Privacy Policy

Last updated: May 2026

This Privacy Policy describes how Warmify Lab ("we," "us," or "our") collects, uses, and discloses your personal information when you visit or make a purchase from warmifylab.com (the "Site"). This policy applies to our Shopify-powered ecommerce store and all related services.

By using the Site, you agree to the collection and use of information in accordance with this Privacy Policy. In the event of any conflict between this Privacy Policy and other terms or policies regarding the handling of your personal information, this Privacy Policy shall prevail.

1. Definitions

For the purposes of this Privacy Policy:

• "Personal Information" means any information relating to an identified or identifiable individual, including but not limited to name, email address, postal address, phone number, payment information, device identifiers, IP address, browsing behavior, and any other data that can be used to identify you directly or indirectly.
• "Site" refers to warmifylab.com and all associated pages, services, and features.
• "You" refers to the individual accessing or using the Site, or the company or legal entity on behalf of which such individual is accessing or using the Site.

2. Personal Information We Collect

We collect various types of personal information when you interact with our Site, including:

2.1 Contact Information

• Full name
• Email address
• Postal address (billing and shipping)
• Phone number

2.2 Financial and Payment Information

• Payment card details (processed securely by third-party payment processors; we do not store complete card numbers)
• Billing address
• Transaction history and purchase records

2.3 Account Information

• Username and password (if you create an account)
• Order history
• Saved preferences and settings

2.4 Communications

• Customer support inquiries and correspondence
• Product reviews and ratings
• Survey responses and feedback
• Marketing and promotional preferences

2.5 Device and Usage Information

• IP address and geolocation data
• Browser type and version
• Device identifiers and operating system
• Pages viewed, time spent on pages, and navigation paths
• Referring website or source
• Date and time of access

2.6 Marketing Preferences

• Email marketing opt-ins and opt-outs
• SMS marketing consents (where applicable)
• Communication preferences

3. How We Collect Personal Information

We collect personal information through various methods:

3.1 Information You Provide Directly

• When you create an account
• When you place an order or make a purchase
• When you subscribe to our newsletter or marketing communications
• When you contact customer support
• When you participate in surveys, contests, or promotions
• When you submit product reviews or feedback

3.2 Information Collected Automatically

• Through cookies, web beacons, and similar tracking technologies
• Through analytics tools such as Google Analytics
• Through advertising pixels and tags (e.g., Google Ads, Meta Pixel, TikTok Pixel)
• Through server logs and access records

3.3 Information from Shopify and Service Providers

• Transaction data processed through Shopify's platform
• Payment processing information from payment gateways
• Shipping and fulfillment data from logistics providers

3.4 Information from Third-Party Partners

• Advertising and analytics partners
• Fraud prevention and security services
• Social media platforms (if you interact with our social media pages or use social login features)

4. How We Use Personal Information

We use your personal information for the following purposes:

4.1 Order Fulfillment and Customer Service

• Processing and fulfilling your orders
• Communicating with you about your orders, including order confirmations, shipping updates, and delivery notifications
• Handling returns, exchanges, and refunds
• Providing customer support and responding to inquiries

4.2 Payment Processing

• Processing payments securely through third-party payment processors
• Detecting and preventing fraudulent transactions
• Managing billing and invoicing

4.3 Marketing and Advertising

• Sending promotional emails, newsletters, and marketing communications (with your consent where required)
• Displaying personalized advertisements on third-party platforms
• Conducting market research and analyzing customer preferences
• Running contests, promotions, and special offers

4.4 Fraud Prevention and Security

• Detecting, preventing, and investigating fraudulent or unauthorized activity
• Protecting the security and integrity of our Site and services
• Enforcing our Terms of Service and other policies

4.5 Analytics and Site Improvement

• Analyzing how customers use our Site to improve functionality and user experience
• Conducting A/B testing and performance optimization
• Understanding customer behavior and preferences
• Developing new products and services

4.6 Legal Compliance

• Complying with applicable laws, regulations, and legal obligations
• Responding to lawful requests from government authorities
• Protecting our legal rights and interests
• Resolving disputes and enforcing agreements

4.7 Legal Bases for Processing (GDPR/UK GDPR)

Where applicable under the General Data Protection Regulation (GDPR) or UK GDPR, we process your personal information based on the following legal grounds:

• Contract Performance: Processing necessary to fulfill our contract with you (e.g., order fulfillment)
• Legitimate Interests: Processing necessary for our legitimate business interests (e.g., fraud prevention, analytics, marketing to existing customers)
• Consent: Processing based on your explicit consent (e.g., marketing communications, certain cookies)
• Legal Obligations: Processing necessary to comply with legal requirements (e.g., tax reporting, responding to legal requests)

5. Sharing of Personal Information

We may share your personal information with the following categories of third parties:

5.1 Shopify

Our Site is hosted and powered by Shopify Inc. Shopify provides us with the ecommerce platform and infrastructure to operate our online store. Your personal information is processed and stored on Shopify's servers. For more information on how Shopify handles your data, please review Shopify's Privacy Policy at https://www.shopify.com/legal/privacy.

