Privacy Policy for TheDarkSmithLegacy.com
1. Introduction
At TheDarkSmithLegacy.com (“we,” “our,” or “us”), we are committed to protecting and respecting your privacy. We understand the importance of safeguarding personal data and uphold the highest standards of compliance under applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”). This Privacy Policy explains how we collect, use, store, disclose, and protect your personal data when you interact with our website. We adopt a privacy-first approach and prioritize the rights and freedoms of our users at every point of data processing.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all users and visitors of TheDarkSmithLegacy.com (the “Website”). We act as the data controller under applicable data protection legislation with regard to the personal data that you provide through your use of our website.
For any questions or concerns regarding your personal data and its handling, you may contact us at: [email protected].
3. Categories of Data Processed
We may process various categories of personal data about you, depending on your interactions with our Website:
– Usage Data: Includes information such as your IP address, browser type and version, time zone setting and location, browser plug-in types, operating system, platform, and other technology used on the devices you use to access the Website. We also collect information on your interaction with the Website, such as page views, clicking behavior, and session duration.
– Account Data: Includes identifying information such as your full name, billing and delivery addresses, email address, and phone number, when creating or managing an account with us.
– Profile Data: Includes your username, password, purchase history, user preferences, saved settings, and behavioral profiling data generated through your activity on the Website.
– Communication Data: Includes information contained in or relating to any communication you send to us, such as support inquiries, feedback, and any correspondence history with us.
– Technical Data: Device information including hardware model, device identifiers, mobile network information, application version, operating system, and diagnostic data submitted for troubleshooting purposes.
– Transaction Data: Includes details about payments made by or to you and other details of products and services you have purchased through the Website. This encompasses delivery address and invoice information.
– Preference Data: Includes your preferences in receiving marketing from us and your communication preferences, interests in particular products, and services you may have indicated.
4. Legal Bases for Processing Personal Data
We rely on the following legal bases to process your personal data as defined under the GDPR:
– Performance of Contract: When processing is necessary to fulfill our contractual obligations to you, such as when you purchase items or register an account on the Website.
– Consent: When you have given us clear and affirmative consent to process your personal data for specific purposes (e.g., to receive marketing emails).
– Legitimate Interests: Where the processing is needed to further our legitimate business interests (e.g., to optimize our service, detect fraudulent activity, maintain security), provided those interests are not overridden by your rights.
– Legal Obligation: Where processing is necessary to comply with a legal obligation to which we are subject.
5. Your Rights
As a data subject under GDPR and CCPA, you have the following rights:
– Right of Access: You have the right to request a copy of the personal data we hold about you.
– Right to Rectification: You can request that inaccurate or incomplete data be corrected.
– Right to Erasure: You can request that we delete your personal data, subject to our legal obligations.
– Right to Restriction of Processing: You can request that we restrict the processing of your data in certain circumstances.
– Right to Data Portability: You can request that your personal data be provided to you, or to another controller, in a structured, machine-readable format.
– Right to Object: You have the right to object to certain types of processing, including profiling for direct marketing purposes.
– Right to Opt-Out of Sale (CCPA): California consumers have the right to opt out of the sale of their personal information.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
To protect your personal data, we have implemented appropriate technical and organizational safeguards including, but not limited to:
– Data encryption in transit and at rest
– Access limitations with role-based control
– Regular system backups
– Staff training in data protection and cybersecurity best practices
– Periodic auditing of network and security infrastructure
7. International Transfers
Your data may be transferred to and maintained on servers located in jurisdictions outside your country of residence, including countries that may not offer the same level of data protection. Where such transfers occur, we ensure appropriate safeguards are in place, including adherence to the European Commission’s Standard Contractual Clauses or other legally recognized mechanisms to ensure an adequate level of protection.
8. Data Retention
We retain personal data only as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. Specifically:
– Usage and Technical Data: Retained for up to 26 months for analytics purposes.
– Account and Profile Data: Maintained until deletion of the user account or up to 5 years after the last user activity.
– Communication Data: Retained for up to 3 years following the last interaction.
– Transaction Data: Maintained for 7 years for accounting and regulatory compliance.
– Preference Data: Retained until the user withdraws consent or deletes their profile.
9. Cookie Policy
We deploy cookies and similar tracking technologies to provide and improve your website experience. The types of cookies we use include:
– Essential Cookies: Required for core website functionality such as security, navigation, and session management.
– Functional Cookies: Enhance user preferences and improve user-friendly interfaces.
– Analytics Cookies: Provide insights into website traffic, navigation paths, and general usage for optimization.
– Performance Cookies: Help track system performance, detect bugs, and ensure the Website functions efficiently.
10. Cookie Management and Compliance with GDPR & CCPA
Upon your first visit to TheDarkSmithLegacy.com, you will be presented with a cookie banner that allows you to consent to—or reject—non-essential cookies. You can also modify your cookie preferences at any time by adjusting the settings in your browser or through our consent management tool.
California residents may exercise their rights under the CCPA by selecting “Do Not Sell or Share My Personal Information” where available or by contacting [email protected] for further assistance.
11. Children’s Privacy
TheDarkSmithLegacy.com does not knowingly collect personal data from children under the age of 13. If we learn that a child under 13 has provided us with their personal data without verifiable parental consent, we will delete such information promptly. Parents or legal guardians who believe their child may have submitted personal data are encouraged to contact us at [email protected].
12. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in legal, technical, or business developments. We encourage you to review this page regularly. Where changes materially impact your rights or the way we use your data, we will notify you through prominent messaging on TheDarkSmithLegacy.com or via email, if applicable.
13. Contact Us
If you have any questions, concerns, or requests related to this Privacy Policy or how we handle your personal data, you may contact us at:
Email: [email protected]
At TheDarkSmithLegacy.com, we are proud to uphold the principles of transparency, accountability, and user empowerment in our data handling practices. We remain committed to full compliance with all applicable privacy laws and welcome inquiries related to your data rights.