Privacy Policy
1. Who We Are
Threadora Digital Marketing is a digital marketing agency and e-commerce/dropship business headquartered in [Lucena, Quezon Province, Philippines]. We provide services including cooperative digital advertising, paid media management, content and social media marketing, e-commerce store operation, and product sourcing/dropship fulfillment to clients and customers located around the world.
Because we operate globally while being legally based in the Philippines, this policy is written to comply with Philippine data protection law as our primary framework, while also honoring the rights granted under other major frameworks β including the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA/CPRA) β for visitors and customers covered by those laws.
2. Information We Collect
We collect information in three ways: information you give us directly, information collected automatically when you use our website, and information we receive from third parties.
2.1 β Information You Provide Directly
| Category | Examples |
|---|---|
| Identity & Contact Data | Name, email address, phone number, mailing/shipping address, business name |
| Account & Subscription Data | Login credentials, subscription tier selection, billing preferences |
| Payment Data | Payment method details (processed by our third-party payment processors β we do not store full card numbers) |
| Communications | Messages sent via contact forms, email, or chat; customer service correspondence |
| Marketing Preferences | Newsletter sign-ups, white paper/lead magnet downloads, advertising tier selections |
2.2 β Information Collected Automatically
- Device & Usage Data: IP address, browser type, operating system, referring URLs, pages viewed, time spent on pages, click patterns
- Cookies & Similar Technologies: See Section 7 below for full detail
- Approximate Location: Derived from IP address (country/region/city level, not precise GPS location unless separately authorized)
2.3 β Information From Third Parties
- Advertising Platforms: Aggregated, non-identifying performance data from Google Ads and Meta Ads relating to campaigns we manage on your behalf
- Email Service Providers: Subscription status and engagement data from our email automation platform (Zoho Campaigns)
- Payment Processors: Confirmation of successful or failed transactions
- Suppliers & Fulfillment Partners: Order and shipping confirmation data for dropship/e-commerce fulfillment
3. How We Use Your Information
We use the information we collect to:
- Provide, operate, and maintain our marketing and e-commerce services
- Process subscriptions to our Cooperative Advertising Program and manage your proportional ad budget allocation
- Process and fulfill product orders, including dropship coordination with our supplier network
- Communicate with you about your account, orders, or inquiries
- Send requested materials, such as white papers or marketing resources, after email verification
- Send marketing communications where you have opted in, and allow you to opt out at any time
- Improve our website, services, and customer experience through aggregated, de-identified analysis
- Detect, investigate, and prevent fraudulent transactions and other illegal activity
- Comply with legal obligations, including tax, accounting, and consumer protection requirements
4. Our Legal Basis for Processing
Depending on your location, we rely on the following legal bases to process your personal data:
- Consent: Where you have given clear consent, such as opting in to receive marketing emails or downloading a white paper after email verification
- Contractual Necessity: Where processing is necessary to provide a service you’ve subscribed to or purchased, such as fulfilling an order or managing your advertising co-op subscription
- Legitimate Interest: Where processing supports our legitimate business interests β such as improving our services or preventing fraud β provided this does not override your rights and interests
- Legal Obligation: Where processing is required to comply with applicable law, such as tax recordkeeping
5. How We Share Information
We do not sell your personal data. We share information only in the following circumstances:
5.1 β Service Providers
We share data with trusted third-party vendors who perform services on our behalf, including:
- Email & Marketing Automation: Zoho Campaigns (for email delivery, list management, and double opt-in verification)
- Payment Processing: Third-party payment processors for subscription billing and e-commerce transactions
- Web Hosting: Our hosting provider for website infrastructure
- Advertising Platforms: Google Ads and Meta Ads, solely for the purpose of managing campaigns within our Cooperative Advertising Program
- Suppliers & Fulfillment Partners: Product suppliers, solely as needed to fulfill and ship orders
These providers are contractually obligated to use your data only to perform services for us and not for their own independent purposes.
5.2 β Legal Requirements
We may disclose information where required by law, such as in response to a valid court order, government request, or to protect the rights, property, or safety of Threadora, our customers, or others.
5.3 β Business Transfers
If Threadora is involved in a merger, acquisition, or sale of assets, personal data may be transferred as part of that transaction, subject to the same protections described in this policy.
