Privacy Policy

Effective Date: June 2025 
Last Updated: June 2025

Introduction and Our Commitment to Your Privacy

At Huggletee, we deeply understand that your privacy is not merely a preference; it is a fundamental right that deserves our utmost respect, diligence, and protection. This comprehensive Privacy Policy has been meticulously crafted to serve as your complete and transparent guide to understanding precisely how we collect, handle, use, share, and safeguard your personal information throughout every interaction you have with us.

When you choose to shop with Huggletee, browse our website (huggletee.com), connect with our support team, or engage with us in any manner, you are entrusting us with information that is personal to you and holds significant value. We do not take this responsibility lightly. This policy will explain in detail:

  • What specific information we collect from you.
  • Why we deem it necessary to collect this information.
  • How we meticulously use it to provide and improve our services.
  • With whom we may share it, under strict conditions.
  • Most importantly, the robust measures we employ to protect it from unauthorized access or misuse.

We are unwavering in our belief in transparency, which is why we’ve endeavoured to create this in-depth explanation of our privacy practices. Our goal is for you to feel completely confident and informed about every aspect of how your data is managed when you are part of the Huggletee community. We encourage you to read this policy carefully to understand our practices and your rights.

1. Information We Collect – A Detailed Breakdown

Understanding precisely what types of information we gather from you is the cornerstone of our transparent relationship. Here’s a comprehensive, category-by-category overview of the different types of data we may collect during your interactions with Huggletee:

1.1 Identity and Contact Information

This category includes data that identifies you as an individual and allows us to communicate with you.

  • What we collect:
    • Full Name: Your first and last name, used for personalizing your account and addressing your orders.
    • Email Address: Your primary identifier for account login, order confirmations, and essential communications.
    • Phone Number: Mobile and/or landline, crucial for delivery coordination, urgent order updates, and customer support contact.
    • Billing Address: Your street address, city, postal code, and country, required for payment verification and invoicing.
    • Delivery/Shipping Address: If different from your billing address, this ensures your purchases reach the correct destination.
    • Date of Birth: Occasionally requested for age verification (e.g., for age-restricted products, if applicable), or to provide special birthday offers or personalized content (only when explicitly provided by you and with your consent).
  • Why we collect this: This information is absolutely essential for establishing and managing your user account, accurately processing your orders, and enabling us to reach you with critical updates regarding your purchases and account status. Your contact details facilitate vital communications such as order confirmations, shipping notifications, delivery schedules, and addressing any support issues that may arise efficiently.
  • When we collect this:
    • When you register for a new account on our Site.
    • When you place an order as a guest (without creating an account).
    • When you subscribe to our newsletter or other marketing communications.
    • When you contact our customer support team via email, phone, or chat.
    • When you participate in promotions, contests, or surveys that require personal details.

1.2 Order and Transaction Details

This data relates directly to your purchasing activities on Huggletee.

  • What we collect:
    • Complete Order History: Including specific product names, quantities purchased, prices, and any applicable discounts or promotions.
    • Purchase Dates and Times: To accurately record and track your transactions.
    • Order Status and Tracking Information: Details regarding the current stage of your order (e.g., pending, processed, shipped, delivered) and tracking numbers.
    • Return and Exchange History: Records of any items you have returned or exchanged.
    • Product Reviews and Ratings: Any feedback or reviews you voluntarily provide on products.
    • Wishlist and Saved Items: Products you have marked for future consideration.
    • Shopping Cart Contents: Even if you don’t complete a purchase, we may temporarily store your cart contents to facilitate a smoother return to shopping.
  • Why we collect this: This comprehensive transactional information is fundamental for us to accurately fulfill your orders, provide efficient customer support (e.g., looking up past purchases), process returns or exchanges, and enhance our product recommendations by understanding your past preferences and shopping patterns. It also aids in identifying potential issues with product delivery or quality.
  • How long we keep this: We are legally obliged to retain order information for specific periods for accounting, auditing, and tax purposes as mandated by Sri Lankan law. This typically means a minimum retention period of 7 years. While specific order data may be retained for these legal requirements, you can request the deletion of associated personal data from your active profile, subject to these legal obligations.

1.3 Payment Information and Security

This concerns the details related to how you pay for your orders.

  • What we collect:
    • Payment Method Preferences: Indications of your chosen payment type (e.g., credit card, debit card, digital wallets).
    • Billing Address: As associated with your chosen payment method for verification.
    • Transaction IDs and Payment Confirmations: Unique identifiers for each payment process.
    • Refund and Chargeback Information: Records of any refunds issued or chargebacks initiated.
  • Important Security Note: We want to be absolutely clear: Huggletee does NOT store your complete credit card numbers, debit card numbers, CVV codes, or other highly sensitive payment details directly on our servers.All payment processing is handled by certified third-party payment gateways (e.g., Stripe, PayPal, IPay Global, and local banking partners) that adhere to the stringent PCI DSS (Payment Card Industry Data Security Standard) requirements. These highly secure processors are responsible for handling your payment information using bank-level encryption and robust security measures. Your sensitive financial data is tokenized or encrypted by them, and we only receive a confirmation that your payment was successful.
  • For Cash on Delivery (COD): When you opt for Cash on Delivery for eligible local Sri Lankan products, we collect and verify your delivery address and contact information to facilitate successful delivery and payment collection by our delivery partners. This information is treated with the same level of privacy as other data.

1.4 Technical and Device Information

This refers to data automatically collected about your device and how you interact with our website.

