8
Longrail Billiards
Legal · v1.0
Legal

Privacy Policy

Effective: 4 May 2026  ·  Last updated: 4 May 2026
The Data Controller
Trading name
Longrail Billiards
Legal entity
Aksiro DOOEL Skopje (Друштво за промет и услуги АКСИРО ПДОО Скопје)
Registration №
EMBS 7931700
Registered office
Chedomir Kantardziev 3, 1000 Skopje – Kisela Voda, Republic of North Macedonia
Privacy contact
support@longrailbilliards.com

This Privacy Policy explains how Aksiro DOOEL Skopje, trading as Longrail Billiards ("we", "us", "our"), collects, uses, stores, and shares personal data when you use our website at longrailbilliards.com, complete the Player Assessment, or purchase a digital report (together, the "Service").

We are the data controller for the personal data we collect about you. We process personal data in accordance with the Macedonian Law on Personal Data Protection and, where it applies to you because of your residence in the European Economic Area or the United Kingdom, the EU General Data Protection Regulation (GDPR) and the UK GDPR.

1.What we collect

We collect the following categories of personal data:

Category Examples Source
Identity & contact Name, email address, country, city/club You — at submission
Assessment answers Your responses to the 50 questions: profile, self-rating, diagnostic, match behaviour, practice You — during the assessment
Optional supporting content Video links you provide (break, long pot, match), free-text notes, external profile links (FargoRate, CueScore, Billiardon, other) You — at submission, optional
Traffic & referral data UTM parameters from the URL (source, medium, campaign, content, term) and document referrer Your browser — automatic
Transaction data (Long Rail Report only) Payment confirmation reference and paid amount, received from our payment gateway (CaSys AD Skopje). We do not receive your card number. CaSys AD Skopje
Communications Emails you send us, support requests, replies to our nurture sequence You

We do not intentionally collect special-category data (such as health data, racial or ethnic origin, religious beliefs, or biometric data). We do not collect payment-card details — card details are entered on the CaSys-hosted payment page and never reach our systems.

2.How we use your data & legal bases

Purpose Data used Legal basis (GDPR Art. 6)
Generating & delivering your free teaser report Identity, assessment answers, optional content Performance of a contract (Art. 6(1)(b)) — you requested the report
Generating & delivering the Long Rail Report Identity, assessment answers, optional content, transaction data Performance of a contract (Art. 6(1)(b))
Sending follow-up emails about your assessment (nurture sequence on days 2, 5, 8, 12, 16, 21, 28 after submission) Identity, assessment summary Legitimate interests (Art. 6(1)(f)) — delivering the value you signed up for; you can opt out of every email
Improving our scoring system & question library (in aggregated, anonymised form only) Assessment answers, traffic source Legitimate interests (Art. 6(1)(f))
Marketing analytics (which channels bring users) UTM parameters, country Legitimate interests (Art. 6(1)(f))
Compliance with legal & tax obligations Transaction data, identity (where required) Legal obligation (Art. 6(1)(c))
Defending or bringing legal claims Any relevant data Legitimate interests (Art. 6(1)(f))

3.Automated decision-making

Your assessment answers are scored by software using a defined rule set, which produces your archetype, weakest domain, red flags, and recommended drills. These outputs inform the report you receive. This is automated processing, but it does not produce legal effects or similarly significant effects on you within the meaning of GDPR Article 22 — the report is informational and educational. You may contact us at any time to request a human re-review of your report's findings.

4.Who we share your data with

We share personal data only with the third parties listed below, and only to the extent necessary for the stated purpose:

Recipient Purpose Location
Google LLC / Google Ireland Limited (Google Workspace, Apps Script, Sheets, Gmail) Storage of submissions, automated processing, email delivery EU & USA (Standard Contractual Clauses)
CaSys AD Skopje (cPay) and Komercijalna Banka AD Skopje (Long Rail Report only) Card payment processing and acquiring Republic of North Macedonia
Our hosting / domain provider Serving the website and email infrastructure EU/EEA
Tax authorities & auditors Where required by law Republic of North Macedonia

We do not sell your personal data, share it with advertising networks, or use it to build profiles for advertising purposes.

5.International transfers

Some of our service providers (notably Google) process data on servers located outside North Macedonia, the EEA, or the UK. Where such transfers occur, we rely on appropriate safeguards — typically the European Commission's Standard Contractual Clauses and, where the UK GDPR applies, the UK International Data Transfer Addendum — to ensure your data continues to receive an essentially equivalent level of protection.

6.How long we keep your data

You may ask us to delete your data earlier — see Section 7 below.

7.Your rights

Subject to the conditions in applicable data protection law, you have the right to:

To exercise any of these rights, email us at support@longrailbilliards.com. We will respond within 30 days (or sooner where required by applicable law). We may need to verify your identity before acting on a request.

8.How we keep your data secure

We apply technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These include access controls on the spreadsheet and Apps Script project, secure transport (HTTPS) for all submissions, two-factor authentication on administrator accounts, and use of vetted enterprise providers (Google, CaSys).

No method of electronic transmission or storage is 100% secure. If we ever become aware of a personal-data breach affecting you, we will notify you and the relevant supervisory authority within the timeframes required by law.

9.Cookies & tracking

The Site uses Google Analytics 4 to measure how the Site is used, and the Meta Pixel to measure the performance of our advertising and to build advertising audiences. Both services set cookies or similar identifiers in your browser and process data under their own privacy policies. We capture UTM parameters and the referrer URL when you arrive; these are stored alongside your submission and used for marketing analytics.

Google and CaSys may set their own cookies on their own pages (for example the cPay payment page). Their use is governed by their respective privacy and cookie notices.

10.Children

The Service is intended for users aged 18 or over. We do not knowingly collect personal data from children under 16. If we learn that we have collected such data without verified parental consent, we will delete it.

11.Supervisory authorities

If you believe our handling of your personal data infringes the law, you can complain to the supervisory authority in your country. The lead authority for our processing is:

Agency for Personal Data Protection of the Republic of North Macedonia
(Агенција за заштита на личните податоци)
azlp.mk

If you are in the EU, you may also complain to the data protection authority in your country of residence. If you are in the UK, you may complain to the Information Commissioner's Office (ico.org.uk).

12.Changes to this policy

We may update this Privacy Policy from time to time to reflect changes to our processing or legal obligations. The "Last updated" date at the top tells you when the current version took effect. For material changes, we will notify users by email where we have your contact details.

13.Contact

For privacy questions, requests to exercise rights, or any other matter under this policy, contact:

Aksiro DOOEL Skopje (trading as Longrail Billiards)
Chedomir Kantardziev 3, 1000 Skopje – Kisela Voda
Republic of North Macedonia
Email: support@longrailbilliards.com