Privacy Policy

1. Data Controller

• Contact: support@prettygarden.store

2. Information We Collect

2.1 Personal Data You Provide

• Account Information: When creating an account, we collect your full name, email address, phone number, password (encrypted), and shipping/billing addresses (including ZIP codes for tax calculations).
• Purchase Data: For orders, we collect payment details (e.g., credit card number, expiry date, billing address), order history (e.g., “Faux Suede Bomber Jacket – Size M”), and size preferences (e.g., “prefers oversized fit”).
• Communications: Emails, contact form submissions, or chat messages, including your inquiries (e.g., “Does the knit sweater shrink?”) and our responses.
• Marketing Consent: If you opt in to emails/SMS, we store your consent to send promotions (e.g., “20% off faux leather jackets”) and new product alerts.

2.2 Automatically Collected Data

• Technical Data: IP address, browser type (e.g., Chrome, Safari), device model (e.g., iPhone 15, Windows laptop), operating system, screen resolution, and internet service provider.
• Usage Data: Pages visited (e.g., “Women’s Jackets,” “Knit Sweaters”), time spent on each page, links clicked (e.g., “Add to Cart” for a turtleneck), search queries (e.g., “waterproof faux leather jacket”), and the date/time of your visit.
• Location Data: City and state derived from your IP address (used to tailor delivery estimates and regional promotions, e.g., highlighting warm sweaters for colder states).

3. How We Use Your Data

4. Sharing Your Data

4.1 Service Providers

• Payment Processors: Stripe and PayPal, which handle payment processing. They receive only your payment details (e.g., card number) and are contractually required to protect your data.
• Shipping Partners: USPS and FedEx, which receive your name, address, and order details to deliver packages. Their privacy policies are available at USPS Privacy and FedEx Privacy.
• Analytics Tools: Google Analytics (tracks website usage) and Hotjar (records user interactions to improve UX). Google’s privacy practices are detailed here; Hotjar’s policy is here.
• Customer Service Platforms: Zendesk, which stores chat/email communications to resolve inquiries. Their privacy policy is here.

4.2 Legal Disclosures

5. Cookies & Tracking

• Strictly Necessary Cookies: Essential for checkout, account access, and cart functionality (cannot be disabled).
• Functional Cookies: Remember your preferences (e.g., saved shipping address, size filters) to personalize your experience.
• Analytics Cookies: Track website usage (e.g., which jackets are viewed most) to improve content and navigation.
• Marketing Cookies: Show you relevant ads (e.g., retargeting for a sweater you viewed) on social media or other sites. These require your consent and can be disabled via the cookie banner.

6. Data Retention

• Account Data: Retained while your account is active. You can delete your account via the “Account Settings” page, after which we erase your data (except order history required for tax purposes).
• Order Data: Retained for 7 years to comply with IRS and state tax laws.
• Marketing Data: Retained until you unsubscribe from emails/SMS (via the “Unsubscribe” link in messages).

7. Your Rights

Under CCPA :

• Right to Know: Request details about the personal data we collect, use, or disclose.
• Right to Delete: Request deletion of your data (subject to legal exceptions).
• Right to Opt-Out of Sales: While we do not sell data, you can submit a request via our CCPA Opt-Out Form.

Under GDPR :

• Right to access, rectify, or erase your data.
• Right to restrict processing or object to marketing.

8. Data Security

• Encryption of data in transit (SSL/TLS 1.3) and at rest (AES-256 encryption).
• Secure payment processing (PCI DSS compliance for credit card data).
• Regular security audits and employee training on data protection.

9. Changes to This Policy