  • What we automatically collect:
    • Device Type and Model: Such as smartphone, tablet, desktop computer, laptop, to help us optimize our display.
    • Operating System and Version: (e.g., iOS, Android, Windows, macOS) for compatibility analysis.
    • Browser Type and Version: (e.g., Chrome, Firefox, Safari, Edge) to ensure optimal rendering.
    • Screen Resolution and Device Orientation: For responsive design adjustments.
    • IP Address and Approximate Geographic Location: Anonymized or generalized, used for security, fraud prevention, and understanding regional user distribution.
    • Internet Service Provider (ISP) Information: Helps diagnose connectivity issues.
    • Referring Website or Source: The URL of the page you were on before arriving at Huggletee (e.g., a search engine, social media link).
    • Pages Visited: The specific pages you view on our website, the sequence of pages, and the time spent on each page.
    • Click Patterns and User Journey: How you navigate through our site (e.g., what buttons you click, forms you fill).
    • Date and Time of Visits: To analyze website traffic patterns.
  • Why we collect this: This technical information is crucial for us to optimize our website for various devices and browsers, ensure seamless compatibility, identify and resolve technical issues (e.g., broken links, slow loading times), enhance our security measures to prevent fraud, and gain insights into how customers navigate our site to continuously improve the overall user experience.

1.5 Communication and Interaction Data

This encompasses all interactions you have with Huggletee through various communication channels.

  • What we collect:
    • Messages from Contact Forms: Content of inquiries submitted through our website.
    • Email Correspondence: Full transcripts of emails exchanged with our support team.
    • WhatsApp Messages and Chat History: Records of interactions via WhatsApp and our on-site live chat.
    • Phone Call Records: If you call our support line, calls may be recorded for quality assurance and training purposes, with prior notification.
    • Social Media Interactions and Mentions: Public interactions with our brand on social media platforms.
    • Survey Responses and Feedback: Your answers and comments from surveys you participate in.
    • Live Chat Transcripts: Records of real-time conversations with our support agents.
  • Why we collect this: This communication data allows us to provide more effective and personalized customer service, resolve issues more efficiently, improve our products and services based on direct feedback, and maintain a comprehensive record of our interactions for quality assurance, training, and compliance purposes.

1.6 Marketing and Preference Data

This information helps us tailor our communications and offers to your interests.

  • What we collect:
    • Newsletter Subscription Preferences: Your choice to receive marketing emails.
    • Marketing Communication Consent Status: Records of your explicit consent (opt-in/opt-out) for various types of marketing.
    • Product Category Interests: Inferred from your browsing or purchase history, or directly provided by you.
    • Preferred Communication Channels: (e.g., email, WhatsApp).
    • Language and Currency Preferences: To customize your site experience.
    • Promotional Code Usage History: To track campaign effectiveness.
  • Your Control: You have complete and transparent control over marketing communications. You can opt-in or opt-out at any time through simple mechanisms, and we will respect your preferences immediately. We only send marketing communications with your explicit consent.

2. How We Use Your Information – Comprehensive Purposes

We use your personal information for various legitimate business purposes, always with your privacy and security as our paramount consideration. Each use is designed to enhance your experience, ensure service delivery, and comply with legal obligations:

2.1 Order Processing and Fulfillment

This is the core purpose for collecting your data.

  • Primary Uses:
    • Identity Verification: To verify your identity and prevent fraudulent orders, protecting both you and our platform.
    • Secure Payment Processing: Facilitating secure transactions through our trusted third-party payment partners.
    • Order Preparation and Packaging: Accurately preparing and packaging your purchased items.
    • Delivery Coordination: Collaborating with our local and international delivery partners to ensure timely and accurate shipping.
    • Real-time Updates: Providing you with immediate order confirmations, shipping notifications, and tracking information.
    • Inventory Management: Efficiently managing our stock levels and product availability.
    • Returns, Exchanges, and Refunds: Handling all aspects of post-purchase service, including processing returns, exchanges, and issuing refunds.
  • Quality Assurance: We diligently analyze order data to ensure accuracy, minimize errors, and continuously refine our fulfillment processes to meet and exceed your expectations.

2.2 Customer Service and Support

Your data helps us provide you with responsive and effective assistance.

  • How we help you:
    • Inquiry Response: Promptly responding to your inquiries, questions, and support requests.
    • Technical Troubleshooting: Assisting with technical issues you might encounter on the website.
    • Product Information: Providing detailed information and personalized recommendations about products.
    • Order Management: Assisting with order modifications, cancellations, or delivery changes.
    • Complaint Resolution: Efficiently resolving any complaints or disputes you may have.
    • Post-Purchase Support: Offering assistance with product usage, warranties, or any post-delivery concerns.
  • Continuous Improvement: We analyze communication and interaction data to identify common issues, understand customer needs, and thereby enhance our products, services, and overall customer experience.

2.3 Website Optimization and Performance

Technical data helps us improve the functionality and usability of Huggletee.com.

  • Technical Improvements:
    • Speed and Performance: Optimizing website loading speeds and ensuring smooth overall performance.
    • Compatibility: Ensuring seamless compatibility across a wide range of devices and web browsers.
    • Bug Fixing: Identifying and rectifying technical glitches and errors quickly.
    • User Interface Enhancement: Improving the user interface (UI) and navigation to make the site more intuitive.
    • New Feature Implementation: Developing and deploying new features based on user behavior and feedback.
  • Personalization: By understanding your browsing and purchase history, we can personalize your shopping experience, displaying relevant product recommendations, tailored content, and special offers that genuinely align with your interests.

2.4 Security and Fraud Prevention

Protecting your data and our platform is a continuous effort.

  • Protecting You and Our Community:
    • Suspicious Activity Monitoring: Continuously monitoring for suspicious login attempts, fraudulent transactions, and other potentially malicious activities.
    • Account Protection: Implementing robust security measures to safeguard customer accounts from unauthorized access.
    • Data Integrity: Preventing unauthorized access, alteration, or deletion of personal information.
    • Malicious Activity Blocking: Identifying and blocking cyber threats such as malware, phishing attempts, and denial-of-service attacks.
    • Platform Integrity: Maintaining the overall security and stability of our online marketplace.
  • Risk Assessment: We analyze patterns and behaviours to identify potential security risks proactively and implement measures to protect all customers and Vendors on the Huggletee platform.

2.5 Marketing and Communications (With Your Consent)

We use your preferences to provide you with relevant promotional content.

