Privacy Policy for EU Users
At Thrift Factory, we value and respect your privacy. This Privacy Policy outlines how we collect, use, and protect your personal data in compliance with the European Union’s General Data Protection Regulation (GDPR). By using our services, you consent to the practices described in this policy.
1. Data We Collect We collect and process the following personal data:
- Personal Identification Information (Name, email address, phone number)
- Transaction Data (Payment details, purchase history)
- Technical Data (IP address, browser type, device data)
2. Purpose of Data Collection We use your personal data for the following purposes:
- To provide, maintain, and improve our services
- To process transactions and send you related information
- To send marketing and promotional materials (with your consent)
- To comply with legal obligations
3. Legal Basis for Data Processing We process your personal data based on the following legal grounds:
- Consent: When you provide consent to receive marketing emails or participate in surveys.
- Contractual Necessity: To process your orders and provide our services.
- Legitimate Interests: For improving our services and ensuring security.
- Compliance with Legal Obligations: To meet legal requirements.
4. Your Rights Under GDPR, you have the following rights:
- Right to Access: Request access to your personal data.
- Right to Rectification: Correct any inaccurate or incomplete data.
- Right to Erasure: Request deletion of your data (in certain circumstances).
- Right to Restriction of Processing: Limit how we process your data.
- Right to Object: Object to processing based on legitimate interests.
- Right to Data Portability: Request your data in a machine-readable format.
To exercise your rights, please contact us at [Your Contact Information].
5. Consent for Marketing If you have given us consent to send you marketing materials, you can withdraw your consent at any time by clicking the “unsubscribe” link in any marketing email or contacting us directly.
6. Data Security We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction.
7. Data Retention We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy and comply with legal obligations.
8. International Data Transfers If your data is transferred outside the EU, we ensure that adequate safeguards are in place to protect your information.
9. Changes to this Policy We may update this Privacy Policy from time to time. Any changes will be posted on our website, and if significant, we will notify you via email.
10. Contact Us For any questions or concerns about this Privacy Policy or our data practices, please contact us at: