Privacy Policy

1. Introduction

WARDEN ("we," "us," or "our") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, make a purchase, or interact with our services.

This policy complies with applicable privacy laws, including the General Data Protection Regulation (GDPR) for users in the European Economic Area, the California Consumer Privacy Act (CCPA) for California residents, and other applicable state and federal privacy laws.

By using our website or services, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our website or services.

2. Information We Collect

2.1 Personal Information You Provide

When you place an order or interact with our website, we collect the following categories of personal information:

• Identifiers: Name, email address, phone number, shipping address, billing address
• Commercial Information: Order history, products purchased, sizes, colors, quantities, purchase amounts
• Financial Information: Payment card information (processed securely by Stripe - we do not store complete card numbers)
• Communications: Messages sent through our contact form, customer service inquiries, newsletter subscription preferences

2.2 Information Collected Automatically

When you visit our website, we may automatically collect certain technical information:

• Device Information: IP address, browser type and version, operating system, device identifiers
• Usage Data: Pages visited, time spent on pages, clickstream data, referring website, date and time of access
• Location Information: General geographic location based on IP address (country, state, city)
• Cookies and Local Storage: Shopping cart data stored in browser local storage, session cookies for website functionality

2.3 Information from Third Parties

We may receive information from our service providers:

• Stripe: Payment confirmation, transaction IDs
• Printify: Order fulfillment status, shipping tracking information
• Email Service Provider: Email delivery status, open rates (if applicable)

3. How We Use Your Information

3.1 Legal Basis for Processing (GDPR)

We process your personal information based on the following legal grounds:

• Contract Performance: To fulfill your orders and provide customer service
• Consent: For marketing communications (you may withdraw consent at any time)
• Legitimate Interests: To improve our products, prevent fraud, and operate our business
• Legal Obligations: To comply with tax, accounting, and legal requirements

3.2 Purposes of Use

We use your information for the following purposes:

• Order Processing: To process, fulfill, and ship your orders through our print-on-demand partner Printify
• Payment Processing: To securely process payments through Stripe
• Customer Service: To respond to inquiries, resolve issues, and provide support
• Order Updates: To send order confirmations, shipping notifications, and delivery updates
• Marketing (with consent): To send newsletters, promotions, and product announcements (opt-in only)
• Website Improvement: To analyze website usage, improve user experience, and optimize performance
• Fraud Prevention: To detect and prevent fraudulent transactions and unauthorized access
• Legal Compliance: To comply with legal obligations, enforce our Terms of Service, and protect our rights

4. How We Share Your Information

We do not sell your personal information. We share your information only with trusted service providers necessary to operate our business:

4.1 Service Providers

• Stripe (Payment Processor): Processes credit card payments securely. Subject to Stripe's Privacy Policy.
• Printify (Fulfillment Partner): Manufactures and ships your orders. Subject to Printify's Privacy Policy.
• Email Service Provider: Sends order confirmations and (with your consent) marketing emails.
• Hosting Provider (Vercel): Hosts our website and stores data securely.

4.2 Legal Requirements

We may disclose your information if required by law, court order, subpoena, or government request, or to protect our rights, safety, or property.

4.3 Business Transfers

If WARDEN is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

5. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this policy and comply with legal obligations:

• Order Information: Retained for 7 years for tax and accounting purposes
• Marketing Communications: Until you unsubscribe or request deletion
• Customer Service Records: Retained for 3 years
• Website Analytics: Aggregated and anonymized after 26 months
• Cart Data (Local Storage): Stored locally on your device until you clear browser data

After the retention period expires, we securely delete or anonymize your personal information.

6. Data Security

We implement industry-standard security measures to protect your personal information:

• Encryption: HTTPS/TLS encryption for all data transmitted between your browser and our servers
• Payment Security: PCI-DSS compliant payment processing through Stripe (we do not store complete card numbers)
• Access Controls: Limited access to personal information on a need-to-know basis
• Secure Hosting: Data stored on secure servers with regular security updates

However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Cookies and Tracking Technologies

7.1 What We Use

Our website uses the following technologies:

• Local Storage: Stores your shopping cart data in your browser so items persist between sessions
• Session Cookies: Essential cookies for website functionality (e.g., checkout process)

7.2 Your Choices

You can control cookies through your browser settings. However, disabling cookies may affect website functionality (e.g., your cart may not work properly). You can clear local storage data at any time through your browser settings.

8. Your Privacy Rights

8.1 GDPR Rights (European Users)

If you are located in the European Economic Area, you have the following rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restriction: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for marketing at any time

8.2 CCPA Rights (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request information about what personal data we collect, use, disclose, and sell
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of the sale of personal information (Note: we do not sell personal information)
• Right to Non-Discrimination: Exercise your rights without receiving discriminatory treatment

8.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

• Email: privacy@warden.com
• Subject Line: "Privacy Rights Request"
• Include: Your name, email, order number (if applicable), and specific request

We will respond to verified requests within 30 days (45 days for complex requests). We may need to verify your identity before processing your request.

8.4 Unsubscribe from Marketing

To opt out of marketing emails, click the "Unsubscribe" link at the bottom of any marketing email, or contact us at privacy@warden.com. Note that you will still receive transactional emails (order confirmations, shipping notifications) necessary to fulfill your orders.

9. International Data Transfers

Your information may be transferred to and processed in the United States or other countries where our service providers operate. These countries may have different data protection laws than your country.

For users in the European Economic Area, we ensure adequate protection through:

• Standard Contractual Clauses approved by the European Commission
• Service providers certified under the EU-U.S. Data Privacy Framework (where applicable)
• Other appropriate safeguards to protect your data

10. Children's Privacy

Our website and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you believe we have inadvertently collected information from a child under 18, please contact us immediately at privacy@warden.com, and we will promptly delete such information.

11. Do Not Track Signals

Some browsers transmit "Do Not Track" (DNT) signals. Because there is no common understanding of how to interpret DNT signals, our website does not currently respond to DNT browser signals. However, we provide you with choices about data collection as described in this policy.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make significant changes, we will:

• Update the "Last Updated" date at the top of this page
• Notify you via email (if you have an account or are subscribed to our newsletter)
• Post a notice on our website homepage for 30 days

Your continued use of our website after changes are posted constitutes your acceptance of the updated policy. We encourage you to review this policy periodically.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

For EU residents, you also have the right to lodge a complaint with your local data protection authority if you believe we have not adequately addressed your concerns.