Privacy policy
Introduction
DoorToCart ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.doortocart.com (the "Site"), make a purchase, or otherwise interact with us (collectively, the "Services").
This Privacy Policy applies to all visitors, users, and customers in the United States. If you are a California resident, please also review our California Privacy Notice section for additional rights and disclosures required under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).
Please read this Privacy Policy carefully. By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.
Table of Contents
- Information We Collect
- How We Collect Your Information
- How We Use Your Information
- How We Share Your Information
- Cookies and Tracking Technologies
- Third-Party Services
- Data Retention
- Data Security
- Your Privacy Rights
- California Privacy Notice
- Other State Privacy Rights
- Children's Privacy
- International Data Transfers
- Do Not Track Signals
- Third-Party Links
- Changes to This Privacy Policy
- Contact Us
1. Information We Collect
We collect information that identifies, relates to, describes, or could reasonably be linked to you or your household ("Personal Information"). The types of Personal Information we collect depend on how you interact with our Services.
1.1 Information You Provide Directly
| Category | Examples |
|---|---|
| Contact Information | Name, email address, mailing address, phone number |
| Account Information | Username, password, account preferences |
| Payment Information | Credit/debit card number, billing address (processed by Stripe) |
| Order Information | Shipping address, products purchased, order history |
| Communication Data | Messages you send us, customer service inquiries, feedback, reviews |
| Survey/Contest Data | Information you provide when participating in surveys, promotions, or contests |
1.2 Information Collected Automatically
When you visit or interact with our Site, we automatically collect certain information:
| Category | Examples |
|---|---|
| Device Information | Device type, operating system, unique device identifiers, browser type and version |
| Usage Information | Pages viewed, time spent on pages, clicks, scrolling behavior, search queries on our Site |
| Location Information | Approximate location based on IP address (city/region level) |
| Network Information | Internet service provider, IP address, connection type |
| Referral Information | How you arrived at our Site (search engine, social media, referral link) |
1.3 Information from Third Parties
We may receive information about you from third parties, including:
| Source | Information Received |
|---|---|
| Payment Processors (Stripe) | Transaction confirmation, partial payment details, fraud screening results |
| Shipping Carriers | Delivery status, delivery confirmation |
| Analytics Providers | Aggregated usage data, demographic insights |
| Advertising Partners | Ad interaction data, conversion information |
| Social Media Platforms | Information you make public or share when interacting with our social content |
| E-commerce Platform (Shopify) | Order data, customer data, site analytics |
1.4 Sensitive Personal Information
We collect limited sensitive personal information solely for the purpose of processing your transactions:
| Category | Collected | Purpose |
|---|---|---|
| Account login credentials | ✅ Yes | Account security and authentication |
| Payment card information | ✅ Yes | Transaction processing (handled by Stripe) |
| Precise geolocation | ❌ No | Not collected |
| Race, ethnicity, religion | ❌ No | Not collected |
| Health information | ❌ No | Not collected |
| Biometric data | ❌ No | Not collected |
We do not use sensitive personal information for profiling, advertising, or any purpose other than providing our Services.
2. How We Collect Your Information
We collect Personal Information through the following methods:
| Collection Method | Examples |
|---|---|
| Direct Collection | When you create an account, place an order, subscribe to our newsletter, contact customer support, leave a review, or participate in promotions |
| Automated Collection | Through cookies, pixels, web beacons, and similar technologies when you browse our Site |
| Third-Party Sources | From our service providers, business partners, and publicly available sources |
3. How We Use Your Information
We use your Personal Information for the following purposes:
3.1 To Provide Our Services
- Process and fulfill your orders
- Manage your account and preferences
- Arrange shipping and delivery
- Process returns, refunds, and exchanges
- Send transactional communications (order confirmations, shipping updates, receipts)
- Provide customer support and respond to inquiries
3.2 To Improve Our Services
- Analyze usage patterns and trends
- Identify and fix technical issues
- Develop new features and products
- Personalize your shopping experience
- Conduct internal research and analytics
3.3 For Marketing and Advertising
- Send promotional emails and newsletters (with your consent)
- Display targeted advertisements on our Site and third-party platforms
- Measure the effectiveness of our marketing campaigns
- Offer personalized product recommendations
3.4 For Security and Fraud Prevention
- Detect, investigate, and prevent fraudulent transactions
- Monitor for suspicious activity and unauthorized access
- Protect our Site, Services, and users from security threats
- Verify your identity when necessary
3.5 For Legal and Compliance Purposes
- Comply with applicable laws, regulations, and legal processes
- Respond to lawful requests from government authorities
- Enforce our Terms of Service and other agreements
- Protect our rights, property, and safety, and that of our users and others
4. How We Share Your Information
We do not sell your Personal Information for monetary consideration. However, we may share your information in the following circumstances:
4.1 Service Providers
We share information with third-party vendors who perform services on our behalf:
| Provider Type | Purpose | Examples |
|---|---|---|
| E-commerce Platform | Website hosting, order management | Shopify |
| Payment Processing | Secure payment transactions | Stripe |
| Shipping & Fulfillment | Order delivery | USPS, UPS, FedEx, DHL, international carriers |
| Email Marketing | Newsletters and promotional emails | Klaviyo, Mailchimp |
| Analytics | Website performance analysis | Google Analytics |
| Customer Support | Help desk and support tools | Zendesk, Gorgias |
| Cloud Storage | Secure data storage | Amazon Web Services, Google Cloud |
These service providers are contractually obligated to use your information only for the purposes we specify and to protect your information.
