Privacy Policy

1. Introduction

This Privacy Policy describes how we collect, use, and protect your personal information when you use our e-commerce platform, website, and related services (the "Services"). At Decorloom, we are committed to protecting your privacy and maintaining the security of your personal information.

2. Information We Collect

2.1 Personal Information You Provide

  • Account Information: Name, email address, phone number, display name

  • Address Information: Shipping and billing addresses including street address, building/complex name, suburb, city/town, province, and postal code

  • Payment Information: Payment method preferences (we do not store payment card details)

  • Contact Information: Information you provide when contacting us through forms or customer support

2.2 Information Automatically Collected

  • Usage Data: Pages visited, products viewed, cart interactions, and browsing behavior

  • Device Information: Browser type, device type, IP address, operating system

  • Analytics Data: Session recordings (with sensitive data masked), page views, click events

  • Authentication Data: Login timestamps, authentication method used

  • Performance Data: Error logs, system performance metrics

2.3 Information from Third Parties

  • Payment Processors: Transaction status and payment verification from Paystack and PayFast

  • Social Login: Basic profile information if you sign in through Google or Facebook

  • Content Management: Data from our Storyblok CMS for content delivery

3. How We Use Your Information

3.1 Service Provision

  • Process and fulfill your orders

  • Manage your account and provide customer support

  • Send order confirmations, shipping notifications, and receipts

  • Provide personalized shopping recommendations

3.2 Communication

  • Respond to inquiries and support requests

  • Send important service updates and security notifications

  • Provide marketing communications (with your consent)

3.3 Analytics and Improvement

  • Analyze usage patterns to improve services

  • Conduct A/B testing and user experience research

  • Monitor system performance and security

  • Generate business analytics and insights

3.4 Legal and Security

  • Prevent fraud and unauthorized access

  • Comply with legal obligations

  • Protect our rights and the rights of our users

4. Information Sharing and Disclosure

4.1 Service Providers

We share information with trusted third-party service providers:

  • Payment Processors: Paystack and PayFast

  • Analytics Services: PostHog for user behavior analytics

  • Content Delivery: Storyblok

  • Cloud Infrastructure: Firebase for authentication and hosting

  • Communication Services: Email and SMS providers

4.2 Business Transfers

If Decorloom undergoes a merger, acquisition, or sale of assets, your information may be transferred.

4.3 Legal Requirements

We may disclose your information when required by law or to protect our rights.

4.4 Consent

We may share your information with your explicit consent.

5. Data Security

  • Technical Safeguards: Encryption of data in transit and at rest, secure authentication with Firebase, regular vulnerability assessments

  • Payment Security: We do not store card information; Paystack and PayFast are PCI-compliant

  • Data Retention:

    • Account info: retained while active + 7 years after closure

    • Order history: retained for 7 years

    • Analytics: aggregated data retained indefinitely; identifiers removed after 2 years

    • Marketing data: retained until you unsubscribe

6. Your Rights and Choices (POPIA Compliance)

  • Access: Request a copy of your data

  • Correction: Fix inaccurate information

  • Deletion: Request deletion (where legally possible)

  • Restriction: Limit processing in certain cases

  • Portability: Request data in a portable format

  • Objection: Object to certain processing

You can also:

  • Manage your account settings

  • Change communication preferences

  • Deactivate your account

7. Cookies and Tracking Technologies

  • Essential Cookies: Site functionality and security

  • Analytics Cookies: PostHog for user behavior

  • Authentication Cookies: Firebase sessions

  • Preference Cookies: Save your settings

Most browsers allow you to control cookies. Essential cookies cannot be disabled without affecting site functionality.

8. International Data Transfers

Your data may be stored on servers outside South Africa. Safeguards include regulatory approvals, standard contractual clauses, and certification schemes.

9. Children's Privacy

Our services are not for children under 13. We do not knowingly collect their data. If we do, it will be deleted immediately.

10. Contact Information

For privacy-related inquiries, you can contact us:

  • Email: decorloomstore@gmail.com

  • Phone: +27 82 387 2548

11. Changes to This Privacy Policy

We may update this policy periodically. Significant changes will be communicated via:

  • Updated policy on our website

  • Email notification to registered users

  • Notice displayed on our platform

12. Legal Basis for Processing (POPIA)

We process your data based on:

  • Consent: When you explicitly agree

  • Contract: To fulfill orders

  • Legal Obligation: To comply with laws

  • Legitimate Interest: For business needs balanced with your rights