Privacy Policy

This Agreement is made on the 22nd day of August 2025, between minimall LLC, a California limited liability company, and Users of the website located at minimall.io

Parties

  1. Website Owner/Operator: minimall LLC, a California limited liability company, operating the website located at minimall.io, responsible for collecting, processing, and protecting personal information of users.

  2. Website Users/Visitors: All individuals who access, visit, browse, or use the website minimall.io, including registered users, subscribers, customers, and casual visitors whose personal information may be collected through the website.

  3. Subsidiaries and Affiliates (if applicable): Any parent companies, subsidiaries, affiliates, or related entities under common control with minimall LLC that may access or process user information under this privacy policy.

Background

  1. minimall LLC operates the website minimall.io and recognizes the importance of protecting the privacy and personal information of its users.

  2. This Privacy Policy is established to comply with applicable privacy laws, including the California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), and other relevant federal and state privacy regulations.

  3. minimall LLC collects, processes, and stores personal information from website users to provide services, improve user experience, facilitate communications, and conduct legitimate business operations.

  4. This Privacy Policy serves to inform users about what personal information is collected, how it is used, with whom it may be shared, and what rights users have regarding their personal information.

  5. minimall LLC is committed to transparency in its data practices and providing users with meaningful control over their personal information.

  6. The collection and processing of personal information is necessary for the legitimate business interests of minimall LLC, including website functionality, service provision, legal compliance, and user communication.

1. Definitions

  1. Personal Information means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.

  2. Website means the website operated by minimall LLC at minimall.io and any associated subdomains, mobile applications, or online services.

  3. Company, We, Us, or Our refers to minimall LLC and its subsidiaries, affiliates, and related entities.

  4. User, You, or Your refers to any individual who accesses, visits, or uses the Website.

  5. Cookies means small data files stored on a user's device that contain information about the user's browsing activity and preferences.

  6. Third Parties means entities that are not owned or controlled by minimall LLC, including vendors, partners, advertisers, and other service providers.

  7. Service Providers means third-party companies or individuals that process personal information on behalf of minimall LLC to facilitate services.

  8. Processing means any operation performed on personal information, including collection, use, storage, disclosure, deletion, or modification.

  9. CCPA means the California Consumer Privacy Act and its implementing regulations, as amended by the California Privacy Rights Act.

  10. Sensitive Personal Information means personal information that reveals a consumer's social security number, driver's license number, passport number, financial account information, biometric information, health information, or other categories specified under California law.

  11. Device Information means technical information about the device used to access the Website, including IP address, browser type, operating system, and device identifiers.

  12. Tracking Technologies means cookies, web beacons, pixels, tags, scripts, and similar technologies used to collect information about user activity.

  13. Sale has the meaning set forth in the CCPA, including the sharing of personal information with third parties for monetary or other valuable consideration.

2. Information We Collect

  1. Information You Provide Directly

    1. We collect Personal Information that You voluntarily provide to Us when using the Website, including when You create an account, make purchases, contact Us, subscribe to newsletters, or participate in surveys or promotions.

    2. This information may include Your name, email address, postal address, phone number, payment information, username, password, and any other information You choose to provide.

    3. We may collect Sensitive Personal Information including government identifiers, financial account information, precise geolocation data, racial or ethnic origin, religious beliefs, health information, sexual orientation, and biometric identifiers, only when necessary for specific business purposes and with appropriate consent where required.

  2. Information Collected Automatically

    1. We automatically collect Device Information and usage data when You access or use the Website through Tracking Technologies.

    2. This automatically collected information includes IP addresses, browser type and version, operating system, device identifiers, screen resolution, referring URLs, pages viewed, time spent on pages, click-stream data, and other usage statistics.

    3. We collect location information, including general geographic location derived from IP addresses and, with Your consent, precise location data from mobile devices.

  3. Cookies and Tracking Technologies

    1. We use Cookies, web beacons, pixels, local storage, and similar Tracking Technologies to collect information about Your browsing behavior, preferences, and interactions with the Website.

    2. These technologies may collect information about Your device, browser settings, website usage patterns, and help Us remember Your preferences and settings.