4.2 Advertising Partners
We may share certain information with advertising partners to deliver targeted advertisements:
| Partner | Purpose | Opt-Out Link |
|---|---|---|
| Meta (Facebook/Instagram) | Targeted ads, conversion tracking | Facebook Ad Preferences |
| Google Ads | Targeted ads, remarketing | Google Ad Settings |
| Targeted ads | Pinterest Privacy Settings | |
| TikTok | Targeted ads | TikTok Privacy Settings |
Under certain state privacy laws (including the CCPA), sharing information for targeted advertising may be considered a "sale" or "sharing" of personal information. See the California Privacy Notice section for more details and how to opt out.
4.3 Business Transfers
If we are involved in a merger, acquisition, sale of assets, bankruptcy, or other business transaction, your Personal Information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.
4.4 Legal Requirements
We may disclose your information if required to do so by law or in response to valid requests by public authorities, including:
- To comply with a subpoena, court order, or other legal process
- To respond to requests from law enforcement or regulatory agencies
- To protect and defend our rights, property, or safety
- To prevent or investigate possible wrongdoing in connection with our Services
- To protect the personal safety of users or the public
4.5 With Your Consent
We may share your information with third parties when you have given us your explicit consent to do so.
5. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to collect information and improve our Services.
5.1 Types of Cookies We Use
| Cookie Type | Purpose | Can Be Disabled? |
|---|---|---|
| Essential | Required for Site functionality (cart, checkout, security) | ❌ No |
| Analytics | Help us understand how visitors use our Site | ✅ Yes |
| Functional | Remember your preferences (language, region) | ✅ Yes |
| Marketing | Deliver relevant ads and measure campaign effectiveness | ✅ Yes |
5.2 Managing Cookies
You can control cookies through your browser settings. Visit the following links for instructions:
Note: Disabling certain cookies may impact Site functionality, including your ability to make purchases.
For more details, please see our Cookie Policy.
6. Third-Party Services
Our Services integrate with various third-party platforms:
6.1 Shopify
Our Site is powered by Shopify. Shopify collects certain information to provide e-commerce functionality. For more information, see Shopify's Privacy Policy and Shopify's Cookie Policy.
6.2 Stripe
We use Stripe to process payments. When you make a purchase, your payment information is collected and processed directly by Stripe. We do not store your complete credit card number. For more information, see Stripe's Privacy Policy.
6.3 Google Analytics
We use Google Analytics to analyze website traffic. Google Analytics collects information anonymously and reports trends without identifying individual visitors. You can opt out using the Google Analytics Opt-Out Browser Add-on.
6.4 Shopify Audiences
We may use Shopify Audiences to personalize advertising on third-party platforms. To opt out, visit Shopify's Privacy Preferences.
7. Data Retention
We retain your Personal Information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.
| Data Type | Retention Period |
|---|---|
| Account information | Until account deletion + 3 years |
| Order history | 7 years (legal/tax requirements) |
| Customer support records | 3 years |
| Marketing preferences | Until you opt out or account deletion |
| Payment transaction records | 7 years (legal/tax requirements) |
| Website analytics (aggregated) | 26 months |
| Cookies | Varies by cookie (see Cookie Policy) |
When your information is no longer needed, we will securely delete or anonymize it.
