Privacy Policy for BundleMints
Last Updated: May 2026
Introduction
Welcome to BundleMints (“Company,” “we,” “us,” “our,” or “Website”). We are committed to protecting your privacy and ensuring you have a positive experience on our website and while using our services.
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://bundlemints.com (the “Website”) and purchase our digital products and services (the “Services”).
Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Website or Services. By accessing and using BundleMints, you acknowledge that you have read and understand this Privacy Policy.
1. Information We Collect
1.1 Information You Provide Directly
Account Information:
- First and last name
- Email address
- Password (encrypted and securely stored)
- Username (if applicable)
- Phone number (optional)
- Billing and shipping address
Payment Information:
- Credit/debit card details (processed securely through third-party payment providers)
- Billing address
- Payment transaction history
- Invoice details
Communication Information:
- Messages, inquiries, and feedback you send us via email or contact forms
- Customer support conversations
- Survey responses
- Reviews and testimonials
Product-Related Information:
- Download history
- Product usage preferences
- Customization and modification notes
- License agreement acceptance records
1.2 Information Collected Automatically
Device Information:
- Device type and model
- Operating system
- Device identifiers
- Browser type and version
- IP address
- Mobile network information
Website Activity Information:
- Pages visited and time spent on each page
- Links clicked
- Downloads initiated
- Search queries
- Referring/exit pages
- Click-through rates
- Scroll depth
Location Information:
- General geographic location (city, state, country level)
- Based on IP address or GPS (if you grant permission)
- Location-based service usage
Cookies and Similar Technologies:
- Session cookies
- Persistent cookies
- Web beacons/pixels
- Log files
- Analytics tags
1.3 Information from Third Parties
Payment Processors:
- Transaction status and confirmation
- Fraud detection data
- Payment method validation
Third-Party Integrations:
- Canva data (if products are Canva-based)
- Email marketing platform data
- Analytics providers
- Social media data (if you log in via social accounts)
Publicly Available Sources:
- Public reviews and testimonials
- Social media mentions
- Public profile information (with permission)
2. How We Use Your Information
2.1 Primary Uses
We use the information we collect for the following purposes:
Service Delivery:
- Creating and managing your account
- Processing and fulfilling your orders
- Delivering digital products and downloads
- Providing customer support
- Responding to inquiries and complaints
- Sending order confirmations and receipts
Payment Processing:
- Processing payments and transactions
- Verifying payment methods
- Preventing fraud and unauthorized transactions
- Managing billing and invoicing
- Refund processing (if applicable)
Communication:
- Sending transactional emails (order confirmations, password resets)
- Responding to customer inquiries
- Providing customer support
- Sending important service announcements
- Notifying about changes to Terms & Conditions or Privacy Policy
Marketing and Promotional:
- Sending marketing emails (with your consent)
- Promoting new products and services
- Notifying about special offers and discounts
- Conducting promotional campaigns
- Creating personalized recommendations
Analytics and Improvement:
- Analyzing Website usage patterns
- Understanding customer behavior
- Improving Website functionality and user experience
- Personalizing content and recommendations
- Conducting market research
- Identifying trends and preferences
Legal Compliance:
- Complying with applicable laws and regulations
- Protecting against fraud and security threats
- Enforcing our Terms & Conditions
- Responding to legal requests and court orders
- Maintaining business records
Product Development:
- Creating new features and services
- Improving existing products
- Conducting A/B testing
- User testing and feedback collection
3. How We Share Your Information
3.1 Information We DO NOT Share
BundleMints does not sell, trade, or rent your personal information to third parties for their marketing purposes without your explicit consent.
3.2 Information We MAY Share
Service Providers:
- Payment processors (Stripe, PayPal, Razorpay, etc.)
- Email marketing platforms (Mailchimp, ConvertKit, etc.)
- Website hosting providers
- Cloud storage services
- Analytics platforms (Google Analytics, etc.)
