Privacy Policy

1.1 Who We Are

This Privacy Policy describes how GL Trading Solutions LLC, doing business as REGISTRO-FDA.US (“we,” “us,” “our”), collects, uses, discloses, and protects personal information when you visit mocra-registration.com (the “Website”) or use our private cosmetics compliance support services (the “Services”).

Our business address is 66 W Flagler St, 9th Floor, Suite 922, Miami, FL 33130, United States.

1.2 Scope and Purpose of Processing

We process personal and business information as reasonably necessary to:

• evaluate, prepare, and support cosmetic facility registration and product listing submissions under the Modernization of Cosmetics Regulation Act of 2022 (MoCRA);
• provide U.S. Agent support for foreign cosmetic facilities when included in a purchased plan;
• communicate with you about your matter, follow-up items, renewals, billing, and support requests;
• process payments, prevent fraud, maintain records, and enforce our agreements;
• operate, secure, troubleshoot, and improve the Website and related customer experience.

1.3 Information We Collect

Depending on how you interact with us, we may collect the following categories of information:

• Identity and contact information: name, company name, job title, email address, phone number, WhatsApp number, and mailing address;
• Business and regulatory information: facility details, product categories, product label information, ingredient information you provide, FDA-related identifiers, and related submission data;
• Transaction information: order details, payment status, invoice data, and limited payment-related metadata provided by our payment processor;
• Communications: emails, chat messages, support messages, appointment details, and documents you submit to us;
• Technical and usage information: IP address, browser type, device information, approximate location, referral source, pages viewed, form submissions, session events, and security-related logs.

We do not store complete payment card numbers or CVV codes on our own servers. Card payments are processed by third-party payment processors such as Stripe.

1.4 Sources of Information

We collect information directly from you, automatically through your use of the Website, and from service providers that help us operate the Website, process payments, schedule appointments, secure forms, host the Website, and manage customer communications.

1.5 Legal Bases for Processing

Where applicable law requires a legal basis for processing, we rely on one or more of the following:

• Contract performance: to provide the Services you request or purchase;
• Legal obligation: to maintain records, respond to lawful requests, and comply with applicable legal or regulatory duties;
• Legitimate interests: to operate and secure the Website, prevent fraud, communicate with clients, improve service quality, and maintain business records;
• Consent: when required for certain cookies, marketing communications, or optional features.

1.6 How We Use Information

We may use personal information to:

• provide, administer, and support the Services;
• review your matter and prepare submissions based on the information you provide;
• send service-related communications, reminders, confirmations, and support replies;
• process and document transactions;
• analyze Website usage and improve design, performance, and conversion flows;
• detect, investigate, and prevent fraud, abuse, unauthorized access, and security incidents;
• comply with legal obligations and resolve disputes.

1.7 Cookies, Analytics, and Similar Technologies

We and our service providers may use cookies, pixels, tags, scripts, and similar technologies to operate the Website, remember preferences, measure traffic, improve marketing performance, protect forms, and understand how visitors interact with our pages and checkout flows.

Depending on the tools enabled on the Website from time to time, this may include website hosting and security providers, analytics and tag management providers, customer messaging tools, scheduling systems, and payment processors. Where required by applicable law, non-essential cookies or similar technologies will be used only after the required notice or consent mechanism is presented.

You can control many cookies through your browser settings. Disabling some technologies may affect portions of Website functionality.

1.8 Disclosure of Information

We may disclose information to trusted service providers and partners only as reasonably necessary to operate the Website and provide the Services, including categories such as:

• payment processors, such as Stripe;
• CRM, communications, scheduling, form, and support providers, such as Zoho-related services;
• hosting, security, anti-bot, CDN, and infrastructure providers;
• analytics, tag management, and advertising measurement providers, if enabled on the Website;
• government or regulatory authorities when submission, disclosure, or cooperation is required for the Services or by law.

We do not sell personal information for money. We also do not knowingly share personal information for third-party cross-context behavioral advertising except to the extent a tool you choose to interact with on the Website technically involves such processing, in which case we will seek to provide the disclosures required by applicable law.

1.9 International Transfers

Our Services are offered internationally. Your information may be transferred to and processed in the United States or other countries where we or our service providers operate. Where required by applicable law, we use reasonable contractual, technical, and organizational safeguards designed to protect personal information transferred across borders.

1.10 Data Retention

We retain personal information for as long as reasonably necessary to provide the Services, maintain appropriate business and regulatory records, resolve disputes, enforce our agreements, and comply with applicable law. Unless a longer retention period is required or justified, client matter records may be retained for up to five (5) years after the end of the business relationship, and certain accounting or tax-related records may be retained longer where required by law.

1.11 Data Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information against unauthorized access, loss, misuse, or alteration. These measures may include encrypted transmission, access controls, backup practices, fraud prevention tools, and vendor-based security controls. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

1.12 Your Privacy Rights

For All Users

Subject to applicable law and legitimate exceptions, you may have the right to request access to, correction of, deletion of, or restriction of certain personal information we hold about you, and to withdraw consent where processing is based on consent.

For EEA, UK, and Similar Jurisdictions

You may also have the right to object to certain processing activities and request portability of personal data you provided to us, where applicable.

For California Residents

California residents may have rights to know, access, correct, delete, and limit certain uses of personal information, as provided by California law, subject to exceptions.

How to Exercise Rights

To submit a privacy request, please contact us at [email protected] with the subject line Privacy Request. We may need to verify your identity before processing a request. We may deny or limit a request where retention or processing is permitted or required by law, contract, fraud prevention, dispute resolution, or legitimate business recordkeeping.

1.13 Children’s Privacy

The Website and Services are not directed to children under 18 years of age. We do not knowingly collect personal information from children under 18. If you believe a minor has provided us with personal information, please contact us so we can review and take appropriate action.

1.14 Third-Party Websites and Services

The Website may contain links to third-party websites, embedded content, checkout pages, booking pages, or messaging channels. Those third parties maintain their own terms and privacy practices, and we are not responsible for their independent policies or content.

1.15 Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes become effective when posted on this page unless otherwise stated. The “Last Updated” date reflects the most recent revision.

1.16 Contact Us About Privacy