Privacy Policy

Store and Membership Privacy Policy

Effective Date: 2026-03-26

This Privacy Policy explains how personal data is collected, used, disclosed, retained, and protected when customers use this store, purchase digital products, or subscribe to membership services.

1. Scope

This policy applies to personal data processed through store pages, checkout, customer account access, member features, and support channels controlled by the store operator.
It does not govern data handling by independent third-party sites or services that have their own privacy policies.

2. Data Controller and Contact

The store operator is the data controller for personal data described in this policy unless local law states otherwise.
Contact details for privacy requests are provided in the legal/contact section of the store.

3. Categories of Personal Data Collected

Identity and contact data: name, email address, account identifiers, support contact information.
Transaction and billing data: purchase history, subscription status, invoice metadata, payment status, tax details where required.
Account and authentication data: login events, verification challenge metadata, session identifiers, device/browser indicators.
Service usage data: page views, product access logs, feature interactions, referral and campaign metadata.
Technical data: IP address, user agent, approximate geolocation inferred from network metadata, error logs, security event logs.
Customer-provided content: feedback, support messages, comments, uploads, and materials submitted through forms.
Preference data: language selection, communication preferences, consent settings.

4. Data Sources

Data is collected directly from customers during signup, checkout, support interactions, and account use.
Data is collected automatically via cookies, local storage, and similar technologies necessary for site operation and analytics.
Data may be received from payment processors, fraud prevention providers, hosting partners, and communication providers.

5. Purposes of Processing

Providing products and services, including account provisioning, digital delivery, membership entitlement checks, and customer support.
Processing payments, subscriptions, refunds, invoices, and tax obligations.
Securing systems and preventing fraud, abuse, and unauthorized access.
Improving site performance, reliability, and user experience through diagnostics and analytics.
Sending transactional communications such as receipts, login verification, account notices, and legal updates.
Sending marketing communications only where consent or another valid legal basis exists.
Complying with legal obligations, enforcement requests, audit requirements, and dispute resolution.

6. Legal Bases

Processing is performed on one or more of the following bases, depending on jurisdiction:
contract necessity for order fulfillment, account operation, and membership access;
legal obligation for tax, accounting, anti-fraud, and regulatory compliance;
legitimate interests for security, service improvement, and abuse prevention, balanced against customer rights;
consent for optional cookies, marketing messages, and jurisdiction-specific processing requiring consent.

7. Cookies and Similar Technologies

Strictly necessary technologies are used to maintain sessions, protect security, and enable checkout and account functions.
Analytics technologies may be used to understand usage and improve service.
Where required by law, non-essential technologies are activated only after consent.
Customers can manage cookie preferences through available consent tools or browser controls.
Disabling certain technologies may affect service functionality.

8. Payment Data

Payment card details are processed by PCI-compliant payment providers.
The store does not intentionally store full card numbers or card security codes.
The store may store tokenized payment references and billing status metadata required for recurring billing and account management.

9. Sharing and Disclosure

Personal data may be shared with service providers that process data on the store’s behalf under contractual safeguards, including:
payment processors,
hosting and infrastructure providers,
authentication and security vendors,
email and messaging providers,
analytics and error-monitoring providers,
customer support tooling.
Data may be disclosed when legally required, to enforce terms, protect rights and safety, or in connection with a merger, acquisition, financing, or asset transfer.
The store does not sell personal data for monetary consideration.
Where applicable law defines targeted advertising or sharing broadly, customers can use available opt-out mechanisms.

10. International Transfers

Data may be processed in countries outside the customer’s jurisdiction.
When transfers occur, appropriate safeguards are used where required, such as contractual clauses, adequacy decisions, or other lawful transfer mechanisms.

11. Data Retention

Personal data is retained only as long as necessary for the purposes described in this policy, including:
active account period and reasonable post-closure period,
statutory accounting, tax, and audit retention windows,
security and fraud investigation windows,
dispute, chargeback, and legal claim limitation periods.
When retention is no longer required, data is deleted, anonymized, or irreversibly de-identified according to operational and legal constraints.

12. Security Measures

Reasonable administrative, technical, and organizational safeguards are used, including access controls, least-privilege principles, audit logging, encryption in transit, and security monitoring.
No system is guaranteed to be completely secure, and customers should use strong credentials and notify the store of suspected compromise.

13. Customer Rights

Depending on local law, customers may have rights to:
access personal data,
correct inaccurate data,
delete personal data,
restrict or object to certain processing,
receive portable data in a structured format,
withdraw consent where processing relies on consent,
opt out of certain profiling or targeted advertising,
appeal denied requests.
The store may require identity verification and may deny or limit requests where lawful exemptions apply.

14. Children’s Privacy

The store is not intended for children under the minimum age required by applicable law.
If the store learns that personal data was collected from a child without valid authorization where required, it will take appropriate deletion or restriction measures.

15. Membership and Subscriber Data

Membership status, entitlement checks, billing cycle data, and access logs are processed to administer subscriber-only benefits and enforce licensing and anti-abuse policies.
If membership is cancelled or expires, access rights may be adjusted based on plan terms and legal obligations.

16. Communications

Transactional messages are sent for account and order operations and cannot be fully opted out while the account remains active.
Marketing communications include unsubscribe controls where required.
Operational or legal notices may still be sent when necessary.

17. Automated Decision-Making

Security and fraud systems may use automated signals to detect suspicious activity.
Where legally required, meaningful information about such processing and available review mechanisms will be provided.

18. Third-Party Links and Integrations

The store may include links to third-party websites or integrations.
Those services operate under their own privacy terms, and customers should review them before use.

19. Data Breach Response

The store maintains incident response procedures for potential data breaches.
Where required by law, affected individuals and regulators are notified within legally mandated timelines.

20. Region-Specific Notices

For regions with specific privacy regimes, the store honors applicable rights and obligations, including consent standards, opt-out rights, and non-discrimination obligations.
Customers may designate authorized agents where local law permits.

21. Policy Updates

This policy may be updated to reflect legal requirements, service changes, or operational practices.
Material changes are communicated through site notice, account channels, or email where reasonably available.
Continued use after the effective date indicates acceptance, except where additional consent is required by law.

22. Contact and Complaints

Privacy requests and complaints can be submitted through the store legal/contact channel.
Customers may also lodge complaints with a competent data protection authority where provided by law.