ckupa
ckupa
ckupa
it and save BIG
Sephora Sale Tory Burch Adidas Travel Deals
Contact Us Wishlist

Privacy Policy

Privacy Policy

Last Updated: April, 2026

Welcome to CKUPA (“CKUPA,” “we,” “our,” or “us”). We value your privacy and are committed to protecting your personal information. This Privacy Policy explains what information we collect when you use ckupa.com and any related services (collectively, the “Services”), how we use and share that information, and your rights in relation to your information. It applies to all users except where a regional appendix overrides specific terms. By using any CKUPA Service, you agree to the practices described in this Policy and our User Agreement (which governs your use of the Services). If you do not agree, please discontinue use.

If you have any questions or requests regarding this Privacy Policy or your personal information, please contact us at:
Email: support@ckupa.com

1. Scope of This Privacy Policy

This Privacy Policy applies to information collected through our website and related communications, including when you:

  • browse or use our website;
  • click on deal, coupon, product, or merchant links;
  • submit a form or contact us;
  • subscribe to newsletters or updates;
  • interact with content, promotions, or other website features.

This Privacy Policy does not apply to third-party websites, or services that may be linked from CKUPA. Those third parties operate under their own privacy policies and terms.

2. Information We Collect

We may collect information in two main ways:

2.1 Information You Provide Directly

You may choose to provide information to us when you:

  • contact us by email or form;
  • subscribe to emails, newsletters, or updates;
  • submit feedback, requests, or other communications;
  • participate in surveys, giveaways, or promotions, if any.

The information you provide may include:

  • Identifiers: such as your name, email address, mailing address, telephone number, and username.
  • Account Credentials: password or authentication tokens (stored in hashed form). If you use third party login (e.g. Facebook, Google, Weibo), we collect your third-party account ID and profile info that you authorize.
  • Demographic Info: such as age, gender, and preferences, if you choose to provide them in your profile.
  • User-Generated Content (UGC): any content you post on our platforms (e.g. deal comments, forum posts, images or reviews). (UGC is also addressed in the User Agreement’s content license section.)
  • Loyalty Program Data: if you participate in our points, coins or rewards programs, we collect information such as your point balance, redemption history, and activities (see User Agreement and Program Terms).
  • Communication Records: when you email us, fill out a form, or chat with customer support, we collect the information you submit (and any metadata in the communication).

We will indicate where certain information is optional. If you choose not to provide required information, some features(like account creation or contest entry) may not be available.

2.2 Information We Collect Automatically

When you use our Services, we may automatically collect certain technical and usage information, including:

  • Device and Technical Data: IP address, device type, operating system version, browser type, language settings, and unique device identifiers (such as mobile ID or cookie ID).
  • Usage Data: how you use our Services – e.g. pages or screens viewed, time spent, links clicked, search queries on our site, referring webpage, and navigation paths. We use analytics tools (like Google Analytics) that log events like clicks, scrolls, and conversions.
  • Cookies & Similar Tech: We and partners use cookies, pixels, and local storage to collect and store usage data. See “Cookies & Tracking Technologies” (Section 5) for details.
  • Transaction Data: If you click an outbound deal link, we may record that click and any resulting purchase (if reported back to us by the merchant or affiliate network). This helps us track deal performance and, in some cases, earn affiliate commission (see Disclaimer about ads). We receive non-identifiable reports from merchants (e.g. how many users bought a product).
  • Location Data: We infer your general location (country, city) from your IP address for content localization.

Note: We do not knowingly collect personal information from children under the age required by applicable law (see Section 13 “Minors’ Privacy”). For example, in the U.S. we don’t allow users under 13 to register, and in the EEA, under 16 without parental consent.

2.3 Information from Third Parties

We may receive limited information from third parties such as:

  • analytics providers;
  • affiliate networks;
  • advertising or marketing partners;
  • email service providers;
  • website hosting or technical service providers.

For example, an affiliate network may report back whether a purchase or conversion occurred after a user clicked a link from CKUPA, usually in a form that supports attribution, reporting, or commission tracking.