- Customer support software
- CRM systems
These service providers are contractually obligated to use your information only for providing services to us and protecting your data.
Canva and Content Providers:
- If you purchase Canva-based products, limited information may be shared with Canva for verification purposes
- Product content and design elements (non-personally identifiable)
Legal Requirements:
- Government agencies and law enforcement (when legally required)
- Court orders and subpoenas
- To protect our legal rights and property
- To prevent fraud and security violations
- To protect the safety of our users and the public
Business Transfers:
- In the event of merger, acquisition, bankruptcy, or sale of assets
- Your information may be transferred as part of the business transaction
- We will provide notice if your data is affected
Aggregate and De-Identified Data:
- Aggregated and anonymized statistics
- Market research findings
- Trend analysis (without identifying individuals)
- For business insights and strategic planning
With Your Consent:
- Any other sharing will only occur with your explicit written consent
- You can withdraw consent at any time
4. Data Retention
4.1 How Long We Keep Your Data
Account Information:
- Retained for the duration of your account and 2 years after account deletion
- Longer if required by law
Payment Information:
- Payment card data is not stored by us (handled by secure payment processors)
- Transaction records retained for 7 years (tax and legal compliance)
- Billing information retained for 5 years
Email Communications:
- Marketing emails: Retained until you unsubscribe
- Transactional emails: Retained for 3 years
- Customer support tickets: Retained for 2 years or as required by law
Website Activity Data:
- Cookies and analytics data: 1-2 years (depending on cookie type)
- Log files: 90 days
Customer Support Records:
- Retained for 2 years after last interaction
- Longer if dispute or legal issue is pending
Deleted Accounts:
- Personal data deleted within 30 days of account deletion
- May retain data if required by law, for legitimate business purposes, or to resolve disputes
5. Your Privacy Rights
5.1 Rights You Have
Right of Access:
- You have the right to request a copy of your personal information we hold
- Request must be submitted in writing to support@bundlemints.com
Right to Correction:
- You can request to correct inaccurate or outdated information
- Update your account information directly in your dashboard
Right to Deletion:
- You can request deletion of your personal information
- Subject to legal obligations and legitimate business purposes
- Some information may be retained for tax/legal compliance
Right to Withdraw Consent:
- Withdraw consent for marketing communications anytime
- Unsubscribe from emails via link in message
- Update communication preferences in your account
Right to Data Portability:
- Request your data in a structured, commonly-used format
- Transfer information to another service provider
- Available upon written request
Right to Opt-Out:
- Opt out of personalized marketing
- Opt out of analytics and tracking
- Opt out of third-party data sharing
5.2 How to Exercise Your Rights
Send a request to: support@bundlemints.com
Include:
- Your full name
- Account email address
- Specific right you’re exercising
- Any relevant details
We will respond within 30 days of receiving your request.
6. Cookies and Tracking Technologies
6.1 What Are Cookies?
Cookies are small text files stored on your device that help us recognize you and remember your preferences.
6.2 Types of Cookies We Use
Essential Cookies:
- Session cookies for login and account security
- CSRF protection tokens
- Cart and checkout functionality
Functional Cookies:
- Remember your preferences
- Language preferences
- Theme selections
- User interface customization
Analytics Cookies:
- Google Analytics for Website usage patterns
- User behavior tracking
- Page performance metrics
- Traffic source identification
Marketing Cookies:
- Tracking conversions and campaign effectiveness
- Retargeting advertisements
- Email marketing performance
- A/B testing results
Third-Party Cookies:
- Social media integrations (Facebook, Instagram)
- Payment processor cookies
- Analytics provider cookies
6.3 Cookie Management
Browser Controls:
- Most browsers allow you to refuse cookies
- You can delete cookies at any time
- Instructions available in browser settings menu
Opt-Out Options:
Disabling Cookies:
- Note: Disabling cookies may affect Website functionality
- Some features may not work properly
7. Security Measures
7.1 How We Protect Your Data
Encryption:
- SSL/TLS encryption for all data in transit
- HTTPS protocol on all pages
- Encrypted storage for sensitive data
Access Controls:
- Limited employee access to personal information
- Role-based access permissions
- Background checks for staff members
- Non-disclosure agreements
Technical Safeguards:
- Firewalls and intrusion detection systems
- Regular security audits and penetration testing
- Vulnerability assessments
- DDoS protection
- Malware scanning
Administrative Safeguards:
- Privacy training for all staff
- Data handling protocols
- Incident response procedures
- Regular backup and recovery testing
- Access logs and monitoring
7.2 Payment Security
PCI DSS Compliance:
- Payment Card Industry Data Security Standard (PCI DSS) compliant
- Credit card data never stored on our servers
- Tokenization for secure payment processing
- Third-party payment processor handles all sensitive payment data
Fraud Prevention:
- Advanced fraud detection systems
- Verification protocols
- Suspicious activity monitoring
- Immediate alert mechanisms
7.3 What We Cannot Guarantee
While we implement industry-standard security measures, no system is 100% secure. We cannot guarantee absolute security of your information. Use of the Website is at your own risk.
8. Third-Party Links and Services
8.1 External Links
Our Website may contain links to third-party websites and services, including:
- Canva
- Social media platforms
- Payment processors
- Email marketing services
- Analytics providers
We are NOT responsible for:
- Third-party privacy practices
- Third-party content and policies
- Data collection by third parties
- Misuse of your information by third parties
Recommendation: Review the privacy policies of third-party services before sharing your information.
8.2 Social Media Integration
If you log in via social media accounts (Facebook, Google, etc.):
- We receive limited profile information
- You control what data is shared
- Third-party privacy policies apply
- You can disconnect accounts anytime in settings
9. GDPR Compliance (EU Users)
9.1 Rights Under GDPR
If you are located in the European Union, you have additional rights:
Legal Basis for Processing:
- Consent (for marketing and non-essential services)
- Contract performance (fulfilling your order)
- Legal obligation (tax and regulatory compliance)
- Legitimate interests (improving services, fraud prevention)
Data Protection Officer:
International Data Transfer:
- If we transfer data outside the EU, we implement Standard Contractual Clauses
- Your data is protected to the same extent as EU data
Right to Lodge a Complaint:
10. CCPA Compliance (California Residents)
10.1 California Consumer Privacy Act (CCPA)
If you are a California resident, you have the following rights:
Right to Know:
- What personal information is collected
- How it is used
- Who it is shared with
Right to Delete:
- Request deletion of personal information
- Subject to exceptions for legal obligations
Right to Opt-Out:
- Opt out of the sale or sharing of personal information
- We do not sell information, but you can opt out of marketing
Right to Correct:
- Correct inaccurate personal information
Right to Limit:
- Limit use of sensitive personal information
Non-Discrimination:
- We do not discriminate based on exercising privacy rights
- Same service quality for all users
How to Submit Requests: Email: support@bundlemints.com Include: Full name, email address, and specific request
Response time: 45 days
11. Children’s Privacy
11.1 Age Restriction
BundleMints is not intended for children under 18 years of age. We do not knowingly collect information from children under 18.
If we discover:
- We have collected data from a minor
- We will delete it immediately
- We will not use the information
Parent/Guardian Concerns: If you believe we have collected information from a child, contact us immediately at support@bundlemints.com.
12. Email Communications
12.1 Types of Emails
Transactional Emails:
- Order confirmations
- Password resets
- Account notifications
- Delivery and access confirmations
- Required by law/contract (cannot opt out)
Marketing Emails:
- Product recommendations
- Special offers and promotions
- Newsletter content
- Event announcements
- Can opt out anytime
12.2 Unsubscribe Options
How to Unsubscribe:
- Click “Unsubscribe” link at bottom of marketing emails
- Update email preferences in your account settings
- Reply with “UNSUBSCRIBE”
- Email: support@bundlemints.com
Processing Time:
- Takes up to 5-10 business days
- Transactional emails will continue
Note: Unsubscribing from marketing emails does not unsubscribe you from transactional emails.
