Privacy Policy

Effective Date: 16/05/2024
Store Name:  Carlosrego
Legal Entity: CHRISTOPHER CORNETT Sole Proprietor
Business Address: 790 Dillard St, Houston, TX 77091, United States
Support Email: support@carlosrego.com
Website: https://carlosrego.com
Payment Methods Used: PayPal
App Integrations: Google Analytics 4 (GA4), Meta Pixel, Klaviyo
Countries We Ship To: United States, Canada, United Kingdom

Introduction & Scope

This Privacy Policy explains how Carlosrego (“we,” “our,” or “us”), operating as a sole proprietorship under CHRISTOPHER CORNETT, collects, uses, stores, and protects the personal information of customers, website visitors, and individuals interacting with https://carlosrego.com (the “Site”).

Our online store is powered by Shopify, which functions as our ecommerce platform and plays a key role in how your personal data is processed. This policy applies to all activities involving our Site, including browsing, creating an account, placing an order, subscribing to email updates, contacting support, or engaging with our analytics and marketing tools.

This Privacy Policy is designed to comply with major global data protection standards, including:

• Shopify Privacy Policies
GDPR (General Data Protection Regulation — EU/EEA)
CCPA/CPRA (California Consumer Privacy Act / California Privacy Rights Act)
• Global consumer protection and transparency requirements

By using our Site, you acknowledge and agree to the data practices described in this Privacy Policy.

Information We Collect

We collect several categories of personal information to operate our business, fulfill customer orders, enhance user experience, and comply with legal obligations.

1. Account Information

When you create an account, Shopify collects and stores certain details on our behalf, including:

• Name
• Email address
• Encrypted login credentials
• Order history
• Saved shipping addresses
• Preferences or saved cart details

We never have access to your actual password or unencrypted login data.

2. Order Information

When you make a purchase, we collect the information necessary to process and deliver your order:

• Full name
• Billing address
• Shipping address
• Email address
• Phone number
• Items purchased
• Order notes
• Purchase date & order number

Shopify uses this data to generate transaction records, support shipping and returns, provide customer service, and meet tax and compliance obligations.

3. Payment Information

Payments are processed securely through PayPal, meaning we do not receive or store your full payment card details.

PayPal may share limited transaction-related details with us, such as:

• Payment confirmation
• Transaction ID
• Payment status

If Shop Pay is available and used, Shopify Payments may additionally collect:

• Encrypted card information
• Device/browser authentication
• Biometric verification data (if enabled on your device)

We never access or handle unencrypted financial information.

4. Automatically Collected Data (via Shopify)

Shopify automatically collects technical and session-based data when you browse our Site, including:

• IP address
• Browser type/version
• Time zone
• Device identifiers
• Cookies and tracking data
• Referring URLs
• Pages visited and session length
• Click patterns and user interaction
• Log files (system events, error reports, security data)

This data helps maintain platform security, optimize performance, prevent fraud, and improve the browsing experience.

5. Data Collected via Shopify Apps

We use trusted third-party Shopify apps that may gather additional information depending on their functionality:

Google Analytics 4 (GA4)
• User behavior
• Device data
• Regional insights
• Engagement analytics

Meta Pixel
• Ad performance and conversions
• Browsing activity for ad retargeting

Klaviyo
• Email subscription status
• Email engagement metrics
• Marketing preferences
• IP-based location indicators

Each partner collects and processes information in accordance with its own privacy policy and applicable data protection laws.

6. User-Generated Content

Any information voluntarily submitted by you, such as:

  • Product reviews
  • Comments
  • Survey responses
  • Emails or messages to customer service

will be stored and used for customer support, fraud prevention, and improving our services.

How Shopify Collects & Processes Data

Because our store is hosted on Shopify, certain data handling is performed directly by Shopify.

1. Built-In Tracking

Shopify uses cookies and device tracking to:

  • Maintain your shopping cart
  • Enable secure login
  • Track session analytics
  • Prevent fraudulent orders
  • Improve store performance

2. Checkout Handling

During checkout, Shopify collects:

  • Order details
  • Payment status
  • Shipping/billing information
  • IP address
  • Device/browser information

This helps verify payments, prevent fraud, and process orders.

3. Fraud Prevention Systems

Shopify may automatically screen orders using its fraud-detection tools, which analyze:

  • IP reputation
  • Order patterns
  • Location consistency
  • Browser fingerprinting

If fraud is suspected, information may be temporarily held or analyzed before fulfilling the order.

How We Use Your Personal Information

We use personal information for the following purposes:

  • Process and fulfill orders
  • Provide shipping and tracking updates
  • Respond to customer inquiries
  • Send notifications and transactional emails
  • Manage returns and refunds
  • Improve website performance and user experience
  • Deliver personalized advertising
  • Detect and prevent fraudulent transactions
  • Comply with tax, legal, and regulatory obligations
  • Maintain business operations and analytics

We do not sell personal information.

