Privacy Policy

1. Taxonomy of Data Collection

• Voluntary Disclosures: This includes identity markers (full name, shipping and billing coordinates), electronic contact details (email address), and telephonic identifiers provided during account registration, guest checkout, or when contacting our support team for assistance with your fitness or massage equipment purchases.
• Financial Data: Transactional details (e.g., payment amount, order ID) are processed via encrypted third-party gateways; Roolerrad does not store primary payment instrument details (full credit card numbers, CVV codes) on its local servers, in compliance with PCI-DSS v4.0 standards and AppLovin’s data security requirements.
• Automated Telemetry: We utilize first-party cookies, pixels, and similar tracking technologies (consistent with AppLovin’s advertising and analytics practices) to aggregate technical data, including IP addresses, browser specifications, device make/model, navigation patterns within our digital storefront, and interactions with our sports massage and fitness equipment listings (e.g., product views, cart additions).

2. Strategic Utilization of Information

• Order Fulfillment: Executing logistics, processing payments, facilitating shipment tracking, and delivering your Workout Equipment for Strength Training, Indoor Fitness Gear for Home Training, or Massage Equipment in a timely manner.
• Service Enhancement: Analyzing site interaction data to refine our equipment selections, improve our user interface, and optimize the shopping experience for fitness and massage product customers.
• Mandatory Communications: Dispatching critical order updates (e.g., shipment confirmations, delivery notifications) and, strictly upon your explicit consent, selective brand announcements related to new fitness equipment, massage product updates, or promotional offers.
• Security Protocols: Implementing anti-fraud measures to safeguard our transactional environment, protect your data, and ensure compliance with AppLovin’s security standards.
• Personalized Advertising (per AppLovin Guidelines): Utilizing aggregated data to deliver relevant promotional content for our sports massage and fitness equipment, in line with AppLovin’s AI-driven ad personalization and attribution practices.

3. Safeguarding & Cryptographic Standards

• Data Encryption: We employ industry-standard 256-bit Secure Socket Layer (SSL) protocols to encrypt all sensitive data transmissions (including personal and financial information) between your browser and our platform, ensuring data privacy during transit.
• Restricted Access: Access to personal datasets is strictly limited to authorized personnel who have signed rigorous confidentiality agreements, with role-based access controls to prevent unauthorized access.
• Payment Security: In compliance with PCI-DSS v4.0 standards, we do not retain sensitive payment credentials post-transaction. All payment processing is handled by authorized, PCI-compliant third-party gateways.
• Data Retention: Consistent with AppLovin’s data retention policies, we retain collected data for limited periods—typically up to two (2) years from the date of collection, or until you request deletion, whichever occurs first. We may retain certain data longer to comply with legal obligations, resolve disputes, or enforce our agreements.

4. Controlled Third-Party Disclosures

• Payment Processors: Authorized PCI-compliant providers to process transactions securely.
• Logistics Partners: Shipping carriers to facilitate order fulfillment and tracking for your fitness and massage equipment.
• Advertising & Analytical Partners: To deliver a personalized shopping experience and measure ad performance, we collaborate with third-party platforms that utilize tracking technologies. You may review their respective privacy practices via the links below:
  • AppLovin (Axon): For AI-driven ad personalization and attribution. https://legal.applovin.com/privacy
  • Meta Platforms (Facebook/Instagram): For social integration and conversion tracking. Note: Access to this privacy policy is currently unavailable due to regional restrictions.
  • Google Services (Analytics & Ads): For site performance monitoring and search relevance. https://policies.google.com/privacy

5. Cookies & Tracking Technologies

• Stabilize the shopping cart and checkout architecture, ensuring a seamless experience when purchasing your Workout Equipment for Strength Training, Indoor Fitness Gear for Home Training, or Massage Equipment.
• Monitor site performance via Shopify-integrated analytics, identifying areas for improvement.
• Deliver relevant promotional content through AppLovin and other authorized partners, tailored to your fitness and massage equipment interests.

6. Protection of Children’s Privacy (COPPA)

• We do not knowingly solicit or collect data from individuals under the age of 13.
• In the event of an inadvertent data acquisition of a minor, Roolerrad will perform an immediate and permanent deletion of such records, in compliance with COPPA and AppLovin’s children’s privacy guidelines.

7. California Online Privacy Protection (CalOPPA)

• Our digital storefront may be browsed anonymously, without providing personal information.
• This Privacy Policy is accessible via a prominent link on our homepage footer.
• We acknowledge and honor "Do Not Track" (DNT) browser signals, in line with CalOPPA requirements.

8. EEA Data Subject Rights (GDPR)

9. California Consumer Privacy Rights (CCPA/CPRA)

• Disclosure Rights: You may request a detailed report on the categories of data collected, the sources of such data, and how it is used or shared.
• Opt-Out Provisions: While we do not sell data for monetary gain, the sharing of identifiers with partners like AppLovin for cross-contextual advertising is governed by your right to opt-out. To opt-out, please contact us at support@roolerrad.com.
• Right to Delete: You may request the deletion of your personal data, subject to exceptions required by law (e.g., to comply with legal obligations or resolve disputes).

10. Incident Response & Breach Notification

• Direct Notification: Impacted users will be alerted via email within 7 business days of discovering the breach, providing details on the nature of the breach and steps to protect their data.
• Public Notice: A formal disclosure will be posted on our digital storefront within the same timeframe, ensuring transparency.

11. CAN-SPAM Act Adherence

• Utilize non-deceptive, transparent subject lines that accurately reflect the content of the email (e.g., promotional offers for massage equipment or fitness gear).
• Feature a functional and visible "Unsubscribe" mechanism, allowing you to opt out of future promotional emails with a single click.
• Be processed promptly to remove opted-out users from all marketing registries within 10 business days of the opt-out request.

12. Legal Inquiries & Corporate Identity