As of 1 August 2023
The following data protection declaration applies to Shirley's Girl, https://shirleysgirl.com and its sub-domains, affiliated sites, and Shirley's Girl’s pages and accounts on Facebook, Instagram and Pinterest. (“Website”/”Site”/“Websites”/”Sites”).
It defines the principles according to which we process all personal data that we collect from you and/or that you make available. We respect your privacy choices and understand your need to keep your personal information private. We are committed to safeguarding all information we collect from you when you use our Content, Services, and/or Products.
By using our Sites, you consent to the terms and conditions of this policy declaration.
If you do not accept it, please do not access our Sites.
General Information about the collection of personal data and provider identification
- In the following, we inform you about the collection of personal data when using the website. Personal data are all data that relate to a specific or identifiable person. For example, name, address, e-mail addresses, user behavior, etc.
- These Sites and Shirely's Girl are represented by Anne Robley (“I”/ “We”/ “Us”/“Our”) and located in Alllenbergstrasse 54, 8712 Stäfa, CH. You can contact us at email@example.com.
WHAT DO WE COLLECT?
We collect, store, and use the following personal data:
- Personal Identification Information (First Name, Last Name, E-mail Address, Physical Address, Telephone Number)
- Credit Card Information / Payment Information
- Billing and Shipping Address
We also collect, store, and use data about your behavior, for example, purchase data and data from your computer, including your IP Address, Geographical Location, Browser Type, Time Zone, Operating System, Browser Version, Pages on our Site that you visit, time and date of visit, and time spent on those pages.
Lastly, we collect information in any communications you send to us by e-mail or through our website, including its communication content and metadata.
HOW DO WE COLLECT YOUR PERSONAL DATA?
In most instances, you provide us with the data we collect. We collect and process data when you:
- Register with our Sites or create an account on our websites.
- Subscribe to our e-mail list or newsletter.
- Purchase anything from our Sites.
- Contact us through e-mail or the contact button on our Sites.
- Participate in contests and giveaways.
- Enter our Sites to gain access to courses, membership areas, blogs, and private groups.
- Leave a review or feedback.
We collect information about your computer, including your IP address, geographical location, browser type and version, and operating system by automated data collection technologies, including Google Analytics, Cookies, and similar methods, as detailed below. This means that we are already collecting this data when you browse our Site.
We collect communication content and metadata when you post it to our Sites or mobile application and when our website generates metadata in connection with your communication.
Before you disclose to us the personal information of another person, you must obtain that person’s consent to disclose and process that personal information per this policy.
OUR LEGAL BASIS WHY DO WE COLLECT YOUR INFORMATION
Personal data that you submit to us voluntarily, through our Site, or through other means will be used to:
- Administer our Sites and business.
- Personalize our Site for you.
- Process your order.
- Send you goods you purchased from us.
- Manage the account you created on our Sites.
- Send statements, invoices, and payment reminders, and collect your payments.
- Send you non-marketing commercial communications.
- Send you email notifications that you have specifically requested.
- Send you newsletters if you subscribe to our website. You can inform us anytime if you no longer require the newsletter.
- Provide third parties with statistical information about our users. We never provide third parties with data that can identify any individual user from that information.
- Deal with inquiries and complaints made by or about you relating to our Site, Products, or Services.
- Keep our Sites secure and prevent fraud.
- Verify compliance with the terms and conditions governing the use of our Sites, including monitoring private messages sent through our Site’s private messaging service
- Comply with a legal obligation.
- Protect the life or physical safety of the data subject.
If you submit personal information for publication on our Site, we will publish and otherwise use that information per the license you grant.
Without your express consent, we will not supply your personal information to any third party for their or any other party’s direct marketing.
WE WILL DISCLOSE YOUR PERSONAL INFORMATION IN THE FOLLOWING INSTANCES:
We will never sell or trade your personal information.
We may disclose your personal information to any of our employees, insurers, professional advisers, agents, suppliers, or subcontractors as reasonably necessary for the purposes set out in this policy.
We will disclose your personal information:
- To the extent that we are required to do so by law.
- In connection with any ongoing or prospective legal proceedings.
- To establish, exercise, or defend our legal rights, including providing information to others for the purposes of fraud prevention and reducing credit risk.
- To the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling; and
- To any person we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.
Except as this policy provides, we will not provide your personal information to third parties.
DETAILS ABOUT OUR PLATFORM AND SERVICE PROVIDER
https://shirleysgirl.com is hosted by Shopify International Ltd. (“Host”). Our Host provides us with an online platform to host our blog and sell our products and services to you.
