Effective Date: October 13, 2025
Last Updated: October 13, 2025

Introduction

At ClusterzShop, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy & Cookie Policy explains how we collect, use, store, share, and protect your information when you visit our website at tech.clusterzshop.com or purchase our products.

We understand that when you shop for electronics like mobile phones, TVs, tablets, speakers, and other technology products, you trust us with sensitive personal and financial information. This policy describes our practices in detail so you can make informed decisions about your privacy.

By using our Website, you consent to the data practices described in this policy. If you do not agree with our practices, please do not use our Website.

1. Information We Collect

We collect various types of information to provide and improve our services to you.

1.1 Information You Provide Directly

Account Information:

• Full name
• Email address
• Phone number
• Password (encrypted and hashed)
• Date of birth (optional, for age verification)
• Preferences and interests

Billing & Shipping Information:

• Billing address
• Shipping address (may be different from billing)
• Payment method details (processed securely by third-party payment processors)
• Credit/debit card information (we do not store complete card numbers)

Order Information:

• Products purchased
• Order history
• Transaction details
• Purchase amounts and dates
• Return and exchange information

Communication Information:

• Customer service inquiries and correspondence
• Product reviews and ratings
• Survey responses
• Feedback and testimonials
• Email and SMS preferences

Other Information:

• Information you provide when entering contests, promotions, or sweepstakes
• Social media information when you interact with us on social platforms
• Any other information you choose to provide

1.2 Information Collected Automatically

Device Information:

• Device type (smartphone, tablet, computer)
• Operating system and version
• Browser type and version
• Screen resolution
• Device identifiers (IP address, device ID)
• Mobile network information

Usage Information:

• Pages visited and time spent on each page
• Products viewed and searched
• Click patterns and navigation paths
• Referral sources (how you arrived at our Website)
• Date and time of visits
• Shopping cart activity (including abandoned carts)

Location Information:

• IP address-based approximate location
• GPS location (if you grant permission on mobile devices)
• Shipping and billing addresses

Cookies & Tracking Technologies:

• Cookies (small text files stored on your device)
• Web beacons and pixel tags
• Local storage objects
• Session identifiers
• Analytics tools data

1.3 Information From Third-Party Sources

We may receive information about you from:

• Payment processors (transaction verification and fraud detection)
• Shipping carriers (delivery status and tracking information)
• Social media platforms (if you connect your account or use social login)
• Data analytics providers (demographic and interest information)
• Marketing partners (advertising effectiveness data)
• Public databases (address verification services)
• Fraud prevention services (risk assessment information)

1.4 Sensitive Personal Information

We limit collection of sensitive personal information. We do not intentionally collect:

• Social Security numbers or government ID numbers
• Precise geolocation without consent
• Financial account information (beyond what’s necessary for payment processing)
• Health information
• Racial or ethnic origin
• Political opinions or religious beliefs

If such information is inadvertently collected, it will be securely deleted.

2. How We Use Your Information

We use collected information for various business purposes:

2.1 Order Processing & Fulfillment

• Process and complete your purchases
• Verify payment information
• Arrange shipping and delivery
• Send order confirmations and updates
• Provide tracking information
• Process returns, exchanges, and refunds
• Manage warranties and product support

2.2 Account Management

• Create and maintain your account
• Authenticate your identity
• Enable account features and preferences
• Provide personalized shopping experience
• Save your preferences and shopping history
• Manage wish lists and favorites

2.3 Customer Service & Support

• Respond to inquiries and support requests
• Resolve disputes and troubleshoot problems
• Provide product information and recommendations
• Handle complaints and feedback
• Conduct customer satisfaction surveys

2.4 Marketing & Communications

• Send promotional emails and newsletters (with your consent)
• Display personalized product recommendations
• Inform you about new products, sales, and special offers
• Send SMS marketing messages (with explicit consent)
• Conduct market research and surveys
• Show relevant advertisements on our Website and third-party platforms

You can opt out of marketing communications at any time by clicking “unsubscribe” in emails or contacting us directly.

