Website Policies
Privacy Policy
Privacy Policy
Crystal Lovoi, Inc. respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our Site, shop with us, or communicate with us.
Information We Collect
We may collect:
-
Contact information (name, email, phone, shipping/billing address)
-
Order and transaction details
-
Payment-related information processed by secure payment providers
-
Device, browser, IP address, and usage data
-
Cookie and analytics data
-
Marketing preferences
-
Communications you send to us
How We Use Information
We use information to:
-
Process and fulfill orders
-
Provide customer service
-
Send transactional messages
-
Send marketing emails or texts where permitted
-
Improve our Site and products
-
Detect fraud and maintain security
-
Comply with legal obligations
Cookies and Tracking Technologies
We use cookies and similar technologies through tools such as Shopify, Google Analytics, Meta Pixel, and marketing platforms to operate the Site, understand usage, personalize content, and measure advertising performance. You may manage cookies through your browser settings.
Sharing of Information
We may share information with:
-
Shopify and ecommerce service providers
-
Payment processors
-
Shipping and fulfillment partners
-
Analytics and advertising partners
-
Email and SMS marketing providers
-
Professional advisors and legal authorities when required
We do not sell personal information for money. We may share data for advertising or analytics purposes as defined under certain privacy laws.
International Visitors; Cross-Border Transfers
Your information may be transferred to and processed in the United States or other countries where our providers operate. Where required by applicable law, we rely on appropriate safeguards for cross-border transfers, which may include contractual protections or other recognized transfer mechanisms.
Data Retention
We retain information for as long as reasonably necessary for business, legal, tax, accounting, dispute resolution, and recordkeeping purposes.
Security; Data Incidents; Breach Response
We use reasonable administrative, technical, and physical safeguards designed to protect personal information and confidential business data. However, no website, network, transmission method, or storage environment can be guaranteed completely secure.
If we become aware of a suspected or confirmed security incident, unauthorized access event, or personal data breach, we may take steps we consider appropriate to investigate, contain, mitigate, remediate, preserve evidence, coordinate with service providers, and protect affected individuals and the brand.
Where required by applicable law, we will provide notifications to affected individuals and/or regulators within legally required timeframes. The timing and content of any notice may depend on the nature of the incident, scope of impact, law enforcement needs, and measures necessary to determine the integrity of our systems.
We may require additional identity verification, temporarily restrict transactions, delay shipments, suspend certain services, or implement enhanced security procedures following a security event or where fraud risk is reasonably suspected.
Your Rights
Depending on your location, you may have rights to request access, correction, deletion, portability, objection, restriction of certain processing, withdrawal of consent where processing is based on consent, and to opt out of certain marketing, profiling, targeted advertising, or sharing practices.
To make a request, contact: info@crystallovoi.com
California Privacy Rights (CPRA)
California residents may have rights under applicable California privacy laws, including the rights to know/access, delete, correct inaccurate information, data portability, limit use of certain sensitive personal information where applicable, and opt out of certain sharing or targeted advertising. We will not discriminate against you for exercising applicable privacy rights. For additional details, please see Section 11 (California Privacy Notice). You may exercise rights by contacting us.
GDPR / UK Rights
If you are located in the EEA, Switzerland, or the UK, you may have additional rights under applicable data protection laws. Depending on context, our legal bases may include contract performance, legitimate interests, compliance with legal obligations, and consent where required. For additional details, please see Section 12 (GDPR / UK Privacy Notice). You may also have the right to lodge a complaint with your local supervisory authority.
Marketing Communications
You may unsubscribe from marketing emails using the unsubscribe link. You may opt out of marketing texts by following the instructions in the message.
Children’s Privacy (COPPA)
The Site is intended for a general audience and is not directed to children under 13 years of age. We do not knowingly collect, use, or disclose personal information from children under 13.
If we learn that we have collected personal information from a child under 13 without legally valid parental consent, we will take reasonable steps to delete the information as required by applicable law.
Parents or legal guardians who believe a child under 13 may have provided personal information to us may contact us at info@crystallovoi.com to request review, deletion, or further information.
If certain child-directed experiences, promotions, or services are ever offered in the future, we will provide any additional notices and parental consent mechanisms required by the Children’s Online Privacy Protection Act (COPPA) and applicable regulations at that time.
Changes to this Policy
We may update this Privacy Policy by posting a revised version on the Site.
Contact
Crystal Lovoi, Inc.
Los Angeles, California
info@crystallovoi.com