Privacy Policy

How We Collect, Use, and Protect Your Information

Website: kindora.shop
Company: Kindora Goods LLC
Address: 1500 N Grant St, Ste R, Denver, CO 80203, US
Contact: +84944361292 | tranduy221095@gmail.com

Introduction

Welcome to the Kindora Goods LLC Privacy Policy. Your privacy is critically important to us. This policy explains:

  • What information we collect from you

  • How we use that information

  • When and why we share it with third parties

  • How we protect your data

  • Your rights regarding your personal information

By using our website (kindora.shop) or purchasing our products, you consent to the practices described in this policy.

We comply with:

  • US: California Consumer Privacy Act (CCPA), Children’s Online Privacy Protection Act (COPPA)

  • EU: General Data Protection Regulation (GDPR) for European customers

  • International: Applicable local privacy laws

Section 1: Information We Collect

1.1 Information You Provide Directly

Account Registration:

  • Name

  • Email address

  • Password (encrypted)

  • Phone number (optional)

Order Processing:

  • Billing address

  • Shipping address

  • Payment information (processed by Stripe – we do not store full card numbers)

  • Order history

Customer Service:

  • Communications with us (email, phone, chat)

  • Photos or videos you share (e.g., for return claims)

  • Feedback and reviews

Marketing:

  • Email preferences (newsletter opt-in/out)

  • Referral information (if you refer a friend)

1.2 Information Collected Automatically

When you visit our website, we automatically collect:

Device Information:

  • IP address

  • Browser type and version

  • Operating system

  • Device type (desktop, mobile, tablet)

Usage Information:

  • Pages visited

  • Time and date of visit

  • Time spent on pages

  • Click-through and scroll data

  • Referring website (how you found us)

Cookies & Similar Technologies:

  • Session cookies (expire when you close browser)

  • Persistent cookies (remain for up to 2 years)

  • Pixel tags (track email opens and conversions)

1.3 Information from Third Parties

  • Payment processors (Stripe): Fraud risk assessment (does not share card details with us)

  • Shipping carriers: Delivery confirmation and address validation

  • Social media (if you log in via Facebook/Google): Public profile information (only if you choose this login method)

1.4 Information We DO NOT Collect

  • Children’s data: Our website is not directed to children under 13, and we do not knowingly collect data from children

  • Sensitive data: Health information, genetic data, biometric data, political opinions, religious beliefs, or sexual orientation

  • Government IDs: We never ask for driver’s license, passport, or Social Security numbers

Section 2: How We Use Your Information

2.1 Core Business Purposes

Purpose Legal Basis (for GDPR/CCPA)
Process and fulfill your orders Contract performance
Communicate order status (confirmations, shipping updates) Contract performance
Provide customer service and returns Contract performance
Process payments and prevent fraud Legitimate interest
Ship products to your address Contract performance

2.2 Marketing & Communications

Purpose Legal Basis
Send promotional emails (with opt-out) Consent (for new customers) or legitimate interest (existing customers)
Show relevant ads on social media Consent (via cookie consent)
Analyze customer preferences to improve products Legitimate interest
Conduct surveys and research Legitimate interest (or consent where required)

2.3 Website Improvement

  • Analyze usage patterns to optimize site design

  • Diagnose technical issues

  • Prevent security breaches

  • Test new features

2.4 Legal Compliance

  • Respond to lawful requests from law enforcement

  • Comply with court orders or subpoenas

  • Enforce our Terms and Conditions

  • Protect our legal rights or prevent harm

Section 3: Cookies & Tracking Technologies

3.1 What Are Cookies?

Cookies are small text files stored on your device when you visit websites. They help websites remember you and your preferences.

3.2 Types of Cookies We Use

Cookie Type Purpose Duration
Essential Enable shopping cart, checkout, account login – cannot be disabled Session to 1 year
Functional Remember your preferences (currency, language, region) Up to 1 year
Analytics Track how you use our site (Google Analytics) Up to 2 years
Marketing Show relevant ads on other sites (Facebook, Google) Up to 2 years

3.3 Your Cookie Choices

You can:

  • Accept all cookies (default – best experience)

  • Reject non-essential cookies (site still works, but personalized ads disabled)

  • Block all cookies (checkout and account login will not work)

How to manage:

3.4 Do Not Track Signals

Our website does not currently respond to “Do Not Track” (DNT) browser signals due to lack of industry standardization. However, you can control cookies through your browser settings as described above.

