Effective Date: April 22, 2026

Bead Shop is operated by Bead, Inc., a Delaware corporation (“we,” “us,” or “our”), with its registered office at 8 The Green #11345, Dover, DE 19901. Bead, Inc. operates the website located at shop.beadpay.io. We are committed to protecting your privacy and handling your personal information with transparency and care. This Privacy Policy explains in detail what information we collect, why we collect it, how we use and protect it, and what rights you have over it. By using our website or placing an order, you agree to the practices described in this policy.

This Privacy Policy applies solely to the Bead Shop storefront at shop.beadpay.io. Our parent company, Bead, Inc., also maintains a platform-level Privacy Policy covering its payment and merchant services, available at legal.bead.xyz/privacy. Where you interact with Bead’s payment infrastructure directly (e.g., during checkout), that policy may also apply.

1. Information We Collect

Information You Provide Directly

When you browse, register, or purchase from our store, you may provide us with:

  • Identity information: First and last name, username or display name
  • Contact information: Email address, phone number, billing and shipping address
  • Payment information: Cryptocurrency wallet addresses, PayPal or Venmo account identifiers, or Klarna account details used to initiate payments (payment data is processed securely by Bead Pay, Inc. and is never stored on our servers)
  • Account credentials: Password (stored in hashed form) and security questions
  • Order information: Products purchased, quantities, special instructions, and transaction history
  • Communications: Messages you send us via email or our contact form, including any attachments

Information Collected Automatically

When you visit our site, we and our service providers may automatically collect:

  • Device and browser data: IP address, browser type and version, operating system, device identifiers
  • Usage data: Pages visited, time spent on pages, links clicked, referring URLs, search terms used on our site
  • Transaction data: Purchase amounts, items viewed or added to cart, abandoned cart information
  • Cookie and tracking data: See our Cookie section below for full details

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Order fulfillment: Processing, confirming, packaging, and shipping your orders; sending order confirmations, invoices, and shipping notifications
  • Customer support: Responding to your questions, resolving disputes, processing returns and refunds
  • Account management: Creating and maintaining your account, verifying your identity, and securing your login
  • Payment processing: Charging for purchases, processing refunds, and detecting and preventing fraud
  • Legal compliance: Meeting our obligations under applicable laws including tax reporting, consumer protection, and anti-money laundering regulations
  • Site improvement: Analyzing usage patterns to improve product offerings, site navigation, and the overall shopping experience
  • Marketing (with consent): Sending you promotional emails or offers about products we think you may enjoy — you can opt out at any time
  • Security: Monitoring for suspicious activity, protecting against unauthorized access, and investigating potential violations of our terms

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal data under the following legal bases:

  • Contract performance: Processing necessary to fulfill your order or manage your account
  • Legal obligation: Processing required to comply with applicable law
  • Legitimate interests: Fraud prevention, site security, and service improvement, where these interests do not override your rights
  • Consent: Marketing communications, where we have obtained your explicit consent

4. California Privacy Rights (CCPA / CPRA)

If you are a resident of California, you have specific rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) regarding your personal information.

Categories of Personal Information We Collect

We collect the following categories of personal information from California residents:

  • Identifiers: Name, email address, IP address, account username
  • Customer records information: Billing and shipping address, phone number, and payment identifiers (cryptocurrency wallet addresses, PayPal/Venmo account references, or Klarna account references — no credentials or private keys are stored)
  • Commercial information: Products purchased, order history, transaction amounts
  • Internet or network activity: Browsing history on our site, search terms, pages visited
  • Geolocation data: General location inferred from IP address or shipping address
  • Inferences: Product preferences or shopping behavior derived from your interactions with our store

Your California Privacy Rights

As a California resident, you have the right to:

  • Know: Request disclosure of the categories and specific pieces of personal information we have collected about you, the sources, the purposes, and the categories of third parties with whom it is shared.
  • Delete: Request deletion of your personal information, subject to certain exceptions (e.g., where we are required to retain it by law or to complete a transaction).
  • Correct: Request correction of inaccurate personal information we hold about you.
  • Opt out of sale or sharing: We do not sell or share your personal information for cross-context behavioral advertising. No opt-out is required, but you may contact us to confirm this practice.
  • Limit use of sensitive personal information: We do not use sensitive personal information beyond what is necessary to provide our services.
  • Non-discrimination: We will not discriminate against you for exercising any of your CCPA rights.

To exercise your California privacy rights, please contact us through our Contact page. We will respond to verifiable consumer requests within 45 days as required by law. We may need to verify your identity before fulfilling your request.

5. Sharing Your Information

We do not sell or rent your personal information to third parties. We may share your information with trusted parties only as necessary to operate our business:

  • Payment processors: To securely handle cryptocurrency, PayPal, Venmo, and Klarna transactions. All payment methods are processed through Bead Pay, Inc. Bead Pay, Inc.’s privacy practices are described at legal.bead.xyz/privacy. For Klarna transactions, Klarna’s own privacy policy also applies.
  • Shipping carriers: To deliver your orders (name, address, and contact details)
  • Email service providers: To send transactional and marketing emails on our behalf
  • Analytics providers: To help us understand website usage (data is anonymized where possible)
  • Legal authorities: When required by law, court order, or to protect the rights, safety, or property of Bead, Inc. or others
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction. We will notify you before your information becomes subject to a different privacy policy.

6. Cookies and Tracking Technologies

Our site uses cookies and similar technologies to enhance your experience. Cookies are small text files stored on your device. We use:

  • Essential cookies: Required for the site to function (e.g., shopping cart, login session). These cannot be disabled.
  • Functional cookies: Remember your preferences such as language or region.
  • Analytics cookies: Help us understand how visitors use our site (e.g., Google Analytics). Data collected is aggregated and anonymized.
  • Marketing cookies: Used to deliver relevant advertisements and track campaign effectiveness. Only set with your consent.

You can manage or disable cookies through your browser settings. Note that disabling certain cookies may affect the functionality of our store.

7. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes described in this policy or as required by law. Specifically:

  • Order records are retained for a minimum of 7 years for tax and legal compliance purposes
  • Account information is kept for the duration your account is active, plus a reasonable period after account closure
  • Marketing preferences and communications history are retained until you opt out or request deletion
  • Server logs and analytics data are generally retained for 12–24 months

8. Data Security

We implement industry-standard technical and organizational measures to protect your personal information, including SSL/TLS encryption for all data in transit, hashed storage of passwords, access controls limiting who can view your data, and regular security reviews of our systems. However, no method of transmission over the internet is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

9. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion of your personal data, subject to legal obligations
  • Right to restrict processing: Ask us to limit how we use your data in certain circumstances
  • Right to data portability: Receive your data in a structured, machine-readable format
  • Right to object: Object to processing based on legitimate interests or for direct marketing purposes
  • Right to withdraw consent: Where processing is based on consent, withdraw it at any time without affecting prior processing

To exercise any of these rights, please contact us via our Contact page. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

10. Children’s Privacy

Our website is not directed at children under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, please contact us immediately and we will take steps to delete such information.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the updated policy on this page with a revised effective date. For material changes, we will notify you by email or by displaying a prominent notice on our website. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out through our Contact page. You may also contact us in writing at:

Bead, Inc.
8 The Green #11345
Dover, DE 19901