GDPR Policy

This GDPR Policy outlines how craftedlodge complies with the European Union’s General Data Protection Regulation (GDPR) when processing personal data of users from the EU.
It is designed to complement our Privacy Policy and provides additional details on user rights and legal obligations.

1. Legal Basis for Processing

We process personal data under the following GDPR-compliant legal bases:

• Performance of a contract: Handling orders, payments, and deliveries

• Consent: For subscribing to newsletters or marketing communications

• Legal obligations: Compliance with tax, accounting, and regulatory requirements

• Legitimate interests: Improving website functionality, enhancing user experience, and preventing fraudulent activity

2. Categories of Personal Data Collected

We may collect and process the following types of personal information:

• Identification and contact data (name, email, phone number, shipping and billing addresses)

• Order and payment details

• Website usage data (cookies, session activity, device information)

• Voluntary communications submitted to customer support

3. Purpose of Processing

Collected data is used solely for purposes necessary to:

• Process and deliver orders

• Manage payments and refunds

• Provide customer service and support

• Enhance website functionality and analytics

• Fulfill legal or regulatory obligations

Personal information is never sold to unrelated third parties for marketing purposes.

4. Data Sharing

We may share personal information only with trusted parties essential to service operations:

• Shipping carriers and logistics providers

• Payment processors and financial institutions

• Authorities when required by law or regulation

No data is shared for unrelated commercial purposes.

5. Cookies and Tracking

Our GDPR compliance includes informing users about cookies and other tracking technologies:

• Users are notified about cookies used for analytics, order processing, and personalization

• Users have the option to accept or reject non-essential cookies

Cookie preferences can be adjusted at any time via website settings.

6. User Rights Under GDPR

EU users have the following rights concerning their personal data:

• Access: Request a copy of the data we hold

• Correction: Update inaccurate or incomplete data

• Deletion: Request erasure where legally permitted

• Restriction: Limit certain processing activities

• Objection: Object to processing based on legitimate interests

• Data Portability: Receive data in a structured, commonly used format

• Withdrawal of Consent: Withdraw previously granted consent at any time

Requests are processed promptly, usually within one month, in accordance with GDPR regulations.

7. Data Retention and Security

• Personal data is retained only as long as necessary to fulfill the stated purposes or meet legal obligations.

• Technical and organizational measures are implemented to prevent unauthorized access, alteration, or loss of personal data.

• Regular reviews are conducted to maintain security standards.

8. Contact for GDPR Inquiries

For questions regarding GDPR compliance or exercising your data protection rights, you can contact us at:

Street Address: 1213 Misty Dr, Midlothian, TX, 76065, US
Customer Service Phone: +1 (346) 766-4457
Customer Service Email: europcare@craftedlodge.com
Business Hours (Australian Time): Monday to Friday, 09:00–12:00 & 14:00–18:00