Tactical Affairs Privacy Policy

1. Information We Collect

a. Information You Provide Directly

• Account Information: Name, email address, phone number, username, password, date of birth, and profile photo.
• Transaction Information: Billing address, shipping address, and payment details (processed securely by our payment processors — we do not store full card numbers).
• Reservation & Event Information: Booking details, group size, event preferences, and waiver acknowledgments.
• Communications: Contact form submissions, customer support messages, survey responses, and feedback.
• Marketing Preferences: Email and SMS subscription choices.

b. Information Collected Automatically

• Device Information: Device model, operating system, unique device identifiers, browser type, language, time zone, and screen resolution.
• Usage Data: Pages viewed, features used, session duration, referring URLs, clickstream data, crash reports, and performance diagnostics.
• Location Data: Approximate location derived from IP address. Precise location is collected only with your explicit permission (e.g., to locate nearby facilities).
• Cookies & Similar Technologies: Cookies, web beacons, pixels, local storage, and SDKs. See Section 8 for details.

c. Information from Third Parties

• Social media platforms (if you log in or interact via social accounts).
• Payment processors, shipping carriers, and fraud-prevention providers.
• Analytics and advertising partners.

2. Mobile App Permissions

Our mobile applications may request the following permissions. Each is optional and used only for the purposes described. You can revoke permissions at any time in your device settings.

• Camera: To scan QR codes, capture profile photos, or share gameplay highlights.
• Photo Library: To upload profile pictures or attach images to support requests.
• Microphone: To record audio for in-app voice features (only when actively in use).
• Location: To surface nearby facilities, check in at events, or tag activity.
• Bluetooth: To connect to and provision Tactical Affairs hardware such as Strike Arena targets.
• Notifications: To send you transactional alerts, reservation reminders, and (with consent) promotional updates.
• Local Network: To discover compatible devices on your Wi-Fi network for setup.

3. How We Use Your Information

We use personal information to:

• Provide, maintain, and improve the Services.
• Create and manage your account, and authenticate access.
• Process transactions, reservations, and orders, and send related confirmations.
• Deliver customer support and respond to inquiries.
• Send transactional communications (order status, account notices, security alerts).
• Send marketing communications where you have opted in, subject to our Messaging Policy.
• Personalize content, product recommendations, and in-app experiences.
• Measure and analyze usage, performance, and engagement.
• Detect, investigate, and prevent fraud, abuse, and security incidents.
• Comply with legal obligations and enforce our Terms of Service.

4. Legal Bases for Processing (EU/UK Users)

If you are in the European Economic Area or United Kingdom, we process personal data under one or more of the following legal bases:

• Contract: To perform our contract with you (e.g., delivering products or services you have requested).
• Consent: Where you have given consent (e.g., marketing emails, precise location, optional cookies).
• Legitimate Interests: To operate and improve our business, prevent fraud, and keep the Services secure, balanced against your rights.
• Legal Obligation: To comply with applicable laws and regulatory requirements.

5. How We Share Information

We do not sell your personal information. We may share it in the following circumstances:

• Service Providers: Vendors that help us operate the Services (e.g., hosting, payment processing, email/SMS delivery, analytics, customer support, shipping). These providers are bound by contractual confidentiality and data-protection obligations.
• Business Transfers: In connection with a merger, acquisition, financing, reorganization, or sale of assets, subject to this Privacy Policy.
• Legal & Safety: When required by law, subpoena, or court order, or to protect the rights, property, or safety of Tactical Affairs, our users, or others.
• With Your Consent: For any other purpose disclosed to you at the time of collection.

6. Data Retention

We retain personal information only as long as necessary to fulfill the purposes described in this policy, to meet legal and accounting requirements, to resolve disputes, and to enforce our agreements. When information is no longer needed, we securely delete or anonymize it.

7. Your Rights & Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Access: Request a copy of the information we hold about you.
• Correction: Request that we correct inaccurate or incomplete information.
• Deletion: Request that we delete your personal information.
• Portability: Receive a machine-readable copy of your information.
• Restriction / Objection: Restrict or object to certain processing activities.
• Withdraw Consent: Withdraw previously granted consent at any time.
• Non-Discrimination: Exercise your rights without receiving discriminatory treatment.

California Residents: Under the CCPA/CPRA, you also have the right to know the categories of personal information collected, the purposes of collection, and the categories of third parties with whom it is shared, and to opt out of any “sale” or “sharing” of personal information as those terms are defined under California law. We do not sell personal information.

To exercise any of these rights, email us at info@tacticalaffairs.com. We will verify your request and respond within the timeframe required by applicable law.

8. Cookies, Analytics & Tracking

We use cookies and similar technologies to operate our websites, remember your preferences, analyze traffic, and understand how users interact with our Services. Categories include:

• Strictly Necessary: Required for core functionality (authentication, cart, security).
• Analytics: Help us measure usage and improve the Services (e.g., Google Analytics).
• Functional: Remember preferences and personalize your experience.
• Marketing: Measure the effectiveness of campaigns and deliver relevant content.

You can control cookies through your browser settings and opt out of Google Analytics using the Google Analytics Opt-out Browser Add-on. Some parts of the Services may not function properly if cookies are disabled.

9. Email & SMS Communications

We send marketing emails and text messages only to users who have opted in. You may unsubscribe from emails using the link in any marketing email, or stop SMS messages by replying STOP. Please see our Messaging Policy for full details, including compliance with the CAN-SPAM Act and TCPA.

10. Push Notifications

If you enable push notifications through our mobile apps, we may send you transactional alerts (e.g., order updates, reservation reminders) and, with your consent, promotional messages. You may disable push notifications at any time in your device settings.

11. Data Security

We implement reasonable administrative, technical, and physical safeguards designed to protect personal information, including encryption in transit (TLS), restricted access controls, and secure development practices. No method of transmission or storage is 100% secure, so we cannot guarantee absolute security. If we become aware of a data breach affecting your personal information, we will notify you as required by applicable law.

12. Children’s Privacy

Our Services are not directed to children under the age of 13 (or under 16 where required by local law), and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact info@tacticalaffairs.com and we will delete the information promptly.

13. International Data Transfers

Tactical Affairs is based in the United States. If you access the Services from outside the U.S., your information will be transferred to, stored, and processed in the U.S. and potentially other countries whose data-protection laws may differ from those of your jurisdiction. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses to protect personal data transferred internationally.

14. Third-Party Links & Services

Our Services may contain links to third-party websites, services, or applications (e.g., Shopify, social media platforms). This Privacy Policy does not apply to those third parties. We encourage you to review their privacy policies before sharing personal information with them.

15. Do Not Track

Some browsers offer a “Do Not Track” (DNT) signal. Because there is no industry consensus on how to respond to DNT signals, our Services currently do not respond to them. You can still manage tracking preferences through cookie controls described in Section 8.

16. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the “Effective Date” above and notify you through the Services or by email where appropriate. Your continued use of the Services after changes take effect constitutes your acceptance of the revised policy.