Privacy policy

At Whimsington ("we," "us," or "our"), we are committed to safeguarding your personal information and respecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and protect your personal data when you visit our website whimsington.com (the "Site"), use our mobile application Dawn (the "App"), make a purchase, or otherwise interact with us (collectively, the "Services").

By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our practices, please do not use or access our Services.

Table of Contents

1. Changes to This Privacy Policy

2. Information We Collect

  • Information You Provide Directly
  • Information Collected Automatically
  • Information from Third Parties

3. Legal Basis for Processing Personal Data

4. How We Use Your Information

5. Cookies and Similar Technologies

  • Types of Cookies We Use
  • Managing Cookies

6. Your Rights and Choices

  • Access and Portability
  • Correction
  • Deletion
  • Objection and Restriction
  • Consent Withdrawal
  • Opt-Out of Marketing Communications
  • Do Not Sell or Share My Personal Information

7. Disclosure of Your Information

  • Service Providers
  • Business Partners
  • Affiliates
  • Legal Obligations and Protection
  • Business Transfers

8. User-Generated Content

9. Third-Party Websites and Links

10. Children's Privacy

11. Security Measures

12. Data Retention

13. International Data Transfers

14. Automated Decision-Making and Profiling

15. Complaints

California Residents' Privacy Rights

  • Categories of Personal Information Collected
  • Purposes for Collecting Personal Information
  • Categories of Third Parties with Whom We Share Personal Information
  • Your Rights Under California Law
  • Exercising Your California Privacy Rights

16. Contact Us

17. Messaging Terms and Privacy Policy

18. Mobile App Data Collection and Permissions

19. Third-Party SDKs and App Analytics

20. Apple and Google Platform Disclosures

21. App-Specific Marketing and Opt-Out Options

22. Your Rights as a Mobile User 

23. Biometric and Sensitive Information

24. Last Updated

Changes to This Privacy Policy

We may revise this Privacy Policy periodically to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will:

  • Update the "Last Updated" date at the end of this Privacy Policy.
  • Post the revised Privacy Policy on our Site.
  • Where required by law, notify you of significant changes and obtain your consent.

Your continued use of the Services after any changes signifies your acceptance of the updated Privacy Policy.

Information We Collect

To provide and improve our Services, we collect personal information about you from various sources. The type of information we gather depends on your interactions with us and may include:

Information You Provide Directly

When you interact with our Services, you may provide us with the following information:

  • Contact Information: Your name, mailing address, email address, and telephone number.
  • Account Credentials: Username, password, and responses to security questions for account access.
  • Order Details: Billing and shipping addresses, payment confirmation details, and order history.
  • Shopping Preferences: Items viewed, added to your cart, or saved to your wishlist.
  • Customer Support Communications: Information you provide when you contact us for assistance or inquiries.

Providing certain personal information is optional; however, failing to provide required information may prevent you from using specific features of our Services.

Information Collected Automatically

We automatically collect certain information about your device and usage of our Services through cookies, web beacons, and similar technologies ("Cookies"). This information may include:

  • Device Information: IP address, browser type, operating system, device identifiers, and hardware model.
  • Usage Data: Pages viewed, links clicked, time spent on pages, and other actions taken on the Site.
  • Network and Connection Information: Internet service provider, mobile network, and connection speed.

Information from Third Parties

We may receive information about you from third parties, including:

  • Service Providers: Partners like Shopify that support our Site and Services.
  • Payment Processors: Entities that process payments and provide transaction details.
  • Marketing and Advertising Partners: Companies that provide insights into user behavior and preferences.
  • Social Media Platforms: Information from your interactions with our pages on social networks.

We treat information obtained from third parties in accordance with this Privacy Policy and any additional restrictions imposed by the source of the information.

Legal Basis for Processing Personal Data

Under certain data protection laws, such as the General Data Protection Regulation (GDPR), we are required to inform you of the legal bases for processing your personal data. We rely on the following legal grounds:

  • Contractual Necessity: Processing is necessary to perform our contract with you or to take steps at your request before entering into a contract.
  • Consent: We process your personal information based on your consent when you subscribe to our newsletters or agree to receive marketing communications.
  • Legitimate Interests: Processing is necessary for our legitimate interests, such as improving our Services, preventing fraud, and securing our systems, provided these interests are not overridden by your rights.
  • Legal Obligations: Processing is necessary to comply with our legal obligations, such as maintaining records for tax and accounting purposes.

How We Use Your Information

We use your personal information for various purposes, and the legal basis for processing is indicated in parentheses:

  • Providing Services: To process transactions, fulfill orders, deliver products, and provide customer support (Contractual Necessity).
  • Account Management: To create, maintain, and secure your account with us (Contractual Necessity, Legitimate Interests).
  • Communication: To send transactional communications, such as order confirmations, shipping updates, and customer service messages (Contractual Necessity).
  • Marketing and Advertising: To send promotional materials, newsletters, and special offers, and to personalize advertising content (Consent, Legitimate Interests).
  • Analytics and Improvement: To analyze usage trends, monitor the effectiveness of our marketing campaigns, and improve our Services (Legitimate Interests).
  • Security and Fraud Prevention: To detect, investigate, and prevent fraudulent or unauthorized activities (Legitimate Interests, Legal Obligations).
  • Legal Compliance: To comply with legal obligations, respond to legal requests, and enforce our agreements (Legal Obligations).
  • User Experience: To personalize your experience on our Site and customize the content and products we offer (Consent, Legitimate Interests).