2.5 Website Improvement & Analytics

• Analyze how visitors use our Website
• Identify popular products and trends
• Test new features and functionality
• Improve Website design and user experience
• Optimize product search and navigation
• Monitor Website performance and fix technical issues

2.6 Security & Fraud Prevention

• Detect and prevent fraudulent transactions
• Verify identity and payment information
• Monitor for suspicious account activity
• Protect against unauthorized access
• Investigate security incidents
• Comply with legal obligations and enforce our Terms

2.7 Legal Compliance

• Comply with applicable laws and regulations
• Respond to legal requests and court orders
• Enforce our Terms and Conditions
• Protect our rights and property
• Resolve disputes and legal claims

2.8 Business Operations

• Maintain business records
• Conduct internal audits and quality control
• Perform accounting and tax reporting
• Manage inventory and supply chain
• Evaluate business performance
• Facilitate mergers, acquisitions, or asset sales

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), UK, or other jurisdictions with similar data protection laws, we process your personal information based on the following legal grounds:

Contract Performance: Processing necessary to fulfill our contract with you (order processing, delivery, customer service)

Legitimate Interests: Processing necessary for our legitimate business interests (fraud prevention, Website improvement, analytics), balanced against your rights and interests

Consent: Processing based on your explicit consent (marketing communications, optional features, cookies)

Legal Obligation: Processing required to comply with legal and regulatory requirements

You have the right to withdraw consent at any time where processing is based on consent. This does not affect the lawfulness of processing before withdrawal.

4. How We Share Your Information

We do not sell your personal information to third parties. We share information only in the following circumstances:

4.1 Service Providers

We share information with trusted third-party service providers who perform services on our behalf:

Payment Processors:

• Process credit card and payment transactions
• Verify billing information
• Detect and prevent fraud
• Examples: Stripe, PayPal, Square

Shipping & Fulfillment Partners:

• Deliver products to your address
• Provide tracking information
• Handle returns and exchanges
• Examples: UPS, FedEx, DHL, USPS

Technology & Infrastructure Providers:

• Host our Website and databases
• Provide cloud storage and computing services
• Manage email and communication systems
• Examples: AWS, Google Cloud, Microsoft Azure

Marketing & Analytics Partners:

• Analyze Website traffic and user behavior
• Manage email marketing campaigns
• Display personalized advertisements
• Measure advertising effectiveness
• Examples: Google Analytics, Mailchimp, Facebook Pixel

Customer Service Tools:

• Manage customer inquiries and support tickets
• Provide live chat functionality
• Manage product reviews
• Examples: Zendesk, LiveChat, Trustpilot

Security & Fraud Prevention:

• Verify identities and addresses
• Detect fraudulent transactions
• Assess risk scores
• Examples: Sift, Signifyd

All service providers are contractually obligated to:

• Use your information only for specified purposes
• Implement appropriate security measures
• Comply with applicable privacy laws
• Not sell or share your information with others

4.2 Business Transfers

If ClusterzShop is involved in a merger, acquisition, asset sale, bankruptcy, or other business transaction, your information may be transferred as part of that transaction. We will notify you of any such change and provide choices regarding your information.

4.3 Legal Requirements

We may disclose your information when required by law or when we believe disclosure is necessary to:

• Comply with legal processes (subpoenas, court orders, legal investigations)
• Enforce our Terms and Conditions and other agreements
• Protect the rights, property, or safety of ClusterzShop, our customers, or others
• Detect, prevent, or address fraud, security, or technical issues
• Respond to government requests

4.4 With Your Consent

We may share information with third parties when you provide explicit consent, such as:

• Connecting your account to social media platforms
• Participating in partner promotions or programs
• Opting in to data sharing for specific purposes

4.5 Aggregated & Anonymized Data

We may share aggregated, de-identified, or anonymized data that cannot reasonably be used to identify you with:

• Business partners for market analysis
• Researchers for industry studies
• Public reporting of Website statistics

5. Cookies & Tracking Technologies

5.1 What Are Cookies?

Cookies are small text files placed on your device when you visit our Website. They help us recognize your browser, remember your preferences, and provide a better user experience.

