Privacy Policy

Last updated: May 26, 2026

This Privacy Policy explains how Kyoto Botanicals (“we,” “us,” “our”) collects, uses, shares, and safeguards personal information when you visit our website, make a purchase, contact us, or otherwise interact with us (collectively, the “Services”). This Policy is designed to comply with applicable U.S. state privacy laws, including those in California, Colorado, Virginia, Connecticut, Utah, Texas, and other states as they apply. By using the Services, you agree to this Policy.

1) Eligibility (21+)

Our website and products are intended for adults age 21 and over. We do not knowingly collect personal information from anyone under 21. If you believe a minor has provided us data, please contact us (see “Contact Us”) so we can delete it.

2) Information We Collect

  • Identifiers & contact data: name, email, phone number, billing and shipping address.
  • Commercial data: order history, products viewed, cart activity, discount codes used.
  • Payment data: processed securely by our payment providers; we do not store full card numbers.
  • Device/usage data: IP address, browser, device type, pages visited, referring/exit pages, timestamps.
  • Marketing data: email preferences, engagement with emails/ads.
  • User content: messages you send us (support, forms), product reviews (if applicable).
  • Inferred data: preferences or interests derived from other data (where permitted).

3) Sources of Information

We collect information directly from you (checkout, forms), automatically from your device (cookies/analytics), and from service providers and partners (payments, fulfillment, analytics, advertising).

4) How We Use Information

  • Provide Services: process and deliver orders, provide support, maintain accounts.
  • Improve & personalize: analyze site performance, troubleshoot, develop new features.
  • Communicate: transactional messages (order/ship notifications), customer service, and—if you opt in—marketing emails or SMS.
  • Security & fraud prevention: protect our customers, Services, and company.
  • Legal/compliance: meet legal, tax, and regulatory obligations.

5) Cookies, Analytics & Advertising

We use cookies, pixels, and similar technologies to operate and improve the site, remember preferences, measure performance, and—where permitted—deliver or measure advertising. You can manage cookies in your browser settings. Blocking some cookies may affect site functionality.

Analytics: We may use tools such as Google Analytics to understand site usage.
Advertising, Native Networks & Retargeting: We work with native advertising networks and marketing partners (including Taboola, Google, and Meta) to deliver targeted advertisements based on your browsing history, track click attribution identifiers (such as Taboola click IDs), and optimize our ad spend. These platforms use cookies and pixels to collect device data, page interaction events, and cross-site browsing behavior.
Email, SMS & Automation Measurement: Our marketing automation platform (Klaviyo) utilizes tracking pixels, web beacons, and cookies to track email/SMS open rates, link clicks, onsite navigation, and shopping cart abandonment events to deliver personalized messaging and automated behavioral campaigns.

AddShoppers / Minty: We use third-party tools provided by AddShoppers, Inc. (and its Minty onsite services) to understand how visitors interact with our site, such as page views, cart updates, and form activity. These tools may also enable onsite features like referral programs, rewards, or promotional pop-ups. AddShoppers receives this data to provide aggregated analytics and campaign measurement on our behalf. You can learn more about AddShoppers’ practices at addshoppers.com/privacy.

Data collected by AddShoppers may include: page URLs, product IDs, cart contents, session identifiers, and hashed email addresses (if entered). This data is used for analytics, personalization, and campaign measurement—not for resale of personal information. You can opt out of marketing or behavioral tracking through our Do Not Sell or Share My Personal Information link or by adjusting your browser’s cookie settings.

To learn more about interest-based advertising or to opt out of certain ads, visit the industry opt-outs at optout.aboutads.info and youronlinechoices.eu. Platform-specific settings (e.g., Google, Meta) may provide additional controls.

6) How We Share Information

We share personal information with service providers and partners who help us operate the Services, including:

  • Payment processors (secure transactions),
  • Fulfillment/shipping providers,
  • Customer support & communication tools (email/SMS platforms),
  • Analytics & advertising partners,
  • Security/fraud prevention providers.
  • Marketing and analytics partners, including AddShoppers, Inc., which helps us measure onsite behavior, run referral and engagement campaigns, and provide aggregated reporting.

We may disclose information if required by law, to enforce our policies, or to protect rights, property, or safety. In a business transfer (e.g., merger, acquisition), data may be transferred consistent with this Policy.

7) State-Specific Disclosures & Your Opt-Out Rights (Sale, Sharing, and Targeted Advertising)

Under the consumer privacy laws of various U.S. states (including California, Colorado, Virginia, Connecticut, Utah, Texas, Oregon, and others), our use of third-party advertising cookies, data resolution services like AddShoppers/Minty, and tracking pixels for native targeted advertising platforms (such as Taboola) may be categorized as a “sale,” “sharing,” or processing of personal data for “targeted advertising.”

If you are a resident of a state providing these comprehensive privacy protections, you have the absolute right to opt out of the processing of your personal information for targeted advertising, cross-context behavioral marketing, or any automated activity deemed a sale or share under applicable law.

To exercise your right to opt out, please click the link below to access our multi-state consumer opt-out portal, or configure your browser to broadcast an Opt-Out Preference Signal (such as the Global Privacy Control or GPC):

Do Not Sell or Share My Personal Information / Opt-Out of Targeted Advertising

8) Data Retention

We retain personal information for as long as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce our agreements. Retention periods vary by data type and business need.

9) Security

We implement reasonable technical and organizational safeguards designed to protect personal information. However, no method of transmission or storage is 100% secure. Please use the Services responsibly and keep account credentials confidential. We require third-party analytics and marketing vendors to handle any personal data securely and in accordance with applicable data protection laws.

10) International Transfers

We may transfer, store, and process information outside your country of residence (e.g., in the United States). Where required, we use appropriate safeguards to facilitate lawful transfers.

11) Your Privacy Rights

Depending on your location, you may have the right to:

  • Access, correct, or delete certain personal information;
  • Object to or restrict certain processing;
  • Withdraw consent (where processing is based on consent);
  • Receive a portable copy of your data (data portability);
  • Opt out of “sale”/“sharing” for targeted advertising (see above);
  • Not be discriminated against for exercising your rights.

To submit a request, please use our privacy request form or contact us (see “Contact Us”). We may require information to verify your identity. Authorized agents may submit requests where permitted by law and with valid authorization.

Submit a Privacy Request

12) Opt-Out Preference Signals & Do Not Track

Some internet browsers offer a “Do Not Track” signal; because there is currently no universal industry standard for how these are processed, we do not respond to generic browser DNT signals at this time. However, our website is designed to detect and honor legal automated browser-based opt-out preference signals, such as the Global Privacy Control (GPC). If our system detects a GPC signal from your browser, it will automatically opt you out of targeting cookies and pixels on our store in compliance with state regulations.

13) Communications Preferences

You can opt out of marketing emails by clicking “unsubscribe” in any message. Transactional emails (e.g., order confirmations) will still be sent. SMS opt-out instructions are provided in each SMS message, if applicable.

14) Changes to This Policy

We may update this Privacy Policy from time to time. The “Last updated” date reflects the most recent revision. Material changes will be posted on this page. Continued use of the Services after changes constitutes acceptance of the updated Policy.

15) Contact Us

Questions or requests about this Policy? Contact us at:

Kyoto Botanicals
5500 Greenwood Plaza Blvd, Unit 130
Greenwood Village, CO 80111
info@kyotobotanicals.com