Privacy policy
1. What Personal Data We Collect
We collect the following personal data:
• Email address (for order processing and communication)
• Name (for order personalization)
• Payment information (processed securely by our payment provider – we do not store full card details)
• IP address and browsing data (for analytics and security)
• Device information (browser type, operating system)
We collect this data when you:
• Create an account or place an order
• Subscribe to our newsletter
• Contact us via the contact form
• Browse our website (via cookies)
2. How We Use Your Data
We use your personal data to:
• Process and fulfill your orders
• Send order confirmations and digital products
• Communicate with you about your orders
• Send marketing communications (only if you consent)
• Improve our website and services
• Prevent fraud and ensure security
• Comply with legal obligations
3. Legal Basis for Processing (GDPR)
We process your personal data based on:
• Contract performance (to fulfill your order)
• Your consent (for marketing communications)
• Our legitimate interest (for analytics and security)
• Legal obligation (for tax and accounting purposes)
4. Data Sharing and Third Parties
We may share your data with:
• Payment processors (e.g., Stripe, Shopify Payments) – for secure payment processing
• Email service providers – for transactional emails
• Analytics providers – for website optimization
• Legal authorities – when required by law
We NEVER sell your personal data to third parties. All partners are contractually bound to protect your data.
5. Cookies
We use the following cookies:
• Essential cookies – required for the website to function
• Analytics cookies – help us understand how you use our site
• Marketing cookies – used to deliver relevant advertisements
You can manage your cookie preferences in the privacy panel available on our website and in your browser settings. Disabling certain cookies may affect website functionality.
6. Data Retention
We retain your personal data for:
• Order data: 5 years (required by US tax law)
• Marketing data: Until you unsubscribe
• Analytics data: 26 months
• Account data: Until account deletion
After the retention period, data is securely deleted or anonymized.
7. Your Rights
Under GDPR, you have the right to:
• Access your personal data
• Rectify inaccurate data
• Erase your data (“right to be forgotten”)
• Restrict processing
• Data portability
• Object to processing
• Withdraw consent at any time
To exercise these rights, contact us at drop49736@gmail.com. We respond within 30 days.
8. Data Security
We implement industry-standard security measures:
• SSL/TLS encryption for all data transmission
• Secure password hashing (bcrypt)
• Regular security audits
• Access controls and authentication
• Encrypted database storage
However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.
9. International Data Transfers
Your data may be transferred to countries outside the EEA (e.g., US-based analytics providers). We ensure appropriate safeguards are in place:
• Standard Contractual Clauses (SCCs)
• Data Processing Agreements
• GDPR-compliant services with EU data centers
10. Children’s Privacy
Our services are not directed to individuals under 18. We do not knowingly collect data from children. If you believe a child has provided us with personal data, contact us immediately.
11. Changes to This Policy
We may update this Privacy Policy from time to time. The “Last updated” date indicates the latest revision. We will notify you of material changes via email or site notification.
12. Contact Us
For any questions about this Privacy Policy or your personal data, contact us:
Email: drop4336@gmail.com