3. How We Use Your Information

We may use personal information for the following purposes:

3.1 To Operate and Improve the Services

We use information to operate, maintain, troubleshoot, and improve the functionality, design,display deals and content, facilitate forum postings, and personalize your experience, and performance of CKUPA.

3.2 To Communicate with You

We may use your information to:

  • respond to inquiries or support requests;
  • send administrative or service-related communications;
  • send newsletters, updates, promotional messages, or deal alerts, where permitted by law or with your consent where required.For example, we may use your past browsing to recommend deals you might like. (Legal bases: contract performance for registered user features; consent for personalization cookies in EU; legitimate interest in offering relevant content.)

To send service notifications (e.g. account verification, password reset, transactional emails) and respond to your inquiries. Also, with your consent, to send marketing communications such as deal newsletters or promotional offers. You may opt out of marketing emails at any time by using the unsubscribe link in the email . (Legal bases: contract performance for transactional comms; consent (opt-in) for marketing emails (CAN-SPAM, CASL, GDPR); legitimate interest in customer relations.)

3.3 For Analytics and Personalization

We may analyze how users interact with the Services in order to:

  • understand website traffic and engagement;
  • improve content and user experience;
  • measure the performance of pages, offers, campaigns, and features;
  • personalize content, recommendations, or general site experience.

(Legal basis: consent for cookies that track; legitimate interests in improving user experience – with user controls provided for personalized content.)

3.4 For Affiliate Marketing and Advertising

CKUPA contains affiliate marketing links – some links to third-party merchant sites contain tracking codes. If you click and later purchase, we may receive a commission. We also allow third-party advertising partners to display banner ads or sponsored content. Data (like your device IDs or cookies) may be used to measure ad effectiveness and to avoid showing you duplicate ads. In jurisdictions requiring it (e.g. California), we treat such data sharing for targeted advertising as “sharing” of personal info and honor opt-outs (see Section 9, Your Rights). (Legal basis: consent (where required) via cookie opt-in; otherwise legitimate interest in funding our service through advertising – balanced with privacy, with opt-outs offered.)

We may use cookies, tracking links, and similar technologies to support affiliate attribution, campaign measurement, and advertising effectiveness.

3.5 For Security and Fraud Prevention

We may use information to:

  • protect the Services;
  • detect fraud, abuse, spam, or malicious activity;
  • maintain the integrity and security of our website and systems;
  • investigate suspicious behavior or violations of our terms.

(Legal basis: legitimate interests in protecting our platform and users; compliance with legal obligations to prevent fraud.)

3.6 For Legal Compliance

We may process information as necessary to comply with legal obligations, enforce our terms, respond to lawful requests, and protect our rights or the rights of others. (Legal basis: legal obligation or legitimate interest in legal defense.)

We will not use your personal information for new, unrelated purposes without updating this Policy and, if required, obtaining your consent.

4. Legal Bases for Processing (EEA/UK users)

(This section applies to individuals in the European Economic Area, UK, or other jurisdictions that require a legal basis for processing.)

Under the GDPR, CKUPA processes your personal data under the following bases: Contract (Art.6(1)(b)) – to provide the services you requested (account, forum postings, etc.); Consent (Art.6(1)(a)) – for optional activities like receiving marketing or certain cookie usage, which you can withdraw at any time ; Legitimate Interests (Art.6(1)(f)) – to personalize content, secure our platform, and improve our services, only after we’ve balanced these interests against your data protection rights (we will honor opt-out requests and provide transparency to mitigate impacts); and Legal Obligation (Art.6(1)(c)) – when processing is necessary to comply with laws (e.g. retaining transaction records for financial regulations). Where we rely on legitimate interests, if you object (see Section 7.4), we will consider your request and will stop or adjust processing unless we have compelling grounds or it’s needed for legal reasons .

5. Cookies and Tracking Technologies

We and our partners may use cookies (Cookies are small text files stored on your browser), pixels, tags (Pixel tags (web beacons) are tiny images or scripts that load on a page or email and track that action ), local storage, and similar technologies to recognize users and devices, improve website functionality, analyze traffic, support affiliate attribution, and measure advertising or content performance.

