Privacy Policy and Cookie Policy

Last Updated: 01/06/2025

Introduction

This Privacy Policy explains how Don’t Buy USA collects, uses, shares, and protects your personal information when you visit our website https://dontbuyusa.org and use our services. This policy also covers our use of cookies and similar technologies.

We are committed to protecting your privacy and ensuring transparency about how we handle your data. This policy applies to all users worldwide and complies with applicable privacy laws including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), UK Data Protection Act, and other relevant privacy legislation.

Data Controller: Don’t Buy USA
Contact: admin@dontbuusa.org

Information We Collect

Personal Information You Provide

User Accounts (Future Feature):

  • Email address
  • Username
  • Account preferences

Contact Forms:

  • Name
  • Email address
  • Country of residence
  • Message content
  • Any additional information you choose to provide

Newsletter Subscription:

  • Email address
  • Subscription preferences
  • Communication history

Online Store (Merchandise):

  • Name and delivery address
  • Email address
  • Phone number (if provided)
  • Payment information (processed securely by Stripe)
  • Order history and preferences

Information Collected Automatically

Website Analytics:

  • IP address (anonymized where possible)
  • Browser type and version
  • Operating system
  • Pages visited and time spent
  • Referring website
  • Geographic location (country/region level)
  • Device information

Cookies and Tracking Technologies:

  • Essential cookies for website functionality
  • Analytics cookies for performance measurement
  • Advertising cookies from our ad partners
  • Affiliate tracking cookies for commission tracking

How We Use Your Information

Lawful Bases for Processing (GDPR)

We process personal data based on the following lawful bases:

Consent: Newsletter subscriptions, non-essential cookies, marketing communications

Legitimate Interests: Website analytics, security, fraud prevention, business development

Contract Performance: Processing orders, account management, customer service

Legal Obligation: Tax reporting, compliance with applicable laws

Specific Uses

Website Operation:

  • Provide and maintain our services
  • Improve website functionality and user experience
  • Ensure website security and prevent fraud
  • Comply with legal obligations

Communications:

  • Send newsletters and product recommendations
  • Respond to contact form inquiries
  • Provide customer support
  • Send important service updates

Marketing and Monetization:

  • Display relevant advertisements through Ezoic
  • Track affiliate link performance through Skimlinks
  • Analyze user preferences for content improvement
  • Generate revenue to support website operations

Order Fulfillment:

  • Process merchandise orders through our online store
  • Arrange shipping and delivery
  • Handle returns and customer service

Information Sharing and Third Parties

Third-Party Service Providers

Ezoic (Advertising Network):

  • Displays advertisements on our website
  • Collects data for ad personalization
  • Privacy Policy: [Ezoic privacy policy link]

Skimlinks (Affiliate Network):

  • Manages affiliate links and commissions
  • Tracks clicks and conversions
  • Privacy Policy: [Skimlinks privacy policy link]

Stripe (Payment Processing):

  • Processes payments for merchandise orders
  • Stores payment and billing information securely
  • Privacy Policy: [Stripe privacy policy link]

Analytics Providers:

  • Website performance and user behavior analysis
  • Aggregate statistics and reporting

Email Service Provider:

  • Newsletter delivery and management
  • Email marketing analytics

Affiliate Partners

We may share limited information with affiliate partners to:

  • Track referrals and calculate commissions
  • Provide relevant product recommendations
  • Measure campaign effectiveness

Legal Disclosure

We may disclose personal information when required by law or to:

  • Comply with legal processes or government requests
  • Protect our rights, property, or safety
  • Prevent fraud or abuse
  • Enforce our terms of service

International Data Transfers

Our website is hosted in the United Kingdom. We may transfer your data to service providers located in other countries, including the United States. When we transfer data internationally, we ensure appropriate safeguards are in place through:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by relevant authorities
  • Other legally recognized transfer mechanisms

Cookies and Tracking Technologies

Types of Cookies We Use

Essential Cookies:

  • Required for basic website functionality
  • Cannot be disabled without affecting site operation
  • Session management, security, accessibility features

