Privacy Policy
Welcome to Bespoke Sword (hereinafter referred to as “we,” “us,” or “our”) official website (https://www.bespokesword.com, hereinafter referred to as “this Website”). We highly value your personal privacy and data security, and we process your personal information in strict accordance with the principles of legality, propriety, and necessity, striving to provide you with a safe and transparent service experience. This Privacy Policy is designed to clearly inform you of how we collect, use, store, share, and protect your personal information, as well as the rights you have and how to exercise them.
Please carefully read and fully understand this Privacy Policy before accessing this Website, using our products or services. By accessing, using this Website or related services, you acknowledge that you have read, understood, and agreed to all the terms of this Policy. If you do not agree to this Policy, please do not access or use this Website or related services.
I. Scope of Application
This Privacy Policy applies to all your behaviors related to this Website, including but not limited to accessing this Website, browsing products, submitting custom orders, consulting customer service, registering an account, participating in activities, as well as the entire process of us collecting, using, storing, and sharing your personal information.
Please note that this Policy does not apply to third-party websites or services (such as third-party payment platforms, logistics service providers, social media linked to this Website). Please review the privacy policies of third parties on your own; we are not liable for the collection and use of your personal information by third parties.
II. Personal Information We Collect
We only collect personal information that is necessary to provide custom samurai sword products, fulfill orders, provide after-sales services, and optimize the Website experience. We do not collect information unrelated to our services and strictly adhere to the principle of data minimization. The specific information collected is as follows:
(I) Personal Information You Voluntarily Provide
- Account Registration Information: When you register an account on this Website, you are required to provide your email address and set a password. You may voluntarily provide your name, phone number, and other information for account login, identity verification, and subsequent service notifications.
- Order-Related Information: When you submit a custom samurai sword order, you are required to provide your name, phone number, shipping address, and email address for order confirmation, product delivery, logistics tracking, and after-sales communication. If you choose online payment, you will need to provide payment-related information (such as the last 4 digits of your bank card number, payment account nickname, etc.). This information will be directly submitted to third-party payment platforms, and we do not store complete payment account information.
- Customization Requirement Information: To complete the samurai sword customization service, you may need to provide customization parameters (such as size, material, engraving content, etc.). This information will be used for product production to ensure it meets your personalized needs.
- Inquiry and Feedback Information: When you consult questions, submit complaints, or provide suggestions through our online customer service, email, message, or other channels, we will collect your inquiry content and contact information to respond to your needs and resolve related issues in a timely manner.
(II) Information We Automatically Collect
When you access this Website, we will automatically collect certain non-personally identifiable information through technical means such as browsers and server logs to optimize Website performance, analyze user behavior, and improve service quality. Specifically, this includes:
- Device Information: Such as your device model, operating system version, browser type, device IP address, device identifier, etc., used to identify device compatibility and ensure the security of Website access.
- Access Behavior Information: Such as the time you access this Website, the pages you browse, the duration of your stay, click operations, search keywords, etc., used to analyze user preferences and optimize Website layout and product display.
- Cookie and Related Technology Information: To enhance your access experience, we use Cookies, web beacons, and other technologies to store your browsing preferences (such as language settings, page layout) and avoid repeated information entry. You can disable Cookies in your browser settings, but this may affect the normal use of some Website functions.
(III) Sensitive Personal Information Notice
This Website does not actively collect your sensitive personal information (such as ID numbers, biometric data, medical and health information, complete financial account information, etc.). If we need to collect sensitive personal information under special circumstances, we will separately inform you of the purpose, scope, and method of collection, obtain your separate consent, and strictly protect it in accordance with relevant laws and regulations. Pursuant to U.S. state privacy laws (including CCPA/CPRA, VCDPA, etc.), sensitive personal information may include biometric data, precise geolocation, financial account information, and health data, and we will handle such information in compliance with the specific requirements of each applicable state law.
III. Purposes for Using Personal Information
We only use the collected personal information for the following legitimate purposes. Without your explicit consent, we will not use it for any other unrelated purposes:
- Providing Products and Services: To process your custom orders, complete product production and delivery, provide after-sales maintenance, returns, and exchanges, and ensure you can normally use all functions of this Website.
- Account Management: To verify account login, retrieve passwords, and identify identities, ensuring the security of your account and preventing account theft.
- Communication and Notifications: To send you order confirmations, logistics information, engraving progress, after-sales notifications, activity reminders, and other relevant information, ensuring you are promptly informed of service progress.
