Privacy Policy

This Privacy Notice for WindTattoo ("we", "us", or "our") describes how and why we access, collect, store, use, and share ("process") your personal information when you use our services ("Services").

• Visit our website at storytattoos.in or any site linking to this notice
• Engage with us in related ways (sales, marketing, events)

Questions or concerns? If you disagree with any practices below, discontinue use. For inquiries contact storytattoos.in@gmail.com.

This summary highlights core points; read full sections for detail.

• Data Processed: Depends on interactions & features used.
• Sensitive Data: Not intentionally processed.
• Third-Party Sources: None; data comes directly from you.
• Uses: Provide/improve Services, communicate, security/fraud prevention, legal compliance.
• Sharing: Limited, situational (see sharing section).
• Security: Reasonable safeguards—no absolute guarantees.
• Your Rights: Vary by jurisdiction; access, correct, delete, object, etc.

1. 1. What Information Do We Collect?
2. 2. How Do We Process Your Information?
3. 3. Legal Bases
4. 4. Sharing Personal Information
5. 5. Cookies & Tracking Technologies
6. 6. Retention
7. 7. Security
8. 8. Your Privacy Rights
9. 9. Do-Not-Track
10. 10. US State Rights
11. 11. Other Regional Rights
12. 12. Updates
13. 13. Contact
14. 14. Review/Update/Delete Data

Personal information you disclose: Provided voluntarily when expressing interest, participating in activities, or contacting us.

Examples: Names, phone numbers, email addresses.

Sensitive Data: Not processed.

Information must be true, complete, and accurate; notify us of changes.

Google API: Any Google-derived data follows the Google API Services User Data Policy (Limited Use).

Purpose: Provide, improve, administer Services; communicate; security & fraud prevention; legal compliance. Other purposes require explicit consent.

• Request feedback
• Marketing & promotional communications (opt-out available)
• Protect vital interests (prevent harm)

EU/UK GDPR: Consent, Legitimate Interests, Legal Obligations, Vital Interests.

• Consent: Specific purposes; withdraw anytime.
• Legitimate Interests: Offers, usage understanding, improvements.
• Legal Obligations: Compliance, cooperation, defense of rights.
• Vital Interests: Safety-related scenarios.

Canada: Express or implied consent; exceptions (investigations, legal compliance, public availability, emergencies, etc.).

Situational sharing may occur:

• Business Transfers: Mergers, asset sales, financing, acquisitions.
• Google Maps APIs: Location estimation via GPS, Wi‑Fi, cell towers.

Use of cookies, pixels, beacons to maintain security, prevent crashes, fix bugs, save preferences, support functions.

Analytics & advertising technologies may tailor experiences; opt‑out mechanisms available under US state laws.

Google Analytics: May be used for usage analysis; opt out via official tools and ad settings.

Retention limited to purposes outlined or legal requirements (tax, accounting, etc.).

When no legitimate need remains: delete or anonymize; if stored in backups, isolate until deletion possible.

Reasonable organizational & technical safeguards applied. No internet/transmission/storage method is 100% secure.

Access Services within secure environment; some risk persists despite best efforts.

Depending on jurisdiction (EEA, UK, Switzerland, Canada, US states) rights may include: access, copy, rectification, erasure, restriction, portability, objection, freedom from solely automated decisions.

Automated decisions producing legal/significant effects will include explanation and human review option.

No uniform DNT standard finalized; we do not respond to DNT signals currently. If a standard is adopted, practices will be updated.

California disclosure: no response mechanism implemented at this time.

Residents of numerous US states may request: access, details of processing, corrections, copies, deletion, withdrawal of consent; opt‑out of targeted ads/sale/sharing/profiling where applicable.

Additional state‑specific rights: categories of data/third parties disclosed, profiling review, limit sensitive data use.

Exercise rights via data subject access request or provided inquiry channels.

Australia & New Zealand: Comply with respective Privacy Acts; rights to access/correct. Complaints: OAIC (AU), NZ Privacy Commissioner.

South Africa: POPIA rights; regulator contacts provided (Information Regulator).

Updates indicated by revised date. Material changes highlighted or notified directly. Review periodically.

Email: storytattoos.in@gmail.com

Postal: WindTattoo, 368 Đ. Nguyễn Văn Quá, Đông Hưng Thuận, Quận 12, Thành phố Hồ Chí Minh 729160, Vietnam

Submit a data subject access request or contact us to exercise applicable rights (access, correction, deletion, withdrawal of consent). Verification may be required.