Your cart is currently empty!
Privacy Policy
1. INFORMATION WE COLLECT
A. Personal Data You Provide
- Registration: Name, email, birthdate (for age verification), shipping addresses
- Purchases: Payment details (PCI-compliant tokenization), billing address
- Interactions: Customer service chats (stored anonymized), subscription preferences
B. Automated Data
- Cookies & Tracking: Device type, IP address, browsing behavior (see Section 6)
- Purchase History: Product views, cart activity, wishlists
C. Third-Party Data
- Social media logins (Facebook/Google) via OAuth 2.0
- Shipping carriers’ tracking data
2. HOW WE USE YOUR DATA
✅ Operational: Fulfill orders, process payments, send order updates
✅ Personalization: Recommend products (e.g., “Customers also bought…”)
✅ Communication: Send newsletters (opt-in required), service alerts
✅ Legal Compliance: Tax reporting, fraud prevention
3. DATA SHARING
We never sell personal data. Shared only with:
- Service Providers: Shipping (FedEx), payment processors (Stripe) under strict DPA
- Legal Authorities: When required by valid subpoena
- Business Transfers: In case of merger/acquisition (user notification via email)
4. YOUR RIGHTS
🔹 Access/Portability: Request data copy via [support@launrora.com]
🔹 Correction: Update info through Account Settings
🔹 Deletion: “Right to be forgotten” process (30-day turnaround)
🔹 Opt-Out: Unsubscribe from emails (unlinkable tracking pixels used)
Note for EU/UK Users: Exercise rights via [GDPR Portal Link]
5. COOKIES & TRACKING
| Type | Purpose | Management |
|---|---|---|
| Necessary | Cart persistence | Auto-enabled |
| Analytics | Google Analytics 4 | Opt-out via browser |
| Marketing | Facebook Pixel | Disable in ad preferences |
6. CHILDREN’S PRIVACY
- No targeting of users under 13 (COPPA compliant)
- Age gate on checkout: “Are you 13+? Confirm with parent/guardian”
7. SECURITY MEASURES
- Encryption: TLS 1.3 for data in transit, AES-256 for storage
- Access Controls: Role-based permissions + 2FA for admin accounts
- Vulnerability Scans: Monthly third-party penetration tests
8. INTERNATIONAL DATA TRANSFERS
- EU Data: Stored in AWS Frankfurt (GDPR-compliant servers)
- California Residents: CCPA-compliant “Do Not Sell My Data” link
9. POLICY UPDATES
Changes will be emailed to subscribers and posted with a 14-day effective date.