Legal Basis for Processing (GDPR)

For customers residing in the EU/EEA, we rely on the following legal bases:

  • Contract Performance: Processing necessary to fulfill your purchase or provide requested services.
  • Legitimate Interests: Fraud prevention, store optimization, analytics, and security.
  • Consent: Marketing emails, cookies requiring consent, and targeted advertising.
  • Legal Obligation: Tax reporting, recordkeeping, regulatory compliance.

Sharing Your Information

We share your information only with trusted service providers who enable the functioning of our ecommerce operations.

1. Shopify

Shopify processes most data related to your order, account, and device interactions.
Learn more at: https://www.shopify.com/legal/privacy

2. Payment Gateway

Since we use PayPal:

  • PayPal processes your payment information directly
  • We receive only non-sensitive transaction details

For more information: https://www.paypal.com/us/legalhub/privacy-full

3. Fulfillment Providers

We may share your shipping details with:

  • Third-party warehouses
  • Shipping carriers (USPS, UPS, FedEx, Royal Mail, Canada Post)
  • Logistics partners

4. Third-Party Apps

We share limited data with:

  • Google Analytics 4 (traffic behavior, device data)
  • Meta Pixel (ad conversion and retargeting tracking)
  • Klaviyo (email marketing and automation)

These providers act as processors or independent controllers depending on their use of data.

Behavioral Advertising & Analytics

We use analytics and advertising tools to understand customer behavior and improve marketing effectiveness.

Google Analytics 4 (GA4)

GA4 collects:

  • Device information
  • Geographic region
  • Session behavior
  • Events and interactions

Data may be transferred to the United States.

Meta Pixel

Used for:

  • Conversion tracking
  • Retargeting ads
  • Custom audience creation

Meta may combine this data with your Facebook activity.

Opt-out mechanisms are listed later in this policy.

Cookies & Tracking Technologies

Our Site uses cookies essential to Shopify’s platform and optional analytics/marketing cookies.

Shopify Standard Cookies

Examples include:

  • _shopify_y — analytics, store performance
  • _shopify_s — session analytics
  • _shopify_sa_t / _shopify_sa_p — referral tracking
  • cart — tracks cart state
  • secure_customer_sig — enables secure login
  • shopify_pay_redirect — checkout redirection for Shop Pay

Shop Pay Cookies (when enabled)

Shop Pay may use additional cookies to support:

  • Device recognition
  • Autofill behavior
  • Encrypted payment token management

Your Choices

You may:

  • Disable cookies in your browser
  • Opt out of marketing cookies through consent banners (if applicable)
  • Use ad-blocking tools

Data Retention

We retain your information only as long as necessary for the purposes described in this policy.

  • Order records: At least 7 years (required for tax/law)
  • Marketing data: Until you unsubscribe
  • Account data: Until your account is deleted
  • Analytics data: Varies by service (Google Analytics retention settings)
  • Customer service messages: Kept as needed for support/troubleshooting

When data is no longer required, it will be deleted or anonymized.

Data Security Measures

We implement appropriate technical, physical, and administrative safeguards to protect your personal data, including:

  • Encrypted Shopify hosting
  • Secure HTTPS SSL certificates
  • Encrypted payment processing
  • Access controls for staff
  • Fraud prevention systems
  • Regular platform security updates

While no online system is 100% secure, we make every reasonable effort to safeguard your information.

International Data Transfers

Because our store is hosted on Shopify:

  • Shopify stores data in Canada
  • Some data may be processed in the United States
  • Third-party apps may transfer data internationally

By using our Site, you consent to these cross-border transfers.

Your Rights

GDPR Rights (EU/EEA Residents)

You may request:

  • Access to your information
  • Correction of inaccuracies
  • Deletion of your data
  • Restriction of processing
  • Object to processing (including marketing)
  • Data portability
  • Withdrawal of consent

To exercise your rights, contact us at support@carlosrego.com.

CCPA/CPRA Rights (California Residents)

You have the right to:

  • Request access to your personal information
  • Request deletion of your personal information
  • Opt out of “sale” or “sharing” of personal data
  • Request information about data disclosed to third parties
  • Be free from discrimination for exercising your rights

We do not sell personal information.

Requests may be submitted to: support@carlosrego.com.

Opt-Out Mechanisms

You may opt out of:

Marketing Emails

Using the unsubscribe link in any email from us.

Targeted Advertising

Analytics Tracking

  • Browser-level blocking
  • Cookie preferences tools
  • GA opt-out browser add-ons

Children’s Privacy

Our Site is not ifntended for children under 13.
We do not knowingly collect personal information from minors. If we learn that data was collected from a child, it will be deleted.

Links to Third-Party Websites

Our Site may contain links to third-party websites or services.
We are not responsible for their privacy practices.
We encourage reviewing their privacy policies before interacting with them.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in:

  • Shopify functionality
  • Legal or regulatory requirements
  • Our business operations
  • Third-party services

Changes will be posted on this page with an updated effective date.

Contact Information

If you have questions about this Privacy Policy or wish to exercise your rights, you may contact us at:

Carlosrego
Attn: Privacy Officer
Address: 790 Dillard St, Houston, TX 77091, United States
Email: support@carlosrego.com