Section 4: How We Share Your Information

4.1 Third-Party Service Providers

We share your information only with trusted partners who help us run our business:

Partner Type Data Shared Purpose
Stripe Payment info, billing address, order total Process payments, prevent fraud
Shipping carriers (USPS, UPS, FedEx, DHL) Name, shipping address, phone number, email Deliver your order
Email service provider Email address, name, order history (non-payment) Send order confirmations and marketing
Cloud hosting (Shopify/our platform) All site data Host our website
Customer service software Name, email, order details Manage support tickets
Analytics (Google Analytics) IP address (anonymized), site usage Improve our website

We never sell your personal information to data brokers, marketing companies, or any other third parties.

4.2 Legal Requirements

We may share your information if required by law, such as:

  • Responding to a subpoena, court order, or search warrant

  • Cooperating with law enforcement investigations

  • Preventing imminent harm or fraud

4.3 Business Transfers

If Kindora Goods LLC is acquired by or merged with another company, your information will be transferred as part of the business assets. You will be notified via email and a prominent notice on our website.

4.4 With Your Consent

We will ask for your explicit consent before sharing your information for any purpose not listed above.

Section 5: Data Security

5.1 Our Security Measures

We implement industry-standard security to protect your information:

Encryption:

  • In transit: TLS 1.3 (bank-grade encryption) – look for the padlock icon in your browser

  • At rest: Passwords hashed with bcrypt; personal data encrypted using AES-256

Access Controls:

  • Only employees who need your data to perform their jobs can access it

  • Multi-factor authentication required for all internal systems

  • Regular security training for all staff

Monitoring:

  • 24/7 intrusion detection systems

  • Regular vulnerability scans (weekly)

  • Annual third-party security audits (PCI compliance)

5.2 Payment Security

All payments are processed by Stripe, which is PCI Service Provider Level 1 certified – the highest security level in the payment industry. We never store your full credit card number on our servers.

5.3 Data Breach Response

In the unlikely event of a data breach:

  1. We will contain the breach immediately

  2. Investigate scope and impact

  3. Notify affected customers within 72 hours (as required by GDPR/CCPA)

  4. Notify relevant authorities

  5. Offer credit monitoring if financial information was compromised

5.4 Your Responsibility

No security system is 100% foolproof. You can help protect yourself by:

  • Using a strong, unique password for your Kindora account

  • Not sharing your password with anyone

  • Logging out after using public or shared computers

  • Contacting us immediately if you suspect unauthorized account access

Section 6: Data Retention

6.1 How Long We Keep Your Data

Data Type Retention Period Reason
Order records 7 years Tax and accounting requirements
Account information Until you delete account + 30 days Customer convenience
Email marketing data Until you unsubscribe + 30 days Legal compliance
Customer service communications 2 years after last contact Service improvement
Website analytics (anonymized) 26 months (Google Analytics default) Trend analysis
Payment information Not stored (processed by Stripe) N/A

6.2 Data Deletion

You may request deletion of your personal data at any time (see Section 8). However, we may retain certain information:

  • To comply with legal obligations (tax records)

  • To prevent fraud (transaction logs)

  • To enforce our Terms (ban evasion records)

Section 7: Your Rights & Choices

7.1 Rights for All Customers

Right What It Means How to Exercise
Access Know what data we hold about you Email tranduy221095@gmail.com
Correction Fix inaccurate or incomplete data Email with corrections
Deletion Remove your personal data (subject to legal retention) Email “DELETE MY DATA”
Opt-out of marketing Stop receiving promotional emails Click “Unsubscribe” link
Object to processing Stop certain uses of your data (e.g., analytics) Email with specific request

7.2 California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

  • Right to know: Categories of personal information collected, sources, business purposes, and third parties shared with

  • Right to delete: Request deletion of your personal information (exceptions apply)

  • Right to opt-out of sale: We do not sell personal information, so this right is automatically satisfied

  • Right to non-discrimination: We will not charge different prices or provide different service if you exercise your privacy rights

To exercise CCPA rights: Email tranduy221095@gmail.com with “CCPA REQUEST” in subject line. We will verify your identity before processing requests.

California Shine the Light: You may request information about third parties with whom we share personal information for direct marketing purposes. We do not share for such purposes, so no action is needed.