Types of Cookies:

Session Cookies: Temporary cookies that expire when you close your browser. Used to maintain your shopping cart and browsing session.

Persistent Cookies: Remain on your device for a set period or until you delete them. Used to remember your login information and preferences.

First-Party Cookies: Set by ClusterzShop directly.

Third-Party Cookies: Set by our service providers (analytics, advertising, social media platforms).

5.2 How We Use Cookies

Essential Cookies (Required): These cookies are necessary for the Website to function and cannot be disabled:

• Authentication and account access
• Shopping cart functionality
• Security and fraud prevention
• Load balancing and performance
• Session management

Functional Cookies (Optional): These cookies enhance your experience but are not essential:

• Remember your preferences (language, currency, region)
• Store recently viewed products
• Enable personalized features
• Remember your login information (if you choose)

Analytics Cookies (Optional): These cookies help us understand how visitors use our Website:

• Track page visits and user journeys
• Measure Website performance
• Identify popular products and content
• Understand traffic sources
• Test new features and improvements

Common Analytics Tools:

• Google Analytics
• Adobe Analytics
• Hotjar (heat mapping and session recording)

Advertising Cookies (Optional): These cookies enable personalized advertising:

• Display relevant product recommendations
• Show targeted ads on third-party websites
• Measure advertising campaign effectiveness
• Prevent showing the same ad repeatedly
• Track conversions from ads

Common Advertising Platforms:

• Google Ads
• Facebook Pixel
• Twitter Ads
• Bing Ads
• Criteo

Social Media Cookies (Optional): These cookies enable social media features:

• Social sharing buttons (Facebook, Twitter, Pinterest)
• Social login functionality
• Display social media content on our Website
• Track social media referrals

5.3 Other Tracking Technologies

Web Beacons (Pixel Tags): Small, invisible images embedded in emails and web pages to:

• Track email opens and engagement
• Measure ad impressions
• Verify page views

Local Storage: Similar to cookies but can store larger amounts of data:

• Cache Website resources for faster loading
• Store user preferences
• Enable offline functionality

Flash Cookies (Local Shared Objects): Stored by Adobe Flash Player (now largely deprecated):

• Store game progress or media player settings
• Can be managed through Adobe’s website

Device Fingerprinting: Collecting device characteristics to create a unique identifier:

• Browser version and plugins
• Screen resolution and color depth
• Operating system
• Time zone and language settings

We use device fingerprinting only for fraud prevention and security purposes.

5.4 Managing Cookies

You have control over cookies and tracking technologies:

Browser Settings: Most browsers allow you to:

• Block all cookies
• Accept only first-party cookies
• Delete existing cookies
• Receive notifications before cookies are stored

Browser-Specific Instructions:

• Chrome: Settings → Privacy and security → Cookies and other site data
• Firefox: Settings → Privacy & Security → Cookies and Site Data
• Safari: Preferences → Privacy → Manage Website Data
• Edge: Settings → Privacy, search, and services → Cookies and site data

Note: Blocking essential cookies may affect Website functionality, such as:

• Shopping cart not working
• Unable to log in
• Preferences not saved
• Checkout process disrupted

Third-Party Opt-Out Tools:

Network Advertising Initiative (NAI):

• Opt out of participating ad networks
• Website: https://www.networkadvertising.org/choices/

Digital Advertising Alliance (DAA):

• Opt out of interest-based advertising
• Website: https://www.aboutads.info/choices/

European Interactive Digital Advertising Alliance (EDAA):

• For EU residents
• Website: https://www.youronlinechoices.eu/

Google Ads Settings:

• Manage Google advertising preferences
• Website: https://adssettings.google.com/

Do Not Track (DNT): Some browsers offer a “Do Not Track” signal. Currently, there is no industry standard for responding to DNT signals. We do not alter our practices when we receive a DNT signal, but you can use other opt-out methods described above.