Your data may be stored through our Host’s data storage, databases, and general applications.
Our Host and other service providers may use analytic tools to measure traffic and usage trends for www.shirleysgirl.com. For example, when you visit https://shirleysgirl.com, our Host may collect the following information from your visit:
- the IP address of the computer or device you are using to visit our website,
- date and time of access,
- name and URL of the data accessed,
- the website from which access is made to our domain,
- your computer’s operating system and the browser you use,
- the country from which access to our website, and
- the name of your internet provider.
INTERNATIONAL DATA TRANSFERS
Information we collect may be stored, processed, and transferred between any countries where we operate to enable us to use the information per this policy. This means that your personal information will be transferred to, stored at, and processed in jurisdictions other than where you live.
In particular, information that we collect is transferred and/or processed in Switzerland, USA, Canada and Ireland.
Furthermore, note that the USA is not included in Switzerland’s safe list because it may not have the same data protection regulations as that afforded in Switzerland and the EU. If you are located in Switzerland and you continue to use our site, despite our declaration, you are consenting to processing of your data in the USA by our Service Provider.
Personal information that you publish on our Sites or submit for publication on our Sites will be available, via the Internet, around the world. We cannot prevent the use or misuse of such information by others.
You expressly agree to the transfers of personal information described in this Section.
WHAT ARE YOUR RIGHTS?
- The supply of appropriate evidence of your identity, such as a photocopy of your passport.
- Payment of 50.00 CHF to cover the administrative expenses incurred.
- We may withhold the personal information you request to the extent permitted by law.
- You may instruct us at any time not to process your personal information for marketing purposes.
We may share your information as necessary with our third-party service providers or collaborators. You will always be informed if we share your information before you opt-in. If you decide to opt-in, you will always have a right to opt-out.
All requests for information, requests for disclosure, or objections to data processing should be sent by e-mail to firstname.lastname@example.org. If you make a request, we have thirty (30) days to respond.
We may deny your requests in certain instances; for example, we cannot verify that you are the owner of the information, or we are legally required to maintain a copy of the personal information. In that event, we will communicate this fact to you in writing.
You may appeal our decision by responding to the communication denying your request.
YOU HAVE A RIGHT TO UNSUBSCRIBE
If at any time you wish to unsubscribe from our email list, send an email at email@example.com or follow the instructions we provide at the bottom of every email that we send.
Our Email Service Provider allows us to segment and tag our leads. And therefore, it is possible that you are part of several segments or lists. This is especially true if you interact with us through different methods. For example, you sent an inquiry, downloaded a lead magnet, watched a particular presentation, or bought a particular service/product. This means that when you unsubscribe using the link in an email, you may only be unsubscribing from a particular segment or list.
To completely unsubscribe from our leads list, you may need to send us an email at firstname.lastname@example.org.
HOW DO WE RESPOND TO “DO NOT TRACK” REQUESTS?
Note that your browser settings may allow you to automatically transmit a “Do Not Track” signal to websites and online services you visit. There is no consensus among industry participants as to what “Do Not Track” means in this context. Like many websites and online services, we currently do not alter our practice when we receive a “Do Not Track” signal from a visitor’s browser. To find out more about “Do Not Track.” You may wish to visit http://www.allaboutdnt.com.
HOW LONG DO WE RETAIN YOUR DATA?
We keep data for as long as there is a need to keep it in connection with the purposes for which it was collected. We may retain your data after a particular matter or exchange has concluded, but purely for record-keeping purposes and to be able to respond to queries.
Notwithstanding the other provisions of this, we will retain documents, including electronic documents, containing personal data:
- To the extent that we are required to do so by law.
- If we believe that the documents may be relevant to any ongoing or prospective legal proceedings; and
- To establish, exercise, or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
While the specific periods vary depending on the circumstances, we generally will not keep records that include personal data for more than ten (10) years after a particular matter or exchange has concluded.
If you ask us to stop sending you marketing communications or Unsubscribe from our e-mail list, we will retain specific details, such as your name, to help us ensure that you are not contacted again.
SECURITY OF YOUR PERSONAL INFORMATION
- https://shirleysgirl.com uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content. Third parties cannot read the data that you transmit to us.
- We will take reasonable technical and organizational precautions to prevent your personal information’s loss, misuse, or alteration.
- As we are using our Host’s platform for https://shirleysgirl.com, as such, we are limited by the processes used by our Host to protect your data, including the use of firewall and encryption for payments.
