Last updated: 2026-04-15
This Privacy Policy describes how thelastboot.com (the “Site”, “we”, “us”, or “our”) collects, uses, and discloses your personal information when you visit thelastboot.com, use our services, make a purchase from the Site, or otherwise communicate with us regarding the Site (collectively, the “Services”).
For the purposes of this Privacy Policy, “you” and “your” refer to you as a user of the Services, whether you are a customer, website visitor, or another individual whose information we have collected in accordance with this Privacy Policy.
Please read this Privacy Policy carefully.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time, including to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will post the revised Privacy Policy on the Site, update the “Last updated” date, and take any other steps required by applicable law.
Data Controller (GDPR Article 13)
The data controller responsible for the processing of your personal data within the meaning of the General Data Protection Regulation (GDPR) is:
Legal name: Geros Prekės MB
Business name: TheLastBoot
Address: Perkūnkiemio g. 19, Vilnius, LT-12120, Lithuania
E-Mail: [email protected]
Contact form: Contact us
Phone number: +370 690 16319
Company number: 306708710 (registered in Lithuania)
Customer service hours: Monday to Friday, 8:00 a.m. – 5:00 p.m. (Central European Time – CET / CEST)
How We Collect and Use Your Personal Information
To provide the Services, we collect and use personal information as outlined below. The information we collect and use varies depending on how you interact with us.
In addition to the specific purposes listed below, we may use the information we collect about you to:
- Communicate with you
- Provide, maintain, and improve the Services
- Comply with legal obligations
- Enforce applicable terms and conditions
- Protect or defend the Services, our rights, and the rights of our users or others
Legal Bases for Processing (GDPR Article 6)
We process your personal data only where a valid legal basis applies, including:
- Performance of a contract (Art. 6(1)(b) GDPR), such as processing orders, payments, shipping, returns, and account management
- Compliance with legal obligations (Art. 6(1)(c) GDPR), including tax, accounting, and consumer law obligations
- Legitimate interests (Art. 6(1)(f) GDPR), such as fraud prevention, security, service improvement, and direct marketing, provided your rights do not override these interests
- Consent (Art. 6(1)(a) GDPR), for cookies, tracking technologies, and marketing where legally required
Where processing is based on consent, you may withdraw your consent at any time with future effect.
What Personal Information Do We Collect?
When we use the term “personal information,” we mean information that identifies, relates to, describes, or can reasonably be associated with you.
Information We Collect Directly From You
- Contact details – name, billing and shipping address, phone number, email address
- Order information – order details, payment confirmation, invoices
- Account information – username, password, and security-related information
- Customer support information – communications you send to us
Providing certain information may be required to use specific features. If you choose not to provide it, some Services may be unavailable.
Information We Collect Automatically
We automatically collect certain information about your interaction with the Services (“Usage Data”) using cookies and similar technologies. This may include:
- Device and browser information
- Network connection details
- IP address
- Pages viewed and interactions with the Site
Information We Receive From Third Parties
We may receive personal information from third parties, including:
- WooCommerce and related infrastructure providers
- Payment processors, who collect payment data to process transactions and fulfill orders
When you visit our Site, open emails, or interact with advertisements, we or our partners may collect data using tracking technologies such as pixels, cookies, and web beacons.
All such data is processed in accordance with this Privacy Policy.
How We Use Your Personal Information
Providing Products and Services
We use your personal data to:
- Process payments
- Fulfill and ship orders
- Manage accounts
- Handle returns and exchanges
- Send transactional communications
We may enable WooCommerce services to improve functionality. WooCommerce processes data in accordance with its own privacy policies.
Marketing and Advertising
We may use your data to send marketing communications via email, SMS, or post, and to display advertisements.
If you are located in the EEA, this processing is based on our legitimate interest (Art. 6(1)(f) GDPR) or your consent where required.
You may unsubscribe at any time.
Email Marketing & Double Opt-In
Where required by law, we use a double opt-in procedure. Subscription confirmations, timestamps, and IP addresses are stored for legal verification purposes.
Security and Fraud Prevention
We use personal information to detect and prevent fraud, abuse, and security incidents.
Legal basis: legitimate interest under Art. 6(1)(f) GDPR.
Customer Support & Service Improvement
We process personal information to respond to inquiries and improve the Services.
Legal basis: legitimate interest under Art. 6(1)(f) GDPR.
Cookies & Consent (EU ePrivacy)
We use cookies to operate and optimize the Site, analyze usage, and personalize content.
Information about WooCommerce cookies:
https://woocommerce.com/document/woocommerce-cookies/.
Where required, non-essential cookies are only set after your consent. You can withdraw or modify your consent at any time via cookie settings or your browser.
Blocking cookies may limit Site functionality.
Detailed information regarding the use of cookies is provided in our Cookie Policy.
How We Share Personal Information
We may share personal information:
- With service providers (IT, payment processing, analytics, fulfillment, shipping, customer support)
- With marketing and business partners (subject to their privacy policies)
- With affiliates within our corporate group
- When legally required or in connection with a business transaction
Categories of Data Shared
| Category | Recipients |
|---|---|
| Identifiers & contact details | Service providers, affiliates |
| Commercial & order data | Payment processors, fulfillment partners |
| Usage & technical data | Analytics providers |
| IP-based location data | Security and fraud prevention providers |
We do not sell personal data without consent.
Third-Party Websites and Links
Our Site may contain links to third-party websites. We are not responsible for their privacy practices. Information shared on third-party platforms may be publicly visible.
Children’s Data
The Services are not intended for children under 16. We do not knowingly collect children’s data.
This includes compliance with the U.S. Children’s Online Privacy Protection Act (COPPA), which applies to children under 13 years of age.
Parents or guardians may request deletion.
Data Retention
We retain personal data only as long as necessary for:
- Contract fulfillment
- Legal obligations (tax, accounting)
- Dispute resolution
- Enforcement of policies
Mandatory legal retention periods apply to order and invoice data.
Automated Decision-Making
We do not engage in automated decision-making or profiling within the meaning of Article 22 GDPR.
Your Rights Under GDPR
Depending on your location, you may have the right to:
- Access your data
- Request correction or deletion
- Restrict processing
- Data portability
- Withdraw consent
- Object to marketing or targeted advertising
- Lodge a complaint with a supervisory authority
Requests can be made via the Site or by contacting us.
We may verify your identity before responding.
Complaints
If you believe your data is being processed unlawfully, you may contact us or lodge a complaint with your local data protection authority.
For the EEA, you may contact your national supervisory authority.
International Data Transfers
Your data may be transferred outside your country. Where data is transferred outside the EEA, we rely on:
- EU Standard Contractual Clauses, or
- Adequacy decisions by the European Commission
United Kingdom (UK GDPR)
If you are located in the United Kingdom, your personal data is processed in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Where personal data is transferred outside the United Kingdom, we rely on approved transfer mechanisms, including the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses, unless the destination country has been deemed to provide an adequate level of protection.
You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO).
California Privacy Rights (CCPA / CPRA)
If you are a resident of California, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):
- The right to know what personal information we collect, use, disclose, or sell
- The right to request deletion of your personal information
- The right to correct inaccurate personal information
- The right to opt out of the sale or sharing of personal information
- The right to limit the use of sensitive personal information
- The right not to receive discriminatory treatment for exercising your rights
We do not sell personal information for monetary consideration
Where required by law, we honor opt-out preference signals such as the Global Privacy Control (GPC).
However, some data sharing for advertising purposes may be considered a “sale” or “sharing” under California law.
You may exercise your rights by contacting us at [email protected]. We may need to verify your identity before processing your request.