5.1 Types of Cookies We May Use

These may include:

  • Essential Cookies: required for core website functionality. (e.g. keeping you logged in, remembering your language or region). These do not require consent.
  • Analytics Cookies: used to understand traffic, engagement, and performance;(e.g. Google Analytics cookies that collect anonymized traffic data).
  • Advertising Cookies: used to measure campaigns or help show more relevant advertising;For example, we may allow an ad network to set a cookie to recognize your device so that it doesn’t show you the same banner repeatedly and can report on which ads get clicks.
  • Affiliate Tracking Cookies: used to track referrals and conversions related to affiliate links (so we earn commission). These typically last a short time (e.g. 7 days) and only track that you came from us; they do not reveal your identity to us.

5.2 Your Choices

You may control cookies through your browser settings. In some jurisdictions, we may display a cookie banner or consent tool allowing you to manage non-essential cookies.

Please note that disabling cookies may affect some website functionality.

5.3 Do Not Track / Global Privacy Control

Our website may not respond to all “Do Not Track” signals due to the lack of a consistent industry standard. Where required by law, we may honor applicable browser-based privacy signals, including Global Privacy Control, as opt-out requests.

6. Affiliate Links, Sponsored Content, and Advertising

CKUPA may include:

  • affiliate links;
  • sponsored placements;
  • merchant promotions;
  • branded content;
  • advertising or promotional materials.

If you click on certain links or purchase products or services through them, we may receive compensation at no additional cost to you.

Some merchants, affiliate networks, analytics providers, or advertising partners may place cookies or similar tracking technologies on your device in connection with such links or promotions.

For more information, please also review our Affiliate Disclosure.

7. How We Share Your Information

We do not sell personal information for money as our primary business. However, we may share information in the following situations:

7.1 Service Providers

We may share information with third-party service providers that help us operate the Services, such as providers of:

  • website hosting;
  • analytics;
  • email delivery;
  • customer support tools;
  • development or maintenance services;
  • marketing or advertising tools.

These providers are only permitted to use the information as needed to provide services to us, subject to contractual or legal restrictions.

7.2 Affiliate, Advertising, and Analytics Partners

We may share limited technical information, referral data, or cookie-based data with affiliate networks, merchants, analytics providers, or advertising partners to support attribution, reporting, performance measurement, or advertising operations.

7.3 Business Transfers

If CKUPA is involved in a merger, acquisition, restructuring, financing, asset sale, or similar business transaction, information may be transferred as part of that transaction, subject to applicable law.

7.4 Legal Compliance and Protection

We may disclose information where we believe it is necessary to:

  • comply with law, regulation, court order, or legal process;
  • enforce our policies or agreements;
  • prevent fraud, abuse, or security incidents;
  • protect the rights, property, or safety of CKUPA, users, or others.

7.5 With Your Consent or at Your Direction

We may share information when you request us to do so or when you otherwise consent.

8. International Data Transfers

CKUPA may use service providers or systems that operate in countries outside your own. Primarily, data from all regions is stored on servers in the United States. As a result, your information may be transferred to, stored in, or processed in jurisdictions with different data protection laws.

Where required, we will take steps designed to ensure appropriate safeguards are in place for such transfers, consistent with applicable law.

Many of these countries may not have the same level of data protection law as your jurisdiction. However, we take steps to ensure appropriate safeguards:

  • Users in the EEA/UK: If we transfer your personal data out of Europe, we rely on adequacy decisions (if the destination country is recognized by the European Commission as having adequate protection) or, in absence of that, we have in place Standard Contractual Clauses (SCCs) approved by the European Commission, combined with any additional measures needed after risk assessment. For instance, data sent to the US is under SCCs since the US is not currently (as of 2025) deemed adequate. (We are monitoring the new EU–US Data Privacy Framework – if we certify under it, we will update this Policy.) You can request a copy of the relevant SCCs via support@ckupa.com.
  • Users in China: Personal information collected in China is stored in China and is transferred abroad only in compliance with PIPL. We will obtain your separate consent for cross-border transfers of your data (see China Supplement) and ensure the foreign recipient meets the standard of protection required. For example, data to our US servers is under contracts based on the Chinese standard contract clauses (when finalized) or after passing a security assessment if required by CAC.
  • Users in Australia: Before disclosing personal info overseas (e.g. to our US headquarters), we take reasonable steps to ensure the recipient will handle it under standards similar to the Australian Privacy Principles. If an overseas recipient mishandles your info, CKUPA remains accountable as per Privacy Act s.16C, unless an exception applies (e.g. you explicitly consent after being informed).
  • Users in Canada: Personal data may be transferred outside Canada (e.g. to US or China) for processing. Such data may be subject to foreign laws (e.g. accessible by foreign courts, law enforcement). However, we ensure any processors abroad safeguard the data per our instructions and applicable law. For Quebec residents, we conduct a privacy impact assessment for cross-border transfers that present high risk, as required by Law 25. We also confirm the information will get adequate protection in the recipient jurisdiction, considering factors like sensitivity and legal frameworks (Law 25 Art.17).

9. Your Rights and Choices

Depending on your location and applicable law, you may have some or all of the following rights regarding your personal information:

  • the right to request access to the personal information we hold about you;
  • the right to request correction of inaccurate or incomplete information;
  • the right to request deletion of your personal information;
  • the right to object to or restrict certain processing;
  • the right to withdraw consent where processing is based on consent;
  • the right to opt out of certain marketing communications;
  • the right to request data portability where applicable;
  • the right to opt out of certain advertising-related sharing where applicable.

To exercise any of these rights, please contact us at:
support@ckupa.com

Exercising Your Rights: To exercise any of these rights, please contact us at support@ckupa.com with your request. For certain requests (access, deletion, etc.), we will need to verify your identity to ensure security – this may involve confirming account details or requesting additional info. If you are an authorized agent making a request on behalf of someone (California), we may require proof of your authorization and the consumer’s identity. We will respond to your request within the timeframe required by law (e.g. within 30 days under GDPR/PIPL/Quebec, which may be extendable once; 45 days under CCPA, extendable to 90). There is no fee for making a request, unless it is excessive or unfounded (in which case, we may charge a reasonable fee or refuse, with explanation).

If you have concerns about our response, you have the right to complain to a regulator. For EU users, this is your country’s Data Protection Authority (contact info here). For the UK, the ICO. For Canada, the Office of the Privacy Commissioner or your provincial commissioner (CAI in Quebec). For Australia, the OAIC. We would appreciate the chance to address your concerns first, so please consider reaching out to us or our Privacy Officer initially.

10. California Privacy Rights

If you are a California resident, you may have rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act, including the right to:

  • know what personal information we collect, use, disclose, or share;
  • request deletion of personal information, subject to exceptions;
  • request correction of inaccurate personal information;
  • opt out of the sale or sharing of personal information, where applicable;
  • limit the use of certain sensitive personal information, where applicable;
  • not be discriminated against for exercising your privacy rights.

At this time, CKUPA does not sell personal information for monetary consideration as its primary business model. However, some cookie- or advertising-related practices may be considered “sharing” under California law.

To submit a California privacy request, please contact:
support@ckupa.com

If you use an authorized agent, we may request proof of authorization and identity verification.

11. Data Security

We take reasonable administrative, technical, and organizational measures to help protect personal information against unauthorized access, loss, misuse, disclosure, alteration, or destruction.

However, no internet-based service or electronic storage system is completely secure. We cannot guarantee absolute security.

You are also responsible for protecting any account credentials you use and for notifying us promptly of any suspected unauthorized activity.

In case of a data breach that affects your personal information, we have procedures in place to notify you and the appropriate authorities when required by law. For example, EU users will be notified of certain breaches per GDPR Art.34, and Canadian users per PIPEDA and Law 25, etc., when there’s a real risk of significant harm. We also maintain an incident register as required.