  4. Information from Third Parties

    1. We may receive Personal Information about You from Third Parties, including social media platforms, Service Providers, business partners, advertising networks, data brokers, and publicly available sources.

    2. This information may include contact details, demographic information, interests, social media profiles, and other publicly available information.

  5. Communications and Interactions

    1. We collect information from Your communications with Us, including emails, phone calls, chat messages, customer service inquiries, and feedback.

    2. We may record customer service calls for quality assurance and training purposes, with appropriate notice as required by law.

  6. Business Transaction Information

    1. If You make purchases or engage in transactions through the Website, we collect transaction details, payment information, billing addresses, and related commercial information.

    2. Payment information is processed by Third Party payment processors in accordance with industry security standards.

3. How We Use Your Information

  1. Service Provision and Website Functionality: We use Your Personal Information to provide, maintain, and improve Our Website services, including processing transactions, creating and managing user accounts, and delivering requested content and features.

  2. Communication: We use Your Personal Information to communicate with You regarding Our services, respond to inquiries, provide customer support, send administrative notices, and deliver important updates about Our Website or policies.

  3. Business Operations: We use Your Personal Information for legitimate business purposes, including order fulfillment, payment processing, inventory management, fraud prevention, and maintaining business records.

  4. Legal Compliance: We use Your Personal Information to comply with applicable laws, regulations, legal processes, and governmental requests, including tax reporting, regulatory compliance, and responding to lawful subpoenas or court orders.

  5. Marketing and Promotional Activities: We may use Your Personal Information to send promotional materials, newsletters, and marketing communications, subject to Your consent where required by law and Your right to opt-out.

  6. Analytics and Website Improvement: We use Personal Information and Device Information to analyze Website usage patterns, conduct research, improve Our services, develop new features, and enhance user experience.

  7. Security and Safety: We use Your Personal Information to protect the security and integrity of Our Website, prevent unauthorized access, detect and prevent fraud, and ensure the safety of Our users and systems.

  8. Legal Proceedings: We may use Your Personal Information in connection with legal disputes, investigations, or proceedings to protect Our rights, property, or safety, or that of Our users or third parties.

  9. Business Transfers: We may use Your Personal Information in connection with mergers, acquisitions, asset sales, or other business transactions where Personal Information may be transferred as part of the business assets.

  10. Consent-Based Uses: We may use Your Personal Information for other purposes with Your explicit consent, which You may withdraw at any time in accordance with applicable law.

4. Information Sharing and Disclosure

  1. Service Providers and Vendors

    1. We may share Personal Information with Service Providers who perform services on our behalf, including website hosting, data analytics, payment processing, customer service, email delivery, marketing assistance, and technical support.

    2. Service Providers are contractually obligated to protect Personal Information and may only use such information to provide services to us and not for their own purposes.

  2. Legal Compliance and Protection

    1. We may disclose Personal Information when required by law, legal process, litigation, or requests from public and government authorities.

    2. We may share Personal Information to protect our rights, privacy, safety, or property, and that of our affiliates, You, or others.

    3. We may disclose Personal Information to enforce our terms of service and investigate potential violations thereof.

  3. Business Transfers

    1. In the event of a merger, acquisition, bankruptcy, dissolution, reorganization, sale of assets, or similar business transaction, Personal Information may be transferred to the successor entity.

    2. We will provide notice of such transfer through prominent notice on our Website or direct communication to Users.

  4. Affiliates and Subsidiaries

    1. We may share Personal Information with our Subsidiaries and Affiliates for legitimate business purposes, including joint marketing, customer service, and operational support.

    2. Such sharing is subject to the same privacy protections outlined in this Privacy Policy.

  5. Third-Party Partners

    1. We may share aggregated, de-identified, or anonymized information with Third Parties for research, marketing, advertising, and other commercial purposes.

    2. We may share Personal Information with Third Parties when You have provided explicit consent for such sharing.

  6. California-Specific Disclosures

    1. Under the CCPA, we do not sell Personal Information to Third Parties for monetary consideration.

    2. We may share Personal Information for business purposes as defined under California law, including with Service Providers and for the operational purposes described in this Privacy Policy.

    3. California residents have the right to know the categories of Third Parties with whom their Personal Information is shared and may request such information by contacting us.

5. Cookies and Tracking Technologies

  1. Cookies are small text files that are placed on Your device when You visit our Website to help us provide and improve our services.

  2. We use the following types of Cookies and Tracking Technologies:

    1. Essential Cookies: Necessary for basic Website functionality, security, and enabling You to navigate the Website and use its features.

    2. Analytics Cookies: Collect information about how You use our Website, including pages visited, time spent, and interaction patterns to help us improve Website performance.

    3. Functional Cookies: Remember Your preferences and settings to enhance Your user experience during future visits.

    4. Marketing and Advertising Cookies: Track Your browsing activity to deliver targeted advertisements and measure advertising campaign effectiveness.

  3. We may use Third Party cookies and tracking technologies from Service Providers including Google Analytics, social media platforms, and advertising networks.

  4. You can control Cookie settings through Your browser preferences by accepting, rejecting, or deleting Cookies, though disabling certain Cookies may limit Website functionality.

  5. We use web beacons, pixel tags, and similar Tracking Technologies to collect Device Information and analyze Website usage patterns.

  6. We respond to Do Not Track signals and Global Privacy Control signals as required by California law by limiting the Sale of Personal Information and cross-contextual behavioral advertising.

  7. For more information about Cookies and how to manage them, You may visit Your browser's help section or contact us using the information provided in this Privacy Policy.

6. California Privacy Rights (CCPA)

  1. Applicability. This section applies to California residents and describes Your rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

  2. Categories of Personal Information Collected. We collect the following categories of Personal Information: identifiers, commercial information, internet or other electronic network activity information, geolocation data, audio/visual information, professional information, education information, and inferences drawn from other Personal Information.

  3. Right to Know. You have the right to request that We disclose what Personal Information We collect, use, disclose, and sell about You, including the categories of Personal Information, sources of collection, business purposes for collection, and categories of Third Parties with whom We share Personal Information.

  4. Right to Delete. You have the right to request deletion of Personal Information that We have collected from You, subject to certain exceptions under applicable law.

  5. Right to Correct. You have the right to request correction of inaccurate Personal Information that We maintain about You.

  6. Right to Opt-Out of Sale. You have the right to direct Us not to sell Your Personal Information to Third Parties.

  7. Right to Limit Use of Sensitive Personal Information. You have the right to limit Our use and disclosure of Your Sensitive Personal Information to purposes necessary to perform Our services or as otherwise permitted by law.

  8. Exercising Your Rights.

    1. You may exercise Your rights by contacting Us through the methods specified in the Contact Information section of this Privacy Policy.

    2. We will verify Your identity before processing Your request using reasonable methods appropriate to the type of request.

    3. We will respond to verified requests within forty-five (45) days, with the possibility of one forty-five (45) day extension if necessary.

  9. Authorized Agents. You may authorize another person to submit requests on Your behalf, provided You give the authorized agent written permission and We can verify the agent's authority.

  10. Non-Discrimination. We will not discriminate against You for exercising Your CCPA rights, including by denying services, charging different prices, or providing different quality of services.

  11. Minors Under 16. We do not sell Personal Information of consumers We know to be under 16 years of age without affirmative authorization from the consumer or parent/guardian.

7. Data Security

  1. Company implements reasonable administrative, technical, and physical security measures designed to protect Personal Information against unauthorized access, use, disclosure, alteration, or destruction.

  2. Technical safeguards include but are not limited to encryption of data in transit and at rest, secure socket layer (SSL) technology, firewalls, access controls, and regular security monitoring and testing.

  3. Administrative safeguards include employee training on data privacy and security, background checks for personnel with access to Personal Information, and implementation of policies and procedures governing data handling practices.

  4. Physical safeguards include restricted access to facilities where Personal Information is stored, surveillance systems, and secure disposal of physical documents containing personal data.

  5. Access to Personal Information is limited to employees, contractors, and Service Providers who have a legitimate business need to access such information and who are bound by confidentiality obligations.

  6. Company requires Third Parties and Service Providers who have access to Personal Information to implement appropriate security measures and to use such information only for authorized purposes.

  7. Company maintains incident response procedures to address potential data security breaches, including notification protocols in compliance with applicable laws and regulations.

  8. No method of transmission over the internet or electronic storage is completely secure, and Company cannot guarantee absolute security of Personal Information.

  9. Users are responsible for maintaining the confidentiality of their account credentials and for notifying Company immediately of any unauthorized access to their accounts.

8. Data Retention

  1. Company retains Personal Information for as long as necessary to fulfill the purposes for which it was collected, as described in this Privacy Policy, unless a longer retention period is required or permitted by law.

  2. Company determines retention periods based on the following criteria: (i) the nature and sensitivity of the Personal Information; (ii) the purposes for which the Personal Information was collected and processed; (iii) applicable legal, regulatory, tax, and accounting requirements; (iv) legitimate business needs; and (v) the potential risk of harm from unauthorized use or disclosure.

  3. Company retains different categories of Personal Information for the following periods:

    1. Account information and profile data are retained for the duration of the User account plus three (3) years after account closure or last activity.

    2. Transaction and purchase records are retained for seven (7) years from the date of transaction for accounting and tax purposes.

    3. Communications and correspondence are retained for three (3) years from the date of last communication.

    4. Website usage data and analytics information are retained for twenty-four (24) months from collection.

    5. Cookies and Tracking Technologies data are retained according to the expiration periods set forth in our Cookie Policy.

  4. Personal Information may be retained for longer periods when required by applicable law, regulation, legal process, or to establish, exercise, or defend legal claims.

  5. When Personal Information is no longer needed for the purposes set forth in this Privacy Policy and no legal obligation requires its retention, Company will securely delete, destroy, or anonymize such information in accordance with industry standards.

  6. Users may request information about Company's retention practices for their Personal Information and may request deletion of their Personal Information subject to applicable legal requirements and legitimate business needs.

  7. Notwithstanding the above retention periods, Company reserves the right to retain Personal Information for shorter periods based on business needs or User requests for deletion, except where retention is required by law.

9. Third-Party Links and Services

  1. Our Website may contain links to third-party websites, applications, or services that are not owned or controlled by the Company.

  2. This Privacy Policy does not apply to any third-party websites, applications, or services, including those accessed through links on our Website.

  3. We are not responsible for the privacy practices, content, or policies of any Third Parties, including but not limited to:

    1. Social media platforms and their embedded features or plugins;

    2. Third-party analytics or advertising services;

    3. Payment processors or e-commerce platforms;

    4. External websites linked from our Website.

  4. When You access third-party services through our Website or click on external links, You acknowledge that You are leaving our Website and entering a third-party environment.

  5. We strongly recommend that You review the privacy policies and terms of service of any third-party websites or services before providing any Personal Information to such Third Parties.

  6. Any interactions, transactions, or data sharing with Third Parties are solely between You and the respective third party, and We disclaim all liability for such interactions.

  7. We may use Third Parties to provide certain services on our behalf, but such Service Providers are bound by contractual obligations to protect Your Personal Information in accordance with this Privacy Policy.

10. Children's Privacy

  1. Our Website is not intended for use by children under the age of thirteen (13) years, and We do not knowingly collect Personal Information from children under 13.

  2. If We become aware that We have collected Personal Information from a child under 13 without parental consent, We will take steps to delete such information from Our records as soon as reasonably practicable.

  3. Parents or legal guardians who believe their child under 13 has provided Personal Information to Us may contact Us using the information provided in the Contact Information section of this Privacy Policy to request deletion of such information.

  4. We comply with the Children's Online Privacy Protection Act (COPPA) and will not knowingly collect, use, or disclose Personal Information from children under 13 without obtaining verifiable parental consent, except as permitted by COPPA.

  5. If parental consent is required under COPPA, We will provide parents with notice of Our information practices and obtain verifiable parental consent before collecting, using, or disclosing Personal Information from their child.

