Privacy policy

At dalemisczynski.com, we adhere to the California Consumer Privacy Act (CCPA), General Data Protection Regulation (GDPR) (for EU residents), and other applicable U.S. state privacy laws (e.g., Virginia Consumer Data Protection Act, Colorado Privacy Act) to protect your personal information. This policy details your rights and our obligations in collecting, using, and safeguarding your data.

1. Information We Collect

We categorize collected information to ensure transparency, and only collect data necessary for business operations:

Information Category	Specific Content	Collection Scenario
Personal Identifiable Information (PII)	Full name, email address, phone number, shipping/billing address, payment method details (e.g., credit card last 4 digits)	Account creation, checkout, newsletter subscription
Sensitive Personal Information	Payment card security codes, government-issued IDs (if required for fraud prevention)	Only collected via encrypted third-party payment processors (Stripe/PayPal); never stored on our servers
Usage Data	IP address, browser/device model, OS version, page visit logs, click-through rates, session duration	Automatically collected via cookies (e.g., Google Analytics) when you browse the website
Derived Data	Purchase preferences (e.g., "prefers sustainable denim"), size history, browsing behavior patterns	Generated from PII and usage data to personalize recommendations

2. Legal Bases for Using Your Information

Under U.S. and EU privacy laws, we only use your data if we have a valid legal basis, including:

Performance of a Contract: To process orders (e.g., verify payment, ship products) or fulfill account services (e.g., order tracking).

Legitimate Interest: To improve website functionality (e.g., fix broken links using usage data), prevent fraud (e.g., flag unusual payment activity), or send personalized product recommendations (with opt-out options).

Consent: To send marketing emails, use third-party analytics tools, or collect data via non-essential cookies (you can withdraw consent at any time).

Legal Obligation: To comply with tax laws (retain order records for 7 years) or respond to government subpoenas.

3. Third-Party Data Sharing

We never sell your PII to third parties. We only share data with trusted partners who act as "data processors" (bound by confidentiality agreements):

Payment Processors: Stripe/PayPal to securely process payments (they only receive data needed to complete transactions).

Shipping Carriers: USPS, UPS, DHL to deliver orders (receive your shipping address and order ID).

Analytics Providers: Google Analytics to analyze website traffic (data is anonymized by default; you can opt out via Google’s Ads Settings).

Fraud Prevention Services: Sift/MaxMind to detect unauthorized transactions (receive limited PII like email and IP address).

If a third party needs to use your data for their own purposes (e.g., a marketing partner for co-branded promotions), we will obtain your explicit consent first.

4. Your Privacy Rights

As a U.S. or EU resident, you have the following rights under applicable laws (you can exercise these rights by emailing service.vip.lris@gmail.com or using the "Privacy Dashboard" in your account):

Right	Description	How to Exercise
Right to Access	Request a free copy of all PII we hold about you (in a machine-readable format like CSV)	Submit a request via email; we will respond within 10 business days (CCPA requirement)
Right to Correction	Update inaccurate data (e.g., a misspelled shipping address)	Edit directly in your account or email support with your order/account ID
Right to Erasure ("Right to Be Forgotten")	Request deletion of your PII (except data we must retain for legal/tax purposes)	Submit a request via email; we will confirm deletion within 15 business days
Right to Opt-Out	Opt out of: - Marketing emails (click "Unsubscribe" in emails) - Personalized ads (use the "Do Not Sell My Data" link in website footer) - Non-essential cookies (adjust settings via the cookie banner)	Immediate effect for marketing; cookie changes take effect on your next browsing session
Right to Data Portability	Transfer your PII to another service provider (e.g., export your order history to a new account)	Request via email; we will provide data in a shareable format within 7 business days

5. Cookie Management

Our website uses two types of cookies, and you can control them via your browser or our cookie banner:

Cookie Type	Purpose	Opt-Out Option
Essential Cookies	Enable core functions (e.g., retain cart items, log in to your account)	Cannot be disabled (required for website usability)
Non-Essential Cookies	Personalize ads (e.g., Facebook Pixel), track analytics	Disable via the cookie banner or browser settings (e.g., Chrome: Settings > Privacy and security > Cookies and other site data)

To view or delete existing cookies stored on your device, refer to your browser’s help documentation (e.g., Safari: Preferences > Privacy > Manage Website Data).

6. Data Retention

We retain your data only for as long as necessary:

PII (Account/Orders): Retained for 2 years after your last account activity (or 7 years for tax compliance, whichever is longer).

Marketing Data: Retained until you opt out of emails (then deleted within 30 days).

Usage Data: Anonymized after 12 months (e.g., IP addresses are stripped of identifying segments).

When data is no longer needed, we securely delete it (e.g., shred physical records, overwrite digital files) or anonymize it so it can no longer identify you.

7. Children’s Privacy

Our website is not intended for users under 13 years old. We do not knowingly collect PII from children under 13. If we discover we have collected data from a child under 13, we will delete it immediately and notify parents/guardians via the provided contact information.

8. Changes to This Policy

We may update this policy to reflect new laws (e.g., upcoming U.S. federal privacy legislation) or business practices. When we make material changes:

We will post the updated policy on the website with a new "Last Updated" date.

We will send a notification to users who have opted in to policy updates (via email or in-account alert) at least 7 days before changes take effect.

Your continued use of the website after the effective date constitutes acceptance of the updated policy.

9. Contact for Privacy Concerns

If you have questions about this policy, want to exercise your privacy rights, or file a complaint, please contact:

Email: service.vip.lris@gmail.com (marked "Privacy Request" in the subject line)

Data Protection Officer (DPO): Attn: DPO, 123 Fashion Avenue, New York, NY 10001, USA

California Residents: You may also file a complaint with the California Attorney General’s Office.

We will acknowledge your request within 3 business days and resolve it in compliance with applicable laws.