- Optimizing Service Experience: To optimize the Website’s page design, product recommendations, and service processes based on your access behavior, customization preferences, and other information, enhancing your user experience.
- Security Protection: To identify and prevent security risks such as online fraud and malicious access, safeguard the legitimate rights and interests of this Website and you, and ensure the normal operation of services.
- Compliance Requirements: To fulfill legal obligations such as filing, auditing, and complaint handling in accordance with laws, regulations, and regulatory requirements.
IV. Storage and Protection of Personal Information
(I) Storage Method and Duration
1. Storage Method: We store your personal information on servers that meet security standards and use encryption technologies (such as SSL/TLS) to protect data transmission and storage, preventing information leakage, tampering, and loss. We comply with the data storage requirements of applicable U.S. state laws, including data localization requirements where mandated by state regulations.
2. Storage Duration: We only store your personal information for the period necessary to achieve the purposes specified in this Privacy Policy. After the expiration of this period, we will legally delete or anonymize your personal information, unless otherwise required by laws and regulations (for example, we will retain relevant information as required by law for tax, audit, and other legal obligations). The specific storage periods are as follows:
- Account Information: We will continuously store your account registration information during the existence of your account. After you cancel your account, we will delete or anonymize your account information within 15 business days, unless otherwise required by laws and regulations.
- Order and Customization Information: Retained for 3 years from the date of order completion for after-sales rights protection, compliance auditing, etc.; after 3 years, it will be deleted or anonymized.
- Access Behavior and Cookie Information: Retained for 6 months for Website optimization; automatically deleted after the expiration period.
(II) Security Protection Measures
We have established a comprehensive personal information security protection system and adopted various technical and management measures to ensure the security of your personal information, in compliance with the security requirements of U.S. federal and state privacy laws (including CCPA/CPRA, VCDPA, CPA, etc.):
- Technical Protection: Adopt data encryption, access control, firewalls, intrusion detection, and other technologies to prevent illegal access, tampering, and leakage of personal information.
- Management Protection: Establish strict internal management systems, clarify the information access rights of personnel in each position, conduct security training and confidentiality assessments for employees who have access to personal information, sign confidentiality agreements, and strictly prohibit employees from disclosing or misusing personal information without authorization.
- Emergency Response: Formulate an emergency plan for personal information leakage. If a personal information leakage, tampering, loss, or other incident occurs, we will immediately activate the emergency plan, take remedial measures, report to the regulatory authorities in a timely manner in accordance with regulations, and notify affected users.
Please note that the internet environment has inherent uncertainties. Although we have taken strict protection measures, we cannot completely rule out the risk of illegal access or leakage of personal information. If you discover a personal information leakage, please contact us immediately, and we will fully cooperate with you to address it.
V. Sharing and Disclosure of Personal Information
We strictly protect your personal information. Without your explicit consent, we will not share or disclose your personal information to any third party, except in the following circumstances, in compliance with U.S. federal and state privacy laws:
- Third-Party Service Providers: To fulfill orders and provide after-sales services, we will share your necessary information (such as name, phone number, shipping address) with third-party logistics service providers for product delivery; we will share your order information and payment-related information with third-party payment platforms to complete the payment process. We will sign confidentiality agreements with these third parties, requiring them to process your personal information in strict accordance with this Policy and relevant laws and regulations, and not to use it for any other unrelated purposes. We will also conduct due diligence on third-party service providers to ensure they meet U.S. privacy compliance requirements.
- Legal Requirements: In accordance with the requirements of laws, regulations, judicial organs, and regulatory authorities, we may disclose your personal information to fulfill legal obligations and cooperate with investigations, evidence collection, and other related work.
- Security and Rights Protection: To protect the legitimate rights and interests of this Website, you, or other users, and prevent security risks, we may share your relevant information when reasonably necessary (such as for identifying malicious access, handling complaints and disputes, etc.).
- Anonymization: We may anonymize the collected personal information. Anonymized information can no longer identify your personal identity, and we may use it for data analysis, market research, and other purposes without obtaining your additional consent. This complies with the provisions of U.S. state privacy laws that allow the use of de-identified data without consent.
VI. Your Rights Regarding Personal Information
Pursuant to relevant U.S. federal and state laws (including CCPA/CPRA, VCDPA, CPA, CTDPA, UCPA, etc.), you have the right to access, correct, delete, withdraw consent, cancel your account, and other rights regarding your personal information. We will provide convenient channels for you to exercise these rights. Please note that rights may vary slightly by state, and we will comply with the specific requirements of each applicable state law:
- Right to Access: You can log in to your account on this Website to view your personal information (such as account information, order records, customization requirements, etc.). If you cannot view it, you can contact customer service for assistance.
