PRIVACY POLICY

Last Updated: April 3, 2026

1. INTRODUCTION

Welcome to our online store. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website or make purchases from our store.

This policy complies with the General Data Protection Regulation (GDPR) for EU residents, the California Consumer Privacy Act (CCPA) for California residents, and other applicable data protection laws.

2. INFORMATION WE COLLECT

2.1 Personal Information You Provide

We collect information you voluntarily provide when you:

  • Create an account
  • Place an order
  • Subscribe to our newsletter
  • Contact customer support
  • Leave product reviews

This includes:

  • Full name
  • Email address
  • Phone number
  • Billing and shipping addresses
  • Payment information (processed securely by third-party payment processors)
  • Date of birth (if required for age verification)
     

2.2 Information Collected Automatically

When you browse our store, we automatically collect:

  • IP address
  • Browser type and version
  • Device information
  • Operating system
  • Pages visited and time spent
  • Referring website
  • Cookies and similar technologies

2.3 Information from Third Parties

We may receive information from:

  • Payment processors (transaction confirmation)
  • Shipping carriers (delivery updates)
  • Analytics providers (Google Analytics)
  • Social media platforms (if you connect your accounts)

3. HOW WE USE YOUR INFORMATION

We use your personal data for the following purposes:

Table

Purpose

Legal Basis (GDPR)

Processing and fulfilling orders

Contractual necessity

Sending order confirmations and updates

Legitimate interest

Customer service and support

Contractual necessity

Marketing communications (with consent)

Consent

Fraud prevention and security

Legitimate interest
  • Improving our website and services | Legitimate interest |
  • Complying with legal obligations | Legal obligation |
     

4. COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar technologies to enhance your browsing experience, analyze site traffic, and personalize content.

Types of Cookies We Use:

  • Essential Cookies: Required for the website to function (e.g., shopping cart, login)
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Help us understand how visitors interact with our site
  • Marketing Cookies: Used to deliver relevant advertisements

You can manage your cookie preferences through our cookie consent banner or your browser settings. For more information, please see our [Cookie Policy]

.

5. DATA SHARING AND THIRD PARTIES

We do not sell your personal information. We may share your data with:

5.1 Service Providers

  • Payment processors (Stripe, PayPal, etc.)
  • Shipping and logistics companies
  • Email marketing services
  • Website hosting providers
  • Analytics providers

5.2 Legal Requirements

We may disclose your information if required by law, court order, or to protect our rights, property, or safety.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owner.

All third-party service providers are contractually obligated to protect your data and use it only for the specified purposes .

6. DATA SECURITY

We implement appropriate technical and organizational measures to protect your personal data:

  • SSL/TLS encryption for data transmission
  • Secure server infrastructure
  • Regular security assessments
  • Access controls and authentication
  • PCI DSS compliance for payment processing

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security .

7. DATA RETENTION

We retain your personal information only as long as necessary for the purposes outlined in this policy:

  • Order information: 7 years (for tax and accounting purposes)
  • Account information: Until you delete your account or request deletion
  • Marketing communications: Until you unsubscribe
  • Cookies: As specified in our Cookie Policy

When no longer needed, your data will be securely deleted or anonymized .

8. YOUR RIGHTS

Depending on your location, you have the following rights:

8.1 GDPR Rights (EU Residents)

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure (“Right to be Forgotten”): Request deletion of your data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to processing based on legitimate interests or direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time
     

8.2 CCPA Rights (California Residents)

  • Right to Know: Request disclosure of personal information collected
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt-out of the sale of personal information (we do not sell your data)
  • Right to Non-Discrimination: Not be discriminated against for exercising your rights

To exercise these rights, please contact us using the information in Section 12 .

9. INTERNATIONAL DATA TRANSFERS

Your information may be transferred to and processed in countries outside your jurisdiction, including the United States. We ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • Privacy Shield compliance (where applicable)

10. CHILDREN’S PRIVACY

Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately .

11. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated “Last Updated” date. We encourage you to review this policy periodically .

12. CONTACT US

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Email: support@lealoom.store

Data Protection Officer (GDPR):

If you are in the EU and require a DPO, contact: dpo@yourstore.com

13. DO NOT SELL MY PERSONAL INFORMATION (CCPA)

We do not sell your personal information. However, California residents may still exercise their opt-out rights by contacting us at privacy@yourstore.com or clicking “Do Not Sell My Personal Information” on our website

.By using our website and services, you acknowledge that you have read and understood this Privacy Policy.