Last Updated July 2020
At The Poshaholic, we respect privacy and your rights to control your personal data.
Note to Residents of California and individuals located in the European Economic Area: Further region specific information for our California customers and our European customers is outlined in the “Region/Country-Specific Disclosures” section below.
Who We Are
We are The Poshaholic (collectively “The Poshaholic,” “we,” “us,” or “our”).
Information We Collect From You
We collect your personal data in a number of ways and for various purposes, including:
Making a Purchase: We collect personal data from you in order to process your purchase, confirm your order, and ship merchandise to you. This personal data may include your name, billing and shipping address, telephone number, email address, date of birth, and payment card information. The Poshaholic does not store your payment card information unless you choose to save it in your “My Account” (see below).
Creating an Account: You have the opportunity to create a personal account with The Poshaholic, which allows you to shop faster and easier online. When you create a personal account with The Poshaholic, we collect personal data which may include your name, billing and shipping address, telephone number, email address, date of birth, and payment card information. By creating a user name and a password of your choice, you may access your account online at any time to view and/or edit your profile, address book, payment methods, order history, wish list, and email preferences. You are responsible for maintaining the confidentiality of your access information and for controlling access to your account. If you ever use a public computer to visit your account, we strongly encourage you to log out at the conclusion of your session.
Marketing: You may sign up on the Websites or in stores to receive promotional emails, texts, and other communications from The Poshaholic. When you sign up, we may collect personal data such as your name, mailing address, telephone number, email address, date of birth, and preferences. If you elect to be added to the The Poshaholic marketing list, we may use your contact information to communicate with you about products, services, promotions, offers, news, and events from The Poshaholic. From time to time, we may also provide information to you about our charitable causes.
Customer Care: If you call, email or chat with our Customer Care center, we may collect personal data such as your name, mailing address, telephone number, email address, and – if you choose to make a purchase – your payment card information and billing address. We use this information to assist you and to process and/or review your transaction. The Poshaholic does not store your payment card information unless you choose to include it in your “My Account” (see above).
Public Forum: From time to time, you may be able to participate in an online customer forum or other public or private forum on the Websites where you can post comments or other content. In order to participate in such a forum, we may ask for information such as your name, mailing address, telephone number, email address, date of birth, and preferences, and we may request that you create a username and password. We may use the information you provide to us in order to communicate with you about our products, services and promotions if you have provided your consent. If you voluntarily disclose information, personal or otherwise, online in any community area (whether through the Websites or any other services available online), that information can be collected and used by others. Accordingly, you should use caution when sharing any personal data with others in any community area (whether through the Websites or any other services available online).
Information We Collect By Automated Means
Cookies: Cookies are files that contain information about your general Internet usage, and are stored on the hard drive of your device. From these cookies, we may collect information about your browser, including, where available, your IP address, operating system and browser type, for system administration. Cookies help us to improve our Websites and to deliver a better and more customized service. They enable us to:
estimate usage numbers and patterns;
store information about your preferences;
customize our Websites according to your individual interests;
speed up your searches; and
recognize you when you return to our Websites.
Pixel Tags: We may also use "pixel tags" (sometimes called “Internet tags”, "web beacons" or "clear GIFS"), which are tiny graphic images, on our Websites. Pixel tags help us analyze our customers’ online behavior and measure the effectiveness of our Websites and our advertising. We work with service providers that help us track, collect, and analyze this information. Pixel tags on our Websites may be used to collect information about your visit, including the pages you view, the features you use, the links you click, and other actions you take in connection with the Websites. This information may include your device’s IP address, your browser type, your operating system, date and time information, and other technical information about your device. We may also track certain information about the identity of the website you visited immediately before coming to our site. We do not otherwise track any information about your use of other websites.
Mobile Location Analytics Data: We may use tracking technology to collect certain information about your Wi-Fi enabled mobile device, including the presence of the device in our stores, its signal strength, its manufacturer, and a unique identifier known as its Media Access Control (“MAC”) address (collectively, “Customer Mobile Device Data”). This Customer Mobile Device Data may be collected for the purpose of determining the amount, location and frequency of customer traffic into our stores. A mobile device’s MAC address identifies a specific device to the surrounding Wi-Fi networks. The MAC address does not disclose the identity or any other personal data of the mobile device user. You may opt-out of having your MAC address recorded by visiting the following link and entering your mobile device’s MAC address: https://optout.smart-places.org/. To learn more about the use of Customer Mobile Device Data and your choices, please visit: www.smartstoreprivacy.com
Other Tracking Technology: Pixel tags and cookies in our emails may be used to track your interactions with those messages, such as when you receive, open, or click a link in an email message from us. We also work with business partners that use tracking technologies to deliver promotions on our behalf across the Internet. These companies may collect information about your visits to our Websites, and your interaction with our advertising and other communications. We may combine the information we collect through cookies and pixel tags with other information we have collected from you. This information may be used to improve our Websites, to personalize your online experience, to help us deliver information to you, to determine the effectiveness of our advertising, and for other internal business purposes.