13. Data Breach Notification
13.1 If Your Data is Compromised
Our Commitment:
- Investigate unauthorized access immediately
- Notify affected users without unreasonable delay
- Report to relevant authorities as required
- Provide free credit monitoring/identity theft protection (if applicable)
What We Will Do:
- Email notification with details of breach
- Specific information that may have been affected
- Steps we are taking to secure data
- Recommended precautions for you
- Contact information for questions
Your Rights:
- Right to know about breaches affecting your data
- Right to request credit monitoring (if applicable)
- Right to file claims under applicable laws
14. Analytics and Tracking
14.1 Analytics Tools We Use
Google Analytics:
Hotjar (or Similar Heat Mapping):
- Records user interactions
- Identifies UX issues
- Tracks scroll depth and click patterns
- Privacy Policy available on their website
Email Marketing Analytics:
- Open rates and click-through rates
- User engagement metrics
- Campaign performance data
- Used to improve content
14.2 Disabling Analytics
- Use browser privacy settings
- Install ad blockers or privacy extensions
- Opt out via Google Analytics opt-out tool
- Opt out via individual provider settings
15. California Shine the Light Law
15.1 Information Sharing Disclosure
Under California Civil Code Section 1798.83, California residents have the right to request information about personal information we share with third parties for direct marketing purposes.
To Submit a Request:
We will provide:
- Categories of information shared
- Specific third parties we share with
- Response within 30 days
16. Do Not Track Signals
Some browsers include a “Do Not Track” feature. Currently, there is no industry-wide standard for recognizing Do Not Track signals.
Our Policy:
- We do not currently respond to Do Not Track signals
- We use analytics and tracking as described in this policy
- You can disable tracking through browser settings
17. Changes to This Privacy Policy
17.1 When We Update This Policy
We may update this Privacy Policy periodically to reflect:
- Changes in our practices
- New legal requirements
- Technological advances
- User feedback
17.2 How We Notify You
Major Changes:
- Email notification to registered users
- Prominent notice on our Website
- Require explicit consent for new data collection (if applicable)
Minor Changes:
- Posted on Website with updated date
- Continued use indicates acceptance
Your Rights:
- Review the updated policy before using the Website
- Contact us with questions or concerns
- Discontinue use if you disagree with changes
18. Contact Information
18.1 Privacy Questions or Concerns
Contact Us: 📧 Email: support@bundlemints.com
🌐 Website: https://bundlemints.com
📱 Support Page: https://bundlemints.com/support
Mailing Address: BundleMints
[india]
Response Time: We aim to respond to all privacy-related inquiries within 7-10 business days.
18.2 Data Protection Officer
For GDPR-related inquiries: 📧 Email: privacy@bundlemints.com
18.3 Escalation
If you are not satisfied with our response:
- Request escalation to management
- File complaint with relevant data protection authority
- Pursue legal remedies as available
19. Definitions
Personal Information: Any information that identifies you or can be used to identify you, including name, email, IP address, etc.
Processing: Any action performed on data, including collection, use, storage, transmission, or deletion.
Third Party: Any entity other than BundleMints or the individual to whom the data relates.
Cookies: Small text files stored on your device containing data about your interactions.
Data Breach: Unauthorized access, disclosure, or loss of personal information.
Consent: Voluntary, informed agreement to data processing.
20. Entire Agreement
This Privacy Policy, together with our Terms & Conditions, constitutes the entire agreement regarding the collection and use of your information. This policy supersedes all previous notices and policies.
21. Governing Law
This Privacy Policy is governed by applicable laws and regulations. Disputes arising from this policy shall be handled according to the procedures outlined in our Terms & Conditions.
Thank you for trusting BundleMints with your information.
Your privacy is important to us. If you have any questions about this Privacy Policy, please do not hesitate to contact us.