5.2 Payment Processors

We use third-party payment processors to securely process your payment information, including but not limited to:

• Shopify Payments
• Stripe
• PayPal
• Other payment gateways as applicable

These payment processors handle your payment card details in accordance with Payment Card Industry Data Security Standards (PCI DSS). We do not store complete payment card numbers on our servers.

5.3 Shipping and Fulfillment Providers

We share your shipping information (name, address, phone number) with logistics and fulfillment partners to deliver your orders, including but not limited to postal services, courier companies, and third-party logistics (3PL) providers.

5.4 Analytics Providers

We use analytics services to understand how visitors use our Site, including:

• Google Analytics
• Shopify Analytics
• Other analytics tools as applicable

These services may collect information about your device, browsing behavior, and interactions with our Site.

5.5 Advertising Partners

We work with advertising platforms to display personalized advertisements to you on third-party websites and social media platforms, including:

• Google Ads
• Meta (Facebook and Instagram)
• TikTok
• Other advertising networks as applicable

These platforms may use cookies, pixels, and similar technologies to track your activity and deliver targeted ads.

5.6 Legal Authorities and Law Enforcement

We may disclose your personal information to government authorities, law enforcement agencies, or other third parties when required by law or when we believe in good faith that such disclosure is necessary to:

• Comply with legal obligations, court orders, or regulatory requirements
• Protect our rights, property, or safety, or that of our customers or the public
• Detect, prevent, or investigate fraud, security breaches, or illegal activity
• Enforce our Terms of Service or other agreements

5.7 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal information may be transferred to the acquiring or successor entity as part of the business transaction. We will notify you of any such change in ownership or control of your personal information.

5.8 Sale or Sharing of Personal Information

We do not sell your personal information in the traditional sense (i.e., we do not exchange your data for monetary compensation). However, under certain privacy laws such as the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), sharing personal information with advertising partners for targeted advertising purposes may be considered a "sale" or "sharing" of personal information. If you wish to opt out of such sharing, please see Section 12 (Your Rights) below.

6. Cookies and Tracking Technologies

We use cookies, web beacons, pixels, and similar tracking technologies to collect information about your use of our Site and to provide personalized experiences.

6.1 Types of Cookies We Use

• Strictly Necessary Cookies: Essential for the operation of our Site, including shopping cart functionality, secure login, and payment processing. These cookies cannot be disabled.
• Functional Cookies: Enable enhanced functionality and personalization, such as remembering your preferences and settings.
• Analytics Cookies: Help us understand how visitors interact with our Site by collecting and reporting information anonymously (e.g., Google Analytics).
• Marketing Cookies: Used to deliver personalized advertisements and track the effectiveness of our marketing campaigns (e.g., Google Ads, Meta Pixel, TikTok Pixel).

6.2 Managing Cookies

You can manage your cookie preferences through your browser settings. Most browsers allow you to block or delete cookies. However, disabling certain cookies may affect the functionality of our Site and your ability to use certain features.

6.3 Global Privacy Control (GPC)

We recognize and honor Global Privacy Control (GPC) signals where required by law. If your browser sends a GPC signal, we will treat it as a request to opt out of the sale or sharing of your personal information for targeted advertising purposes.

6.4 Do Not Track Signals

Our Site does not currently respond to "Do Not Track" (DNT) signals from web browsers. We may revisit this policy as industry standards evolve.

7. Behavioral Advertising

We use third-party advertising platforms to display personalized advertisements based on your browsing behavior and interests. These platforms may collect information about your activity on our Site and other websites to deliver targeted ads.

7.1 Advertising Platforms We Use

• Google Ads
• Meta (Facebook and Instagram)
• TikTok
• Other advertising networks as applicable

7.2 Opting Out of Behavioral Advertising

You can opt out of personalized advertising by adjusting your settings on the following platforms:

• Google Ads: https://adssettings.google.com
• Meta (Facebook): https://www.facebook.com/settings?tab=ads
• TikTok: https://www.tiktok.com/safety/privacy-and-security-on-tiktok
• Digital Advertising Alliance (DAA): http://optout.aboutads.info
• Network Advertising Initiative (NAI): http://optout.networkadvertising.org

Please note that opting out of personalized advertising does not mean you will stop seeing advertisements. You will continue to receive generic, non-targeted ads.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements.

8.1 Retention Periods

• Order and Transaction Data: Retained for approximately 7 years to comply with accounting, tax, and legal requirements in Australia.
• Marketing Communications: Retained until you unsubscribe or request deletion.
• Account Information: Retained for the duration of your account and for a reasonable period thereafter to comply with legal obligations.
• Analytics and Usage Data: Retained in aggregated or anonymized form for analytical purposes.