12. Data Retention

We retain personal information for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

For example:

  • Account information is kept for the life of your account. If you delete your account, we will delete or anonymize personal data within 30 days, except as noted below.
  • Content you post (UGC) may remain as long as the forums are active, unless you delete it or request removal (and it doesn’t violate others’ rights). We may retain server logs and backup copies that contain your deleted UGC for a short period.
  • If you participated in a promotion, we may retain winners’ details as required by gaming laws (e.g. 3 years).
  • Cookie data: varies – e.g. analytics cookies might persist 6-24 months unless cleared; ad cookies likewise. See Cookie Policy for specific lifespans.
  • After you close an account or withdraw consent, we may still retain certain data: to comply with legal obligations (tax, accounting, fraud prevention) or to establish or defend legal claims.For instance, we keep invoice records or support emails for a period required by law (say 7 years). We also retain non-personal aggregate data (which no longer identifies you) for analytics.

When determining retention, we consider the volume, nature, and sensitivity of data, potential risk of harm from unauthorized use/disclosure, the purposes, and whether those can be achieved through other means, and legal requirements. If no justification exists to keep data, we will either securely delete or irreversibly anonymize it.

13. Children’s Privacy

Ckupa’s services are not directed to children. he minimum age to register and use our forums/ community is 13 years old (or higher, if your jurisdiction sets a higher age for online consent – e.g. 16 in parts of the EU). We do not knowingly collect personal information from anyone under the applicable age. If you are under 13 (or under 16 in the EU, under 14 in China, etc.), do not create an account or send us any personal info. If we learn we have collected personal data from a child under these ages without proper consent, we will delete it.

Parental Responsibility: If you are a parent or guardian and believe your child under 13 (or relevant age) has provided personal info to Ckupa, please contact us at support@ckupa.com. We will promptly delete the data associated with the child’s account. California minors: If you are a California resident under 18 and a registered user, you may request removal of content you have publicly posted (per Cal. Bus. & Prof. Code § 22581). We will remove (or anonymize) such content upon request, though please note removal might not be comprehensive (e.g., if a post was reposted by others).

14. Third-Party Websites and Services

Our Services may contain links to third-party websites, merchants, apps, or services. We are not responsible for the privacy, security, or practices of those third parties.

We encourage you to review their privacy policies and terms before providing any information or making purchases.

15. Regional Supplements

(The following Appendices modify or add to the Policy for users in certain jurisdictions. In case of conflict with the global Policy, these local terms prevail for relevant users.)

13.1 California (CPRA) – Additional Notice to California Residents:

This section applies solely to individuals who reside in California. It is intended to comply with the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) and uses terms defined in that law.

– Categories of Personal Information Collected: In the past 12 months, we have collected the following categories of personal information (as defined by CCPA §1798.140): Identifiers (real name, alias, postal address, unique ID, online identifier, IP, email); Internet or other electronic network activity (browsing history on our site, interactions with ads); Geolocation data (general location from IP, precise location if you opted in on mobile); Commercial information (records of products considered via deal clicks); Characteristics of protected classifications (we do not request these, but if you provide info like age or gender in profile, it could infer age range); Inferences drawn from above (profile reflecting preferences). We do not collect sensitive data like social security number, driver’s license, credit card number (except the last four digits if you win a prize), precise health or financial account info.

– Categories of Sources: We collect this info directly from you (when you sign up, post content, or fill forms) and automatically through your use of the service (via cookies, etc.), and indirectly from third-party accounts you link (e.g. if you log in with Facebook, we get your name and email from them).

– Business Purposes for Collection: Correspond to the uses outlined in Section 3 (providing service, marketing, analytics, security, etc.). We do not use personal info for purposes materially different without notice.

– Disclosure for Business Purposes: We have disclosed the above categories of personal information to service providers or contractors for business purposes (e.g. cloud hosting, analytics) in the last 12 months. For example, identifiers and usage data to our analytics provider, IP and cookie to our advertising partners. All such disclosures were to support our operational purposes, not for those parties’ independent use.

– Sale/Sharing of Personal Info: CKUPA has not sold personal info in the traditional sense (for money). We have “shared” (as defined by CPRA) identifiers (like cookie IDs) and Internet activity with third-party advertising networks for cross-context behavioral advertising. Specifically, third-party ad cookies on our site may collect your browsing info to tailor ads – this is considered “sharing.” You can opt out as described below. We do not have actual knowledge of selling or sharing info of consumers under 16.