8. Data Security
We implement appropriate technical and organizational measures to protect your Personal Information:
| Security Measure | Description |
|---|---|
| SSL/TLS Encryption | All data transmitted between your browser and our Site is encrypted |
| PCI-DSS Compliance | Payment processing meets industry security standards (via Stripe) |
| Access Controls | Personal Information access is limited to authorized personnel only |
| Secure Hosting | Our Site is hosted on secure, monitored servers |
| Regular Monitoring | We monitor for security threats and vulnerabilities |
Important: No method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.
If you believe your account has been compromised, please contact us immediately at support@doortocart.com.
9. Your Privacy Rights
Depending on your state of residence, you may have certain rights regarding your Personal Information:
| Right | Description |
|---|---|
| Right to Know/Access | Request what Personal Information we have collected about you |
| Right to Delete | Request deletion of your Personal Information |
| Right to Correct | Request correction of inaccurate Personal Information |
| Right to Portability | Request a copy of your data in a portable format |
| Right to Opt-Out of Sale/Sharing | Direct us not to sell or share your Personal Information for targeted advertising |
| Right to Opt-Out of Profiling | Opt out of automated decision-making and profiling |
| Right to Non-Discrimination | We will not discriminate against you for exercising your rights |
How to Exercise Your Rights
To submit a privacy request, please contact us:
Email: support@doortocart.com
Subject Line: Privacy Request — [Your Request Type]
Include in Your Request:
- Your full name
- Email address associated with your account
- The specific right you wish to exercise
- Any additional information to help us locate your data
Verification
To protect your privacy, we must verify your identity before processing your request. We may ask you to confirm information you previously provided (name, email, order history) or respond to a verification email.
If we cannot verify your identity, we may be unable to fulfill your request.
Authorized Agents
You may designate an authorized agent to submit requests on your behalf. We may require written authorization signed by you, verification of the agent's identity, and direct verification of your identity.
Response Time
We will acknowledge your request within 10 business days and provide a substantive response within 45 calendar days. If we need additional time (up to 45 more days), we will notify you in writing.
10. California Privacy Notice
This section applies to California residents and supplements our Privacy Policy in accordance with the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).
10.1 Categories of Personal Information Collected
In the past 12 months, we have collected the following categories of Personal Information:
| Category | Examples | Collected |
|---|---|---|
| A. Identifiers | Name, email, address, IP address, account name | ✅ Yes |
| B. Personal Information (Cal. Civ. Code § 1798.80) | Name, address, phone, payment information | ✅ Yes |
| C. Protected Classifications | Age, gender (if voluntarily provided) | Limited |
| D. Commercial Information | Purchase history, products viewed, shopping preferences | ✅ Yes |
| E. Biometric Information | Fingerprints, facial recognition | ❌ No |
| F. Internet/Network Activity | Browsing history on our Site, device information | ✅ Yes |
| G. Geolocation Data | Approximate location from IP address | ✅ Yes |
| H. Sensory Data | Audio recordings (if customer service calls recorded) | Limited |
| I. Professional/Employment Info | Job title, employer | ❌ No |
| J. Education Information | Education records | ❌ No |
| K. Inferences | Preferences, characteristics derived from collected data | ✅ Yes |
| L. Sensitive Personal Information | Account login, payment information | Limited |
10.2 Sources of Personal Information
- Directly from you
- Automatically through cookies and tracking technologies
- From third-party service providers
10.3 Purposes for Collection
- Providing products and services
- Processing transactions
- Marketing and advertising
- Improving our Services
- Security and fraud prevention
- Legal compliance
10.4 Disclosure of Personal Information
In the past 12 months, we have disclosed the following categories to service providers and business partners:
| Category | Recipients |
|---|---|
| Identifiers | Service providers, shipping carriers, payment processors, advertising partners |
| Commercial Information | Service providers, analytics providers, advertising partners |
| Internet/Network Activity | Analytics providers, advertising partners |
| Geolocation | Analytics providers, advertising partners |
10.5 Sale and Sharing of Personal Information
We do not sell your Personal Information for monetary consideration.