8.2 Deletion and Anonymization

After the applicable retention period, we will securely delete or anonymize your personal information in accordance with our data retention policies and applicable laws.

9. International Transfers

Your personal information may be transferred to, processed, and stored in countries outside of Australia, including but not limited to the United States, Canada, and the European Union. These countries may have data protection laws that differ from those in Australia.

9.1 Safeguards for International Transfers

When we transfer your personal information internationally, we implement appropriate safeguards to protect your data, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Reliance on Shopify's global infrastructure and data protection measures
• Compliance with applicable data protection laws and regulations

For more information on Shopify's international data transfers, please review Shopify's Privacy Policy at https://www.shopify.com/legal/privacy.

10. Security

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it from unauthorized access, disclosure, alteration, or destruction.

10.1 Security Measures

• Encryption: We use SSL/TLS encryption to protect data transmitted between your browser and our servers.
• Secure Hosting: Our Site is hosted on Shopify's secure infrastructure, which complies with industry-standard security practices.
• Access Controls: We restrict access to personal information to authorized personnel only, on a need-to-know basis.
• Monitoring and Logging: We monitor our systems for suspicious activity and maintain logs to detect and respond to security incidents.
• Fraud Prevention: We use fraud detection and prevention tools to protect against unauthorized transactions.

10.2 Limitations of Security

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, and you acknowledge that you provide your personal information at your own risk.

10.3 Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and relevant authorities in accordance with applicable laws and regulations.

11. Children's Privacy

Our Site is not directed to individuals under the age of 16, and we do not knowingly collect personal information from children under 16. If we become aware that we have inadvertently collected personal information from a child under 16, we will take steps to delete such information as soon as reasonably practicable.

If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at contact@warmifylab.com so that we can take appropriate action.

12. Your Rights

Depending on your location, you may have certain rights regarding your personal information. These rights may include:

12.1 General Rights

• Right to Access: You have the right to request a copy of the personal information we hold about you.
• Right to Correction: You have the right to request that we correct inaccurate or incomplete personal information.
• Right to Deletion: You have the right to request that we delete your personal information, subject to certain exceptions (e.g., legal obligations, fraud prevention).
• Right to Restriction: You have the right to request that we restrict the processing of your personal information in certain circumstances.
• Right to Data Portability: You have the right to request that we provide your personal information in a structured, commonly used, and machine-readable format.
• Right to Opt Out of Marketing: You have the right to opt out of receiving marketing communications from us at any time by clicking the "unsubscribe" link in our emails or contacting us directly.

12.2 Identity Verification

To protect your privacy and security, we may require you to verify your identity before we can fulfill your request. This may involve providing additional information or documentation.

12.3 California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including:

• Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources from which we collected it, the purposes for which we use it, and the third parties with whom we share it.
• Right to Delete: You have the right to request that we delete your personal information, subject to certain exceptions.
• Right to Correct: You have the right to request that we correct inaccurate personal information.
• Right to Opt Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information for targeted advertising purposes. To exercise this right, please contact us at contact@warmifylab.com or use the "Do Not Sell or Share My Personal Information" link on our Site (if available).
• Right to Non-Discrimination: You have the right not to receive discriminatory treatment for exercising your privacy rights.

12.4 European Union and United Kingdom Residents (GDPR/UK GDPR)

If you are located in the European Union or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR) or UK GDPR, including:

• Right to Object: You have the right to object to the processing of your personal information for direct marketing purposes or based on our legitimate interests.
• Right to Withdraw Consent: If we process your personal information based on your consent, you have the right to withdraw your consent at any time.
• Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe that our processing of your personal information violates applicable data protection laws. In the UK, you can contact the Information Commissioner's Office (ICO) at https://ico.org.uk. In the EU, you can contact your local data protection authority.

12.5 Australian Residents (Privacy Act 1988)

If you are located in Australia, you have rights under the Privacy Act 1988 (Cth), including:

• Right to Access: You have the right to request access to the personal information we hold about you.
• Right to Correction: You have the right to request that we correct inaccurate or out-of-date personal information.
• Right to Complain: If you believe that we have breached the Australian Privacy Principles (APPs), you have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at https://www.oaic.gov.au.

12.6 Exercising Your Rights

To exercise any of your rights, please contact us at contact@warmifylab.com. We will respond to your request within the timeframe required by applicable law.

13. Third-Party Links

Our Site may contain links to third-party websites, services, or applications that are not operated or controlled by us. This Privacy Policy does not apply to those third-party sites. We are not responsible for the privacy practices or content of third-party websites. We encourage you to review the privacy policies of any third-party sites you visit.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational, legal, or regulatory reasons. When we make material changes to this Privacy Policy, we will notify you by posting the updated policy on this page and updating the "Last updated" date at the top of this policy.

We may also notify you of material changes by email or through a notice on our Site. Your continued use of the Site after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

15. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Warmify Lab
Email: contact@warmifylab.com
Website: warmifylab.com

We will make every effort to respond to your inquiry in a timely manner.