Cookies and Other Tracking Technologies on Social Networking Services: The Poshaholic maintains The Poshaholic-branded pages on various Social Networking Services. When you visit these The Poshaholic-branded Social Networking Services, the provider of the Social Network Services and other third parties may set cookies and other tracking technologies on your browser or device.
Use of Your Personal Data
We use the information we collect from our customers for various purposes, including to:
Send communications to you about our products, services, promotions, offers, news, and events
Serve advertising and offers to you based on your interests and online activities, from us or third parties;
Improve our stores, Websites, events, customers shopping experience, and quality of service;
Determine the amount, location and frequency of customer traffic into our stores;
Prevent and detect fraud and abuse;
Process information or claims in connection with incidents at our stores;
Enable our service providers to perform certain activities on our behalf;
Respond to requests for information or services;
Communicate with you about changes to our Websites;
Comply with our legal obligations, policies, and procedures; and
Otherwise for internal administrative and analytics purposes.
If you have provided personal data to us through more than one method, for example, in store and online, we may combine such information for the purposes identified above.
We will not sell your personal data to any third party. We may share your information under certain circumstances with business partners that help the Websites function or assist us in fulfilling your order, as well as otherwise detailed below.
Others with Whom We May Share Your Information
We may disclose your personal data to companies that help us bring you the products and services we offer. For example, we may disclose your personal data to service providers and vendors that assist us as follows:
To manage a database of customer information;
To distribute emails;
To distribute other marketing materials or advertisements, including on our Websites and the websites of third parties;
To operate our stores in certain jurisdictions;
To provide data storage and/or analytics;
To prevent fraud;
To provide customer service;
To provide other services designed to assist us in providing products and services to you.
We may share data in aggregate form and/or in a form which does not enable the recipient of such data to identify you (for example, for industry analysis).
Maintenance and Processing of Information
Your personal data may be stored, transferred and process in and to the United States and in other countries by our affiliates and/or service providers. The data protection laws in these countries may provide a lower standard of protection for your personal data than your country of residence. We take great care in protecting your personal data and have put in place adequate mechanisms to protect it when it is transferred internationally. We will transfer your personal data in compliance with applicable data protection laws and will implement suitable safeguards to ensure that your personal data is adequately secured by any third party that will access your information (for instance, by using the Model Clauses as approved by the European Commission).
If you have questions or wish to obtain more information about the international transfer of your personal data or the implemented safeguards, please send us an email to inquiries @ email@example.com.
Security Measures: The Poshaholic uses commercially reasonable measures to keep your personal data private and safe as incorporated in WIX design suite. We take appropriate physical, electronic and administrative steps to maintain the security of personal data we collect, including limiting the number of people who have physical access to our servers, as well as employing electronic security systems and password protections that guard against unauthorized access. In addition, it is our policy to never send your payment card number via email. Our customer care center and stores operate over private, secure networks. Please note, however, that email is not encrypted and is not considered to be a secure means of transmitting payment card information.
We use industry standard security technology in transferring information to process your orders. All payment card transactions should take place in protected areas of our Websites, which are designed to reduce the risk of any loss, misuse or alteration of the information collected. When you begin the checkout process, you should move into such a protected area. Once you've entered, the page address (URL) should change from “http” to “https.” Also, a key or a closed lock should appear in the lower right hand corner of your screen to notify you of this change. You should remain in this secure zone for the entire checkout process. Please check that you are still in this protected area when you type in your payment card details.
Despite our best efforts, the transmission of data over the Internet cannot be guaranteed to be 100% secure. While we use commercially reasonable means to ensure the security of information you transmit to us, we cannot guarantee that such information will not be intercepted by third parties. We may, however, prosecute any unauthorized or fraudulent transactions to the fullest extent permitted by law.
Spoofing and Phishing: Spoofing and phishing are common Internet scams. These may occur when you receive an email from what appears to be a legitimate source requesting personal data from you. Please be aware that The Poshaholic will never send you an email requesting you to verify payment card or bank information. If you ever receive an email that appears to be from us requesting such information from you, do not respond to it, and do not click on any links appearing in the email. Instead, please forward the email to us at Theposhaholic2020@gmail.com, as we will endeavor to investigate all instances of possible online fraud.
Other Websites: Our Websites may include links to third party websites whose privacy practices may differ from ours. If you provide personal data to any of those third parties, your data is governed by their privacy policies, and we encourage you to read those privacy policies carefully before providing your personal data.
Our Website is not intended for children. We do not intentionally collect any personal data from children under the age of sixteen, and will dispose of any such information if we become aware that it has been provided to us.
Changes to this Policy
How To Contact Us
If you have any questions about your privacy or security on our Website, please contact us at firstname.lastname@example.org.
California Privacy Rights: California residents are entitled to ask us for a notice describing what categories of personal data we share with third parties or corporate affiliates for those third parties’ or corporate affiliates’ direct marketing purposes. That notice will identify the categories of information shared and will include a list of the third parties and affiliates with which it was shared, along with their names and addresses. If you are a California resident and would like a copy of this notice, please see the “How To Contact Us” section below for where to submit a request. Please allow 30 days for a response.
