Buy-Indulgence · Reflection & Symbolic Release Portal

Privacy Policy

How we minimize data collection and handle payments, analytics, and communication.

Enter Portal
Digital reflection and symbolic release portal background

Last updated: December 18, 2025

This Privacy Policy explains how the Indulgence Project ("we", "us", "our"), operated by Evolux Labs LLC, handles information when you visit https://buy-indulgence.com or purchase any digital item.

We intentionally collect as little information as possible, and only what is necessary to operate the service securely.
We do not sell data, do not share data with advertisers, and do not track individuals.

1. Business Operator

The Indulgence Project is owned and operated by:

Evolux Labs LLC
A Wyoming Limited Liability Company

Mailing & Principal Address:
30 N Gould St Ste N
Sheridan, WY 82801, USA

Registered Agent Address:
30 N Gould St Ste N
Sheridan, Sheridan County
WY 82801, USA

All payments are processed on behalf of Evolux Labs LLC.

2. Payments (PaymentProvider)

All payment-related information is processed by the PaymentProvider, including:

  • credit/debit card data
  • billing address (if required by the PaymentProvider for verification)
  • fraud-prevention signals
  • payment confirmations

We never receive, store, or process:

  • card numbers
  • CVV codes
  • full billing details
  • identity documents

The PaymentProvider acts as a separate data controller/processor, and their privacy policy governs all payment handling.
We only receive minimal metadata required to confirm that a transaction succeeded (e.g., "payment ok").

3. Information We Collect Automatically (Anonymous Only)

We use Cloudflare Web Analytics, a privacy-preserving, cookie-free, identity-free analytics service.

Cloudflare does not use:

  • cookies
  • fingerprinting
  • visitor IDs
  • IP-based identifiers
  • advertising pixels
  • cross-site tracking

Cloudflare collects only aggregated anonymous metrics, such as:

  • pages visited
  • device type
  • browser type
  • approximate region (country-level only)
  • referring website
  • time spent on pages

Cloudflare does not log or store identifiable IP addresses.

This setup is GDPR, CCPA, and global privacy law compliant and does not require a cookie banner.

4. Information We Do NOT Collect

We do not collect and do not request:

  • name or surname
  • home address
  • phone number
  • government ID
  • date of birth
  • geo-location
  • advertising identifiers
  • behavioral profiles
  • personal crypto wallet data
  • private keys
  • biometric identifiers
  • marketing preferences
  • user accounts or login data

We also do not run any advertising, remarketing, or tracking campaigns.

5. Emails and Communication

If a user enters an email during purchase or support inquiry, it may be used solely for:

  • sending purchase confirmations
  • delivering NFT-related information
  • responding to support requests

We do not use emails for marketing unless the user explicitly opts in.

Emails are stored securely through our providers.
We do not sell, trade, or rent email addresses.

6. On-Chain Information

NFT minting occurs through our internal backend wallet, not through user wallets.
We do not require users to connect personal crypto wallets.
Minted NFTs may appear publicly on blockchain explorers, which are outside our control.

Blockchain data is inherently public and cannot be altered or removed.

7. Legal Basis for Processing (GDPR)

When applicable law requires a legal basis, our bases include:

  • Contractual necessity — processing payments to deliver purchased digital items
  • Legitimate interest — ensuring security, preventing fraud, measuring aggregate traffic
  • Compliance with law — financial reporting and tax requirements

We do not process sensitive personal data.

8. Data Sharing

We do not share or sell any personal data.
The only third parties involved are:

  • PaymentProvider — payment processing
  • Cloudflare — hosting, security, analytics
  • IPFS/CDN providers — decentralized content delivery

We do not allow third parties to use collected data for advertising, profiling, or tracking.

9. Security

Our infrastructure uses:

  • Cloudflare's global secure network
  • HTTPS/TLS encryption
  • attack protection and rate limiting
  • secure backend architecture

We take reasonable measures to protect technical systems, though no online service can be 100% immune to risks.

10. Data Retention

We retain only the minimum information necessary for:

  • transaction verification
  • fraud prevention
  • financial compliance

Unnecessary data is discarded automatically by our providers.
We do not store personal data longer than necessary.

11. International Data Transfers

Service providers may process data globally under secure compliance frameworks (GDPR SCCs, etc.).
We do not manually export any personal data.

12. Your Rights

Because we intentionally minimize data collection and do not store personal information beyond necessary support communications, certain privacy rights may not be applicable.
However, users may request:

  • confirmation of whether any email or message is stored;
  • deletion of email/support communications;
  • correction of information voluntarily provided.

We respond to all requests within the timeframes required by applicable law.

13. Children's Privacy

This service is intended for users 18+.
We do not knowingly collect information from minors.

14. Changes to This Policy

We may update this Privacy Policy periodically.
Continued use of the website signifies acceptance of updates.

Users are encouraged to review this page occasionally.

Back to Portal