Analytics Cookies:

  • Measure website performance and user behavior
  • Help us improve content and user experience
  • Typically anonymized or pseudonymized data

Advertising Cookies:

  • Delivered by Ezoic and other advertising partners
  • Enable personalized advertising
  • Track ad performance and user interests

Affiliate Cookies:

  • Track clicks on affiliate links
  • Calculate commissions for partner referrals
  • Measure campaign effectiveness

Cookie Consent and Management

EU/UK Visitors: We obtain consent before placing non-essential cookies on your device. You can manage your cookie preferences through our cookie banner or browser settings.

Other Jurisdictions: You can control cookies through your browser settings or our preference center.

Browser Controls: Most browsers allow you to:

  • View stored cookies
  • Delete existing cookies
  • Block future cookies
  • Set cookie preferences

Your Privacy Rights

Rights Under GDPR (EU/UK Residents)

  • Right to Access: Request copies of your personal data
  • Right to Rectification: Correct inaccurate personal data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing for direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time

Rights Under CCPA (California Residents)

  • Right to Know: Know what personal information we collect, use, and share
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt out of the “sale” of personal information
  • Right to Non-Discrimination: Equal treatment regardless of privacy choices

Rights Under Other Jurisdictions

Residents of Canada, Australia, and other jurisdictions may have additional privacy rights under local laws. Contact us to learn about rights specific to your location.

Exercising Your Rights

To exercise your privacy rights:

  • Email us at [privacy-email]
  • Use our online privacy request form [if available]
  • Contact us through our general contact form

We will respond to verified requests within the timeframes required by applicable law (typically 30 days for GDPR, 45 days for CCPA).

Data Retention

We retain personal information for as long as necessary to:

  • Provide our services
  • Comply with legal obligations
  • Resolve disputes
  • Enforce our agreements

Specific Retention Periods:

  • User accounts: Until account deletion or 3 years of inactivity
  • Contact form inquiries: 2 years
  • Newsletter subscriptions: Until unsubscribed
  • Order information: 7 years for tax/accounting purposes
  • Analytics data: 26 months (Google Analytics default)
  • Marketing cookies: Up to 2 years

Children’s Privacy

Our website is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, please contact us immediately.

Data Security

We implement appropriate technical and organizational measures to protect personal information against:

  • Unauthorized access or disclosure
  • Accidental loss or destruction
  • Unlawful processing

Security Measures Include:

  • SSL encryption for data transmission
  • Secure hosting infrastructure
  • Regular security assessments
  • Access controls and authentication
  • Staff training on data protection

Newsletter and Marketing Communications

Subscription: Newsletter subscriptions are based on your explicit consent.

Content: We send updates about local product alternatives, website features, and occasionally promotional content from affiliate partners.

Unsubscribe: You can unsubscribe at any time by:

  • Clicking the unsubscribe link in any email
  • Emailing us at admin@dontbuyusa.org
  • Updating your account preferences (when available)

Frequency: Newsletters are sent approximately monthly.

Updates to This Policy

We may update this Privacy Policy periodically to reflect:

  • Changes in our practices
  • New features or services
  • Legal or regulatory requirements

Notification: We will notify you of material changes by:

  • Posting the updated policy on our website
  • Sending email notifications to subscribers
  • Displaying prominent notices on our homepage

Effective Date: Changes become effective immediately upon posting unless otherwise specified.

Contact Information

Privacy Questions: admin@dontbuyusa.org

Complaints and Regulatory Authorities

If you believe we have not addressed your privacy concerns adequately, you may file a complaint with:

EU Residents: Your local Data Protection Authority
UK Residents: Information Commissioner’s Office (ICO)
California Residents: California Attorney General
Other Jurisdictions: Your local privacy regulator

© 2025 Don’t Buy USA

This Website Uses Cookies

Continue

We use cookies to try and give you the best possible user experience. By continuing to use the site, we will presume you are happy to recieve cookies from ourselves and third parties.

Learn More