index

Privacy policy

Last updated: October 12, 2025

This Privacy Policy explains how DPlans ("we," "our," or "us") collects, uses, protects, and processes your personal information when you visit our website, make a purchase, or otherwise interact with our services.

By using our website at dplans.com, you acknowledge that you have read and understood this Privacy Policy and agree to the practices described herein.

IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY, PLEASE DO NOT USE OUR WEBSITE.

1. Data Controller

The data controller responsible for your personal information is:

Business Name: DPlans
Email: info@dplans.com

For all data protection inquiries, requests to exercise your rights, or complaints, please contact us at info@dplans.com.

2. Legal Basis for Processing

We process your personal data based on the following legal grounds under the General Data Protection Regulation (GDPR):

  • Contract performance: Processing necessary to fulfill your order and provide our services
  • Legal obligation: Compliance with tax, accounting, and other legal requirements
  • Legitimate interests: Fraud prevention, security, business analytics (where not overridden by your rights)
  • Consent: For marketing communications and non-essential cookies (you can withdraw consent at any time)

3. Information We Collect

3.1 Information You Provide Directly

When you make a purchase or interact with our website, we collect:

  • Contact information: First name, last name, email address
  • Billing information: Billing address, country
  • Order information: Products purchased, order date and time, order ID, transaction details
  • Communications: Any information you provide when contacting us via email or contact forms

  • Social Login Information

    If you choose to log in or register using Facebook Login or email authentication through our Hiko plugin:

    • Facebook Login: We receive your name, email address, and profile picture from Facebook (based on your Facebook privacy settings)
    • Email Login: We collect your email address for authentication purposes

    We use this information only to create and manage your account. You can manage what data Facebook shares with us in your Facebook app settings.

3.2 Information Collected Automatically

When you visit our website, we automatically collect:

  • Technical data: IP address, browser type and version, device type, operating system, screen resolution
  • Usage data: Pages visited, time spent on pages, clickstream data, referring website, search terms used to find our site
  • Cookie data: Information collected through cookies and similar technologies (see Section 5)

3.3 Payment Information

We do not store or process your full payment card details. All payment transactions are processed securely by our third-party payment service providers:

  • Shopify Payments
  • PayPal
  • Stripe (if applicable)

These providers handle payment data according to PCI-DSS security standards.

4. How We Use Your Information

We use your personal information only for the following purposes:

4.1 Order Processing and Fulfillment

  • Processing and completing your orders
  • Sending you download links via email
  • Providing order confirmations and receipts
  • Handling refund requests (when applicable)
  • Providing customer support

4.2 Legal and Accounting

  • Issuing invoices and maintaining accounting records
  • Complying with tax obligations
  • Meeting legal and regulatory requirements

4.3 Marketing (With Your Consent)

  • Sending newsletters and promotional emails (only if you have subscribed)
  • Informing you about new products or special offers
  • You can unsubscribe at any time using the link in our emails

4.4 Website Improvement and Security

  • Analyzing website traffic and user behavior through Google Analytics
  • Improving website functionality and user experience
  • Detecting and preventing fraud, spam, and security threats
  • Troubleshooting technical issues

4.5 Legal Defense

  • Establishing, exercising, or defending legal claims
  • Complying with court orders or legal processes

5. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience and analyze site performance.

5.1 What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences and actions.

5.2 Types of Cookies We Use

Essential Cookies (Required)

  • Session management
  • Shopping cart functionality
  • Security features
  • Basic website operations

These cookies are necessary for the website to function and cannot be disabled.

Analytics Cookies (Optional - Requires Consent)

  • Google Analytics: Tracks visitor behavior, traffic sources, and site performance
  • Helps us understand how visitors use our website
  • Data is anonymized where possible

Marketing Cookies (Optional - Requires Consent)

  • May be used in the future for retargeting and advertising
  • Currently not implemented

5.3 Managing Cookies

You can control cookies through:

  • Cookie consent banner: Appears on your first visit to our website
  • Browser settings: Most browsers allow you to refuse or delete cookies
  • Google Analytics Opt-out: Install the Google Analytics Opt-out Browser Add-on

Note: Disabling essential cookies may affect website functionality.

5.4 Google Analytics

We use Google Analytics to understand how visitors interact with our website. Google Analytics collects:

  • Pages visited and time spent
  • Geographic location (country/city level)
  • Device and browser information
  • Traffic sources

Google Analytics data is subject to Google's Privacy Policy. Data may be transferred to the United States.

To opt out of Google Analytics: https://tools.google.com/dlpage/gaoptout

6. Sharing Your Information

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

We may share your information only in the following limited circumstances:

6.1 Service Providers

We share data with trusted third-party service providers who help us operate our business:

E-commerce Platform

  • Website hosting, payment processing, and order management services (data may be processed in Canada/USA/EU)

Payment Processors

  • Payment processing services (USA/EU) - including credit/debit card processors and PayPal
  • These providers are PCI-DSS compliant and handle payment data securely

Email Service Provider

  • Email delivery services for sending order confirmations, download links, and newsletters (if subscribed)

  • Authentication Services

    • Hiko - Social login and email authentication (data processed according to Hiko's privacy policy)
    • Facebook Login API - If you use Facebook to log in, Facebook processes your authentication data

Analytics

  • Google LLC (USA) - Google Analytics for website traffic analysis

Cloud Storage & Delivery

  • Cloud hosting and file delivery services for storing and delivering your digital products

These service providers are contractually obligated to protect your data and use it only for the services they provide to us.