- Right to Correction: If you find errors in your personal information (such as name, phone number, shipping address, etc.), you can modify it yourself by logging into your account or contact customer service for assistance. Please note that Utah is the only U.S. state that does not require businesses to provide a right to correct personal information.
- Right to Deletion (Right to Be Forgotten): If you believe that the personal information we collect and store exceeds the necessary scope, or if you no longer need to use our services, you can contact customer service to request the deletion of relevant personal information, unless otherwise required by laws and regulations.
- Right to Withdraw Consent: You can withdraw your consent to the collection and use of personal information at any time (such as disabling Cookies, unsubscribing from activities, etc.). After withdrawing consent, we will no longer continue to collect or use your relevant personal information, but this will not affect the personal information processing activities completed based on your prior consent.
- Right to Opt-Out: Pursuant to U.S. state privacy laws, you have the right to opt out of the sale or sharing of your personal information, as well as the use of your personal information for targeted advertising and profiling (except in Utah, which does not require an opt-out for profiling). You can exercise this right by contacting our customer service.
- Right to Data Portability: You have the right to request that we provide your personal information in a portable, machine-readable format, allowing you to transfer it to another service provider, in compliance with applicable state laws.
- Right to Cancel Account: You can contact customer service to request the cancellation of your account on this Website. After account cancellation, we will delete or anonymize your account information, order information, and other relevant personal information within 15 business days. After cancellation, you will no longer be able to use this account to access services on this Website.
- Right to Complaint and Suggestion: If you have objections to our personal information processing behaviors or believe that your personal information rights and interests have been infringed, you can contact our customer service, and we will respond and handle it within 45 business days (with a possible 45-day extension in accordance with state law requirements).
VII. Use of Cookies and Related Technologies
To enhance your access experience and optimize Website functions, we use Cookies, web beacons, and other technologies, as detailed below, in compliance with U.S. state privacy laws (including CCPA/CPRA’s requirements for cookie consent):
- Use of Cookies: Cookies are small text files stored by your browser on your device, used to record your browsing preferences, login status, and other information, helping you avoid repeated information entry and improve access efficiency the next time you visit. You can disable Cookies in your browser settings or delete stored Cookies, but this may affect the normal use of some Website functions (such as automatic account login, personalized recommendations, etc.).
- Use of Related Technologies: We may use web beacons, pixel tags, and other technologies to track your access behavior, analyze user traffic, page browsing, and other data for Website optimization and data analysis. These technologies do not collect your personally identifiable information.
VIII. Privacy Protection for Minors
The products and services of this Website are mainly intended for adults. We do not actively collect personal information from minors (under 18 years of age). In compliance with the Children’s Online Privacy Protection Act (COPPA), if a minor accesses this Website and submits personal information without the consent of a guardian, the guardian may contact us to request the deletion of relevant information. We will process it immediately and cooperate with the guardian to protect the minor’s privacy.
IX. Updates and Notifications to This Privacy Policy
As laws and regulations are updated and the services of this Website are upgraded, we may revise this Privacy Policy. The revised Privacy Policy will be posted in a prominent location on this Website (such as the bottom of the homepage) for a public notice period of no less than 7 days, and will take effect on the date of publication. Pursuant to CCPA requirements, we will update this Privacy Policy at least once every 12 months to reflect our actual data processing practices.
If the revised Privacy Policy has a significant impact on your personal information rights and interests, we will notify you via your registered email address, text message, or other channels. If you continue to access or use this Website and related services, you are deemed to have accepted the revised Privacy Policy; if you do not agree to the revised Policy, you may stop using the services of this Website.
X. Contact Information
If you have any questions, complaints, suggestions regarding this Privacy Policy, or need to exercise your personal information rights, you can contact us through the following channels:
We will respond and handle your feedback within 45 business days (with a possible 45-day extension in accordance with state law requirements).
XI. Other Terms
This Privacy Policy is governed by the laws of the United States of America and the applicable laws of each U.S. state. If any provision of this Policy is inconsistent with the applicable laws and regulations, the laws and regulations shall prevail. Pursuant to U.S. constitutional principles, federal sectoral privacy laws (such as COPPA) may supplement state privacy laws, and we will comply with both federal and state requirements.
This Privacy Policy takes effect on the date of publication.
Bespoke Sword reserves the final right of interpretation of this Privacy Policy.
