Privacy Policy

Privacy Policy (UK) — Aly KhairuddinLtd / RECLAIM Global Effective date: 3 June 2026

This Privacy Policy explains how Aly Khairuddin Ltd trading as RECLAIM Global (“we”, “us”, “our”) collects, uses, stores and shares personal data when you visit our website at alykhairuddin.com, purchase our products or services (including digital products), contact us, or interact with our advertising. We are committed to protecting your personal data and handling it responsibly in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. 1) Who we are (Data Controller) and how to contact us Data controller: [Business Legal Name] (trading as [Trading Name]). Registered/operating address: [Full postal address]. Privacy contact email: [[email protected]]. If you have any questions about this Privacy Policy or want to exercise your rights, please contact us using the details above.

2) The personal data we collect We may collect and process the following categories of personal data: a) Identity and contact data: name, email address, phone number, billing address and/or delivery address (if applicable). b) Transaction and purchase data: records of products/services you purchased, timestamps, purchase amounts, and basic payment status information. c) Payment data: payments are processed by Stripe. We do not typically store full card details. Stripe may collect card details and other payment identifiers directly from you in order to process your payment. d) Account/CRM data: notes or information you provide during onboarding, customer support interactions, preferences, and service delivery details you choose to share. e) Communications: emails, messages, form submissions, and any information you provide when you contact us. f) Marketing and engagement data: email open/click data (where supported by our email/CRM provider), subscription status, and marketing preferences. g) Technical and usage data: IP address, device identifiers, browser type, pages visited, and interactions with ads where collected via cookies/pixels/tags (including Google Ads). 3) How we collect your personal data We collect personal data in the following ways: a) Directly from you: when you purchase, subscribe, complete a form, request support, or otherwise contact us. b) Automatically: when you browse our site or interact with our ads using cookies and similar technologies (subject to your cookie choices). c) From service providers: such as Stripe (payment confirmations), our email/CRM provider (campaign delivery and engagement), and Google (ad measurement).

4) How we use your personal data and our lawful bases We only use your personal data where the law allows us to. Under UK GDPR, the lawful bases we rely on include: Contract, Legal obligation, Legitimate interests, and Consent (where required). We use your data for the purposes below: a) To provide products and services (Contract): process orders, deliver digital content, provide coaching/services, manage bookings, and provide customer support. b) To take payments and prevent fraud (Contract / Legitimate interests): confirm payments, manage chargebacks/disputes, and reduce fraudulent transactions. c) To send transactional communications (Contract): purchase confirmations, service notices, and important updates about your order. d) To send marketing communications (Consent or Legitimate interests depending on context and applicable rules): newsletters, offers and content updates. You can opt out at any time. e) To improve our website and services (Legitimate interests): understand usage patterns, troubleshoot issues, and improve content and user experience. f) To comply with legal obligations (Legal obligation): tax and accounting requirements and responding to lawful requests from regulators or authorities.

5) Marketing communications If you opt in (or where permitted, if you have purchased from us and we market similar products/services), we may send you marketing emails. You can unsubscribe at any time by using the unsubscribe link in any marketing email or by contacting us at [[email protected]]. Even if you opt out of marketing, we may still send you service-related or transactional messages (for example, purchase confirmations or important service updates).

6) Payments — Stripe We use Stripe to process payments. When you pay, your payment details are handled securely by Stripe in accordance with their security and privacy practices. We receive confirmation of payment and certain transaction details (such as amount, date/time, and a payment reference). We do not typically receive or store full card numbers. Stripe may process personal data as an independent controller and/or processor depending on the circumstances. You can read Stripe’s Privacy Policy here: https://stripe.com/gb/privacy

7) Email marketing & CRM We use an email/CRM platform (“Email/CRM Provider”) to manage subscriptions, customer communications, and service delivery. This may involve storing your name, email address, purchase history, and records of communications with us. It may also include email engagement metrics (e.g., opens and clicks) to help us understand what content is helpful and to improve communications. Email/CRM Provider: [Provider name]. You can update your preferences or unsubscribe at any time using the links in our emails or by contacting us.

8) Advertising — Google Ads We use Google Ads to promote our services and to measure advertising performance. Depending on your cookie choices and our configuration, this may include conversion tracking and/or remarketing. Google may use cookies or similar technologies to help understand when someone has taken actions after seeing an ad (for example, a purchase or sign-up). If we use remarketing, this may allow us to show ads to people who have previously visited our website. You can learn more about how Google uses data and how to control ad personalisation via Google’s resources: https://policies.google.com/technologies/ads and https://adssettings.google.com/ Cookie notice: If our site uses non-essential cookies for advertising/measurement, we will request your consent via a cookie banner and you can change your preferences at any time. We recommend publishing a separate Cookie Policy

9) Who we share your personal data with We may share your personal data with trusted third parties where necessary to run our business, including: a) Payment processing: Stripe. b) Email marketing & CRM: [Provider name]. c) Advertising and measurement: Google (Google Ads). d) Website/IT and hosting providers: [Hosting/website provider]. e) Professional advisers where needed: accountants, insurers, legal advisers. We only share the minimum information necessary and require service providers to protect your data.

10) International transfers Some of our service providers may process personal data outside the UK. Where personal data is transferred internationally, we use appropriate safeguards such as UK adequacy regulations, the UK International Data Transfer Agreement (IDTA), and/or standard contractual clauses (as applicable) to help protect your data.

11) Data retention (how long we keep your data) We keep personal data only for as long as necessary for the purposes described in this Privacy Policy, including legal, accounting, or reporting requirements. Typical retention may include: a) Purchase and invoicing records: retained for [e.g., 6 years] to comply with tax/accounting obligations. b) Marketing records: retained until you unsubscribe/withdraw consent, or until we decide the data is no longer needed (for example, after a period of inactivity). c) Customer support communications: retained for a reasonable period to manage queries and improve service quality.

12) Security We take appropriate technical and organisational measures to protect your personal data from loss, misuse, unauthorised access, disclosure, alteration, or destruction. However, no system can be guaranteed 100% secure. If you believe your interaction with us is no longer secure, please contact us immediately at [[email protected]].

13) Your rights under UK GDPR You have rights in relation to your personal data, including: a) The right to access your personal data. b) The right to rectification (correct inaccurate or incomplete data). c) The right to erasure (in certain circumstances). d) The right to restrict processing (in certain circumstances). e) The right to data portability (in certain circumstances). f) The right to object to processing (in certain circumstances, including direct marketing). g) The right to withdraw consent at any time where we rely on consent. To exercise your rights, contact us at [[email protected]]. We may need to verify your identity before responding.

14) Complaints If you have concerns about our use of your personal data, please contact us first so we can try to resolve it. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO): https://ico.org.uk/

15) Children’s privacy Our services and content are not intended for children and we do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can take appropriate steps to delete it.

16) Changes to this Privacy Policy We may update this Privacy Policy from time to time to reflect changes in legal requirements or how we operate. We will post the updated version on our website and update the “Effective date” at the top of this policy