Official ProtocolPrivacy Mandate & Data Architecture
Version 4.0.26 — Refined February 2026
I. Philosophical Foundation
At LUXOR Plastic Cards, we view the protection of your data as an extension of our craftsmanship. Just as we ensure the precision-cut edges of our 30pt plastic cards, we ensure the sharp boundaries of your personal privacy. This document serves as an exhaustive articulation of our data processing standards, designed to meet and exceed the requirements set forth by the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other international privacy frameworks.
II. Technical Telemetry & Analytics
To ensure the "Luxor Experience" remains the industry benchmark for effortless procurement, we utilize Google Analytics. This service employs "cookies"—small text files placed on your device—to harvest technical telemetry including IP addresses (anonymized), browser types, operating system specifications, and interaction paths within our collection galleries.
This information is processed under the legal basis of Legitimate Interest. It allows our engineers to optimize site performance and ensure that our "Personal Design Concierge" interface remains fluid across all global regions. We do not sell this data, nor do we use it to build intrusive advertising profiles.
III. The Cookie Manifesto
LUXOR utilizes three categories of cookies to maintain our digital ecosystem:
- Essential Cookies: Critical for the "Few Clicks to Done" experience, allowing your card selections to persist in your cart.
- Functional Cookies: These remember your preferences, such as your preference for Dark Mode or your previous template selections.
- Analytical Cookies: Managed via Google, these provide the aggregate data used to refine our product offerings.
You may govern your cookie preferences via your browser settings; however, disabling essential cookies may degrade the procurement experience.
IV. Absolute Non-Commercialization
LUXOR Plastic Cards does not, has never, and will never sell your personal data to third-party brokers. In a marketplace where many competitors treat customer lists as a secondary revenue stream, LUXOR treats your information as a sacred trust. We share data only with audited service providers (logistics like FedEx, and secure payment processors like Stripe) purely for the purpose of executing your contract.
V. Global Sovereignty & International Transfers
For our clientele in the European Economic Area (EEA), the United Kingdom, and Switzerland: please be advised that data may be transferred to and processed on servers located in the United States.
To ensure your data remains protected, we utilize Standard Contractual Clauses (SCCs) approved by the European Commission. These legal instruments obligate us and our partners to maintain a level of data protection equivalent to that of the GDPR, regardless of where the physical server resides.
VI. The Right to Permanent Erasure
In alignment with modern privacy legislation, LUXOR grants you "The Right to be Forgotten." This is not a passive promise; it is an active right you may exercise at any time.
You may request the removal of:
✓ Historical Design Files
✓ Contact Metadata
✓ Marketing Preferences
✓ Uploaded Artwork Assets
To trigger an erasure, contact privacy@luxorcards.com. We will confirm the identity of the requester to prevent unauthorized data destruction, then proceed with the "Digital Purge."
VII. Minor's Privacy Protection
The LUXOR Experience is designed for professional brands and business entities. We do not knowingly collect or solicit data from individuals under the age of 18. If we discover that a minor has provided us with personal information, we will delete that information with immediate priority.
Data Governance Office
For questions regarding our Privacy Architecture or to file a formal request for information access, please contact our Data Protection Officer: