Lorem ipsum dolor sit amet, consectetur adipiscing elit. Maecenas imperdiet nisi eget gravida vestibulum. Ut rutrum facilisis leo, ac vulputate elit consectetur ut. Morbi rhoncus mauris ligula, et pulvinar nulla rhoncus sit amet. Pellentesque a quam id odio malesuada auctor.
Ultima Mind Privacy Policy
Last updated: 29 June 2025
1. Introduction
Ultima Mind (“Company,” “we,” “us” or “our”) respects your privacy and is committed to protecting the personal data you share with us or that we collect when you visit www.ultimamind.com (the “Site”) and when you purchase or use our products and services (collectively, the “Services”). This Privacy Policy explains how we collect, use, disclose and safeguard your information, as well as the choices you have regarding your personal data.
If you have any questions or concerns after reading this Policy, please contact us at privacy@ultimamind.com.
2. Scope
This Policy applies to all personal data processed by Ultima Mind as:
-
Data Controller – when we decide why and how personal data is processed (e.g., marketing emails, order fulfillment).
-
Data Processor – when we act on behalf of another organization that controls your data (e.g., acting as a fulfillment partner).
It covers visitors, customers, suppliers and any other natural person whose data we process.
3. What Data We Collect
| Category | Examples | Source |
|---|---|---|
| Identification Data | name, postal address, email address, telephone number | Directly from you (checkout, forms) |
| Account Credentials | username, encrypted password | Directly from you |
| Transaction Data | products purchased, order ID, delivery status | From our e-commerce platform & payment processors |
| Payment Data | last 4 digits of card, payment token, billing address | Payment providers (never store full card numbers) |
| Device & Usage Data | IP address, browser type, referring URL, pages viewed, time on page, clickstream | Automated via cookies, pixels, similar tech |
| Marketing Preferences | newsletter opt-in, SMS consent, cookie choices | Directly from you |
| Health & Wellness Feedback (optional) | product experience, wellness goals | Directly from you (surveys, reviews) |
We do not knowingly collect sensitive personal data (e.g., medical records, biometric identifiers) unless you voluntarily provide it and we have your explicit consent.
4. How & Why We Use Your Data
| Purpose | Legal Basis* |
|---|---|
| Process and deliver your orders; manage payments, returns and refunds | Contract performance |
| Provide customer support; respond to inquiries | Contract performance / Legitimate interest |
| Send transactional messages (order confirmations, shipping updates) | Contract performance |
| Personalize and improve our Site and Services (analytics, troubleshooting) | Legitimate interest |
| Send marketing emails, SMS and in-app messages | Consent (where required) / Legitimate interest |
| Show targeted ads on our Site or third-party platforms | Consent (via cookies) |
| Detect, prevent and investigate fraud or abuse | Legitimate interest / Legal obligation |
| Comply with bookkeeping, tax, product-safety and consumer-protection laws | Legal obligation |
*Under the EU General Data Protection Regulation (“GDPR”). When we rely on legitimate interest, we balance that interest against your rights and expectations.
5. Sharing & Disclosure
We never sell your personal data. We may disclose it only:
-
Service Providers – payment processors, fulfillment centers, email/SMS platforms, analytics providers, ad networks and IT hosting partners. Each is bound by contract to protect your data and may use it only for the services we request.
-
Affiliated Companies – subsidiaries or holding companies that process data under this Policy.
-
Legal & Compliance – government authorities, courts or external advisors when required by law or to protect our rights, privacy, safety or property.
-
Business Transfers – in connection with a merger, acquisition or sale of assets; your data will remain subject to this Policy (or a successor policy of equal or greater protection).
6. International Data Transfers
We are headquartered in the United States and may process your data in the U.S. and other jurisdictions. Where GDPR or UK GDPR applies, we rely on:
-
Adequacy decisions (e.g., EU-U.S. Data Privacy Framework if certified); or
-
Standard Contractual Clauses approved by the European Commission or UK authorities; plus
-
Supplementary technical and organizational measures where necessary.
7. Data Retention
We retain personal data only as long as necessary for the purpose collected, including:
-
Orders & Billing – 7 years (tax & accounting rules)
-
Customer Support Tickets – 3 years after closure
-
Marketing Lists – until you withdraw consent or opt out
-
Analytics Logs – 26 months (then aggregated or deleted)
When retention ends, data is securely deleted or anonymized.
8. Your Rights
Depending on your location, you may have rights to:
-
Access – receive a copy of your personal data we hold.
-
Rectification – correct inaccurate or incomplete data.
-
Erasure – request deletion (“right to be forgotten”).
-
Restriction – limit processing in certain cases.
-
Portability – obtain data in a portable format.
-
Object – object to processing based on legitimate interests or direct marketing.
-
Withdraw Consent – at any time, without affecting prior lawful processing.
To exercise these rights, email privacy@ultimamind.com with your request. We may verify your identity before fulfilling it.
If you believe we have not handled your request properly, you have the right to lodge a complaint with your local data-protection authority (e.g., the EEA Supervisory Authority, UK ICO, or U.S. state AG).
9. Cookies & Similar Technologies
We use:
-
Essential Cookies – core site functionality (checkout, language).
-
Analytics Cookies – measure traffic and usage patterns (e.g., Google Analytics).
-
Advertising Cookies – deliver relevant ads and track campaign performance (e.g., Meta Pixel).
You can manage cookies through our banner and your browser or mobile settings. Some features may not function without certain cookies.
10. Security
We apply industry-standard safeguards, including:
-
HTTPS/TLS encryption in transit
-
AES-256 encryption at rest (where applicable)
-
Role-based access controls and MFA for staff
-
Regular penetration tests and security audits
-
Vendor due-diligence and DPAs (Data Processing Agreements)
No Internet transmission or storage system is 100 % secure, so we cannot guarantee absolute security.
11. Children’s Privacy
Our Site and Services are not directed to children under 16. We do not knowingly collect personal data from children younger than 16 without verifiable parental consent. If you believe we have unintentionally collected such data, please notify us so we can delete it.
12. Changes to This Policy
We may update this Policy from time to time. The “Last updated” date above will change accordingly. Significant changes will be announced on the Site or via email. Continued use of the Services after an update constitutes acceptance of the revised Policy.
13. Contact Us
Ultima Mind Privacy Office
DREAM BUYS LLC 2208 Caswell Ln Metairie LA 70001 United States
Email: privacy@ultimamind.com
If you need a postal address for GDPR inquiries in the EEA or UK, please indicate so in your email, and we will provide our EU/UK representative’s contact details.