  • Promotional Activities:
    • Newsletters: Sending periodic newsletters with exciting product updates, exclusive offers, and useful content.
    • Sales and Discounts: Notifying you about upcoming sales events, special discounts, and limited-time deals.
    • New Product Launches: Informing you about newly arrived products and collections.
    • Surveys and Contests: Inviting you to participate in surveys to gather feedback or contests for special rewards.
    • Personalized Recommendations: Providing tailored product suggestions based on your browsing and purchase history.
  • Important Note: All marketing communications are strictly sent only with your explicit consent (opt-in). You retain full control and can easily unsubscribe from any marketing communications at any time through the unsubscribe link provided in every email, or by contacting our customer support team directly.

2.6 Legal and Compliance Requirements

We adhere to all applicable laws and regulations concerning data handling.

  • Regulatory Compliance:
    • Tax and Record-Keeping: Fulfilling our obligations related to tax reporting and maintaining accurate financial records as required by Sri Lankan law.
    • Consumer Protection: Complying with all consumer protection laws and regulations relevant to online marketplaces in Sri Lanka.
    • Data Protection: Adhering to local data protection regulations, including those related to privacy and data security.
    • Legal Requests: Responding appropriately to valid legal requests from law enforcement agencies, government authorities, or court orders.
    • Audit Records: Maintaining necessary records for internal and external audit purposes to demonstrate compliance.

3. Cash on Delivery (COD) – Detailed Policy

Our Cash on Delivery (COD) option is a convenient payment method, but it comes with specific operational and security considerations.

3.1 Availability and Eligibility

  • Geographic Restrictions: Cash on Delivery is exclusively available for customers located within Sri Lanka and specifically for orders containing local Sri Lankan products. This limitation is in place due to several practical and legal reasons:
    • Local Delivery Partners: We collaborate with local courier and delivery services who are equipped and trained to handle COD transactions safely and efficiently within Sri Lanka.
    • Reduced Fraud Risk: Limiting COD to local transactions helps reduce the risk of fraud and payment disputes often associated with international COD.
    • Regulatory Support: Local banking regulations and financial infrastructure in Sri Lanka directly support domestic COD transactions.
  • Product Eligibility:
    • ✅ Available for: All products explicitly marked as “locally sourced” or “locally manufactured” on the Huggletee platform.
    • ❌ Not available for: International/overseas products that require import and often involve customs duties and pre-payment for international logistics.
    • ❌ Not available for: Certain high-value items above a specified threshold, which will be clearly indicated at checkout, to mitigate risk.

3.2 Data Usage for COD Orders

When you select COD, your personal information is used with precision to ensure a successful delivery.

  • Verification Process: To facilitate your COD order, we utilize your personal information to:
    • Verify Identity and Delivery Address: Ensuring the legitimacy of the order and the accuracy of the delivery location.
    • Confirm Phone Number: Crucial for our delivery partners to coordinate the exact delivery time and location with you.
    • Check Order Details: Confirming the accuracy of product details and pricing before dispatch.
    • Delivery Coordination: Sharing necessary information with our trusted delivery partners for logistical purposes.
    • Follow-up: Tracking successful delivery and payment collection by the courier.
  • Privacy Commitment: Your personal data collected specifically for COD orders is used solely for the purposes of order fulfillment, delivery, and payment collection. We absolutely never sell, rent, or misuse this information for any other unrelated marketing or third-party purposes.

3.3 COD Security Measures

We implement measures to protect both you and our Vendors when using COD.

  • Fraud Prevention:
    • First-Time Customer Limits: We may, at our discretion, limit COD availability for first-time customers or for orders exceeding certain values to reduce initial fraud exposure.
    • Failed COD Attempts: Multiple instances of failed COD attempts (e.g., customer unavailable, refusal to pay) may result in future restrictions on COD eligibility for that account.
    • Address and Contact Verification: We conduct internal checks on delivery addresses and contact information before dispatching COD orders.
    • Delivery Partner Training: Our delivery partners are trained to verify customer identity upon delivery, ensuring the package is handed over to the rightful recipient and payment is collected correctly.

4. Third-Party Data Sharing – Complete Transparency

We maintain stringent control over your personal information and only share it under specific, necessary circumstances to provide you with excellent service, or when legally mandated. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

4.1 Delivery and Logistics Partners

These partners are essential for getting your products to you.

  • Who they are:
    • Local and International Courier Services: (e.g., DHL, FedEx, Sri Lanka Postal Service, local express delivery companies).
    • Last-Mile Delivery Companies: Specialized services that handle the final leg of product delivery.
    • Warehouse and Fulfillment Partners: If we utilize external warehouses for order processing and dispatch.
  • What we share:
    • Your Name and Delivery Address: To correctly label and route your package.
    • Contact Phone Number: For the courier to reach you regarding delivery coordination (e.g., “We’re 15 minutes away”).
    • Order Details: Basic information like product names and quantities, or any special delivery instructions (e.g., “leave with security guard”).
  • Why we share: This information is absolutely essential for ensuring your orders reach you safely, accurately, and within the promised timeframe. Our delivery partners require this data to locate you, coordinate delivery times, and effectively handle any delivery-related issues that might arise.
  • How we protect you:
    • Confidentiality Agreements: All our delivery partners are required to sign strict confidentiality and data processing agreements with Huggletee.
    • Purpose Limitation: They are contractually obligated to use your information only for the purposes of delivering your order and nothing else.
    • Data Minimization: We only share the minimum amount of data necessary for them to perform their service.
    • Data Deletion: They are required to delete your information after successful delivery within their established retention policies (which are reviewed by us).
    • Regular Audits: We regularly audit their data protection practices and ensure their compliance with relevant data privacy standards.

4.2 Payment Processing Partners

These are the secure entities that handle your financial transactions.

