PRIVACY POLICY

Last updated: October 10, 2025

DarkThoughts.co operates this website and online store (the “Services”). This Privacy Policy explains how we collect, use, and disclose your personal information when you visit, interact with, or make a purchase through the Services. By using the Services, you acknowledge that you have read and understand this Policy.

Personal Information We Collect

“Personal information” is information that identifies or can reasonably be linked to you. We may collect:

  • Contact details — name, email, phone number, billing and shipping addresses.
  • Financial information — payment details necessary to process your order (we do not store full card numbers).
  • Account information — login credentials, preferences, and settings (if you create an account).
  • Transaction information — items viewed, added to cart, purchased, returned, or exchanged.
  • Communications — messages you send to us (e.g., customer support inquiries).
  • Device information — IP address, device and browser type, language, and other technical identifiers.
  • Usage information — pages viewed, navigation patterns, and interactions with features.

Sources of Personal Information

  • Directly from you — when you create an account, place an order, or contact us.
  • Automatically — via cookies and similar technologies when you browse our site.
  • Service providers — who support payments, analytics, fulfillment, and shipping.
  • Partners or other third parties — where permitted by law.

How We Use Personal Information

  • Provide and improve the Services — process orders, deliver products, remember preferences, manage your account, handle returns and exchanges, and personalize your experience.
  • Marketing and advertising — send promotional communications and show relevant offers (you may opt out at any time).
  • Security and fraud prevention — authenticate users; detect, investigate, and prevent fraudulent or malicious activity.
  • Communications — provide customer support and order updates.
  • Legal compliance — comply with applicable laws and legal processes.

How We Disclose Personal Information

We may disclose personal information in the following circumstances:

  • Service providers — IT, payment processing, analytics, customer support, fulfillment, and shipping.
  • Business and marketing partners — where legally permitted and subject to their privacy notices.
  • At your direction or with your consent — for example, to complete a shipment or enable integrations.
  • Affiliates — within our corporate group, where applicable.
  • Legal and safety — to comply with law, enforce terms, or protect rights and safety.
  • Business transactions — in connection with a merger, acquisition, or similar event.

We do not sell personal information.

Third-Party Websites and Links

The Services may contain links to third-party sites. We are not responsible for the privacy or security practices of those sites. Review their policies before providing information.

Children’s Data

The Services are not intended for children under the age of majority. We do not knowingly collect personal information from minors.

Security and Retention

We employ reasonable safeguards to protect personal information. No method of transmission or storage is fully secure. We retain information only as long as necessary to provide the Services, support your account, comply with legal obligations, resolve disputes, and enforce policies.

Your Rights and Choices

Depending on your location, you may have rights to:

  • Access / Know the personal information we hold about you.
  • Delete personal information, subject to legal exceptions.
  • Correct inaccurate personal information.
  • Portability — receive a copy of certain information in a portable format.
  • Manage marketing preferences — opt out of promotional emails at any time.

UK/EEA residents: You may also have rights to object to or restrict processing and to withdraw consent where processing is based on consent.

We may need to verify your identity before responding to a request and, where permitted, you may authorize an agent to submit a request on your behalf with appropriate proof.

Complaints

If you have concerns about our handling of personal information, you may have the right to lodge a complaint with your local data protection authority. For EEA residents, a list of supervisory authorities is available at the European Data Protection Board website.

International Transfers

We may transfer, store, and process personal information outside your country of residence. When personal information is transferred from the UK/EEA to other countries, we rely on recognized transfer mechanisms such as the European Commission’s Standard Contractual Clauses or equivalent instruments, unless an adequacy decision applies.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect operational, legal, or regulatory changes. The “Last updated” date above will be revised when changes are made.