Customer Service.

–10% NOW WITH CODE LABUBU10

[email protected]

Browse

Privacy Policy

Privacy Policy for Labubu Merch

Last Updated: [26/05/2025]

1. Data Controller

Labubu Merch (“we,” “us”) operates https://labubumerch.com/. For privacy concerns, contact:
📧 Email: [email protected]
📍 Address: 123 Main Street City, Los Angeles State, CA ZIP Code,90013

📞 Customer Support: +13322767022 or contact form

2. Data We Collect

A. Personal Data

  • Order Information: Name, email, shipping/billing address, phone number

  • Payment Data: Processed securely via WooCommerce/Stripe (we don’t store card details)

  • Account Details: If you create an account (username, password)

B. Automated Collection

  • Cookies: Session cookies (cart functionality), analytics (Google Analytics)

  • Device Data: IP address, browser type, pages visited (via WooCommerce & plugins)

3. How We Use Your Data

Purpose Legal Basis (GDPR)
Process orders Contractual necessity
Fraud prevention Legal obligation
Marketing emails Consent (opt-in required)
Site improvements Legitimate interest

4. Data Sharing & Third Parties

We only share data with:

  • Payment Processors: PayPal, Stripe (see their privacy policies)

  • Shipping Carriers: USPS, FedEx (address/phone only for delivery)

  • Tax Software: WooCommerce Tax or Avalara (order details)

  • No sale of personal data to advertisers or brokers.

5. International Transfers

  • Data stored on US servers (hosting provider: [Contabo]).

  • For EU customers: We comply with GDPR via Standard Contractual Clauses (SCCs).

6. Your Rights

  • Access/Portability: Request a copy of your data (Email Us)

  • Deletion: Ask to erase personal data (exceptions apply for legal records)

  • Opt-Out: Unsubscribe from marketing (link in emails) or disable cookies.

CCPA Notice: California residents may request disclosure of data categories sold/shared in the last 12 months.

7. Data Retention

  • Orders: 4 years (tax compliance)

  • Accounts: Until deletion request

  • Inactive Data: Anonymized after 2 years

8. Security Measures

  • SSL encryption (HTTPS)

  • Regular security scans (via Wordfence/Sucuri)

  • PCI-DSS compliance for payments

9. Policy Updates

We’ll notify users of changes via:

  • Website banners (for major updates)

  • Account holders (via email)

10. Contact

For GDPR/CCPA requests:
📧 DPO Contact: [email protected]
⏳ Response Time: Within 30 days (legal maximum)