  • Who they are:
    • Certified Payment Gateways: (e.g., Stripe, PayPal, IPay Global, direct integrations with local banks for card processing).
    • Credit Card Processing Networks: The underlying infrastructure that processes card transactions.
    • Fraud Detection Services: Specialized services that analyze transactions for potential fraudulent activity.
  • What we share:
    • Transaction Amounts and Currency: The total cost of your order.
    • Billing Address: Used for address verification service (AVS) to prevent fraud.
    • Order Reference Numbers: To link the payment to your specific order on our system.
    • Risk Assessment Data: Non-sensitive data points used by fraud prevention services to evaluate transaction risk.
  • Security Standards: All our payment partners are rigorously vetted and must strictly comply with:
    • PCI DSS (Payment Card Industry Data Security Standard): The global standard for handling cardholder data securely.
    • Local Banking Regulations: Adherence to all relevant financial regulations in Sri Lanka.
    • International Data Protection Standards: Including encryption and tokenization best practices.
    • Regular Security Audits and Certifications: Undergoing periodic assessments to ensure ongoing compliance and security posture.

4.3 Analytics and Marketing Services

These services help us understand and improve our platform and communicate effectively.

  • Google Analytics:
    • Purpose: We use Google Analytics to gain insights into website traffic patterns, user behaviour, and website performance.
    • Data Handling: Data collected by Google Analytics is primarily anonymized and aggregated, meaning individual users cannot be identified. We do not share personally identifiable information with Google for analytics purposes.
    • Your Control: You can opt-out of Google Analytics tracking by installing the Google Analytics opt-out browser add-on.
  • Marketing Platforms:
    • Email Marketing Services: (e.g., Mailchimp, SendGrid) for delivering newsletters and promotional emails to opted-in subscribers.
    • Social Media Advertising Platforms: (e.g., Facebook Ads, Google Ads) to display targeted advertisements to relevant audiences based on interests (often using aggregated, anonymized data or hashed email lists).
    • Customer Feedback and Survey Tools: Platforms that help us collect and analyze your valuable feedback.
  • Data Minimization: We adhere to the principle of data minimization, sharing only the absolute minimum data necessary for these services to function effectively. All our analytics and marketing partners are subject to strict data processing agreements and must comply with relevant data protection requirements.

4.4 Legal and Regulatory Sharing

In certain circumstances, we may be required by law to share your information.

  • When we might share your information:
    • Law Enforcement Requests: In response to valid and legally binding requests from law enforcement agencies, such as warrants or subpoenas.
    • Legal Compliance: To comply with court orders, legal proceedings, or other governmental requirements.
    • Protecting Rights: To protect the rights, property, or safety of Huggletee, our customers, our Vendors, or other third parties, or to enforce our Terms of Service.
    • Business Transactions: In connection with any merger, acquisition, sale of assets, or other corporate restructuring, with appropriate safeguards to protect your privacy.
  • Your Protection: We meticulously review all legal requests to ensure their legitimacy and proportionality, and we share only the minimum information legally required. Wherever legally permitted and practically feasible, we will notify you of such requests.

5. Data Storage and Security – Comprehensive Protection

The security of your personal data is paramount. We employ a multi-layered approach to protect your information from unauthorized access, alteration, disclosure, or destruction.

5.1 Where Your Data is Stored

  • Server Locations:
    • Our primary servers and databases are hosted in secure, certified data centers that adhere to global industry standards for physical and environmental security.
    • We utilize reputable cloud service providers (e.g., Google Cloud, AWS, Azure) known for their robust security infrastructure and international security certifications (e.g., ISO 27001, SOC 2).
    • While our primary operations are in Sri Lanka, data may be processed and stored in different geographic locations to ensure optimal performance, redundancy, and disaster recovery capabilities. All storage locations are chosen based on their ability to comply with international data protection standards.
  • Data Residency: While Huggletee primarily serves customers within Sri Lanka, due to the nature of cloud computing and the global operations of our service providers, your data may be processed or stored in other countries. We ensure that all international transfers of personal data comply with applicable data protection laws, utilizing appropriate safeguards such as Standard Contractual Clauses (SCCs) or other legally recognized transfer mechanisms.

5.2 Security Measures We Implement

We combine cutting-edge technical safeguards with rigorous organizational processes to ensure your data’s integrity and confidentiality.

  • Technical Safeguards:
    • Encryption: All personal data is encrypted both in transit (during transmission between your device and our servers using SSL/TLS protocols, indicated by “https://”) and at rest (when stored in our databases or backup systems, using industry-standard encryption algorithms like AES-256).
    • Firewalls and Network Security: We deploy multiple layers of enterprise-grade firewalls and intrusion detection/prevention systems to protect our networks and prevent unauthorized access.
    • Access Controls: Strict authentication and authorization systems are in place, limiting data access to only authorized personnel who require it for their specific job functions, based on the principle of “least privilege.”
    • Regular Updates and Patch Management: We continuously monitor for security vulnerabilities and regularly update our systems, software, and applications with the latest security patches.
    • Vulnerability Testing: We conduct regular security assessments, penetration testing, and vulnerability scans by internal and external experts to identify and address potential weaknesses before they can be exploited.
    • Logging and Monitoring: Comprehensive logging and monitoring systems track all access to and changes within our data environments, enabling quick detection and response to anomalies.
  • Organizational Safeguards:
    • Staff Training: All Huggletee employees, particularly those with access to customer data, receive comprehensive and ongoing data protection and security awareness training.
    • Background Checks: Personnel with access to sensitive data undergo thorough background verification processes.
    • Need-to-Know Basis: Access to customer data is strictly limited to employees who require it for their job functions, based on a “need-to-know” principle.
    • Regular Audits: We conduct internal and external audits periodically to ensure ongoing compliance with our security standards and relevant data protection regulations.
    • Incident Response Plan: We have a well-defined incident response plan to effectively manage and mitigate any potential data breaches or security incidents, including timely notification to affected individuals and authorities as required by law.

5.3 Data Backup and Recovery

To prevent data loss and ensure business continuity, we implement robust backup and recovery protocols.

  • Backup Procedures:
    • Automated Backups: Regular, automated backups of all critical data are performed to ensure data availability and minimize loss in the event of unforeseen circumstances.
    • Multiple Backup Locations: Backups are stored in multiple geographically separate, secure locations to protect against regional disasters.
    • Encryption and Security: All backup systems are encrypted and secured with the same rigorous standards as our primary operational systems.
  • Disaster Recovery: We have comprehensive disaster recovery plans in place to ensure rapid business continuity and data restoration in case of major emergencies, minimizing downtime and data impact.

5.4 Data Retention Policies

We only retain your personal data for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  • How long we keep your data:
    • Account Information: Your account details are retained while your account is active on Huggletee. After account closure, certain data may be retained for an additional period (typically up to 7 years) to comply with legal obligations (e.g., anti-fraud, financial record-keeping).
    • Order History: Kept for a minimum of 7 years for accounting, tax, and audit purposes, as legally mandated in Sri Lanka.
    • Communication Records: Records of your interactions with our support team are typically retained for up to 3 years to ensure quality customer service, resolve ongoing issues, and for legal defensibility.
    • Technical Data: Most technical data (e.g., IP addresses, browsing patterns) is typically anonymized or aggregated after a period (e.g., 2 years) to remove personal identifiers, or securely deleted.
    • Marketing Data: If you unsubscribe from marketing communications, your marketing preferences are updated immediately, and your contact information is removed from marketing lists. Records related to your consent may be retained to demonstrate compliance.
  • Secure Deletion: When your data is no longer required or has reached the end of its retention period, we use secure deletion methods to ensure that the information is rendered unrecoverable and permanently removed from our systems and backups.

6. Your Rights and Control – Comprehensive Overview

As a valued customer and user of Huggletee, you possess extensive rights regarding your personal information. We are wholeheartedly committed to empowering you to exercise these rights easily, effectively, and transparently.

6.1 Right to Access Your Information (Right of Access)

You have the right to request a copy of the personal information we hold about you.

  • What you can access:
    • All categories of personal information we have collected about you.
    • The specific purposes for which we use your information.
    • The categories of third parties with whom we share your data.
    • The planned retention period for your information.
    • The source from which we obtained your personal data, if not directly from you.
  • How to request access:
    • Send an email to support@huggletee.com with the subject line “Data Access Request.”
    • Clearly state your full name and the email address associated with your Huggletee account.
  • Response time: We commit to providing your information in a clear, concise, and easy-to-understand format (usually as a downloadable file) within 30 days of receiving your verified request.
  • Charges: We typically do not charge for reasonable access requests. However, if your request is excessive, repetitive, or manifestly unfounded, we reserve the right to charge a reasonable administrative fee or refuse the request.

6.2 Right to Correct and Update Information (Right to Rectification)

You have the right to have any inaccurate or incomplete personal data corrected or updated.

  • What you can correct:
    • Your personal details (e.g., name, billing/delivery address, phone number).
    • Account preferences and settings.
    • Marketing communication preferences.
    • Any other inaccurate or outdated information you have provided.
  • How to make corrections:
    • For many details, you can log into your Huggletee account and update your information directly within your profile settings.
    • For assistance or corrections that cannot be made directly, please contact our customer support team.
    • You can also email specific correction requests to support@huggletee.com, clearly detailing what information needs to be corrected.

6.3 Right to Delete Your Information (Right to Erasure / “Right to Be Forgotten”)

You can request the deletion or removal of your personal data where there is no compelling reason for its continued processing.

  • What can be deleted:
    • Your entire account and most associated personal data from our active systems.
    • Specific categories of information you identify (where legally permissible).
    • Your marketing and communication history with us.
  • Important limitations: Please note that certain information cannot be immediately or completely deleted due to legal requirements or legitimate business needs. These include:
    • Order history: Required for tax, accounting, and audit purposes (typically for 7 years).
    • Transaction records: Essential for fraud prevention, chargeback disputes, and financial compliance.
    • Communications related to legal disputes: May need to be retained for evidentiary purposes.
    • Information necessary for maintaining service functionality (e.g., basic account identifiers to prevent duplicate registrations).
  • How to request deletion:
    • Submit a written request via email to support@huggletee.com with the subject line “Account Deletion Request.”
    • We will take steps to confirm your identity before processing any deletion requests to ensure the security of your account.
    • You will receive confirmation once the deletion process is complete, including any specific information that could not be deleted due to legal obligations.

6.4 Right to Control Marketing Communications (Right to Object / Opt-Out)

You have the right to control the marketing communications you receive from us.

  • Your choices:
    • Opt-out of all marketing emails from Huggletee.
    • Choose specific types of communications you wish to receive (e.g., only order updates, no promotional emails).
    • Select your preferred communication frequency (e.g., weekly vs. monthly newsletters).
    • Update your interests and preferences to receive more relevant content.
  • How to manage preferences:
    • The easiest way is to use the “unsubscribe” link provided at the bottom of every marketing email you receive from us.
    • Log into your Huggletee account and navigate to your “Notification Preferences” or “Marketing Settings” section.
    • Contact support@huggletee.com with specific instructions regarding your preferences.
    • You can also WhatsApp us for quick preference changes or to unsubscribe from WhatsApp communications.

6.5 Right to Data Portability

You have the right to obtain and reuse your personal data for your own purposes across different services.

  • What this means: You can request a copy of your personal data that you have provided to us, in a structured, commonly used, and machine-readable format (e.g., CSV, JSON), that allows you to easily transfer it to another service provider.
  • What’s included:
    • Your core account information and preferences.
    • Your complete order history and transaction data.
    • Your communication history with customer support.
    • Any product reviews or ratings you have submitted.

6.6 Right to Object to Processing

You have the right to object to the processing of your personal data in certain situations, particularly if the processing is based on our legitimate interests or for direct marketing.