5.5 Cookie Consent Management

When you first visit our Website, you’ll see a cookie consent banner with options to:

• Accept All Cookies: Enable all cookie categories
• Reject Optional Cookies: Allow only essential cookies
• Customize Settings: Choose specific cookie categories
• View Cookie Policy: Read detailed information

Your consent choices are stored and can be updated at any time through:

• Cookie settings link in the Website footer
• Cookie preference center (accessible throughout the site)
• Browser settings

Cookie Duration:

• Session cookies: Deleted when you close your browser
• Persistent cookies: Typically expire after 30 days to 2 years
• Consent cookies: Stored for 12 months before re-prompting

6. Data Security

We implement comprehensive security measures to protect your personal information:

6.1 Technical Safeguards

Encryption:

• SSL/TLS encryption for all data transmission
• 256-bit encryption for sensitive data
• Encrypted storage of passwords (hashed and salted)
• End-to-end encryption for payment processing

Access Controls:

• Role-based access restrictions
• Multi-factor authentication for employees
• Regular access reviews and audits
• Least privilege principle (minimum necessary access)

Network Security:

• Firewalls and intrusion detection systems
• Regular security monitoring and logging
• DDoS protection
• Virtual Private Networks (VPNs) for remote access

Infrastructure Security:

• Secure data centers with physical access controls
• Redundant systems and backup power
• Regular security patches and updates
• Vulnerability scanning and penetration testing

6.2 Organizational Safeguards

Employee Training:

• Regular privacy and security training
• Confidentiality agreements
• Clear data handling policies and procedures
• Background checks for employees with data access

Vendor Management:

• Thorough security assessment of third-party providers
• Contractual data protection obligations
• Regular vendor compliance reviews

Incident Response:

• Security incident response plan
• Data breach notification procedures
• Regular security drills and testing

6.3 Data Retention

We retain your personal information only as long as necessary for the purposes described in this policy:

Account Information: Retained while your account is active, plus 3-7 years after closure for legal and compliance purposes

Order Information: Retained for 7 years for tax, accounting, and legal purposes

Marketing Information: Retained until you opt out, then deleted or anonymized within 30 days

Website Analytics: Typically retained for 26-38 months

Security Logs: Retained for 1-2 years for incident investigation

After retention periods expire, we securely delete or anonymize your information.

6.4 Your Security Responsibilities

You can help protect your information by:

• Using strong, unique passwords
• Enabling two-factor authentication if available
• Keeping your password confidential
• Logging out after each session on shared devices
• Monitoring your account for unauthorized activity
• Reporting suspicious emails or phishing attempts
• Keeping your contact information current

7. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

7.1 Universal Rights

Right to Access: Request confirmation of whether we process your personal information and obtain a copy of your data.

Right to Correction: Request correction of inaccurate or incomplete personal information.

Right to Deletion: Request deletion of your personal information, subject to legal retention requirements.

Right to Opt-Out of Marketing: Unsubscribe from marketing communications at any time.

7.2 Additional Rights (GDPR – EU/UK Residents)

Right to Restriction: Request restriction of processing in certain circumstances (e.g., while we verify accuracy).

Right to Data Portability: Receive your personal information in a structured, machine-readable format and transmit it to another controller.

Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent (does not affect prior processing).

Right to Lodge a Complaint: File a complaint with your local data protection authority if you believe we’ve violated your rights.

Automated Decision-Making: We do not make solely automated decisions with legal or significant effects. Any automated processing (e.g., fraud detection) includes human review.

7.3 Additional Rights (CCPA/CPRA – California Residents)

Right to Know: Request specific pieces of personal information collected, sources, purposes, and third parties with whom we share it.

Right to Delete: Request deletion of personal information (subject to exceptions).

Right to Opt-Out of Sale/Sharing: We do not sell personal information. If this changes, we will provide an opt-out mechanism.

Right to Correct: Request correction of inaccurate personal information.

Right to Limit Use of Sensitive Personal Information: We do not use sensitive personal information for purposes requiring this right.

Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

Authorized Agents: You may designate an authorized agent to make requests on your behalf.