Nevada Privacy Rights: If you are a Nevada resident, in addition to the rights set forth above, you have the right to request that we do not make any sale (as such term is defined in N.R.S. 603A) of your covered information (as such term is defined in N.R.S. 603A.320) that we may have collected from you (or may collect from you in the future). .We currently do not sell covered information, as “sale” is defined by such law, and we don’t have plans to sell this information. However, if you would like to be notified if we decide in the future to sell personal information covered by the Act, such requests should be made to our designated email address above in the “How to Contact Us” section. Please allow up to 60 days for a response.
Opting out of these sales will not cease marketing communications from The Poshaholic. To opt out of marketing communications, see “Removal from Marketing List” above.
Legal Bases for Using Personal Data
We process your personal data only if we have a legal basis to do so, including:
to comply with our legal and regulatory obligations;
for the performance of our contract with you or to take steps at your request before entering into a contract;
for our legitimate interests or those of a third party;
where you have given consent to our specific use.
The purpose for which we use and process your information and the legal basis on which we carry out each type of processing is further explained below.
Purposes for which we will process the information Legal Basis for the processing
To deliver services to users and process transactions. It is necessary for us to process your personal data in order to deliver the services and process transactions according to the applicable contract between us.
To send communications to you about our products, services, promotions, offers, news, and events. We will send electronic communications to you if you have consented to these communications. With respect to other communications, it is in our legitimate interest to communicate to you about our products, services, promotions, offers, news, and events. We consider this use to be proportionate and will not be prejudicial or detrimental to you.
To serve advertising and offers to you based on your interests and online activities, from us or third parties. We will serve you advertising and offers to you based on your interests and online activities if you have consented to this processing.
To improve our stores, Websites, events, customers shopping experience, and quality of service. It is in our legitimate interest to improve our offerings. We consider this use to be proportionate and will not be prejudicial or detrimental to you.
To determine the amount, location and frequency of customer traffic into our stores. It is in our legitimate interest to understand our customer traffic at our stores. We consider this use to be proportionate and will not be prejudicial or detrimental to you.
To process information or claims in connection with incidents at our stores. We conduct this processing to comply with our legal obligations and to protect the public interest.
To enable our service providers to perform certain activities on our behalf; It is necessary for us to process your personal data in this manner in order to deliver the services and process transactions according to the applicable contract between us. It is also in our legitimate interest to enable our service providers to perform certain activities on our behalf. We consider this use to be proportionate and will not be prejudicial or detrimental to you.
To notify you of any changes to the Websites that may affect you. It is necessary for us to process your personal data in order to deliver the services and process transactions according to the applicable contract between us.
To provide you with information and services that you request from us. It is necessary for us to process your personal data in order to deliver the services and process transactions according to the applicable contract between us.
To administer our Websites including troubleshooting, data analysis, testing, research, statistical and survey purposes;
To improve our Websites to ensure that consent is presented in the most effective manner for you and your computer, Device or other item of hardware through which you access the Websites; and
To keep our Websites safe and secure and to prevent detect fraud and abuse;
To comply with our legal obligations, policies, and procedures
For all these categories, it is in our legitimate interest to continually monitor and improve our services and your experience of the Websites and to ensure network security. We consider this use to be proportionate and will not be prejudicial or detrimental to you.
We conduct this processing to comply with our legal obligations and to protect the public interest.
To process otherwise for internal administrative and analytics purposes. It is in our legitimate interest to process your personal data for internal administrative or analytics purposes. We consider this use to be proportionate and will not be prejudicial or detrimental to you.
We share your personal data with and amongst The Poshaholic entities. This will involve transferring your data outside the European Economic Area ("EEA"). Some of our external third party service providers are also based outside of the EEA, and their processing of your personal data will involve a transfer of data outside the EEA. This includes the United States. Where personal data is transferred to and stored in a country not determined by the European Commission as providing adequate levels of protection for personal data, we take steps to provide appropriate safeguards to protect your personal data, including entering into standard contractual clauses approved by the European Commission, obliging recipients to protect your personal data.
Retention of Personal Data
Data Subject Access Rights
You have the following rights:
Right of access to your personal data: You have the right to ask us for confirmation on whether we are processing your personal data, and access to the personal data and related information.
Right to correction: You have the right to have your personal data corrected, as permitted by law.
Right to erasure: You have the right to ask us to delete your personal data, as permitted by law.
Right to restriction of processing: You have the right to request the limiting of our processing under limited circumstances.
Right to data portability: You have the right to receive the personal data that you have provided to us, in a structured, commonly used and machine-readable format, and you have the right to transmit that information to another controller, including to have it transmitted directly, where technically feasible.
Right to object: You have the right to object to our processing of your personal data, as permitted by law, under limited circumstances.
In order to exercise any of these rights, please contact us according to the “How to Contact Us” section above. Please note that the above rights are not absolute and we may be entitled to refuse requests, wholly or partly, where exceptions under the applicable law apply.