  • When you can object:
    • To our processing of your data for direct marketing activities.
    • To our use of your data for automated decision-making or profiling that significantly affects you.
    • To our processing of your data based on our legitimate interests, if you believe your fundamental rights and freedoms override our interests.
  • How to object: Please contact us at support@huggletee.com with specific details about which processing activity you object to and the reasons for your objection. We will review your request and cease processing your data for those purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise, or defence of legal claims.

6.7 How to Exercise Your Rights

We’ve made exercising your privacy rights as straightforward as possible.

  • Contact Methods:
    • Email: support@huggletee.com (This email is monitored daily for privacy inquiries).
    • WhatsApp: Use our WhatsApp support for quick responses to urgent privacy concerns or simple preference updates.
    • Written Request: If you prefer, you can send a formal written request. Our postal address can be provided upon request for official legal notices.
  • Identity Verification: To protect your privacy and the security of your data, we may need to verify your identitybefore processing your request. This verification process may involve:
    • Confirming details from your registered account.
    • Asking for additional identification (e.g., a recent order number, date of account creation).
    • Verifying through your registered email address (e.g., sending a confirmation link).
  • Response Times:
    • Acknowledgment: All privacy inquiries will be acknowledged within 3 business days of receipt.
    • Full Response: We aim to provide a full and comprehensive response to most requests within 30 days.
    • Complex Requests: For particularly complex requests or in situations with a high volume of requests, it may take up to 60 days. In such cases, we will keep you informed of the delay and provide a reason.

7. Cookies and Tracking Technologies – Detailed Explanation

Like most websites, Huggletee.com uses cookies and similar tracking technologies to enhance your browsing experience, analyze site usage, and support our marketing efforts.

7.1 What Are Cookies?

Cookies are small text files that websites store on your device (your computer, smartphone, or tablet) when you visit them. These files contain small amounts of data that help websites remember information about your visit, such as your preferences (language, currency) or items in your shopping cart. This makes your subsequent visits more efficient and personalized.

7.2 Types of Cookies We Use

We categorize the cookies we use to give you clear control over your privacy.

  • Essential Cookies (Strictly Necessary Cookies):
    • Purpose: These cookies are absolutely necessary for the fundamental operation of our website. They enable core functionalities like secure login, shopping cart management, and payment processing.
    • Examples: Cookies that keep you logged in, remember items in your shopping cart as you navigate pages, or facilitate security tokens.
    • Why necessary: Without these cookies, you would not be able to effectively browse the site, add items to your cart, or complete purchases.
    • Can you disable them? These cookies cannot be disabled through our cookie preference center because the website would not function correctly without them. You can manage them via your browser settings, but this may severely impact site usability.
  • Performance and Analytics Cookies:
    • Purpose: These cookies collect anonymous, aggregated data about how visitors use our website. They help us understand which pages are most popular, how users navigate the site, and if they encounter any errors.
    • Examples: Tracking page views, time spent on the site, popular product categories, click paths, and identifying technical errors.
    • Information collected: Anonymous statistical data about website usage patterns, not personally identifiable information.
    • Benefits to you: The insights from these cookies help us continuously improve website speed, fix technical issues, optimize site structure, and enhance the overall user experience for everyone.
  • Functionality Cookies:
    • Purpose: These cookies remember your preferences and choices to provide a more personalized and convenient browsing experience.
    • Examples: Remembering your preferred language, currency settings, region, recently viewed products, or saving your login details for future visits (if you choose this option).
    • Benefits to you: They allow us to customize your experience and make your return visits smoother and more enjoyable.
    • Duration: These cookies usually expire when you close your browser or after a set period, depending on their specific function.
  • Marketing and Advertising Cookies:
    • Purpose: These cookies are used to deliver advertisements that are more relevant to you and your interests, both on and off Huggletee. They also help us measure the effectiveness of our advertising campaigns.
    • Examples: Used for retargeting (showing you ads for products you viewed on Huggletee when you visit other websites), social media integration (allowing you to share content or see relevant ads on social platforms), and tracking the success of promotional campaigns.
    • Your control: You have the ability to opt-out of these cookies through our cookie preference center or your browser settings without affecting the essential functionality of our website.

7.3 Third-Party Cookies

Many of the cookies described above may be “third-party cookies,” meaning they are set by domains other than Huggletee.com.

  • Google Analytics:
    • As mentioned in Section 4.3, we use Google Analytics to track website performance and user behaviour anonymously. This involves cookies set by Google.
    • These cookies help us understand user demographics, interests, and how they interact with our site, enabling us to improve our website design and functionality.
    • You can opt-out of Google Analytics tracking by installing Google’s browser add-on available at their official site.
  • Social Media Cookies:
    • If you interact with social media features on our site (e.g., “Like” buttons, sharing content), the respective social media platforms (e.g., Facebook, Instagram) may set cookies.
    • These cookies enable social media sharing and integration and may track your interaction with social content on our site. They are controlled by the respective social media platforms’ own privacy policies.
  • Advertising Partners:
    • We may partner with third-party advertising networks to help us display relevant advertisements across the internet. These partners may set cookies on your device to gather information about your browsing activities across various websites.
    • These cookies help us measure the effectiveness of our advertising campaigns and deliver ads that are more likely to be of interest to you. Their use is subject to their own privacy policies and opt-out mechanisms.

7.4 Managing Your Cookie Preferences

You have significant control over how cookies are used on your device.