7.3 GDPR Rights (European Economic Area & UK)

If you are in the EEA or UK, you have additional rights under GDPR:

  • Right to rectification: Correct inaccurate data

  • Right to erasure (“right to be forgotten”): Delete your data (subject to legal obligations)

  • Right to restrict processing: Pause use of your data while disputes are resolved

  • Right to data portability: Receive your data in a machine-readable format (CSV or JSON)

  • Right to object: Stop processing based on legitimate interests or direct marketing

  • Right to withdraw consent: Anytime for consent-based processing (e.g., marketing emails)

To exercise GDPR rights: Email tranduy221095@gmail.com with “GDPR REQUEST” in subject line. We will respond within 30 days (extendable to 60 days for complex requests).

Data Protection Officer (DPO): We have appointed a DPO for GDPR compliance. Contact: tranduy221095@gmail.com (attention: DPO).

Right to lodge complaint: You may complain to your local supervisory authority (e.g., ICO in UK, CNIL in France). We hope you’ll contact us first so we can resolve your concern.

Section 8: Children’s Privacy (COPPA Compliance)

Our website and products are intended for adults purchasing baby products – not for direct use by children under 13.

We do not:

  • Knowingly collect personal information from children under 13

  • Target advertising to children under 13

  • Allow account registration by anyone under 18

If you believe a child under 13 has provided us with personal information:

  1. Contact us immediately at tranduy221095@gmail.com

  2. We will delete the information promptly

Section 9: International Data Transfers

Our company is based in the United States, and your information is stored on servers located in the US.

For EU/UK customers: The US may not have the same data protection laws as your country. We ensure adequate protection by:

  • Using Standard Contractual Clauses (SCCs) approved by the European Commission

  • Processing data only as necessary to fulfill your order

  • Not transferring data for any secondary purpose

For customers in other countries: By using our website, you consent to your data being transferred to and processed in the United States.

Section 10: Third-Party Links

Our website may contain links to third-party websites (e.g., payment processors, social media platforms). We are not responsible for the privacy practices of these websites.

We recommend you read the privacy policies of any third-party sites you visit.

Section 11: Changes to This Privacy Policy

We may update this Privacy Policy occasionally to reflect:

  • Changes in our practices

  • New legal requirements

  • Technological changes

How we notify you:

  • Material changes: Email to all active account holders + banner on our homepage

  • Minor changes: Update the “Last Updated” date at the top of this page

The current version of this policy is always available at kindora.shop/privacy.

Section 12: Contact Information

For privacy-related questions, complaints, or to exercise your rights:

Kindora Goods LLC
Privacy Officer
1500 N Grant St, Ste R
Denver, CO 80203
United States

Email: tranduy221095@gmail.com (preferred – include “PRIVACY” in subject line)
Phone: +84944361292 (for urgent privacy concerns only – general questions should use email)

Response time: We respond to all privacy inquiries within 15 business days.

Section 13: California Notice of Collection (CCPA)

In the past 12 months, we have collected the following categories of personal information:

Category Examples Collected?
Identifiers Name, email, address, phone, IP address ✅ Yes
Customer records Order history, payment info (processed by Stripe) ✅ Yes
Commercial info Products purchased, returns, preferences ✅ Yes
Internet activity Browsing history, search terms, site interactions ✅ Yes
Geolocation Approximate location from IP address ✅ Yes
Inferences Predicted preferences for product recommendations ✅ Yes
Sensitive data None ❌ No
Biometric None ❌ No
Professional/employment None ❌ No
Education None ❌ No

Sources: Directly from you, automatically from your device, from third parties (Stripe, shipping carriers)

Business purposes: Processing orders, customer service, marketing (with opt-out), security, legal compliance

Sold or shared for cross-context behavioral advertising: No – we do not sell or share personal information

Section 14: Nevada Privacy Rights

Nevada residents have the right to opt out of the sale of their personal information. We do not sell personal information, but if you wish to register your opt-out for future changes, email tranduy221095@gmail.com with “NEVADA OPT-OUT” and your name and email address.

Section 15: Virginia, Colorado, Connecticut, Utah Privacy Rights

Residents of these states have additional rights similar to CCPA/GDPR, including:

  • Confirmation of processing

  • Access to data

  • Correction of inaccuracies

  • Deletion of data

  • Opt-out of targeted advertising (we do not engage in this)

  • Opt-out of profiling (we do not engage in automated decisions with legal effects)

To exercise these rights, email tranduy221095@gmail.com with your state name in the subject line.

Acknowledgment

By using kindora.shop or purchasing products from Kindora Goods LLC, you acknowledge that you have read and understood this Privacy Policy.

Thank you for trusting us with your information. We take that responsibility seriously.

Kindora Goods LLC – Protecting Your Privacy While Protecting Your Baby