Free delivery on orders over $50 - COD available across LebanonChat with us
DollTop

Privacy Policy

Last updated: May 2026

Doll Top ("we", "us", "our") operates https://www.dolltop-lb.com. This page describes what information we collect, how we use it, and the choices you have. The canonical version of this policy lives in our repository as PRIVACY_POLICY.md; the summary below is intended for everyday reading.

1. Information We Collect

We collect information you provide directly to us when you create an account, sign in with Google, update your profile, or place an order. This typically includes your name, email, phone number, delivery address (region, city, area, street, building, floor), optional birthday, optional referral code, and the contents of your order.

We never store your password in plain text. Passwords are stored as a bcrypt hash. We do not currently accept online payments through the Site, so we do not collect or store card numbers, CVV codes, or bank details on the Site.

2. Cookies and Local Storage

We use a NextAuth session cookie to keep you signed in. Your shopping cart, wishlist, and currency preference are stored in your browser's local storage (dt_cart_v1, dt_wishlist_v1, dt_currency) and are merged into your account when you sign in. We do not currently run third-party analytics, advertising pixels, or session-recording tools.

3. How We Use Your Information

  • Create and manage your account and authenticate you.
  • Process, confirm, and deliver your orders (including Cash on Delivery handoff).
  • Operate the Doll Top Points loyalty program (earn, redeem, expire, reverse).
  • Provide customer support by phone, email, or WhatsApp.
  • Prevent fraud and abuse, secure the Site, and comply with the law.

We do not sell your personal information and we do not engage in advertising profiling.

4. How We Share Information

We share your name, phone, delivery address, and order details with our delivery partner so we can ship the order. We use Google for optional sign-in, and WhatsApp click-to-chat for support. Those services have their own privacy practices. Our application and database run on third-party hosting providers that process data on our behalf.

5. Data Storage and Security

User and transactional data is stored in a managed PostgreSQL database accessed through Prisma. Passwords are hashed with bcrypt (work factor 12), sessions use signed JWTs, the/account/* area is gated by authentication middleware, and the Site runs over HTTPS in production. No system is ever 100% secure, but we use commercially reasonable measures to protect your information.

6. Data Retention

We keep account data while your account is active and order and loyalty-ledger data for legitimate business, accounting, tax, and dispute-resolution purposes. Guest cart and wishlist data lives only in your browser's local storage and can be cleared at any time.

7. Your Rights and Choices

You can update your name, birthday, and password in your account profile, view your orders and points in the account area, and clear your guest cart, wishlist, and currency preference by clearing your browser's site data. For requests that cannot be done in-app (such as account deletion or a full data export), contact us using the details below.

8. Children's Privacy

The Service is intended for adults. We do not knowingly collect personal information from children under 13. Adults remain responsible for any account or order they create for the benefit of a child in their care.

9. Changes to This Policy

We may update this policy from time to time. We will update the "Last updated" date above and, for material changes, give reasonable notice on the Site.

10. Contact

For privacy questions, contact us at info@dolltop-lb.com or message us on WhatsApp at +961 76 560 791.