Privacy Policy

PRIVACY POLICY DECLARATION

As of 1 August 2023

The following data protection declaration applies to Shirley's Girl, https://shirleysgirl.com and its sub-domains, affiliated sites, and Shirley's Girl’s pages and accounts on Facebook, Instagram and Pinterest. (“Website”/”Site”/“Websites”/”Sites”).

It defines the principles according to which we process all personal data that we collect from you and/or that you make available.  We respect your privacy choices and understand your need to keep your personal information private.  We are committed to safeguarding all information we collect from you when you use our Content, Services, and/or Products.

If you are a User, Visitor, Viewer, Subscriber, Client, and/or Customer of our Sites (“User”, “You”, and/or “Your”), read this Privacy Policy in its entirety before using, viewing, downloading, purchasing from, or accessing our Site, Contents, Services, and/or Products.

By using our Sites, you consent to the terms and conditions of this policy declaration.

If you do not accept it, please do not access our Sites.

General Information about the collection of personal data and provider identification

1. In the following, we inform you about the collection of personal data when using the website.  Personal data are all data that relate to a specific or identifiable person.  For example, name, address, e-mail addresses, user behavior, etc.
2. Consenting to our use of cookies per the terms of this policy when you first visit our website permits us to use cookies every time you visit our website.
3. These Sites and Shirely's Girl are represented by Anne Robley (“I”/ “We”/ “Us”/“Our”) and located in Alllenbergstrasse 54, 8712 Stäfa, CH. You can contact us at anne@shirleysgirl.com.

WHAT DO WE COLLECT?

We collect, store, and use the following personal data:

1. Personal Identification Information (First Name, Last Name, E-mail Address, Physical Address, Telephone Number)
2. Credit Card Information / Payment Information
3. Billing and Shipping Address
4. Location

We also collect, store, and use data about your behavior, for example, purchase data and data from your computer, including your IP Address, Geographical Location, Browser Type, Time Zone, Operating System, Browser Version, Pages on our Site that you visit, time and date of visit, and time spent on those pages. 

Lastly, we collect information in any communications you send to us by e-mail or through our website, including its communication content and metadata. 

HOW DO WE COLLECT YOUR PERSONAL DATA?

In most instances, you provide us with the data we collect.  We collect and process data when you:

1. Register with our Sites or create an account on our websites.
2. Subscribe to our e-mail list or newsletter.
3. Purchase anything from our Sites.
4. Contact us through e-mail or the contact button on our Sites.
5. Participate in contests and giveaways.
6. Enter our Sites to gain access to courses, membership areas, blogs, and private groups.
7. Leave a review or feedback.

We collect information about your computer, including your IP address, geographical location, browser type and version, and operating system by automated data collection technologies, including Google Analytics, Cookies, and similar methods, as detailed below.  This means that we are already collecting this data when you browse our Site.

We collect communication content and metadata when you post it to our Sites or mobile application and when our website generates metadata in connection with your communication.

Before you disclose to us the personal information of another person, you must obtain that person’s consent to disclose and process that personal information per this policy.

OUR LEGAL BASIS WHY DO WE COLLECT YOUR INFORMATION

Personal data that you submit to us voluntarily, through our Site, or through other means will be used to:

1. Administer our Sites and business.
2. Personalize our Site for you.
3. Process your order.
4. Send you goods you purchased from us.
5. Manage the account you created on our Sites.
6. Send statements, invoices, and payment reminders, and collect your payments.
7. Send you non-marketing commercial communications.
8. Send you email notifications that you have specifically requested.
9. Send you newsletters if you subscribe to our website.  You can inform us anytime if you no longer require the newsletter.
10. Provide third parties with statistical information about our users.  We never provide third parties with data that can identify any individual user from that information.
11. Deal with inquiries and complaints made by or about you relating to our Site, Products, or Services.
12. Keep our Sites secure and prevent fraud.
13. Verify compliance with the terms and conditions governing the use of our Sites, including monitoring private messages sent through our Site’s private messaging service
14. Comply with a legal obligation.
15. Protect the life or physical safety of the data subject.
16. Other uses consistent with this Privacy Policy.

If you submit personal information for publication on our Site, we will publish and otherwise use that information per the license you grant.

Without your express consent, we will not supply your personal information to any third party for their or any other party’s direct marketing.

WE WILL DISCLOSE YOUR PERSONAL INFORMATION IN THE FOLLOWING INSTANCES:

We will never sell or trade your personal information.

We may disclose your personal information to any of our employees, insurers, professional advisers, agents, suppliers, or subcontractors as reasonably necessary for the purposes set out in this policy. 