7.4 Exercising Your Rights

To exercise your privacy rights:

Email: privacy@clusterzshop.com
Subject Line: “Privacy Rights Request – [Type of Request]”
Include:

• Full name and email address associated with your account
• Specific request (access, deletion, correction, etc.)
• Any additional information to verify your identity

Response Timeline:

• We will acknowledge your request within 2-5 business days
• We will respond within 30-45 days (may extend to 90 days for complex requests)
• We may request additional information to verify your identity

Verification: To protect your privacy, we must verify your identity before processing requests. We may ask for:

• Order history information
• Account credentials
• Government-issued ID (for sensitive requests)

No Fees: We generally process privacy requests free of charge. We may charge a reasonable fee for excessive, repetitive, or manifestly unfounded requests.

8. Children’s Privacy

8.1 Age Requirements

Our Website is not intended for children under 13 years of age (or 16 in the EEA). We do not knowingly collect personal information from children.

8.2 Parental Notice

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@clusterzshop.com.

8.3 Deletion of Children’s Information

Upon verified notification that we have collected personal information from a child, we will:

• Delete the information as quickly as possible
• Not use the information for any purpose
• Not disclose the information to third parties

9. International Data Transfers

9.1 Global Operations

ClusterzShop operates globally, and your information may be transferred to, stored, and processed in countries other than your country of residence. These countries may have different data protection laws.

9.2 Transfer Safeguards

When transferring data internationally, we use appropriate safeguards:

EU-US Data Transfers:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions where applicable
• Additional security measures (encryption, access controls)

Other International Transfers:

• Standard Contractual Clauses
• Binding Corporate Rules (if applicable)
• Explicit consent where required
• Derogations for specific situations (contract performance, legal claims)

9.3 Data Processing Locations

Your information may be processed in:

• United States (primary data centers)
• European Union (regional servers)
• Other countries where our service providers operate

We ensure all processors meet our data protection standards regardless of location.

10. Third-Party Websites & Services

10.1 External Links

Our Website may contain links to third-party websites, including:

• Manufacturer websites (Apple, Samsung, Sony, Google, etc.)
• Social media platforms
• Payment processors
• Shipping carrier tracking systems
• Product review sites

10.2 No Responsibility

We are not responsible for the privacy practices or content of third-party websites. These sites operate under their own privacy policies.

10.3 Social Media Integration

If you interact with social media features on our Website (like buttons, plugins):

• Social media platforms may collect information about your visit
• Your interactions are governed by the social platform’s privacy policy
• We may receive limited information if you connect your account

Social Media Platforms We Use:

• Facebook
• Instagram
• Twitter
• Pinterest
• YouTube

Review each platform’s privacy policy to understand their practices.

11. Email & SMS Marketing

11.1 Marketing Communications

With your consent, we may send:

Email Marketing:

• Product promotions and sales
• New arrival announcements
• Personalized recommendations
• Exclusive offers and discounts
• Newsletter with tech tips and news

SMS/Text Marketing:

• Special offers and flash sales
• Order updates (if you opt in)
• Exclusive mobile-only deals

11.2 Consent & Opt-In

Email:

• Opt-in via account registration checkbox
• Subscribe through Website signup forms
• Implied consent for transactional emails (order confirmations)

SMS:

• Explicit opt-in required (separate from email consent)
• Must provide mobile number and check SMS consent box
• Standard messaging rates may apply

11.3 Opt-Out Methods

You can unsubscribe at any time:

Email:

• Click “Unsubscribe” link at the bottom of any marketing email
• Update email preferences in your account settings
• Email us at unsubscribe@clusterzshop.com
• We will process opt-outs within 10 business days

SMS:

• Reply “STOP” to any marketing text message
• Contact customer service to opt out
• Update preferences in your account

Note: Unsubscribing from marketing does not stop transactional emails (order confirmations, shipping updates, customer service responses).