  6. Parents have the right to review Personal Information collected from their child, request deletion of such information, and refuse to permit further collection or use of their child's information.

11. International Data Transfers

  1. Personal Information collected through the Website may be transferred to, processed, and stored in countries other than the United States, including countries that may not provide the same level of data protection as the United States.

  2. International transfers of Personal Information may occur when We use Service Providers or Third Parties located outside the United States to support Our business operations, including cloud storage, data analytics, customer support, and marketing services.

  3. When transferring Personal Information internationally, We implement appropriate safeguards to protect Your data, which may include:

    1. Standard contractual clauses approved by relevant data protection authorities;

    2. Adequacy decisions recognizing that certain countries provide adequate protection for personal data;

    3. Certification schemes or codes of conduct;

    4. Other legally recognized transfer mechanisms under applicable privacy laws.

  4. We require all international Service Providers and Third Parties to implement appropriate technical and organizational measures to protect Personal Information and to process such information only in accordance with Our instructions and applicable privacy laws.

  5. You have the right to obtain information about the safeguards We use for international data transfers by contacting Us using the information provided in this Privacy Policy.

  6. If We transfer Your Personal Information to countries without adequate data protection laws, We will ensure that appropriate safeguards are in place before any such transfer occurs.

12. Policy Updates

  1. We reserve the right to modify, update, or revise this Privacy Policy at any time in our sole discretion to reflect changes in our data practices, legal requirements, or business operations.

  2. We will provide notice of material changes to this Privacy Policy by posting the updated policy on our Website with a revised "Last Updated" date at the top of the policy.

  3. For material changes that significantly affect how we collect, use, or share Your Personal Information, we will provide additional notice through one or more of the following methods:

    1. Prominent notice on our Website homepage or within our services;

    2. Email notification to Users who have provided email addresses to us;

    3. In-app notifications or pop-up notices when You access our Website.

  4. Material changes to this Privacy Policy will become effective thirty (30) days after we provide notice of such changes, except where a shorter notice period is required or permitted by applicable law.

  5. Non-material changes, including administrative updates, clarifications, or changes required by law, will become effective immediately upon posting the updated Privacy Policy on our Website.

  6. Your continued use of our Website following the effective date of any changes to this Privacy Policy constitutes Your acceptance of such changes.

  7. If You do not agree to any changes to this Privacy Policy, You must discontinue use of our Website and may request deletion of Your Personal Information in accordance with Section 9 of this Privacy Policy.

  8. It is Your responsibility to periodically review this Privacy Policy for any updates or changes.

  9. The current version of this Privacy Policy will always be available on our Website at https://minimall.io/privacy.

13. Contact Information

  1. General Privacy Inquiries. Users may contact the Company regarding any questions, concerns, or requests related to this Privacy Policy or the Company's privacy practices by email at data@minimall.io.

  2. California Privacy Rights Requests. California residents may submit requests to exercise their rights under the CCPA by:

    1. Emailing data@minimall.io with "California Privacy Request" in the subject line.

  3. Designated Privacy Contact. The Company has designated Member as the primary contact for privacy-related matters, who can be reached at data@minimall.io.

  4. Response Timeframes. The Company will acknowledge receipt of privacy inquiries within 30 business days and will respond to requests within the timeframes required by applicable law, including within forty-five (45) days for CCPA requests, with possible extension of an additional forty-five (45) days when reasonably necessary.

  5. Identity Verification. For privacy requests involving Personal Information, the Company may require verification of the requestor's identity before processing the request to protect against fraudulent requests.

  6. Authorized Agent Requests. California residents may designate an authorized agent to submit privacy requests on their behalf by providing written authorization or power of attorney to data@minimall.io. By adopting this Privacy Policy, minimall LLC acknowledges its commitment to protecting user privacy and complying with applicable privacy laws. This Privacy Policy is effective as of 08/22/2025 and supersedes all previous privacy policies. minimall LLC, through its authorized representative, hereby adopts and implements this Privacy Policy for all users of minimall.io. Users consent to this Privacy Policy by accessing or using the Website. This Privacy Policy may be updated from time to time, with notice provided to users as required by law.