- You acknowledge that transmitting information over the Internet is inherently insecure, and we cannot guarantee the security of data sent over the Internet.
- You are responsible for keeping the password you use for accessing our Sites; we will not ask you for your password except when you log in to our website.
COOKIES AND TRACKING TOOLS
Cookies are stored beyond the end of a browser session and can be called up again when you revisit the Site. If you do not want this, you should set your internet browser so that it refuses to accept cookies.
You can also delete cookies. If you are in Europe, you can learn more about how to delete cookies on this website: www.youronlinechoices.com
Note, however, that deleting cookies will negatively impact the usability of many websites.
Our Sites are not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are under 18, please refrain from providing any information on our Sites.
If you are a parent or guardian and know that your child has provided us with Personal Information, please contact us.
If we become aware that we have collected personal data from anyone under the age of 18 without verification of parental consent, we take steps to remove the information from our system.
WE WILL NEVER SELL YOUR INFORMATION
YOUR PERSONAL DATA WHEN YOU PURCHASE ANYTHING FROM OUR SITES
We do not collect, store, or have access to any payment data (for example, credit/debit card details) related to your purchase. We may have access to limited personal data, such as your name, e-mail address, and which products you purchased. Furthermore, we may use this data to contact you about your purchase, but only if you have given your consent to allow us to do so.
We make use of the following payment gateways:
If you choose to pay us via TWINT, we will have access to the following information:
- Your name
- Your Phone number
- Your mobile number
However, we do not have control or responsibility for how TWINT and our bank handle these details.
USE OF SOCIAL MEDIA PLUG-INS
We currently use the following social media plug-ins: Meta Platforms, Inc. (Facebook and Instagram) and Pinterest.
We use the so-called 2-click solution. This means that when you visit our Site, no personal data is initially passed on to the providers of these plug-ins.
You can recognize the plug-in provider by the initial letter/symbol. Only if you click on one of the plug-ins will personal data be transmitted: When the plug-in is activated, data is automatically transmitted to the respective plug-in provider and stored there. We do not influence the collected data and data processing procedures, nor are we aware of the full extent of the data collection, the purposes, or the storage periods. Since the plug-in provider collects data mainly via cookies, we recommend that you delete all cookies before clicking on the symbols via the security settings of your browser.
If you want to learn how our social media plug-ins provider handles your data, you can read their respective privacy policies here:
Meta Platforms, Inc (Facebook): https://www.facebook.com/privacy/policy
Meta Platforms, Inc (Instagram): https://privacycenter.instagram.com/policy
We have no control over and assume no responsibility for any third-party sites or services’ content, privacy policies, or practices.
OUR SOCIAL MEDIA ACCOUNTS AND THIRD-PARTY APPLICATIONS WE USE.
You may engage with us through our social media accounts and other third-party applications we use.
If you want to know how our social media and third-party application provider use and collect your data, please read their respective privacy policies here:
Owner: Meta Platforms, Inc
Owner: Meta Platforms, Inc
Owner: Pinterest Inc
Owner: Calendly, LLC
Google Workspace (Gmail, Google Calendar, Google Drive, etc.)
Owner: Google LLC
Owner: Canva Pty Ltd
Owner: Omnisend LLC
OUR EMAIL POLICY
In compliance with the provisions of the US CAN-SPAM Act, all e-mails from us will clearly state the sender’s name and clear and specific information as to how to contact us. Our emails will also provide detailed instructions if you wish to unsubscribe from our email list.
BASIS OF THIS DATA PROTECTION DECLARATION
- EU: EU General Data Protection Regulation (EU GDPR)
- Switzerland: Swiss Federal Data Protection Act (FDPA)
- Brazil: Lei Geral de Proteção de Dados (LGPD)
- New Zealand: New Zealand Privacy Act 2020
- UK: UK GDPR and Data Protection Act
- California: California Privacy Rights Act (CPRA)
- US: Childrens Online Privacy Protection Act (COPPA)
- Canada: Protection of Personal Information and Electronic Documents Act (PIPEDA)
- Australia : Privacy Act of 1988
AMENDMENTS TO THE DATA PROTECTION DECLARATION
We reserve the right to amend the data protection declaration to adapt it to changed legal situations or in the event of changes to the services offered and data processing. However, this only applies with regard to statements on data processing. If the user’s consent is required or elements of the data protection declaration contain regulations of the contractual relationship with the users, the changes are only made with the users’ permission.
The users are asked to inform themselves regularly about the content of the data protection declaration.