6.2 Legal Requirements

We may disclose your information if required to:

  • Comply with applicable laws, regulations, or legal processes
  • Respond to government requests or court orders
  • Enforce our Terms of Service
  • Protect our rights, property, or safety, or that of others
  • Prevent fraud or security threats

6.3 Business Transfers

In the event of a merger, acquisition, sale of assets, or bankruptcy, your personal information may be transferred to the acquiring entity. You will be notified of any such change via email or prominent notice on our website.

7. International Data Transfers

7.1 Transfers Outside the EEA

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA), including:

  • United States: Google Analytics, Shopify, payment processors
  • Canada: Shopify hosting infrastructure

These countries may not have the same data protection laws as the EU.

7.2 Safeguards

When we transfer data outside the EEA, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs): Approved by the European Commission
  • Adequacy Decisions: For countries deemed to have adequate data protection
  • Participant in Privacy Shield (where applicable)

7.3 Your Rights Regarding Transfers

You have the right to request information about:

  • Which countries your data is transferred to
  • What safeguards are in place
  • Copies of the safeguards (e.g., Standard Contractual Clauses)

8. Data Retention

We retain your personal information only as long as necessary for the purposes outlined in this Privacy Policy.

8.1 Retention Periods

Order and Account Data

  • Retained for 7-10 years to comply with tax and accounting regulations
  • Includes invoices, order history, and customer details

Marketing Data

  • Retained until you unsubscribe from our mailing list
  • Deleted within 30 days of unsubscribe request

Analytics Data

  • Google Analytics data is retained for 26 months by default
  • Can be anonymized or deleted upon request

Technical Logs

  • Server logs and security data retained for 90 days

8.2 Deletion

After the retention period expires, your data will be:

  • Permanently deleted from our systems
  • Anonymized so it can no longer identify you
  • Retained only if legally required (e.g., for ongoing legal proceedings)

9. Your Rights Under GDPR

If you are located in the European Union or European Economic Area, you have the following rights:

9.1 Right of Access

You can request confirmation of what personal data we hold about you and obtain a copy of that data.

9.2 Right to Rectification

You can request correction of inaccurate or incomplete personal data.

9.3 Right to Erasure ("Right to Be Forgotten")

You can request deletion of your personal data in certain circumstances:

  • Data is no longer necessary for the purposes it was collected
  • You withdraw consent (where processing is based on consent)
  • You object to processing and there are no overriding legitimate grounds
  • Data has been unlawfully processed

Note: We may be unable to delete data if legally required to retain it (e.g., tax records).

9.4 Right to Restriction of Processing

You can request that we limit how we use your data in certain situations:

  • You contest the accuracy of the data
  • Processing is unlawful but you don't want data deleted
  • We no longer need the data but you need it for legal claims
  • You have objected to processing pending verification

9.5 Right to Data Portability

You can request a copy of your data in a structured, commonly used, machine-readable format (e.g., CSV, JSON) and have it transmitted to another controller.

9.6 Right to Object

You can object to:

  • Processing based on legitimate interests
  • Direct marketing (including profiling for marketing)
  • Processing for scientific, historical, or statistical purposes

9.7 Right to Withdraw Consent

Where processing is based on consent (e.g., marketing emails, analytics cookies), you can withdraw consent at any time. This does not affect the lawfulness of processing before withdrawal.

9.8 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

  • Email: info@dplans.com
  • Subject line: "GDPR Data Request"

Please include:

  • Your full name and email address used for your order
  • The specific right you wish to exercise
  • Any relevant order numbers or account details

We will respond to your request within 30 days. If we need more time, we will inform you and explain why.

We may need to verify your identity before fulfilling certain requests (e.g., by asking for order details or sending a verification email).

10. Security Measures

We take the security of your personal data seriously and implement appropriate technical and organizational measures to protect it.

10.1 Security Practices

  • Encryption: HTTPS/SSL encryption for data transmission
  • Access controls: Limited access to personal data on a need-to-know basis
  • Regular backups: Data is backed up regularly to prevent loss
  • Security monitoring: Ongoing monitoring for unauthorized access or breaches

10.2 Limitations

While we take reasonable measures to protect your data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

10.3 Data Breach Notification

In the event of a data breach that poses a high risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours
  • Notify affected individuals without undue delay
  • Provide information about the nature of the breach and steps being taken

11. Third-Party Links

Our website may contain links to third-party websites (e.g., social media, external resources).

We are not responsible for the privacy practices or content of these third-party sites. We encourage you to review their privacy policies before providing any personal information.

12. Children's Privacy

Our services are not directed to individuals under 18 years of age.

We do not knowingly collect personal information from minors. If you believe we have inadvertently collected data from a minor, please contact us immediately at info@dplans.com, and we will delete it promptly.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

  • Changes in our data practices
  • New legal or regulatory requirements
  • Improvements to our services

13.1 Notification of Changes

When we make material changes, we will:

  • Update the "Last updated" date at the top of this page
  • Notify you via email (if you have an account or are subscribed to our newsletter)
  • Display a prominent notice on our website

13.2 Your Continued Use

Your continued use of our services after changes are made constitutes acceptance of the updated Privacy Policy. If you do not agree with the changes, please stop using our services.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: info@dplans.com
Or alternatively via the Contact Form

We aim to respond to all inquiries within 5 business days.

BY USING OUR WEBSITE, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY.