Privacy Policy for LootGarden.com

1. Introduction

At LootGarden.com, we are committed to upholding the highest standards of privacy and data protection. We understand the importance of safeguarding your personal data and maintaining your trust. This Privacy Policy outlines how we collect, use, store, and share your information, and informs you of your rights under applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Protecting your privacy is foundational to our services, and we design our data practices with your privacy in mind.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all users of our website, lootgarden.com, and any services, tools, features, and communications associated with it (hereinafter collectively referred to as the “Platform”). Loot Garden, as the operator of lootgarden.com, is the data controller responsible for the processing of your personal data pursuant to applicable privacy laws.

3. Categories of Data Processed

We collect and process various types of data to operate, manage, and improve our services:

a) Usage Data
Includes information about your interactions with our Platform such as pages visited, time spent on pages, clickstream data, IP address, browser type and version, geographical location, referral sources, and session identifiers.

b) Account Data
Comprises personal information you provide when you create an account or interact with us, such as name, postal address, email address, and telephone number.

c) Profile Data
Includes preferences, purchase history, product interests, reviews, shopping behavior, and engagement with personalized content and offers.

d) Communication Data
Covers queries, feedback, support requests, customer service interactions, and communication logs through all contact channels.

e) Technical Data
Encompasses device type, operating system, mobile identifiers, configuration settings, language preferences, system performance metrics, and security diagnostics.

f) Transaction Data
Refers to information associated with purchases made through lootgarden.com, including payment methods (excluding full payment card numbers), billing and shipping addresses, and order history.

g) Preference Data
Captures marketing preferences, notification settings, product interests, and consent statuses related to direct communications, cookies, and advertising preferences.

4. Legal Bases for Processing

We process your personal data under the following lawful bases, as permitted under GDPR and other relevant regulatory frameworks:

– Legitimate Interests: We process certain data to enhance the functionality, performance, and security of our services, prevent fraud, and communicate product updates, provided this does not override your fundamental rights and freedoms.
– Contractual Necessity: Processing required to fulfill our contractual obligations, such as facilitating transactions and managing your account.
– Consent: Where required, we will obtain your clear and affirmative consent to process specific data, such as for email marketing or optional cookies.
– Legal Obligation: We may process data to comply with legal obligations such as tax and regulatory requirements.

5. Your Rights

As a data subject, you have the following rights under applicable privacy laws:

– Right to Access: You may request access to your personal data that we hold.
– Right to Rectification: You may request correction of inaccurate or incomplete personal data.
– Right to Erasure: You may request the deletion of your personal data, where applicable.
– Right to Restriction: You may request the limitation of data processing in certain circumstances.
– Right to Data Portability: You may request to receive your personal data in a structured, commonly used, and machine-readable format for transmission to another controller.

To exercise any of these rights, please contact us using the details provided at the end of this document.

6. Security Measures

We implement robust technical and organizational security measures to protect your personal data. These measures include but are not limited to:

– End-to-end encryption for sensitive data
– Strict access control protocols and authentication mechanisms
– Regular security audits and monitoring
– Secure data backups and disaster recovery procedures
– Privacy and security training for employees handling personal data

7. International Transfers

Where your personal data is transferred outside of the European Economic Area (EEA) or equivalent jurisdictions, we ensure appropriate transfer mechanisms are in place to maintain the data’s protection. These measures may include:

– Standard Contractual Clauses approved by the European Commission
– Transfers to countries officially deemed to provide adequate data protection
– Intra-group or vendor-specific contractual commitments incorporating privacy safeguards

8. Data Retention

We retain your personal data only as long as necessary for the purposes it was collected, or as required by applicable law. Retention periods include:

– Usage Data: Retained for up to 24 months for analytical purposes
– Account Data: Retained while the account is active and up to 6 years thereafter to comply with legal obligations
– Transaction Data: Retained for up to 7 years for accounting and regulatory obligations
– Preference Data: Retained until the withdrawal of consent or expiration of relevance
– Communication Data: Retained up to 3 years following the last interaction

9. Cookie Policy

LootGarden.com uses cookies and similar technologies to improve user experience, monitor usage trends, and provide personalized content. Cookies are categorized as follows:

– Essential Cookies: Necessary for the basic operation of lootgarden.com, such as session management and authentication.
– Functional Cookies: Enhance usability by remembering preferences and settings.
– Analytics Cookies: Collect anonymized data for statistical and performance evaluation.
– Performance Cookies: Optimize our Platform’s operations and identify issues based on usage metrics.

10. Cookie Management and Compliance

Users are provided with clear options to manage cookie preferences in line with GDPR and CCPA requirements. On your first visit to lootgarden.com, you will be presented with a cookie banner allowing you to accept or reject non-essential cookies. You can revisit and modify your preferences at any time through the cookie settings link on the site. California residents may also opt out of “selling” personal information under CCPA definitions by submitting a Do Not Sell My Personal Information request.

11. Children’s Privacy

We do not knowingly collect or process personal data from individuals under the age of 13. If we become aware that such data has been unintentionally collected, we will take immediate steps to delete it. If you believe a child under 13 has submitted personal data to lootgarden.com, please notify us at [email protected].

12. Policy Updates and User Notifications

We may periodically revise this Privacy Policy to reflect operational changes, legal requirements, or best practices. Any significant changes that materially affect your rights will be communicated clearly through email (where applicable) or on the homepage of lootgarden.com. Users are encouraged to review this policy regularly to stay informed about how their data is handled.

13. Contact

For any questions or concerns regarding this Privacy Policy, your data, or to exercise your data subject rights, you may contact us:

Email: [email protected]

We are committed to complying fully with all applicable privacy regulations, including the GDPR and CCPA. Your trust is important to us, and we welcome your feedback regarding our data practices. Please reach out to us at the contact above with any privacy inquiries.