Privacy Policy
1. Introduction
At LootGarden (lootgarden.com), we value and prioritize your privacy. We are committed to protecting the personal data of our users and visitors, and to complying with applicable data protection and privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we process your personal data, the legal bases for processing it, and the rights you have in relation to your information.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to personal data collected and processed through lootgarden.com and its related services. For the purposes of GDPR and other applicable data protection laws, LootGarden acts as the “data controller” when determining the purposes and means of processing your personal information. If you have any concerns or questions about how we handle your personal data, you may contact us at [email protected].
3. Categories of Data Processed
We may collect and process the following categories of personal data:
Usage Data:
Includes information about how you use our website, including your IP address, browser type and version, time zone setting, pages viewed, and other diagnostic data.
Account Data:
Includes your name, email address, postal address, and phone number provided during account creation or at checkout.
Profile Data:
Includes user preferences, purchase history, saved items, interests, and behavioral patterns related to our platform and services.
Communication Data:
Includes communication records such as customer support inquiries, feedback, and any correspondence with our team.
Technical Data:
Includes information about the device you use to access the website, including hardware model, operating system, browser, language settings, and other similar data.
Transaction Data:
Includes data related to orders and payments, such as billing address, purchase details, delivery address, and payment method (note: we do not store full credit card details).
Preference Data:
Includes records of your consents, marketing preferences, and information about products or services of interest.
4. Legal Bases for Processing
We rely on the following legal bases to lawfully process your personal data:
Contractual Necessity:
When processing is necessary to fulfill a contract with you, such as fulfilling an order you place or creating a user account.
Legitimate Interests:
We may use your data for reasonable business purposes, such as improving our platform and preventing fraud, provided that such use does not override your privacy rights.
Consent:
When you voluntarily submit your data for specific purposes, such as subscribing to a newsletter or consenting to cookies, your consent provides a lawful basis for processing.
Legal Obligation:
In situations where we are required to comply with legal obligations, such as recordkeeping or law enforcement requests.
5. Your Rights
You have the following rights under applicable data protection laws:
– Right of Access: You may request to know what personal data we hold about you.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: You may request we delete your data, subject to certain exceptions.
– Right to Restriction: You may request we restrict processing of your personal data in certain circumstances.
– Right to Data Portability: You may request to obtain or transfer your personal information in a structured, commonly used, and machine-readable format.
– Right to Object: You may object to processing based on legitimate interests or direct marketing.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We employ appropriate technical and organizational security measures to protect your personal information, including but not limited to:
– Encryption of data both in transit and at rest
– Regular access controls and role-based permissions
– Secure storage and firewall protection
– Regular backups and system resilience testing
– Staff training in data protection best practices
7. International Transfers
Your data may be transferred to and processed in countries outside of your jurisdiction, including the US and other regions where our service providers operate. In such cases, we ensure adequate safeguards are in place, including the use of Standard Contractual Clauses (SCCs) and other mechanisms recognized under GDPR. We also ensure CCPA-compliant practices when transferring or disclosing personal data of California residents.
8. Data Retention
We retain your data only for as long as necessary for the purposes for which it was collected, and as required by applicable laws.
– Account Data: Retained for as long as your account is active and for a reasonable period thereafter to resolve disputes or enforce agreements.
– Transactional Data: Retained for 7 years for tax and accounting compliance.
– Communication and Support Data: Retained for up to 3 years after resolution.
– Preference and Consent Records: Retained until withdrawn or updated.
– Technical and Usage Data: Retained for up to 2 years for analytics and performance improvements.
9. Cookie Policy
LootGarden utilizes cookies and similar tracking technologies to enhance site functionality, understand usage patterns, and provide personalized experiences. We categorize cookies as follows:
– Essential Cookies: Required for the operation of lootgarden.com. These enable core functionalities such as navigation and security.
– Functional Cookies: Enhance usability by storing your preferences and settings.
– Analytics Cookies: Help us understand how visitors interact with our website so we can improve functionality and performance.
– Performance Cookies: Monitor system load and uptime, enabling better availability.
10. Cookie Management and Compliance
You have the right to control your cookie preferences. Upon visiting our website, you are prompted with options to accept, reject, or customize cookie settings. You may also adjust these preferences at any time via your browser settings or through our cookie consent tool available on lootgarden.com.
In compliance with the GDPR, we do not set non-essential cookies without your explicit opt-in consent. Under CCPA, you have the right to opt out of the “sale” or “sharing” of your data, including data collected through cookies. We honor your browser’s privacy control settings, including the Global Privacy Control (GPC) signal.
11. Special Protections for Children
LootGarden does not knowingly collect or solicit personal data from children under the age of 13. If we become aware that we have inadvertently collected data from a child under this age, we will promptly delete such information. If you believe a child under 13 has provided us with personal information, please contact us at [email protected].
12. Policy Updates and User Notifications
This Privacy Policy may be updated periodically to reflect changes in legal, regulatory, technological, or business developments. When significant changes are made, users will be notified by reasonable means, such as through our website or email. Continued use of lootgarden.com after such updates constitutes your acceptance of the revised policy.
13. Contact Us
If you have any questions, concerns, or complaints related to this Privacy Policy or our data practices, please contact our Privacy Team via:
Email: [email protected]
We are committed to maintaining the highest standards of privacy compliance and encourage you to contact us with any concerns regarding your personal data or privacy rights.