1. Introduction

At Flawcult, we are committed to safeguarding the privacy and security of our customers' personal data. This Data Protection Policy outlines how we collect, use, store, and protect personal information in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

2. Scope

This policy applies to all personal data processed by Flawcult, including data from customers, employees, suppliers, and other stakeholders.

3. Data Collection

We collect personal data for various purposes, including:

• Processing orders and transactions
• Providing customer support
• Sending promotional materials and updates
• Conducting market research

Types of personal data we collect may include:

• Name, address, and contact details
• Payment information
• Purchase history
• Preferences and interests

4. Data Use

We use personal data to:

• Fulfill and manage orders
• Communicate with customers regarding their purchases and inquiries
• Improve our products and services
• Personalize shopping experiences
• Comply with legal obligations

5. Legal Basis for Processing

We process personal data based on the following legal grounds:

• Consent: When customers provide explicit consent for specific purposes.
• Contract: To fulfill our contractual obligations with customers.
• Legal Obligation: To comply with legal requirements.
• Legitimate Interests: For purposes that are reasonably necessary for our business operations, provided they do not override the rights of individuals.

6. Data Sharing

We may share personal data with third parties under the following circumstances:

• Service Providers: With trusted partners who assist us in operating our business, such as payment processors and delivery services.
• Legal Requirements: When required by law or to protect our rights and safety.
• Business Transfers: In the event of a merger, acquisition, or sale of assets.

7. Data Security

We implement robust security measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of sensitive information
• Regular security assessments and audits
• Access controls and authentication protocols

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce agreements. When data is no longer needed, we securely delete or anonymize it.

9. Data Subject Rights

Individuals have the following rights regarding their personal data:

• Right to Access: Request access to their personal data.
• Right to Rectification: Correct any inaccurate or incomplete data.
• Right to Erasure: Request the deletion of their data under certain conditions.
• Right to Restrict Processing: Request the limitation of data processing.
• Right to Data Portability: Obtain a copy of their data in a commonly used format.
• Right to Object: Object to data processing based on legitimate interests or direct marketing.

10. Contact Information

For any questions, concerns, or requests regarding this Data Protection Policy or personal data, please contact us at:

Flawcult;
info@flawcult.com

11. Policy Updates

We may update this Data Protection Policy from time to time to reflect changes in our practices or legal requirements. We will notify customers of any significant changes by posting the updated policy on our website.