11.4 Email Content

Our emails may include:

• Tracking pixels to measure open rates
• Click tracking for engagement analytics
• Personalized product recommendations based on browsing history

12. Updates to This Policy

12.1 Policy Changes

We may update this Privacy & Cookie Policy periodically to reflect:

• Changes in our data practices
• New features or services
• Legal or regulatory requirements
• Industry best practices
• Customer feedback

12.2 Notification of Changes

When we make material changes, we will:

• Update the “Last Updated” date at the top of this policy
• Display a notice on our Website homepage
• Send an email notification to registered users (for significant changes)
• Request renewed consent where required by law

12.3 Your Continued Use

Continued use of our Website after policy changes constitutes acceptance of the updated policy. If you do not agree with changes, please discontinue use and contact us to delete your account.

12.4 Version History

We maintain a version history of this policy. Previous versions are available upon request by contacting privacy@clusterzshop.com.

13. Contact Us

13.1 Privacy Questions & Requests

For privacy-related inquiries, concerns, or rights requests:

Email: privacy@clusterzshop.com
Subject Line: “Privacy Inquiry – [Topic]”

General Customer Service:

• Email: support@clusterzshop.com
• Website: https://tech.clusterzshop.com/contact
• Phone: [Your customer service number]

Mailing Address: ClusterzShop Privacy Office
[Your physical address]
[City, State, ZIP Code]
[Country]

13.2 Data Protection Officer (If Applicable)

If required by law, our Data Protection Officer can be reached at:

• Email: dpo@clusterzshop.com

13.3 Response Time

We strive to respond to all inquiries within:

• Privacy rights requests: 2-5 business days (acknowledgment), 30-45 days (completion)
• General privacy questions: 5-7 business days
• Security concerns: 24-48 hours

13.4 EU Representative (If Applicable)

For EU residents, our EU Representative can be contacted at: [To be specified if your business has an EU presence]

14. State-Specific Privacy Rights

14.1 California Residents (CCPA/CPRA)

Notice at Collection: We collect the categories of personal information described in Section 1 for the business purposes described in Section 2.

Information We Collect:

• Identifiers (name, email, IP address)
• Commercial information (purchase history)
• Internet activity (browsing behavior)
• Geolocation data
• Audio/visual information (customer service calls, if recorded)
• Inferences (preferences and interests)

Categories of Sources:

• Directly from you
• Automatically from Website usage
• Third-party service providers
• Public databases

Business Purposes:

• Fulfilling orders and transactions
• Customer service and support
• Marketing and communications
• Security and fraud prevention
• Legal compliance

Third-Party Disclosures: We share information with service providers as described in Section 4. We do not sell personal information.

Shine the Light Law: California residents may request information about personal information disclosed to third parties for their direct marketing purposes (once per year, free of charge).

14.2 Nevada Residents

Nevada residents have the right to opt out of the sale of certain covered information. We do not sell covered information. If this changes, we will provide an opt-out mechanism.

14.3 Virginia, Colorado, Connecticut, Utah Residents

Residents of these states have rights similar to GDPR, including:

• Right to access personal information
• Right to correct inaccuracies
• Right to delete personal information
• Right to data portability
• Right to opt out of targeted advertising and sale of data

We do not sell personal data or engage in profiling with legal effects.

15. Glossary of Terms

Personal Information: Any information that identifies, relates to, or could reasonably be linked to you.

Processing: Any operation performed on personal data, including collection, storage, use, disclosure, and deletion.

Controller: The entity that determines the purposes and means of processing personal data (ClusterzShop).

Processor: An entity that processes personal data on behalf of the controller (our service providers).

Consent: Freely given, specific, informed, and unambiguous agreement to processing.

Anonymization: The process of removing identifying information so data cannot be linked back to an individual.

Pseudonymization: Processing data in a way that it can no longer be attributed to a specific person without additional information.

Acknowledgment

By using ClusterzShop’s Website, you acknowledge that:

✓ You have read and understood this Privacy & Cookie Policy
✓ You consent to the collection, use, and disclosure of your information as described
✓ You understand your privacy rights and how to exercise them
✓ You are aware of how to manage cookies and tracking technologies
✓ You will review this policy periodically for updates

Thank you for trusting ClusterzShop with your personal information. We are committed to protecting your privacy and providing a secure shopping experience.

Last Updated: October 13, 2025

For previous versions of this policy, please contact privacy@clusterzshop.com