  • Browser Settings:
    • All major web browsers (Chrome, Firefox, Safari, Edge, etc.) provide settings that allow you to manage your cookie preferences.
    • You can configure your browser to delete existing cookies, prevent new cookies from being stored, or prompt you before accepting a cookie.
    • Browsers also often provide options to block third-party cookies specifically while allowing essential first-party cookies.
    • Consult your browser’s “Help” section or settings for instructions on how to manage cookies.
  • Our Cookie Preference Center:
    • Huggletee provides a dedicated Cookie Preference Center (usually accessible via a banner on your first visit or a link in the footer of our website).
    • This center allows you to easily choose which types of non-essential cookies (e.g., analytics, marketing) you want to allow or block.
    • You can update your preferences at any time through this tool.
  • Impact of Disabling Cookies:
    • Essential cookies: Disabling these will likely cause the website to malfunction, preventing you from logging in, adding items to your cart, or completing purchases.
    • Performance cookies: If disabled, our ability to analyze and improve your website experience based on aggregated usage data will be limited.
    • Functionality cookies: If disabled, you may need to reset your preferences (like language or currency) each time you visit, leading to a less personalized experience.
    • Marketing cookies: Disabling these will not prevent you from seeing advertisements, but the ads you see may be less relevant to your interests.

8. Policy Updates and Changes – Staying Informed

The digital landscape and privacy regulations are constantly evolving. As such, we may need to update this Privacy Policy from time to time to reflect changes in our practices, services, or legal obligations.

8.1 Why We Update This Policy

  • Changes in Laws and Regulations: To comply with new data protection laws, consumer protection regulations, or other legal requirements in Sri Lanka or internationally.
  • Introduction of New Features or Services: When we launch new functionalities, products, or services that involve different data collection or processing methods.
  • Feedback and Clarity: Based on feedback from our customers or internal reviews to improve the clarity, completeness, or accuracy of the policy.
  • Changes in Business Practices or Technology: To reflect updates in our operational processes, security measures, or the technologies we use.
  • Recommendations: Following recommendations from privacy audits, legal counsel, or industry best practices.

8.2 How We Handle Updates

We are committed to keeping you informed about any changes.

  • Minor Changes: For minor changes that do not significantly alter our data handling practices or your privacy rights, we will update the “Last Updated” date at the top of this policy and post the revised policy on our website.
  • Significant Changes: For more significant changes that may affect your privacy rights or how we use your data, we will provide a more prominent notification. This may include:
    • Sending an email notification to the email address associated with your Huggletee account (if applicable).
    • Posting a prominent notice on the Huggletee.com website for a reasonable period.
  • Major Changes Requiring Consent: In rare instances where changes are fundamental and require your explicit consent under applicable law, we will obtain your re-consent before such changes take effect.

8.3 Staying Informed

  • Where to find updates: The latest version of this Privacy Policy will always be available on our website at huggletee.com.
  • Email Notifications: For significant changes, we will leverage email notifications to ensure you are directly informed.
  • Social Media Announcements: Major policy updates may also be announced via our official social media channels.
  • Version Control: Each version of our Privacy Policy is dated, and we maintain an archive of previous versions. You can request access to previous versions for comparison by contacting our support team. We aim to provide clear indications of what has changed between versions.
  • Acceptance: Your continued use of Huggletee.com after the effective date of any revised Terms constitutes your acceptance of those changes. We encourage you to review this Privacy Policy periodically to stay informed of our data protection practices.

9. International Data Transfers and Protection

As a global marketplace, Huggletee may need to transfer your personal data across international borders for processing and storage.

9.1 Why Data May Be Transferred

  • Cloud Storage and Backup Services: We utilize leading cloud service providers whose data centers and backup systems may be located in various countries outside Sri Lanka to ensure resilience, performance, and scalability.
  • Payment Processing: International financial networks and payment gateway providers may process your payment details through servers located in different jurisdictions.
  • Customer Support: While our primary support is in Sri Lanka, certain specialized support functions or technical assistance may be provided by teams or partners located internationally.
  • Website Hosting and Content Delivery Networks (CDNs): To ensure optimal website loading speeds and performance for users globally, content may be cached or hosted on servers distributed across different geographic regions.

9.2 Protection Measures for International Transfers

When your data is transferred internationally, we implement rigorous safeguards to ensure it remains protected in accordance with Sri Lankan law and international best practices.

  • Legal Safeguards: We rely on legally recognized mechanisms for international data transfers, such as:
    • Adequacy Decisions: Where applicable, transferring data to countries recognized by relevant data protection authorities as providing an adequate level of data protection.
    • Standard Contractual Clauses (SCCs): Implementing SCCs (also known as Model Clauses), which are pre-approved contractual terms designed to safeguard personal data when it is transferred outside of a jurisdiction with strong data protection laws.
    • Binding Corporate Rules (BCRs): For multi-national corporations, BCRs may be in place, providing internal rules for data transfers that are approved by data protection authorities.
    • Certification Schemes: Utilizing specific data privacy certification schemes or codes of conduct.
  • Technical Safeguards:
    • Encryption: All data is encrypted both in transit (using TLS/SSL) and at rest, even when transferred across international boundaries.
    • Secure Transmission Protocols: Employing secure and industry-standard protocols for all data transfers.
    • Access Controls and Monitoring: Maintaining strict access controls and continuous monitoring of our systems, regardless of their physical location.
  • Contractual Obligations: We ensure that all third-party service providers involved in international data transfers are contractually bound to:
    • Process your data only for the purposes specified by Huggletee.
    • Implement appropriate technical and organizational security measures.
    • Comply with all applicable data protection laws.

9.3 Your Rights for International Transfers

  • Right to Know: We are committed to informing you when your data is transferred internationally and the safeguards in place to protect it, as outlined in this policy.
  • Right to Object: You have the right to object to international data transfers that are not strictly necessary for the provision of our services, subject to legal limitations.
  • Right to Safeguards: You have the right to expect that adequate protection measures are in place for your data, regardless of the country to which it is transferred.

10. Children’s Privacy Protection

Huggletee.com is an e-commerce platform intended for a general audience. We are committed to protecting the privacy of children.

10.1 Age Restrictions

  • Our Policy: Our services are explicitly intended for and directed towards users who are 18 years of age or older, or who have reached the age of majority in their jurisdiction.
  • No Knowing Collection: We do not knowingly or intentionally collect personal information from children under the age of 18 without appropriate parental consent.
  • Parental Consent: If a user is under 18 years of age (or the applicable age of majority), their use of the site must be with the express consent and supervision of a parent or legal guardian, and such guardian agrees to be bound by these Terms and this Privacy Policy on the child’s behalf.

