Legal Privacy Policy
How we collect, use, and protect your personal information
Privacy-First Commitment
Your privacy is our priority. We collect only essential information needed to provide our services and never sell your personal data to third parties.
Information We Collect
Automatically Collected Data
When you visit our website, we automatically collect certain technical information through our service providers:
- Analytics Data: Page views, session duration, device type, browser information via
Google Analytics
- Performance Data: Site performance metrics, error logs, and search indexing data via
Google Search Console
- Hosting Data: IP addresses, access logs, and technical metrics via
Netlify
Technical Implementation: Data collection uses cookies, web beacons, and local storage technologies to function properly.
Information You Provide
We collect information you voluntarily submit:
- Contact Information: Name, email address when contacting us
- Purchase Information: Transaction data processed through
Fourthwall for merchandise sales
- Communication Data: Messages, feedback, and support requests
- Newsletter Data: Email subscription preferences and engagement metrics
How We Use Your Information
Primary Purposes
We use collected information for the following legitimate business purposes:
- Website Operation: Ensuring site functionality, security, and performance optimization
- Analytics & Improvement: Understanding user behavior to improve content and user experience
- Communication: Responding to inquiries, sending updates, and providing customer support
- Commerce: Processing orders, handling payments, and managing customer accounts
Legal Basis: We process personal data based on legitimate interests, contractual necessity, consent, and legal compliance requirements under GDPR, CCPA, and other applicable privacy laws.
Third-Party Services
We work with trusted service providers who may process your data:
- Google Analytics: Website traffic analysis and user behavior insights
- Google Search Console: Search performance monitoring and website optimization
- Netlify: Website hosting, CDN services, and performance optimization
- Fourthwall: E-commerce functionality, payment processing, and order management
Data Sharing and Disclosure
Limited Sharing
We share personal information only in these specific circumstances:
- Service Providers: With trusted partners who provide essential services under strict data protection agreements
- Legal Requirements: When required by law, court order, or government authority
- Business Transfers: In connection with merger, acquisition, or asset sale (with advance notice)
- Consent: When you explicitly authorize specific data sharing
No Data Sales: We never sell, rent, or trade your personal information to third parties for marketing purposes.
Your Privacy Rights
Universal Rights
Regardless of your location, you have the following rights regarding your personal data:
- Access: Request copies of personal data we hold about you
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your personal data (subject to legal retention requirements)
- Portability: Receive your data in a structured, machine-readable format
Regional-Specific Rights
EU/UK Residents (GDPR): Additional rights include data processing restriction, objection to processing, and automated decision-making opt-out.
California Residents (CCPA/CPRA): Right to know, delete, opt-out of sales, and non-discrimination protection.
Other Jurisdictions: Additional rights may apply based on local privacy laws.
Data Security and Retention
Security Measures
We implement industry-standard security practices:
- Encryption:
TLS/SSL encryption for data transmission
- Access Controls: Restricted access to personal data on need-to-know basis
- Regular Audits: Periodic security assessments and vulnerability testing
- Incident Response: Procedures for handling potential data breaches
Data Retention
We retain personal information only as long as necessary:
- Analytics Data: Retained for
26 months (Google Analytics default)
- Contact Information: Until you request deletion or unsubscribe
- Transaction Data: As required by applicable tax and business laws
- Technical Logs: Typically
30-90 days for security and troubleshooting
Cookies and Tracking Technologies
Cookie Types
Our website uses various types of cookies and similar technologies:
- Essential Cookies: Required for basic website functionality and security
- Analytics Cookies:
_ga, _gid for traffic analysis and performance monitoring
- Functional Cookies: Remember your preferences and settings
- Third-Party Cookies: Set by service providers for functionality and analytics
Cookie Management: You can control cookies through your browser settings, but some website features may not function properly if disabled.
International Data Transfers
Your personal data may be processed in countries outside your jurisdiction:
- Adequacy Decisions: We ensure transfers comply with applicable adequacy decisions
- Standard Contractual Clauses: Use
EU Standard Contractual Clauses where required
- Certification Programs: Partners maintain relevant privacy certifications
- Local Laws: All transfers comply with applicable cross-border data transfer restrictions
Children's Privacy
Age Restriction: Our website is not directed to children under 13 years (or 16 years in the EU). We do not knowingly collect personal information from children below these age thresholds.
Changes to This Policy
We may update this privacy policy to reflect:
- Changes in our data practices or services
- Updates to applicable privacy laws
- New features or functionality additions
- Feedback from users or regulatory guidance
Significant changes will be communicated through:
- Website Notice: Prominent notification on our homepage
- Email Notification: Direct communication to registered users
- Version Control: Updated
last modified date and version number
Contact Information
For privacy-related questions, requests, or concerns:
- Data Protection Requests: Submit through our contact form or designated email
- General Inquiries: Use standard communication channels
- Urgent Issues: Contact us immediately for potential security concerns
Response Time: We aim to respond to privacy requests within 30 days (or as required by applicable law).
Regulatory Compliance
This privacy policy is designed to comply with major international privacy regulations:
- GDPR: European Union General Data Protection Regulation
- CCPA/CPRA: California Consumer Privacy Act and amendments
- PIPEDA: Personal Information Protection and Electronic Documents Act (Canada)
- LGPD: Lei Geral de Proteção de Dados (Brazil)
- Other Jurisdictions: Local privacy laws where applicable
Legal Precedence: If any provision conflicts with applicable local privacy laws, the stricter protection standard will apply to ensure compliance.
Last updated: May 2025
Document version: 2.0
Effective date: May 25, 2025