Who I Am

I am Paulo Goode, a type designer based in Ireland. My website address is: https://paulogoode.com.

What Personal Data I Collect and Why I Collect It

I collect personal data solely to operate this website, provide type design services, respond to enquiries, and process font purchases through WooCommerce. All data processing complies with the General Data Protection Regulation (GDPR) and other applicable laws. The lawful bases for processing include your consent (e.g., for newsletters), performance of a contract (e.g., order fulfilment), and legitimate interests (e.g., site analytics and fraud prevention).

• Contact Forms If you contact me via a form on this website and opt to join my newsletter, your name and email address are added to a system powered by MailChimp. You must confirm your subscription via an email sent by MailChimp. I use your contact details only to respond to your enquiry and/or send your free chosen font. Initial communications are via email only.
• Customer Accounts and Orders (WooCommerce) When you create an account, place an order, or purchase fonts, I collect your name, email address, billing address, and order details (including purchased items). This information is required to process and fulfil your order, provide customer support, handle refunds/disputes, and comply with legal obligations (e.g., tax and accounting). Payment card details are not stored on my servers.
• Payments I offer the following payment methods, each handled by secure third-party processors. I share only the minimum necessary data with them to complete your transaction:
  • WooPayments (powered by Stripe): Supports credit/debit cards, Apple Pay, and Google Pay. Customer details required for payment processing (e.g., name, billing address, email, transaction amount) are passed to Stripe. Stripe acts as the payment processor and does not share full card details with me.
  • PayPal: When paying via PayPal, relevant order and customer information (e.g., name, email, billing/shipping details, purchase amount) is shared with PayPal to facilitate the transaction.
• Embedded Content Pages on this site may include embedded content (e.g., videos or images). This content may behave as though you visited the third-party site directly, potentially collecting data about you, using cookies, or tracking interactions.
• Analytics This website uses StatCounter to collect anonymised information about visits (e.g., pages viewed, referral sources, device type). This helps me improve the site without identifying individuals.

Cookies

Cookies improve your experience on the site. You can manage them through your browser settings.

• Essential & Functional Cookies — Used for site functionality, such as remembering your login status. WooCommerce sets session cookies (e.g., cart contents, checkout security) that expire at the end of your session or after a short period.
• Analytics Cookies — StatCounter sets cookies (expiring within 18 months) to measure site usage.
• Third-Party Cookies — MailChimp (for forms/newsletters), Stripe/WooPayments, and PayPal may set cookies during checkout or interactions. Google ReCaptcha may be used on occasion as a fraud prevention measure at the checkout. These are necessary for payment processing and require your consent where applicable.

Who I Share Your Data With

I share data only where necessary and with appropriate safeguards:

• MailChimp (newsletters) → MailChimp Privacy Policy
• StatCounter (analytics) → StatCounter Privacy Policy
• Stripe (via WooPayments) → Stripe Privacy Policy
• PayPal → PayPal Privacy Policy
• Legal authorities, if required by law (e.g., tax or fraud investigations).

Data may be transferred outside the EU/EEA (e.g., to the United States). Where this occurs, I rely on appropriate safeguards such as Standard Contractual Clauses.

How Long I Retain Your Data

• User account information: Until you request deletion.
• Order data: Up to 7 years (legal/tax requirements), then anonymised or deleted.
• Newsletter subscriptions: Until you unsubscribe.
• Analytics data: Up to 18 months.

What Rights You Have Over Your Data

Under GDPR you have the right to:

• Access your personal data
• Rectify inaccurate data
• Erase data (subject to legal retention obligations)
• Restrict or object to processing
• Data portability
• Withdraw consent (where processing is based on consent)

To exercise these rights, contact me by email. I will respond within one month. You also have the right to lodge a complaint with the Irish Data Protection Commission.

Data Security

I use technical and organisational measures to protect your data (e.g., secure hosting, encryption for transactions). In the unlikely event of a data breach, I will notify affected individuals and the relevant authorities within 72 hours, as required by GDPR.

Changes to This Privacy Policy

I may update this policy from time to time. Changes will be posted here with the revision date. Continued use of the website after changes constitutes acceptance.

Last updated: 12 January 2026

For any questions, to exercise your rights, or for more information, please write to me at contact (at) paulogoode.com.