Privacy Policy
Effective Date: September 9, 2025
Last Updated: September 9, 2025
1. Introduction
Knuckles Warriors (“we,” “us,” or “our”) operates the website knuckleswarriors.com (the “Site”), specializing in tactical gear and personal defense equipment. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information. By accessing our Site or purchasing our products, you consent to the practices described herein. For inquiries, contact our Data Protection Officer at:
Email: [email protected]
Mail: Attn: Data Protection Officer, 123 Security Plaza, Austin, TX 78701, USA
2. Information We Collect
2.1 Directly Provided Data
- Identifiers: Name, email, shipping/billing address, phone number.
- Payment Details: Credit card numbers (processed via PCI-DSS-compliant gateways like Stripe/PayPal), transaction history.
- Account Credentials: Usernames, passwords (stored as cryptographic hashes).
- User Content: Product reviews, warranty registrations, customer support queries.
2.2 Automatically Collected Data
- Device/Usage Data: IP address, browser type, device ID, pages visited, session duration (via cookies and analytics tools like Google Analytics 4).
- Location Data: Approximate geolocation derived from IP addresses.
- Cookies: Essential (e.g., shopping cart sessions), functional (preference memory), and advertising cookies (e.g., Meta Pixel).
2.3 Sensitive Information
We do not collect:
- Government IDs, biometric data, or health information unless voluntarily provided for warranty claims (e.g., proof of age for restricted products).
3. How We Use Your Information
| Purpose | Legal Basis | Examples |
|---|---|---|
| Order Processing | Contractual necessity | Shipping, payment verification |
| Customer Support | Legitimate interests | Responding to inquiries, warranty claims |
| Site Optimization | Consent (where required) | Analytics, A/B testing |
| Marketing Communications | Consent (opt-in) | Promotional emails, new product alerts |
| Legal Compliance | Legal obligation | Tax reporting, fraud prevention |
| Product Development | Legitimate interests | Analyzing purchase trends |
4. Information Sharing & Disclosure
We share data only under strict protocols:
- Service Providers: Payment processors (Stripe), logistics partners (FedEx, UPS), and IT infrastructure vendors (AWS). All are bound by data processing agreements (DPAs).
- Legal Requirements: If compelled by law enforcement, court orders, or regulatory bodies.
- Business Transfers: In mergers, acquisitions, or asset sales (customers notified beforehand).
- Aggregated Data: Non-identifiable sales trends shared with advertisers (e.g., “35% of buyers prefer aluminum batons”).
We do not sell personal data to third parties for independent marketing.
5. Data Retention & Security
5.1 Retention Periods
| Data Type | Retention Period |
|---|---|
| Account Data | Until account deletion request |
| Transaction Records | 7 years (tax compliance) |
| Marketing Consents | 3 years from last interaction |
| Cookies | 13 months (renewed upon revisit) |
5.2 Security Measures
- Encryption: AES-256 for data at rest, TLS 1.3 for data in transit.
- Access Controls: Role-based permissions, mandatory MFA for staff.
- Audits: Quarterly vulnerability scans, annual penetration testing.
- Breach Response: 72-hour notification to regulators and affected users.
6. Your Privacy Rights
Depending on residency, you may exercise:
- Access/Portability: Request a copy of your data in machine-readable format.
- Correction/Deletion: Update inaccuracies or request erasure (“right to be forgotten”).
- Opt-Out: Unsubscribe from marketing emails (link in all communications) or disable non-essential cookies via our Cookie Preference Center.
- Non-Discrimination: We will not deny services for exercising rights (CCPA compliance).
Submit requests: [email protected] | Response time: 30 days.
7. International Data Transfers
Data may be transferred outside your jurisdiction (e.g., EU → US) under:
- Adequacy Decisions: Where the recipient country ensures equivalent protection (e.g., EU-U.S. DPF).
- Safeguards: Standard Contractual Clauses (SCCs) with vendors.
8. Policy Updates & Contact
We may revise this policy to reflect legal or operational changes. Material updates will be notified via email or Site banners.
Contact us for:
- Clarifications about data practices
- Reporting vulnerabilities
- Complaints (escalatable to supervisory authorities)
Email: [email protected]