0

Privacy Policy

Overview

We are committed to protecting the privacy and security of visitors and customers. This page explains what personal information we collect, how it is used, when it may be shared, and the technical and organizational measures we use to protect sensitive data such as payment card details and contact information. Using our website indicates your consent to the practices described here.

Personal information we collect

To provide products and services we may collect the following categories of personal information:

  • Identity & account information: name, username, email address, date of birth (where provided), and account credentials when you create an account.
  • Contact & fulfillment information: billing and shipping addresses, phone number and delivery instructions used to process and deliver orders.
  • Payment information: card number, expiration date, billing address and other payment details submitted at checkout. See Payment Security below for retention and processing details.
  • Order & transaction records: order history, items purchased, transaction identifiers and related fulfillment data.
  • Device & usage data: IP address, browser type, device identifiers, operating system, referring URLs, pages visited, search queries and other analytics collected via cookies and similar technologies.
  • Communications: records of correspondence with customer service, chat transcripts and feedback you provide.

How we use personal information

We process personal data for legitimate business purposes including:

  • Processing orders, payments, returns and exchanges;
  • Verifying identity, preventing fraud and improving transactional security;
  • Communicating order confirmations, shipping notices and customer service responses;
  • Personalizing product recommendations and website experience where allowed;
  • Delivering marketing communications when you have opted in, and enabling opt-out choices;
  • Analyzing site performance, troubleshooting technical issues and improving products and services;
  • Complying with legal obligations and protecting our rights and systems.

Payment security and card data protection

Protecting payment data is a high priority. Our practices include:

  • Third-party, PCI-compliant processors: Card transactions are handled by reputable, PCI DSS-compliant payment processors. Payment details entered at checkout are transmitted directly to these providers over secure channels.
  • No storage of full card numbers: We do not retain full payment card numbers on our systems unless explicitly disclosed at the time of payment. When possible, we store only masked card details (for example, last four digits) or payment tokens issued by processors to facilitate refunds or future payments.
  • Tokenization: Where available, tokenization is used so that sensitive credentials are replaced with non-sensitive tokens for recurring transactions or saved payment methods.
  • Encryption in transit and at rest: All pages that collect personal or payment data use TLS/HTTPS to encrypt data in transit. Sensitive information and backups are encrypted at rest where applicable and access to encryption keys is restricted.
  • Access controls: Access to payment and personal data is limited to authorized personnel on a need-to-know basis and protected by multi-factor authentication and strong credential policies.

Cookies, tracking and analytics

We and our partners use cookies and similar technologies to enable core site functions, remember preferences, prevent fraud and provide analytics and personalized content. You can manage cookie preferences through your browser and the consent controls we provide. Disabling some cookies may affect site functionality or your shopping experience.

Sharing and disclosure

Personal information may be shared in limited circumstances:

  • Service providers: Third-party vendors who perform services on our behalf (payment processors, fulfillment partners, carriers, cloud hosting, analytics and email services) and who are contractually required to protect your data.
  • Legal & safety reasons: When required by law, regulation or legal process, or to respond to lawful requests from public authorities; to protect the rights, property or safety of our company, users or the public.
  • Business transfers: In the event of a merger, acquisition, financing or sale of assets, personal data may be transferred as part of that transaction under confidentiality protections.
  • Aggregated or anonymized information: We may share non-identifying summaries or aggregated statistics for analytics, research or marketing purposes.

Data retention and minimization

We limit collection to what is necessary for specified purposes and retain personal information only as long as required to perform those services, comply with legal obligations, resolve disputes and enforce agreements. When personal data is no longer needed, we securely delete, destroy or anonymize it in accordance with applicable laws and internal policies.

Access controls and internal security

Internal safeguards include role-based access controls, multi-factor authentication for privileged accounts, regular access reviews, logging and monitoring, and contractual security requirements for vendors who process personal data on our behalf. Personnel receive training in data protection and incident reporting.

International transfers

Personal information may be processed in countries other than the one in which you reside. When data is transferred across borders, we use lawful transfer mechanisms such as standard contractual clauses, adequacy decisions or other safeguards required by applicable privacy laws to provide an adequate level of protection.

Your rights and choices

Depending on your jurisdiction, you may have rights to access, correct, update, export, restrict or delete your personal information, and to object to certain processing such as direct marketing. Account holders can manage preferences and data through their account settings. We will respond to verified requests in accordance with applicable law and may require verification before fulfilling certain requests.

Children and age restrictions

Our services are not directed to children under the age of 16 unless a different minimum age is required by local law. We do not knowingly collect personal information from children below the applicable minimum age. If we learn that we have collected personal data from a child without appropriate consent, we will take steps to delete that information as required by law.

Security incidents and breach notification

We maintain an incident response program to detect, contain and investigate security events. In the unlikely event of a confirmed data breach affecting personal information, we will follow applicable notification requirements and coordinate with authorities and affected individuals as mandated by law.

Changes to these practices

We may update these practices to reflect changes in our operations or legal requirements. Material changes will be posted on the website with an updated effective date. Continued use of the site after changes indicates acceptance of the revised terms.

For questions about how your personal information is processed or to exercise your available rights, please use the support or account tools provided on the website.