🍷 Privacy Policy

1. Introduction

Napa DatAI, a secure Rust-based e-commerce platform ("Company," "we," "us," "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, make purchases, and communicate with us via email, SMS, or other means.

2. Information We Collect

We collect information you provide directly to us, including:

• Account Information: Name, email address, phone number, shipping address, and billing address
• Payment Information: Credit card and payment details (processed securely by Stripe)
• Order Information: Products purchased, order history, delivery preferences, and special requests
• Communication Preferences: Email opt-in status, SMS opt-in status, marketing preferences, and consent timestamps
• Website Usage: IP address, browser type, pages visited, and referring URLs (via standard web analytics)
• Feedback: Reviews, comments, and customer service inquiries

3. How We Use Your Information

We use collected information to:

• Process and fulfill your orders
• Send order confirmations, shipping updates, and delivery notifications (email and/or SMS)
• Provide customer support and respond to your inquiries
• Send promotional emails and SMS messages (only if you opted in)
• Improve our website, products, and services
• Comply with legal obligations and prevent fraud
• Conduct market research and analytics
• Maintain audit trails for SMS and email consent (TCPA/GDPR compliance)

4. SMS Communication Practices

If you opted in to receive SMS notifications, we collect and use your phone number to send:

• Transactional SMS: Order confirmations, shipping updates, and delivery notifications
• Promotional SMS: Special offers and marketing messages (only if you opted in)
• Confirmation SMS: Initial verification that you want to receive SMS (requires YES/NO reply)

We store your SMS consent status, opt-in timestamp, confirmation timestamp, and consent version for legal compliance and audit purposes. Standard message and data rates apply. Message frequency varies depending on your orders and preferences. You can opt out at any time by replying "STOP" to any SMS message, and we will honor your request within 24 hours.

5. Information Sharing

We may share your information with:

• Service Providers: Payment processors (Stripe), shipping carriers (EasyPost), email delivery services (Brevo), and SMS delivery services (Brevo)
• Analytics Providers: For website usage analytics and optimization
• Legal Authorities: If required by law or to protect our rights

We do not sell, rent, or share your personal information with third parties for marketing purposes without your explicit consent.

6. Data Security

We implement industry-standard security measures to protect your information:

• SSL/TLS encryption for all website communications
• Secure Stripe integration for payment processing
• Limited access to personal data (employee authorization required)
• Regular security assessments and updates

No method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Your Rights and Choices

You have the right to:

• Access: Request a copy of the personal information we hold about you
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal data (subject to legal obligations)
• Opt-Out: Unsubscribe from email and SMS marketing by clicking "unsubscribe" links or replying "STOP"
• Do Not Track: Your browser's do-not-track signals

8. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to:

• Remember your cart and preferences
• Analyze website traffic and user behavior
• Personalize your shopping experience

You can control cookie settings through your browser preferences, though disabling cookies may impact functionality.

9. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) to:

• Know what personal information is collected, used, and shared
• Delete personal information (with certain exceptions)
• Opt out of the sale or sharing of personal information
• Non-discrimination for exercising your rights

To exercise these rights, contact us at the address below.

10. GDPR Compliance (EU Residents)

If you are located in the European Union, we process your personal data under GDPR principles:

• We collect data only with your consent
• We store SMS consent timestamps and versions for audit compliance
• We maintain records of your opt-in and opt-out history
• You can request data portability or deletion at any time

11. Children's Privacy

Our website and services are not intended for children under 18. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will delete such information promptly.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for their privacy practices. Please review their privacy policies before providing any information.

13. Policy Updates

We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by updating the "Last Updated" date and posting the revised policy on our website. Your continued use of our services constitutes acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy, wish to exercise your rights, or need to report a privacy concern, please contact us at:

Napa DatAI, a secure Rust-based e-commerce platform
Email: support@napadatai.com
Website: https://napadatai.app