Privacy Policy

This Privacy Policy describes how Doolkin Inc. ("Doolkin," "we," "us," or "our") collects, uses, and discloses your Personal Information when you visit, use, or make a purchase from doolkin.com (the "Site"), or otherwise communicate with us.

Contact

If, after reviewing this policy, you have questions, want more information about our privacy practices, or wish to make a complaint, contact us at [email protected] or by mail:

1. Personal Information We Collect

When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases and support requests. We refer to any information that identifies, relates to, or could reasonably be linked to an identifiable individual or household as "Personal Information." The categories below also map to the categories defined under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).

a) Device / Usage Information

What: browser type and version, IP address, device identifiers, time zone, cookie data, the pages or products you view, referring/landing pages, search terms, and how you interact with the Site.
Why: to load the Site correctly, secure it, and analyze usage to improve our products and Site.
Source: collected automatically via cookies, log files, web beacons, tags, and pixels.

b) Order / Transaction Information

What: name, billing address, shipping address, email address, phone number, and payment information. Payment card details are collected and processed directly by our payment processor; we do not store full card numbers.
Why: to fulfill our contract with you — process orders and payments, arrange shipping, provide invoices and order confirmations, communicate with you, screen for fraud, and (consistent with your preferences) send you marketing.
Source: collected from you.

c) Account Information (if you create an account)

What: email, password (stored in hashed form by our authentication provider), order history, and saved preferences.
Why: to operate your account and order history.
Source: collected from you.

d) Customer Support Information

What: the contents of your messages and any information you choose to provide when you contact us.
Why: to provide customer support and respond to inquiries.
Source: collected from you.

e) Marketing Information

What: email address and engagement data when you subscribe to our newsletter or back-in-stock alerts.
Why: to send updates, offers, and stock notifications you request.
Source: collected from you.

We do not intend to collect "sensitive personal information" as defined by California law. We do not knowingly collect Personal Information from anyone under 16.

2. How We Use Personal Information

We use Personal Information to: provide and operate the Site and our services; offer products for sale and process payments; ship and fulfill orders; provide customer support; send transactional communications (order confirmations, shipping updates, back-in-stock alerts); send marketing where permitted and consistent with your preferences; detect and prevent fraud and secure the Site; comply with legal obligations; and improve our products and Site.

3. How We Share Personal Information — Service Providers and Contractors

We share Personal Information with the service providers and contractors that help us operate, only for the purposes described above and under contracts that restrict their use of the information. The categories of recipients include:

• Website hosting & database / backend: our hosting and database provider.
• Payment processing: Stripe (processes your payment information).
• Email / communications: our transactional email provider for order and notification emails, and our newsletter provider for marketing emails you opt into.
• Shipping & fulfillment: our carriers and fulfillment partners to deliver orders.

We may also disclose Personal Information to comply with applicable laws, respond to a subpoena, search warrant, or other lawful request, enforce our terms, or protect our rights, property, or safety and that of others, and in connection with a merger, acquisition, or sale of assets.

4. Cookies and Tracking Technologies

A cookie is a small data file stored on your device when you visit the Site. We use cookies and similar technologies that are: strictly necessary (to run the store, cart, checkout, and account login), performance/analytics (to understand usage), and, where applicable, advertising (to measure and personalize ads). Strictly necessary cookies cannot be turned off; others are used consistent with your choices.

You can manage cookies through your browser settings. Blocking some cookies may affect Site functionality. See Section 5 for opt-outs of advertising cookies.

5. Sale or Sharing of Personal Information; Targeted Advertising

We do not sell or share your Personal Information for cross-context behavioral advertising.

You can also opt out of many third-party advertising cookies via the Digital Advertising Alliance (optout.aboutads.info) and the Network Advertising Initiative (networkadvertising.org/choices).

6. Analytics

We may use privacy-respecting analytics to understand how visitors use the Site in aggregate. If we begin using a third-party analytics provider that collects Personal Information, we will update this policy and identify the provider here.

7. Data Retention

We retain Personal Information only for as long as reasonably necessary for the purposes described in this policy — for example, to fulfill orders, maintain business and tax records, resolve disputes, and comply with legal obligations — and then delete or de-identify it. Order and tax records are typically retained for the period required by applicable law. If you ask us to delete your information, we will do so unless we are permitted or required to retain it.

8. Data Security

We maintain reasonable administrative, technical, and physical safeguards designed to protect Personal Information. Payment card data is handled by a PCI-DSS-compliant payment processor. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

9. Your California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have the right to:

• Know / Access the categories and specific pieces of Personal Information we have collected, the sources, the purposes, and the categories of third parties to whom we disclose it.
• Delete Personal Information we collected from you, subject to legal exceptions.
• Correct inaccurate Personal Information.
• Opt out of the sale or sharing of your Personal Information (see Section 5), including via the Global Privacy Control.
• Limit the use and disclosure of sensitive personal information to permitted purposes. We do not use sensitive personal information beyond permitted purposes.
• Non-discrimination — we will not discriminate against you for exercising your rights.

How to exercise your rights. Submit a request by emailing [email protected]. We will verify your request by matching the information you provide with what we hold; we may request additional information to verify your identity. We will respond within the timeframes required by law (generally 45 days, extendable once).

Authorized agents. You may designate an authorized agent to make a request on your behalf; we may require proof of authorization and verification of your identity.

Shine the Light (Cal. Civil Code § 1798.83). California residents may request information about our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, contact [email protected].

10. Other U.S. State Privacy Rights

Residents of certain other U.S. states may have similar rights to access, correct, delete, and opt out of targeted advertising or sale of their personal data, and to appeal a denied request. To exercise these rights or appeal, contact [email protected].

11. International Users and Data Transfers (GDPR / UK GDPR)

If you are located in the European Economic Area or the United Kingdom, we process your Personal Information on the following lawful bases: your consent; performance of our contract with you; compliance with legal obligations; and our legitimate interests that do not override your rights. You have rights to access, correct, erase, restrict, port, and object to processing of your Personal Information. Your information may be transferred to and processed in the United States and other countries that may have different data-protection laws; where required, we use appropriate safeguards for such transfers. To exercise your rights, contact [email protected]. You also have the right to lodge a complaint with your local data protection authority.

12. Children's Privacy

The Site is intended for users 18 and older and is not directed to children. We do not knowingly collect Personal Information from children under 16, and Personal Information of consumers under 16 is treated as sensitive under California law. If you believe a child has provided us Personal Information, contact us at the address above and we will delete it.

13. Opt-Out Preference Signals / Do Not Track

Because there is no uniform industry standard for traditional browser "Do Not Track" signals, we do not respond to them. However, we do honor recognized opt-out preference signals such as the Global Privacy Control (GPC) as described in Section 5.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes to our practices or for operational, legal, or regulatory reasons. We will post the updated policy with a new "Last updated" date and, where required, provide additional notice. We review and update this policy at least annually.

15. Complaints

If you would like to make a complaint, contact us at [email protected] or by mail at the address above. If you are not satisfied with our response, California residents may contact the California Privacy Protection Agency (cppa.ca.gov) or the California Attorney General (oag.ca.gov/privacy); EU/UK residents may contact their local data protection authority.