10.2 If We Discover Child Data

If we become aware that we have inadvertently collected personal information from a child under 18 without verifiable parental consent, we will take immediate and decisive action.

  • Immediate Investigation: We will promptly investigate to verify the user’s age.
  • Deletion of Data: If confirmed that the user is under 18 and consent is not verifiable, we will immediately and securely delete all personal information associated with that account from our records.
  • Notification: Where feasible and legally permissible, we will notify the parent or legal guardian of such collection and deletion.
  • Additional Safeguards: We will implement additional safeguards to prevent similar occurrences in the future.

10.3 Parental Rights

Parents or legal guardians have specific rights concerning their children’s data.

  • Request Information: Parents can request information about any data we may inadvertently hold about their child.
  • Request Deletion: Parents can request the immediate deletion of their child’s information from our systems.
  • Object to Processing: Parents can object to any processing of their child’s data.
  • Contact Us: If you are a parent or guardian and believe your child under 18 has provided personal information to us without your consent, please contact us immediately using the details in Section 11.

11. Contact Information and Support

Your questions and concerns regarding privacy are important to us. We have established clear channels for you to reach our dedicated privacy team.

11.1 Privacy Officer Contact

  • Primary Contact:
    • Email: support@huggletee.com
    • Subject Line: To ensure your inquiry is routed correctly and processed efficiently, please use “Privacy Inquiry” in the subject line of your email.
  • Response Time: We aim to respond to all privacy-related questions and concerns within 24-48 business hours.

11.2 Multiple Contact Channels

  • WhatsApp Support:
    • Our WhatsApp support is available for quick responses to urgent privacy concerns or for straightforward requests like updating your marketing preferences.
    • Available during business hours (typically 9 AM – 6 PM Sri Lanka Time).
  • Email Support:
    • Ideal for detailed responses to complex privacy issues.
    • The preferred channel for formal requests for data access, correction, or deletion, as it provides a written record.
    • Used for documentation required for legal compliance purposes.
  • Written Communication:
    • Our postal address can be provided upon request for official legal notices or formal complaints that require written correspondence.

11.3 Response Commitments

  • Our Promise:
    • Acknowledgment: All privacy inquiries will be acknowledged within 3 business days of receipt.
    • Investigation: We commit to a thorough and impartial review of all privacy concerns raised.
    • Resolution: We will provide a clear explanation of the actions taken to address your concern or the reasons for any limitations (e.g., legal obligations preventing deletion).
    • Follow-up: We will confirm that your concerns have been addressed to your satisfaction, or outline next steps if further action is required.

11.4 Escalation Process

If you are not satisfied with our initial response or the resolution provided, you have the option to escalate your concern.

  • Escalation to Privacy Manager: You can request that your inquiry be escalated to our dedicated Privacy Manager for further review.
  • Formal Complaint Process: We have a formal complaint process in place with a documented resolution timeline to handle serious privacy grievances.
  • Data Protection Authority: We will also provide you with information about relevant data protection authorities in Sri Lanka that you can contact if you wish to file a complaint after exhausting our internal resolution process.
  • Independent Dispute Resolution: Where available and appropriate, we may also suggest independent dispute resolution options.

12. Legal Compliance and Jurisdiction

Our commitment to privacy extends to strict adherence to applicable laws and regulations.

12.1 Applicable Laws

  • Primary Jurisdiction: This Privacy Policy and all matters related to your personal data are primarily governed by and construed in accordance with the data protection and privacy laws of Sri Lanka, including relevant consumer protection laws and electronic transaction acts.
  • International Compliance: While Sri Lanka is our primary jurisdiction, we endeavour to align our practices with international privacy frameworks and best practices, such as the principles found in the General Data Protection Regulation (GDPR) for any processing related to users residing in the European Economic Area. We also adhere to cross-border data transfer regulations as detailed in Section 9.

12.2 Dispute Resolution

In the unlikely event of a dispute related to our privacy practices, we prioritize amicable and efficient resolution.

  • Preferred Resolution: We encourage you to first engage in direct communication with our privacy team (Section 11.1). We will make good faith efforts to resolve your concerns amicably and directly.
  • Mediation Services: For complex disputes that cannot be resolved directly, we may explore mediation services as a means of reaching a mutually agreeable solution.
  • Legal Jurisdiction: In the event that a dispute cannot be resolved through informal means or mediation, any legal action or proceeding arising out of or relating to this Privacy Policy or our data practices shall be exclusively brought in the competent courts located in Sri Lanka. You hereby consent to the personal jurisdiction of such courts.
  • Alternative Dispute Resolution: We are open to exploring alternative dispute resolution mechanisms where mutually agreed upon and legally permissible.

Final Commitment

At Huggletee, your privacy is not just a policy; it is a foundational promise deeply embedded in our operations and company culture. We are unequivocally committed to maintaining the highest standards of data protection, upholding transparency in our practices, and delivering exceptional customer service. This comprehensive Privacy Policy reflects our unwavering dedication to your privacy rights and our profound responsibility as custodians of your personal information.

We encourage you to maintain an active role in managing your privacy. If you have any questions, concerns, suggestions, or require any clarification about this policy or our privacy practices, please do not hesitate to reach out to us using the contact information provided. We sincerely value your feedback and are perpetually striving to enhance our privacy protection measures to serve you better.

Thank you for trusting Huggletee with your personal information. We are honored to serve you and are committed to protecting your privacy every step of the way.

Policy Version: 2.0 (Comprehensive) Last Updated: June 2025 Next Review Date: December 2025 Document Status:Active and Effective

Contact for Questions: 
📧 Email: support@huggletee.com
📱 WhatsApp: Available during business hours (check website for current times)
🌐 Website: https://huggletee.com

Shopping Cart (0)

No products in the cart. No products in the cart.

Main Menu
Hello, Sign in
Track My Order
Wishlist