In particular, to fulfill your order, we share your name, address, and e-mail with shipping companies such as Swiss Post Ltd. You can find Swiss Post Ltd’s privacy policy at https://www.post.ch/en/pages/footer/data-protection-and-disclaimer#data-protection

We will disclose your personal information:

1. To the extent that we are required to do so by law.
2. In connection with any ongoing or prospective legal proceedings.
3. To establish, exercise, or defend our legal rights, including providing information to others for the purposes of fraud prevention and reducing credit risk.
4. To the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling; and
5. To any person we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.

Except as this policy provides, we will not provide your personal information to third parties.

DETAILS ABOUT OUR PLATFORM AND SERVICE PROVIDER

https://shirleysgirl.com is hosted by Shopify International Ltd. (“Host”).  Our Host provides us with an online platform to host our blog and sell our products and services to you. 

Your data may be stored through our Host’s data storage, databases, and general applications.

Our Host and other service providers may use analytic tools to measure traffic and usage trends for www.shirleysgirl.com.  For example, when you visit https://shirleysgirl.com, our Host may collect the following information from your visit:

1. the IP address of the computer or device you are using to visit our website,
2. date and time of access,
3. name and URL of the data accessed,
4. the website from which access is made to our domain,
5. your computer’s operating system and the browser you use,
6. the country from which access to our website, and
7. the name of your internet provider.

This data is stored and managed by our Host and, thus, is subject to their privacy policy.  By using https://shirleysgirl.com, you agree to be bound by our Host’s privacy policy, which you can find here:   https://www.shopify.com/legal/privacy.

INTERNATIONAL DATA TRANSFERS

Information we collect may be stored, processed, and transferred between any countries where we operate to enable us to use the information per this policy. This means that your personal information will be transferred to, stored at, and processed in jurisdictions other than where you live.

In particular, information that we collect is transferred and/or processed in Switzerland, USA, Canada and Ireland. 

Furthermore, note that the USA is not included in Switzerland’s safe list because it may not have the same data protection regulations as that afforded in Switzerland and the EU.  If you are located in Switzerland and you continue to use our site, despite our declaration, you are consenting to processing of your data in the USA by our Service Provider.

Personal information that you publish on our Sites or submit for publication on our Sites will be available, via the Internet, around the world.  We cannot prevent the use or misuse of such information by others.

You expressly agree to the transfers of personal information described in this Section.

WHAT ARE YOUR RIGHTS?

Right to Access. You have a right to request from us copies of your personal information subject to the following:

• The supply of appropriate evidence of your identity, such as a photocopy of your passport.
• Payment of 50.00 CHF to cover the administrative expenses incurred.
• We may withhold the personal information you request to the extent permitted by law.
• You may instruct us at any time not to process your personal information for marketing purposes.

Right to Erasure.  If you have consented to the use of data, you can revoke it at any time.

Right to restrict processing.  You have the right to request that we restrict the processing of your personal information under certain conditions.

The right to object processing.  Under certain conditions, you have the right to object to our processing of your personal information.

The right to data portability.  You have the right to request that we transfer the data we collected to another organization, or directly to you, under certain conditions.

Right to Rectification.  You have the right to request that we correct any information you believe is inaccurate.  You also have the right to request that we complete information you believe is incomplete.

Right to Opt-out

We may share your information as necessary with our third-party service providers or collaborators.  You will always be informed if we share your information before you opt-in.  If you decide to opt-in, you will always have a right to opt-out.

All requests for information, requests for disclosure, or objections to data processing should be sent by e-mail to anne@shirleysgirl.com.  If you make a request, we have thirty (30) days to respond.  

We may deny your requests in certain instances; for example, we cannot verify that you are the owner of the information, or we are legally required to maintain a copy of the personal information.  In that event, we will communicate this fact to you in writing.

You may appeal our decision by responding to the communication denying your request.

YOU HAVE A RIGHT TO UNSUBSCRIBE

If at any time you wish to unsubscribe from our email list, send an email at anne@shirleysgirl.com or follow the instructions we provide at the bottom of every email that we send.  

Our Email Service Provider allows us to segment and tag our leads.  And therefore, it is possible that you are part of several segments or lists.  This is especially true if you interact with us through different methods.  For example, you sent an inquiry, downloaded a lead magnet, watched a particular presentation, or bought a particular service/product.  This means that when you unsubscribe using the link in an email, you may only be unsubscribing from a particular segment or list.  

To completely unsubscribe from our leads list, you may need to send us an email at anne@shirleysgirl.com.

HOW DO WE RESPOND TO “DO NOT TRACK” REQUESTS?

