Privacy Policy

Summary

This Privacy Policy details how a standalone global shopping site collects and processes personal information from consumers during browsing and checkout. It emphasizes transparency, limited use, and strong protection of sensitive data such as credit card numbers and contact details.

Personal Information Collected

We collect basic account details (profile name, username), authentication artifacts (hashed passwords, one-time tokens), shipping and billing addresses, optional phone numbers and delivery instructions, purchase and return history, device data (IP address, browser, operating system), and usage events (click paths, search queries, cart operations). Payment processors supply transaction tokens and limited references, which we store for receipts and refunds. We do not store complete card numbers or CVV codes.

How Data Is Obtained

Data is provided by you or captured automatically via cookies, web storage, and server logs. We use security tools to collect signals that help detect fraud, such as device reputation and anomalies in order flow. We maintain clear boundaries so that only information necessary to deliver services is collected.

How We Use Personal Information

Data is used to authenticate accounts, process orders, fulfill shipments, provide receipts, operate loyalty features, prevent fraudulent transactions, troubleshoot errors, improve site performance, and personalize content. We employ purpose limitation, meaning data used for fraud detection is not repurposed to infer unrelated characteristics. Aggregation and pseudonymization are applied where detailed identity is not required.

Safeguarding Card Data

Payment details are handled through certified processors using tokenization. Embedded payment fields ensure card numbers are transmitted directly to the processor and never persist on our servers. Tokens returned by the processor—along with the last four digits and card brand—are stored to support refunds and recognizable receipts. We enforce TLS everywhere, use strict content security policies to prevent script injection into payment pages, and segregate payment configuration from other systems.

Protecting Addresses and Phone Numbers

Contact fields are encrypted at rest and masked by default in internal tools. We employ role-based permissions, periodic access reviews, and anomaly alerts for bulk access attempts. Exports that contain contact data are time-limited and automatically expire. We minimize exposure by using pseudonymous identifiers in analytics and testing environments.

Cookies and Controls

Essential cookies support login, cart persistence, and security. Functional cookies store preferences like language and currency. Analytics tools help improve site performance. You may manage non-essential cookies using on-site tools or browser settings. Limiting cookies may reduce certain features, such as saved carts.

Personalization

We personalize content based on browsing patterns, purchases, and inventory. We avoid sensitive inferences and allow you to reset personalization by clearing cookies or removing browsing history from your account where available.

Service Providers & Disclosure

We share personal information with third parties only to the extent necessary for services such as hosting, payments, fraud prevention, analytics, and shipping. Providers are contractually required to protect personal information and to use it solely for the contracted purposes. We do not sell consumer personal information.

International Processing

Data may be processed in regions outside your home country. We use recognized legal mechanisms and technical safeguards to protect personal information during cross-border transfers. Access is restricted on a need-to-know basis and is logged for audit.

Security Measures

We employ encryption in transit and at rest, secure software development practices, vulnerability management, penetration testing, and incident response procedures. Access to production data requires multi-factor authentication and is time-bound. Backups are encrypted, access-controlled, and tested for recovery.

Retention Practices

We retain personal information for as long as necessary for service delivery and compliance. Order information is retained for audits, returns, warranty, and fraud prevention. After retention periods, data is securely deleted or de-identified. Users can remove optional data fields via account tools.

User Controls

Within account settings, you can review and edit profile details, delete saved addresses, manage cookie preferences, and clear browsing history where supported. You may deactivate your account at any time; we retain only what is necessary for legal obligations and fraud prevention before secure deletion or archival.

Children’s Privacy

Our services are not directed to children who cannot legally consent. We do not knowingly collect their information. Detected ineligible accounts are removed using available site mechanisms.

Automated Decision-Making

Automated tools evaluate risk signals to prevent fraud and protect accounts. We routinely review and tune these systems for accuracy, fairness, and reduced false positives. You may correct inputs (such as address details) to influence outcomes.

External Links

Our site may reference third-party services, such as payment or shipment tracking portals. Use of those services is governed by their policies, and we recommend reviewing them for details on their data practices.

Updates

We may update this Policy to reflect changes in features or security practices. Material updates are highlighted within the site for your review.