– Your California Privacy Rights: You have the right to know (request that we disclose to you) the specific pieces of personal info we have about you, and details about our handling of your data (the categories of info, sources, purposes, third-party disclosures) – essentially, what is provided here and additionally any specific info you request. You have the right to request deletion of your personal info (with exceptions as noted in CCPA). You have the right to correct inaccurate personal info we maintain about you. You have the right to opt-out of sale or sharing of personal info. You have the right to limit use of your sensitive personal info (if applicable). You also have the right not to receive discriminatory treatment for exercising your privacy rights (we won’t deny services or provide different quality of service just because you exercised CCPA rights).

– Submitting Requests: To exercise access, deletion, or correction rights, contact us at support@ckupa.com with subject “California Rights Request”. Describe your request with sufficient detail that allows us to understand, evaluate, and respond. We will verify your identity through your account login (if you submit via logged-in account) or by requesting information matching what we have on file. If using an authorized agent, we require a signed authorization or power of attorney.

Opt-Out of Sale/Sharing: Use the “Do Not Sell or Share My Personal Information” link or GPC signal as described in Section 9. Once processed, we will not share your data for advertising, and we will only use service providers who cannot use your data except to perform services for us.

– Retention We retain personal info as described in Section 10; generally, as long as you have an account and as needed thereafter for legitimate purposes (e.g. legal compliance). We specify retention by category above in Section 10 (you may request more info).

– Sensitive Personal Info: We do not use SPI for anything beyond providing the services (e.g. your account password is used only for login security). Thus, while you can request limitation, by default we treat sensitive data with heightened restrictions.

Shine the Light Law: Separately, California’s “Shine the Light” law (Civ Code §1798.83) allows customers to request certain info about our disclosure of personal info to third parties for their direct marketing in the prior year. CKUPA does not disclose personal info to third parties for their own direct marketing. If you have questions, you can contact us as well.

13.2 European Economic Area/UK – GDPR Addendum:

If you are in the EEA, UK, or Switzerland, the following additional terms apply:

– You may contact our EU Representative at Ludwig-Erhard-Allee 10, D-76131 Karlsruhe or our UK Representative at Unit 02 – 137, WeWork, No.1 St Peters Square, Manchester, M2 3DE.

– For any issues, you can lodge a complaint with a Data Protection Authority (e.g., the ICO in the UK, CNIL in France, etc.), but we ask that you give us a chance to address your concerns first.

– We will not transfer your personal data to third countries without complying with GDPR Chapter V (see Section 9). We have implemented measures such as SCCs.

– Joint controllership: As mentioned, if we are joint controller with a third-party (e.g. social media platform for page insights data), per GDPR Art.26 we have an arrangement. For example, for our CKUPA Facebook Page, Facebook Ireland and CKUPA are joint controllers for Insights data; the essence of our arrangement is described here. You can exercise your rights in respect of Insights data with either Facebook or us.

– We do not engage in solely automated decision-making that produces legal effects as per GDPR Art.22.

– Legal Bases Recap: We rely on Art.6(1)(b) (contract) to process data needed to provide you the services, Art.6(1)(a) (consent) for things like marketing or certain cookies, Art.6(1)(f) (legitimate interests) as outlined in Section 4, and Art.6(1)(c) (legal obligation) when applicable. For any special category data (likely none except maybe if a user voluntarily posts something revealing (e.g. health in forum), which we don’t purposefully collect), we would require consent under Art.9(2)(a).

– Data Protection Officer: Our DPO (for EU GDPR) can be reached at support@ckupa.com (if applicable).

– Data Subject Rights: In addition to Section 9 rights, EU/UK users also have the right to not be subject to a decision based solely on automated processing (see above), and the right to object at any time to processing of personal data for direct marketing, which we honor (you can also manage email preferences directly). If we ever process data for research or statistical purposes, you could object to that too.

– If we ever intend to further process personal data for a new purpose not originally collected for, we will provide you with information on that purpose and other relevant info beforehand (GDPR Art.13(3)).

– The provision of personal data is partly required by contractual necessity (registration info) – without it, we can’t create an account. In other cases, it’s voluntary (profile fields, etc.). We’ll inform you which is which at collection (e.g. required fields marked *).