Note that your browser settings may allow you to automatically transmit a “Do Not Track” signal to websites and online services you visit.  There is no consensus among industry participants as to what “Do Not Track” means in this context.  Like many websites and online services, we currently do not alter our practice when we receive a “Do Not Track” signal from a visitor’s browser.  To find out more about “Do Not Track.” You may wish to visit http://www.allaboutdnt.com.

HOW LONG DO WE RETAIN YOUR DATA?

We keep data for as long as there is a need to keep it in connection with the purposes for which it was collected.  We may retain your data after a particular matter or exchange has concluded, but purely for record-keeping purposes and to be able to respond to queries. 

Notwithstanding the other provisions of this, we will retain documents, including electronic documents, containing personal data:

1. To the extent that we are required to do so by law.
2. If we believe that the documents may be relevant to any ongoing or prospective legal proceedings; and
3. To establish, exercise, or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).

While the specific periods vary depending on the circumstances, we generally will not keep records that include personal data for more than ten (10) years after a particular matter or exchange has concluded. 

If you ask us to stop sending you marketing communications or Unsubscribe from our e-mail list, we will retain specific details, such as your name, to help us ensure that you are not contacted again.

SECURITY OF YOUR PERSONAL INFORMATION

1. https://shirleysgirl.com uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content.  Third parties cannot read the data that you transmit to us.
2. We will take reasonable technical and organizational precautions to prevent your personal information’s loss, misuse, or alteration.
3. As we are using our Host’s platform for https://shirleysgirl.com, as such, we are limited by the processes used by our Host to protect your data, including the use of firewall and encryption for payments.
4. You acknowledge that transmitting information over the Internet is inherently insecure, and we cannot guarantee the security of data sent over the Internet.
5. You are responsible for keeping the password you use for accessing our Sites; we will not ask you for your password except when you log in to our website.

COOKIES AND TRACKING TOOLS

Cookies

Our Site uses cookies.  These small text files make it possible to save specific, user-related information on your device while you are using our Site.  Cookies make it possible for us to determine the frequency of use and the number of users of the pages of our Sites and to analyze the behavior of our Site users.  They make our offers more customer friendly. 

 

Cookies are stored beyond the end of a browser session and can be called up again when you revisit the Site.  If you do not want this, you should set your internet browser so that it refuses to accept cookies.

We have a separate cookies policy that will inform you what cookies we are using and how you can exercise your choice whether to accept or reject the use of our Cookies.  You can read it here.  

You can also delete cookies.  If you are in Europe, you can learn more about how to delete cookies on this website: www.youronlinechoices.com

Note, however, that deleting cookies will negatively impact the usability of many websites.

PRIVACY POLICY ON CHILDREN

Our Sites are not intended for children under 18 years of age.  We do not knowingly collect personal information from children under 18.  If you are under 18, please refrain from providing any information on our Sites.

If you are a parent or guardian and know that your child has provided us with Personal Information, please contact us.

If we become aware that we have collected personal data from anyone under the age of 18 without verification of parental consent, we take steps to remove the information from our system.

WE WILL NEVER SELL YOUR INFORMATION

All the information we collect from you is used solely for the purposes enumerated in this Privacy Policy.  We do not monetize any data we collect from you through selling said information.

YOUR PERSONAL DATA WHEN YOU PURCHASE ANYTHING FROM OUR SITES

We do not collect, store, or have access to any payment data (for example, credit/debit card details) related to your purchase.  We may have access to limited personal data, such as your name, e-mail address, and which products you purchased.  Furthermore, we may use this data to contact you about your purchase, but only if you have given your consent to allow us to do so.

​

We make use of the following payment gateways: 

Use of PayPal

If payment is made via the payment service provider “PayPal”, PayPal will process the payment and subject to PayPal’s Terms of Use, available at www.paypal.com.

Depending on the payment method selected via PayPal, the personal data transmitted to PayPal may be transferred by PayPal to credit agencies.  This transmission serves as the identity and credit check for the order you have placed.  You can find out which credit agencies are involved and which data is generally collected, processed, stored, and passed on by PayPal in the PayPal privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

TWINT

If you choose to pay us via TWINT, we will have access to the following information:

1. Your name
2. Your Phone number
3. Your mobile number

However, we do not have control or responsibility for how TWINT and our bank handle these details. 

If you choose payment via TWINT, your data will be processed by them, and you can read about their privacy policy here: https://www.twint.ch/en/website-data-privacy/ and https://www.twint.ch/en/app-dataprotection/

USE OF SOCIAL MEDIA PLUG-INS

We currently use the following social media plug-ins: Meta Platforms, Inc. (Facebook and Instagram) and Pinterest.

