Privacy Policy for luvull.com
1. Introduction
At Luvull, accessible at luvull.com, we are steadfast in our commitment to safeguarding the privacy, security, and personal data of all our users. We recognize the importance of transparent data processing practices and are fully dedicated to complying with all applicable data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
This Privacy Policy outlines the types of personal data we collect, how we use and protect that data, your rights concerning your data, and how you can contact us with inquiries or concerns. By using luvull.com, you acknowledge and consent to the practices described herein.
2. Scope of This Policy and Data Controller Information
This Privacy Policy applies to personal data collected through luvull.com and associated services. Luvull acts as the data controller for all processing activities described in this Policy.
Where applicable under the GDPR or CCPA, Luvull determines the purposes and legal bases for processing personal data. For any questions related to our role or data practices, please contact us at [email protected].
3. Categories of Personal Data We Process
We collect and process various categories of personal data depending on your interaction with luvull.com:
a. Usage Data:
Information about your interaction with our website, including browser type and version, IP address, referring URLs, pages visited, time spent on pages, and other diagnostic data.
b. Account Data:
When you create an account or engage in a purchase, we collect your full name, email address, telephone number, physical address, and password.
c. Profile Data:
This includes your product preferences, wishlist items, purchase history, behavioral insights, and personalized settings.
d. Communication Data:
Includes your correspondence with us through email, support tickets, chat interfaces, or contact forms. We retain records of your queries and our responses.
e. Technical Data:
We collect data concerning devices you use to access our services—such as device type, operating system, hardware identifiers, settings, and internet service specifications.
f. Transaction Data:
Includes details resulting from payment and shipping processes, such as billing address, order details, payment method, transaction identifiers, and fulfillment status.
g. Preference Data:
Marketing and communication preferences, consent records, subscription settings, and declarations of interest in specific products or offerings.
4. Legal Bases for Processing
In accordance with GDPR Article 6 and similar regulatory provisions, we process your personal data under the following legal bases:
– Consent: When you provide voluntary opt-in for marketing or non-essential cookies.
– Performance of Contract: When processing is necessary to fulfill our obligations under our terms of service, such as delivering a purchased product.
– Legitimate Interests: When processing supports our operational needs and does not override your fundamental rights, such as improving user experience or fraud prevention.
– Legal Obligations: When required by law to maintain certain records or respond to regulatory requests.
5. Your Rights Under Applicable Law
Depending on your location and applicable legal frameworks, you may exercise the following rights concerning your personal data:
– Right of Access: Request confirmation as to whether we process your data and obtain a copy of such data.
– Right to Rectification: Request correction of any incomplete or inaccurate personal data.
– Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data where applicable.
– Right to Restriction of Processing: Limit our processing of your data under certain circumstances.
– Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format and transfer it to another controller.
– Right to Object: Object to our use of your personal data for direct marketing or where processing is based on legitimate interests.
– Right not to be subject to Automated Decision-Making: You have the right not to be subject to decisions purely based on automated processing.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
Your data security is of paramount importance to us. We implement a multi-layered approach to data protection, which includes:
– End-to-end encryption of sensitive data in transit and at rest
– Role-based and password-protected access controls
– Regular data backups to secure environments
– Ongoing employee training on safeguarding personal data
– Internal audit and incident response protocols
7. International Data Transfers
Where data is transferred outside your region (e.g., to vendors or service providers in countries without equivalent data protection laws), we utilize adequate safeguards such as the European Commission’s Standard Contractual Clauses (SCCs) and data processing agreements. We ensure our subcontractors and partners maintain a high standard of data confidentiality and integrity.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required under applicable law. Retention periods include:
– Account and Profile Data: Retained for the duration of your account and up to one year post-deactivation
– Transaction Data: Retained for a minimum of seven years for tax and audit compliance
– Communication Data: Retained for two years unless part of a customer service log
– Marketing Consent Records: Retained indefinitely or until consent is withdrawn
– Usage and Technical Data: Retained up to 24 months for analytics purposes
9. Cookie Policy
Our website uses cookies and similar technologies to enhance your browsing experience and optimize site functionality. We categorize cookies as follows:
– Essential Cookies: Necessary for the operation of luvull.com (e.g., account login, cart functionality)
– Functional Cookies: Support additional website features and user preferences
– Analytics Cookies: Help us understand website traffic and performance (e.g., Google Analytics)
– Performance Cookies: Optimize site speed, responsiveness, and load balancing
These technologies may be first-party (set by luvull.com) or third-party (e.g., analytics partners).
10. Cookie Management and User Control
Upon your first visit to luvull.com, we provide a cookie consent banner explaining our use of cookies. You may choose which categories of cookies to allow. You may modify your preferences at any time through the “Cookie Settings” link, typically located in the website footer.
In compliance with the GDPR and the CCPA, we honor opt-out mechanisms and provide “Do Not Sell or Share My Personal Information” options where required.
11. Children’s Privacy
Our website and services are not intended or directed toward children under the age of 13. We do not knowingly collect or solicit personal data from children. If we learn that we have inadvertently collected data from a child under 13, we will promptly delete such information. Parents or guardians concerned about data collection related to children may contact us at [email protected].
12. Updates to This Privacy Policy
We may update this Privacy Policy from time to time in response to legal, technical, or operational developments. Whenever such changes are material, we will notify users by means of a prominent notice on luvull.com or through other appropriate communication channels, ensuring transparency and continued protection of your personal data.
13. Contact Us
For any questions, concerns, or requests related to this Privacy Policy or your personal data, you may contact our data protection team at:
Email: [email protected]
We aim to respond to all legitimate inquiries promptly and in accordance with applicable legal requirements. You may also reach out to a supervisory authority if you have concerns about our data handling practices.
In adherence to stringent privacy principles, Luvull affirms compliance with all relevant data protection regulations including the GDPR and the CCPA. We are committed to transparency, accountability, and empowering you with control over your personal data.