Privacy Policy
1. Introduction
At The Darksmith Legacy, accessible via thedarksmithlegacy.com, we are firmly committed to safeguarding the privacy, confidentiality, and security of your personal information. This Privacy Policy outlines how we collect, process, store, and protect your data in accordance with the highest international standards, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Our mission is to put privacy first in everything we do, ensuring transparency, accountability, and user trust.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users who access or use thedarksmithlegacy.com or otherwise engage with our services, communications, or digital interfaces. For purposes of applicable data protection laws, including the GDPR, The Darksmith Legacy is the Data Controller responsible for the collection and use of your personal data. Users residing in California are afforded rights under the CCPA, as further explained in this policy.
For any privacy-related inquiries, you may contact us via email at: [email protected].
3. Categories of Data Processed
To operate effectively, provide services, and enhance your experience, we may collect and process the following categories of personal data:
a) Usage Data
Includes information such as IP addresses, browser type and version, session duration, access logs, referring URLs, and website interaction data. This data is collected to analyze performance, detect potential security threats, and improve user experience.
b) Account Data
Includes identifiers such as full name, physical address, email address, telephone number, and account login details. This data is collected when you register an account, place an order, or otherwise provide it voluntarily.
c) Profile Data
Includes user preferences, purchase history, behavioral metrics, customized content choices, and interaction behavior. Collected to personalize services and enhance site relevance.
d) Communication Data
Includes email correspondence, support requests, feedback, and contact history with our customer support or administrative teams.
e) Technical Data
Includes device identifiers, operating systems, browser configurations, screen resolution, language preferences, and mobile or desktop environment settings.
f) Transaction Data
Includes billing, shipping, and payment details including transaction amounts, item descriptions, and methods of payment. Processed via secure third-party providers for e-commerce functionalities.
g) Preference Data
Includes your marketing and communication preferences, product interest disclosures, and opt-in/opt-out choices related to emails, newsletters, and surveys.
4. Legal Bases for Processing
We process your personal data on the following legal grounds, as permitted under GDPR:
– Consent: When you explicitly agree to certain uses, including marketing communications or cookie placement.
– Contractual Necessity: When processing is required to fulfill a contract we have with you, such as delivering purchased goods or services.
– Legal Obligation: When we are legally bound to retain or disclose data for compliance, audits, or court orders.
– Legitimate Interests: When the processing supports our lawful business objectives, such as detecting fraud, preventing abuse, or improving offerings—without overriding your fundamental rights and freedoms.
5. Your Rights
Under data protection laws such as the GDPR, you are entitled to exercise the following rights in respect of your personal data, subject to limitations and applicable conditions of law:
– Right of Access: Obtain confirmation of whether we process your data and request a copy.
– Right to Rectification: Request correction of inaccurate or incomplete information.
– Right to Erasure: Request deletion of your data where no longer necessary for processing or based on your withdrawal of consent.
– Right to Restriction: Request suspension of processing under certain circumstances.
– Right to Data Portability: Receive your personal data in a structured and commonly used digital format for transfer to another controller.
To exercise any of these rights, please email us at [email protected]. We will respond in accordance with applicable legal requirements.
California Residents: Under the CCPA, you also have the right to know what personal information we collect, the right to request deletion of that information (subject to limitations), and the right to opt out from “sale” of personal data, as defined by the CCPA.
6. Security Measures
We employ comprehensive technical and organizational measures to secure your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include:
– Data encryption in transit (HTTPS/SSL) and at rest
– Multi-layered firewalls and intrusion detection mechanisms
– Regular data backups and secure storage locations
– Role-based access control with two-factor authentication (2FA)
– Internal data privacy trainings and audits for all relevant personnel
While we strive to implement industry-standard security safeguards, no online transmission or storage mechanism is completely infallible.
7. International Transfers
As part of our global operations, your personal data may be processed or stored in jurisdictions outside your home country, which may not offer the same level of data protection. In such cases:
– We rely on European Commission-approved Standard Contractual Clauses for data transfers from the European Economic Area to countries lacking adequate protection.
– For California residents, we apply comparable measures to preserve user rights and comply with state-specific data transfer obligations.
You may request a copy of the applicable transfer mechanisms by contacting us.
8. Data Retention
We retain personal data for as long as necessary to fulfill the purposes described in this policy, including legal, accounting, or reporting obligations. Specific data types are retained according to the following timeframes:
– Usage Data: retained for 12 months for analytics and troubleshooting
– Account and Profile Data: retained for the duration of the user relationship and up to 3 years thereafter
– Transaction Data: retained for 7 years in compliance with financial regulations
– Communication Data: retained for 2 years
– Preference Data: retained until you withdraw consent or update your choices
Once data retention periods expire, information is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies to enhance user interaction, enable functionalities, analyze website traffic, and support personalized experiences. Cookies used include:
– Essential Cookies: Necessary for site operation, login sessions, cart functions
– Functional Cookies: Support site preferences, localization, and accessibility options
– Analytics Cookies: Collect usage data such as page views and traffic sources, often via Google Analytics or similar services
– Performance Cookies: Measure site responsiveness, loading speed, and error handling
These cookies may be first-party or third-party. For full transparency, we maintain a cookie inventory that can be provided upon request.
10. Cookie Management and Consent Compliance
In compliance with GDPR and CCPA, users are provided clear notice and actionable options to consent to, reject, or customize cookie settings upon their first visit to thedarksmithlegacy.com.
You may modify your cookie preferences via your browser settings or by using the cookie banner and consent tools provided on the website. Under the CCPA, California users may opt out of the sale of personal information where applicable.
11. Children’s Privacy
Our services are not intended for children under the age of 13. We do not knowingly collect or solicit personal information from anyone under 13 years of age. If we become aware that we have inadvertently collected information from a child under 13, we will promptly delete such data in accordance with legal requirements.
Parents or guardians who believe their child has provided us with personal information are encouraged to contact us at: [email protected].
12. Policy Updates and Notifications
We reserve the right to amend this Privacy Policy at any time to reflect changes in legal obligations or service practices. Updates will be made available on thedarksmithlegacy.com. Where required by law, we will notify you of material changes and, where appropriate, seek renewed consent.
We encourage you to review this page periodically to remain informed of how we protect your personal data.
13. Contact
If you have questions, concerns, or requests related to this Privacy Policy or how your information is processed, you may contact us via:
Email: [email protected]
We will diligently respond to all privacy-related inquiries in a timely and appropriate manner.
—
The Darksmith Legacy is committed to full compliance with applicable data protection laws and to honoring your privacy choices. If you have questions or require assistance regarding your rights or our policies, please reach out using the contact details above.