We use the so-called 2-click solution.  This means that when you visit our Site, no personal data is initially passed on to the providers of these plug-ins. 

You can recognize the plug-in provider by the initial letter/symbol.  Only if you click on one of the plug-ins will personal data be transmitted: When the plug-in is activated, data is automatically transmitted to the respective plug-in provider and stored there.  We do not influence the collected data and data processing procedures, nor are we aware of the full extent of the data collection, the purposes, or the storage periods.  Since the plug-in provider collects data mainly via cookies, we recommend that you delete all cookies before clicking on the symbols via the security settings of your browser.

If you want to learn how our social media plug-ins provider handles your data, you can read their respective privacy policies here:

Meta Platforms, Inc (Facebook): https://www.facebook.com/privacy/policy 

Meta Platforms, Inc (Instagram): https://privacycenter.instagram.com/policy

Pinterest: https://policy.pinterest.com/en/privacy-policy

THIRD-PARTY LINKS

Our Sites may contain links to other websites not operated by us.  If you click on a third-party link, you will be directed to that third-party’s Site.  We strongly advise you to review the privacy policy of every Site you visit.

We have no control over and assume no responsibility for any third-party sites or services’ content, privacy policies, or practices.

OUR SOCIAL MEDIA ACCOUNTS AND THIRD-PARTY APPLICATIONS WE USE.

You may engage with us through our social media accounts and other third-party applications we use.

This privacy policy is also applicable to those engagements as far as practicable. 

Take note that the personal information you transmit to our social media accounts or through third-party applications we use is usually not collected by us but by our social media platform providers.  As such, they are governed by the privacy policies of those providers.  Likewise, these providers use cookies.

If you want to know how our social media and third-party application provider use and collect your data, please read their respective privacy policies here:

Facebook

Owner: Meta Platforms, Inc 

Privacy Policy: https://www.facebook.com/privacy/policy 

Instagram

Owner: Meta Platforms, Inc 

Privacy Policy: https://privacycenter.instagram.com/policy

Pinterest

Owner: Pinterest Inc

Privacy Policy: https://policy.pinterest.com/en/privacy-policy

Calendly

Owner: Calendly, LLC

Privacy Policy: https://calendly.com/pages/privacy

Google Workspace (Gmail, Google Calendar, Google Drive, etc.)

Owner: Google LLC

Privacy Policy: https://policies.google.com/privacy

Canva

Owner: Canva Pty Ltd

Privacy Policy: https://www.canva.com/privacy_policy

Omnisend 

Owner: Omnisend LLC

Privacy Policy: https://www.omnisend.com/privacy   

OUR EMAIL POLICY

If you elect to communicate with us via email, we may retain the content of your communications, including your email address.  These communications are afforded the same protection as laid out in this privacy policy.

All e-mails sent to us are confidential.  We do not disclose, sell, transfer, or otherwise lease our email list to any third parties, nor will we disclose our email list to any third party, except in cases stated in this privacy policy.

In compliance with the provisions of the US CAN-SPAM Act, all e-mails from us will clearly state the sender’s name and clear and specific information as to how to contact us.  Our emails will also provide detailed instructions if you wish to unsubscribe from our email list.

BASIS OF THIS DATA PROTECTION DECLARATION

This Privacy Policy Declaration was written taking into account your rights and the protection afforded by the Data Protection Law or Regulations existing in the following jurisdictions:

1. EU: EU General Data Protection Regulation (EU GDPR)
2. Switzerland: Swiss Federal Data Protection Act (FDPA)
3. Brazil: Lei Geral de Proteção de Dados (LGPD)
4. New Zealand: New Zealand Privacy Act 2020
5. UK: UK GDPR and Data Protection Act
6. California: California Privacy Rights Act (CPRA)
7. US: Childrens Online Privacy Protection Act (COPPA)
8. Canada: Protection of Personal Information and Electronic Documents Act (PIPEDA)
9. Australia : Privacy Act of 1988

AMENDMENTS TO THE DATA PROTECTION DECLARATION

We reserve the right to amend the data protection declaration to adapt it to changed legal situations or in the event of changes to the services offered and data processing.  However, this only applies with regard to statements on data processing.  If the user’s consent is required or elements of the data protection declaration contain regulations of the contractual relationship with the users, the changes are only made with the users’ permission.

The users are asked to inform themselves regularly about the content of the data protection declaration.

If you have questions or complaints about this Privacy Policy, contact us at  anne@shirelysgirl.com.