However, under CCPA/CPRA, sharing information with advertising partners for targeted advertising may constitute a "sale" or "sharing." In the past 12 months, we may have "sold" or "shared" the following categories:
| Category | Shared With |
|---|---|
| Identifiers (device ID, IP address) | Advertising partners |
| Commercial Information (products viewed) | Advertising partners |
| Internet/Network Activity | Advertising partners |
10.6 Your California Rights
As a California resident, you have the right to:
- Know — Request what Personal Information we collect, use, and disclose
- Delete — Request deletion of your Personal Information
- Correct — Request correction of inaccurate Personal Information
- Opt-Out of Sale/Sharing — Direct us not to sell or share your Personal Information
- Limit Use of Sensitive Personal Information — Limit use to what is necessary for Services
- Non-Discrimination — Not be discriminated against for exercising your rights
10.7 How to Opt-Out of Sale/Sharing
To opt out of the "sale" or "sharing" of your Personal Information:
- Email Us: support@doortocart.com with subject line "Do Not Sell or Share My Personal Information"
- Global Privacy Control (GPC): Enable GPC in your browser — we honor GPC signals
- Advertising Partners: Use the opt-out links in Section 4.2
10.8 Shine the Light
California Civil Code Section 1798.83 permits California residents to request information about disclosure of Personal Information to third parties for direct marketing purposes. We do not share Personal Information with third parties for their own direct marketing purposes.
10.9 Minors
We do not have actual knowledge that we sell or share the Personal Information of consumers under 16 years of age.
11. Other State Privacy Rights
Residents of other states with comprehensive privacy laws have similar rights:
11.1 Virginia (VCDPA)
Virginia residents have the right to access, correct, delete, obtain a copy of, and opt out of targeted advertising and sale of Personal Information.
11.2 Colorado (CPA)
Colorado residents have the right to access, correct, delete, obtain a copy of, and opt out of targeted advertising, sale, and profiling.
11.3 Connecticut (CTDPA)
Connecticut residents have the right to access, correct, delete, obtain a copy of, and opt out of targeted advertising, sale, and profiling.
11.4 Utah (UCPA)
Utah residents have the right to access, delete, obtain a copy of, and opt out of targeted advertising and sale of Personal Information.
11.5 How to Exercise State Privacy Rights
Residents of these states may exercise their rights by contacting us at support@doortocart.com with the subject line "State Privacy Request — [Your State]."
11.6 Appeals
If we deny your request, you have the right to appeal. To submit an appeal, email us at support@doortocart.com with subject line "Privacy Appeal." We will respond within the timeframe required by applicable law.
12. Children's Privacy
Our Services are not intended for children under the age of 16. We do not knowingly collect Personal Information from children under 16.
If you are a parent or guardian and believe that your child has provided us with Personal Information, please contact us immediately at support@doortocart.com. If we become aware that we have collected Personal Information from a child under 16, we will take steps to delete that information promptly.
13. International Data Transfers
Our Services are operated in the United States. If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate.
By using our Services, you consent to the transfer of your information to countries outside your country of residence, which may have different data protection rules.
If we transfer Personal Information from the European Economic Area (EEA), United Kingdom, or Switzerland, we rely on recognized transfer mechanisms such as Standard Contractual Clauses.
14. Do Not Track Signals
Some web browsers offer a "Do Not Track" (DNT) feature that sends a signal to websites you visit indicating you do not want to be tracked. There is currently no industry-wide standard for DNT signals, and our Site does not currently respond to DNT signals.
However, we do honor Global Privacy Control (GPC) signals. If your browser sends a GPC signal, we will treat it as a valid opt-out request for the sale or sharing of Personal Information under applicable state laws.
15. Third-Party Links
Our Site may contain links to third-party websites, applications, or services that are not operated by us. If you click on a third-party link, you will be directed to that third party's site.
We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policy of every site you visit.
Our inclusion of third-party links does not imply endorsement of those sites or their operators.
16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:
- We will update the "Last Updated" date at the top of this policy
- We will post the revised policy on our Site
- For material changes, we may notify you by email or by a prominent notice on our Site
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
Your continued use of our Services after any changes constitutes acceptance of the revised Privacy Policy.
17. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
Email: support@doortocart.com
Subject Line: Privacy Inquiry
Mailing Address:
icicosmetic Ltd
Office 6623 58 Peregrine Road,
Hainault, Ilford, Essex,
United Kingdom, IG6 3SZ
Response Time: We aim to respond to all privacy inquiries within 3-5 business days.
Additional Resources
Thank you for trusting DoorToCart with your personal information.
