Effective date: April 12, 2026
California Notice at Collection (CPRA): See California Notice at Collection for categories collected, purposes, retention baselines, and rights information.
We collect only the information needed to operate CWYN, process transactions, deliver digital products, provide support, and maintain security/compliance.
| Category | Examples | Primary purposes | Recipient types | Retention baseline |
|---|---|---|---|---|
| Identifiers & contact | Name, email, support identifiers | Account/order communication, requested-resource delivery, limited follow-up about the requested resource or closely related operational topics, support | Hosting, customer support tools, communications vendors | 2 years after last activity unless longer retention is required for accounting/disputes |
| Commercial/order data | Products purchased, order ID, entitlement status, timestamps | Fulfillment, accounting, dispute handling, fraud review | Payments processors, hosting/database vendors | 7 years (tax/accounting + dispute recordkeeping) |
| Payment metadata | Processor IDs, payment status, risk outcomes | Payment processing, chargeback handling, abuse prevention | Payment processors and anti-fraud services | 7 years (financial controls) unless longer retention is required by law |
| Security/device telemetry | IP/country signals, request logs, abuse events | Security monitoring, rate limiting, incident response | Hosting/security tooling providers | 30–180 days unless needed for investigation/abuse prevention |
| Support communications | Messages, troubleshooting details, attachments | Resolve support issues and improve service quality | Support/communications vendors | 2 years after closure unless needed for ongoing troubleshooting or legal reasons |
We may collect contact information you provide to request a guide, checklist, or similar resource so we can deliver the requested resource, respond to related questions, and send limited follow-up related to that requested resource or closely related operational topics.
You can ask us to stop those follow-up communications at any time by replying to the delivery email or contacting privacy@cwyn.com.
CWYN does not intentionally collect highly sensitive personal information categories unless required for legal or fraud-prevention reasons. CWYN does not store full card numbers or CVV. If sensitive data is received unintentionally (e.g., in support messages), access is restricted and the data is deleted or minimized where feasible.
For California residents, CWYN does not “sell” or “share” personal information as those terms are defined by the California Consumer Privacy Act, as amended (CPRA). CWYN does not share personal information for cross-context behavioral advertising.
Targeted advertising / profiling: CWYN does not use personal information for cross-context behavioral advertising, and we do not conduct profiling in furtherance of decisions that produce legal or similarly significant effects about individuals. If this changes, we will update this policy and provide legally required opt-out controls.
Universal opt-out signals: Global Privacy Control (GPC) and similar universal opt-out signals are honored where legally required.
Nevada residents: CWYN does not sell covered information as defined by Nevada law (NRS 603A). If you have questions, contact privacy@cwyn.com.
California “Shine the Light”: CWYN does not disclose personal information to third parties for those parties’ direct marketing purposes.
We use cookies and similar technologies for security, site reliability, and analytics. You can control cookies in your browser settings. We honor Global Privacy Control (GPC) and similar universal opt-out signals where legally required.
Active analytics vendor: Google Analytics 4 (Google LLC), loaded via googletagmanager.com/gtag/js with measurement ID G-M7K44R8RKN.
| Vendor | Purpose | Data categories | Retention baseline | Controls |
|---|---|---|---|---|
| Google Analytics 4 (Google LLC) | Aggregate traffic/performance measurement and basic site analytics | Device/browser metadata, page views, interaction events, IP-derived country/region | Per Google Analytics property settings; CWYN uses this for analytics reporting only | Browser controls; GPC where legally required; see Your Privacy Choices (U.S.) |
Your Privacy Choices (U.S.): See Your Privacy Choices (U.S.) for a summary of choices, GPC handling, and how to submit requests/appeals.
Depending on your state, you may have rights to access, correction, deletion, portability, opt-out (where applicable), and appeal.
We respond to verified requests within the timeframe required by applicable law (typically 45 days, with permitted extensions where allowed). If we deny a request, you may appeal by emailing privacy@cwyn.com with subject “Privacy Appeal”. We will respond to appeals within the timeframe required by law (typically 45–60 days, depending on your state).
Data may be processed in multiple countries. Where required, we apply contractual and technical safeguards for cross-border transfers and enforce least-privilege access controls.
Children: CWYN is not directed to children under 13 and we do not knowingly collect personal information from children under 13. If you believe a child has provided personal information, contact us at privacy@cwyn.com and we will take steps to delete it.
We use administrative and technical safeguards (including access controls and logging). No method of transmission or storage is 100% secure.
We may update this policy from time to time. Changes are effective when posted with a revised effective date.
Contact · Your Privacy Choices (U.S.) · International Rights · ← Back to Home