policy.