Cooperative Advertising Program β Data Segregation
Subscriber-specific conversion data, customer lists, and audience segments are never shared between subscribers of our Cooperative Advertising Program. Where category-level remarketing pools are used, only anonymized signals are aggregated, and only with subscriber consent β never personally identifiable information.
6. International Data Transfers
Because we operate globally and use service providers based in other countries, your personal data may be transferred to, stored in, and processed in countries other than your own β including the Philippines, the United States, India, and other jurisdictions where our service providers maintain infrastructure.
Where we transfer personal data internationally, we take steps to ensure an adequate level of protection, including relying on service providers who maintain recognized data protection certifications or contractual safeguards such as standard contractual clauses, where applicable.
7. Cookies & Tracking Technologies
Our website uses cookies and similar tracking technologies to operate effectively and to understand how visitors use our site.
| Type | Purpose |
|---|---|
| Essential Cookies | Required for core site functionality, such as shopping cart and checkout |
| Analytics Cookies | Help us understand site traffic and usage patterns (e.g., Google Analytics) |
| Advertising Cookies | Used by Meta and Google to measure and optimize ad campaign performance, including for retargeting |
| Preference Cookies | Remember your settings and preferences across visits |
You can control or disable cookies through your browser settings. Disabling certain cookies may affect site functionality, such as the ability to complete a purchase.
8. Data Retention
We retain personal data only as long as necessary to fulfill the purposes outlined in this policy, including:
- For as long as you maintain an active account or subscription with us
- As needed to comply with legal, tax, or accounting requirements (typically a minimum of 5 years for financial records under Philippine law, or longer where required by other applicable law)
- Until you withdraw consent or request deletion, where applicable, and we have no overriding legal obligation to retain the data
Email subscribers who never complete email verification (double opt-in) are not retained on our active marketing list and any pending unverified entries are periodically purged.
9. How We Protect Your Information
We implement reasonable organizational, technical, and physical safeguards designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. These include encrypted data transmission (HTTPS/SSL), access controls limiting employee access to personal data on a need-to-know basis, and reliance on reputable third-party providers who maintain their own security certifications.
No method of transmission or storage is 100% secure. While we strive to protect your personal data, we cannot guarantee its absolute security.
10. Your Rights
Depending on your location, you may have some or all of the following rights regarding your personal data:
- Right to Access: Request a copy of the personal data we hold about you
- Right to Correction: Request correction of inaccurate or incomplete data
- Right to Deletion: Request deletion of your personal data, subject to legal retention obligations
- Right to Object/Opt-Out: Object to certain processing, including marketing communications and certain advertising-related data use
- Right to Data Portability: Request your data in a structured, commonly used, machine-readable format
- Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent, without affecting prior lawful processing
- Right to Lodge a Complaint: File a complaint with your local data protection authority
To exercise any of these rights, contact us using the details in Section 14. We will respond within the timeframe required by applicable law (generally within 30 days, though this may vary by jurisdiction).
11. Region-Specific Disclosures
Data Privacy Act of 2012 (RA 10173)
As our primary governing framework, we comply with the Philippine Data Privacy Act and its Implementing Rules and Regulations, including registration with the National Privacy Commission (NPC) where required, and honoring the rights to information, access, objection, erasure/blocking, data portability, damages, and rectification granted under the Act.
General Data Protection Regulation (GDPR)
If you are located in the EU/EEA, you have the rights described in Section 10 under GDPR. Where we process your data based on consent, you may withdraw it anytime. Where applicable, we identify the legal basis for each processing activity in Section 4.
CCPA / CPRA
California residents have the right to know what personal information is collected, request deletion, opt out of the “sale” or “sharing” of personal information (we do not sell personal data), and not be discriminated against for exercising these rights.
General Global Practice
For customers and visitors in other countries, we apply the standards described throughout this policy as our baseline practice, and will comply with any additional locally applicable data protection requirements as needed.
12. Children’s Privacy
Our services are not directed to individuals under the age of 18, and we do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from a child without appropriate consent, we will take steps to delete it as soon as possible.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. We will post the updated policy on this page with a revised “Last updated” date. For material changes, we will provide additional notice where required by applicable law.
14. Contact Us
If you have questions about this Privacy Policy, or wish to exercise any of your data protection rights, please contact us:
Threadora Digital Marketing
Email: contact@threadoraph.com
Address: Threadora Digital Marketing, Lucena City, Quezon Province, Philippines
