Privacy Policy
- Trading name
- Longrail Billiards
- Legal entity
- Aksiro DOOEL Skopje (Друштво за промет и услуги АКСИРО ПДОО Скопје)
- Registration №
- EMBS 7931700
- Registered office
- Chedomir Kantardziev 3, 1000 Skopje – Kisela Voda, Republic of North Macedonia
- Privacy contact
- [email protected]
This Privacy Policy explains how Aksiro DOOEL Skopje, trading as Longrail Billiards ("we", "us", "our"), collects, uses, stores, and shares personal data when you use our website at longrailbilliards.com, complete the Player Assessment, or purchase a digital report (together, the "Service").
We are the data controller for the personal data we collect about you. We process personal data in accordance with the Macedonian Law on Personal Data Protection and, where it applies to you because of your residence in the European Economic Area or the United Kingdom, the EU General Data Protection Regulation (GDPR) and the UK GDPR.
1.What we collect
We collect the following categories of personal data:
| Category | Examples | Source |
|---|---|---|
| Identity & contact | Name, email address, country, city/club | You — at submission |
| Assessment answers | Your responses to the 50 questions: profile, self-rating, diagnostic, match behaviour, practice | You — during the assessment |
| Optional supporting content | Video links you provide (break, long pot, match), free-text notes, external profile links (FargoRate, CueScore, Billiardon, other) | You — at submission, optional |
| Traffic & referral data | UTM parameters from the URL (source, medium, campaign, content, term) and document referrer | Your browser — automatic |
| Transaction data (Long Rail Report only) | Payment confirmation reference, billing country (collected by Paddle and shared with us in summarised form) | Paddle.com Market Limited |
| Communications | Emails you send us, support requests, replies to our nurture sequence | You |
We do not intentionally collect special-category data (such as health data, racial or ethnic origin, religious beliefs, or biometric data). We do not collect payment-card details — those are handled by Paddle directly and never reach our systems.
2.How we use your data & legal bases
| Purpose | Data used | Legal basis (GDPR Art. 6) |
|---|---|---|
| Generating & delivering your free teaser report | Identity, assessment answers, optional content | Performance of a contract (Art. 6(1)(b)) — you requested the report |
| Generating & delivering the Long Rail Report | Identity, assessment answers, optional content, transaction data | Performance of a contract (Art. 6(1)(b)) |
| Sending follow-up emails about your assessment (nurture sequence on days 2, 5, 8, 12, 16, 21, 28 after submission) | Identity, assessment summary | Legitimate interests (Art. 6(1)(f)) — delivering the value you signed up for; you can opt out of every email |
| Improving our scoring system & question library (in aggregated, anonymised form only) | Assessment answers, traffic source | Legitimate interests (Art. 6(1)(f)) |
| Marketing analytics (which channels bring users) | UTM parameters, country | Legitimate interests (Art. 6(1)(f)) |
| Compliance with legal & tax obligations | Transaction data, identity (where required) | Legal obligation (Art. 6(1)(c)) |
| Defending or bringing legal claims | Any relevant data | Legitimate interests (Art. 6(1)(f)) |
3.Automated decision-making
Your assessment answers are scored by software using a defined rule set, which produces your archetype, weakest domain, red flags, and recommended drills. These outputs inform the report you receive. This is automated processing, but it does not produce legal effects or similarly significant effects on you within the meaning of GDPR Article 22 — the report is informational and educational. You may contact us at any time to request a human re-review of your report's findings.
4.Who we share your data with
We share personal data only with the third parties listed below, and only to the extent necessary for the stated purpose:
| Recipient | Purpose | Location |
|---|---|---|
| Google LLC / Google Ireland Limited (Google Workspace, Apps Script, Sheets, Gmail) | Storage of submissions, automated processing, email delivery | EU & USA (Standard Contractual Clauses) |
| Paddle.com Market Limited (Long Rail Report only) | Merchant of record — payment processing, invoicing, sales tax, refund handling | UK & EU; transfers under SCCs and UK IDTA where applicable |
| Our hosting / domain provider | Serving the website and email infrastructure | EU/EEA |
| Tax authorities & auditors | Where required by law | Republic of North Macedonia |
We do not sell your personal data, share it with advertising networks, or use it to build profiles for advertising purposes.
5.International transfers
Some of our service providers (notably Google) process data on servers located outside North Macedonia, the EEA, or the UK. Where such transfers occur, we rely on appropriate safeguards — typically the European Commission's Standard Contractual Clauses and, where the UK GDPR applies, the UK International Data Transfer Addendum — to ensure your data continues to receive an essentially equivalent level of protection.
6.How long we keep your data
- Assessment submissions and reports: retained for up to 36 months from your last interaction, so we can re-issue or follow up on your report. After this period, identifying fields are deleted and only fully anonymised data may be retained for product improvement.
- Email correspondence: retained for up to 24 months after the last message.
- Transaction records (Long Rail Report purchases): retained for the period required by Macedonian tax and accounting law (currently 10 years).
- Marketing analytics: retained in aggregated, non-identifying form indefinitely.
You may ask us to delete your data earlier — see Section 7 below.
7.Your rights
Subject to the conditions in applicable data protection law, you have the right to:
- Access the personal data we hold about you.
- Rectify inaccurate or incomplete data.
- Erase your data ("right to be forgotten") where we no longer have a lawful basis to retain it.
- Restrict our processing of your data in certain circumstances.
- Object to processing carried out on the basis of legitimate interests, including marketing follow-ups.
- Receive your data in portable form and have it transferred to another controller where technically feasible.
- Withdraw consent at any time, where processing is based on consent (without affecting the lawfulness of past processing).
- Lodge a complaint with a supervisory authority — see Section 11 below.
To exercise any of these rights, email us at [email protected]. We will respond within 30 days (or sooner where required by applicable law). We may need to verify your identity before acting on a request.
8.How we keep your data secure
We apply technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These include access controls on the spreadsheet and Apps Script project, secure transport (HTTPS) for all submissions, two-factor authentication on administrator accounts, and use of vetted enterprise providers (Google, Paddle).
No method of electronic transmission or storage is 100% secure. If we ever become aware of a personal-data breach affecting you, we will notify you and the relevant supervisory authority within the timeframes required by law.
9.Cookies & tracking
The Site itself uses only what is strictly necessary to function. We do not currently use third-party advertising cookies, fingerprinting, or cross-site tracking. We capture UTM parameters from the URL when you arrive and the referrer URL of the site you came from — these are stored alongside your submission and are used for marketing analytics. They are not stored in browser cookies.
Google Workspace and Paddle may set their own cookies on their own pages (e.g. the Paddle checkout window). Their use is governed by their respective privacy and cookie notices.
10.Children
The Service is intended for users aged 18 or over. We do not knowingly collect personal data from children under 16. If we learn that we have collected such data without verified parental consent, we will delete it.
11.Supervisory authorities
If you believe our handling of your personal data infringes the law, you can complain to the supervisory authority in your country. The lead authority for our processing is:
Agency for Personal Data Protection of the Republic of North Macedonia
(Агенција за заштита на личните податоци)
azlp.mk
If you are in the EU, you may also complain to the data protection authority in your country of residence. If you are in the UK, you may complain to the Information Commissioner's Office (ico.org.uk).
12.Changes to this policy
We may update this Privacy Policy from time to time to reflect changes to our processing or legal obligations. The "Last updated" date at the top tells you when the current version took effect. For material changes, we will notify users by email where we have your contact details.
13.Contact
For privacy questions, requests to exercise rights, or any other matter under this policy, contact:
Aksiro DOOEL Skopje (trading as Longrail Billiards)
Chedomir Kantardziev 3, 1000 Skopje – Kisela Voda
Republic of North Macedonia
Email: [email protected]