Cookies and Similar Technologies

We use Cookies to enhance your experience on our Site. Cookies are small data files placed on your device that help us remember your preferences and understand how you use our Services.

Types of Cookies We Use

  • Essential Cookies: Necessary for the functioning of our Site, such as security and network management.
  • Performance Cookies: Collect information about how you use our Site to improve its performance.
  • Functional Cookies: Remember your preferences and settings to enhance your experience.
  • Advertising Cookies: Deliver relevant advertisements and measure the effectiveness of our campaigns.

Managing Cookies

You can manage your cookie preferences through our cookie consent banner or your browser settings.

  • Cookie Consent Banner: When you first visit our Site, you will be presented with a cookie consent banner that allows you to accept or decline non-essential Cookies.

  • Browser Settings: Adjust your browser settings to:

    • View and delete existing Cookies.
    • Block third-party Cookies.
    • Block Cookies from specific sites.
    • Block all Cookies.
    • Delete all Cookies when you close your browser.

Please note that disabling Cookies may affect the functionality and features of our Services.

Your Rights and Choices

Depending on your location and applicable data protection laws, you may have certain rights regarding your personal information. These rights may include:

Access and Portability

  • Right to Access: Request confirmation of whether we process your personal information and access to that data.
  • Data Portability: Receive your personal information in a structured, commonly used, and machine-readable format and transmit it to another controller.

Correction

  • Right to Rectification: Request correction of inaccurate or incomplete personal information.

Deletion

  • Right to Erasure: Request deletion of your personal information, subject to certain exceptions provided by law.

Objection and Restriction

  • Right to Object: Object to the processing of your personal information for direct marketing or based on legitimate interests.
  • Right to Restrict Processing: Request that we limit the processing of your personal information under certain circumstances.

Consent Withdrawal

  • Right to Withdraw Consent: Withdraw consent where we rely on it for data processing.

Opt-Out of Marketing Communications

  • Promotional Emails: Unsubscribe by following the instructions in the email or contacting us at through our contact form.
  • Text Messages: Reply "STOP" to any promotional text message you receive from us.

Do Not Sell or Share My Personal Information

If you wish to opt-out of the sale or sharing of your personal information with third parties, please:

  • Contact us through our contact form.

Exercising Your Rights

To exercise any of these rights, please contact us using the information provided in the Contact Us section. We may need to verify your identity before processing your request.

Disclosure of Your Information

We may share your personal information with third parties under the following circumstances:

Service Providers

We engage third-party companies and individuals to perform services on our behalf, such as:

  • Payment Processing: To process payments and refunds.
  • Order Fulfillment: To package and ship your orders.
  • Customer Support: To provide customer service and support.
  • Data Analytics: To analyze data and improve our Services.
  • Marketing Services: To assist with marketing and promotional activities.

These service providers have access to your personal information only to perform these tasks and are obligated to protect your information.

Business Partners

We may share your information with trusted business partners for marketing, advertising, and other business purposes. This may include:

  • Advertising Networks: To display advertisements on third-party websites.
  • Social Media Platforms: To engage with you through social media channels.
  • Joint Marketing Partners: To offer co-branded services or promotions.

Affiliates

We may share your information with our subsidiaries, affiliates, or parent company for internal business purposes, such as:

  • Consolidated Reporting: To analyze business performance.
  • Strategic Planning: To develop new products and services.

Legal Obligations and Protection

We may disclose your information when we believe it is necessary to:

  • Comply with Laws: Respond to legal processes or governmental requests.
  • Enforce Agreements: Enforce our Terms of Service and other agreements.
  • Protect Rights and Safety: Protect the rights, property, or safety of Whimsington, our customers, or others.

Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal information may be transferred as part of the transaction.

User-Generated Content

Our Services may allow you to submit content, such as reviews, comments, or other materials ("User Content"). Any User Content you choose to submit may be publicly available and can be read, collected, or used by others.

  • Public Visibility: Information you post in public areas can be accessed by anyone.
  • Personal Information: Avoid sharing sensitive personal information in User Content.
  • Removal of Content: If you wish to remove your User Content, please contact us.

We are not responsible for the privacy practices of others who may view and use your User Content.

Third-Party Websites and Links

Our Site may contain links to websites or services operated by third parties. We do not control these third-party sites and are not responsible for their content or privacy practices.

  • External Links: Clicking on third-party links may direct you away from our Site.
  • Privacy Policies: We encourage you to review the privacy policies of any third-party sites you visit.
  • No Endorsement: Inclusion of a link does not imply endorsement by Whimsington.

Children's Privacy

Our Services are not intended for individuals under the age of 16, and we do not knowingly collect personal information from children under 16.

  • Parental Consent: If you are under 16, do not provide any personal information.
  • Removal of Information: If we learn we have collected information from a child under 16, we will delete it promptly.
  • Contact Us: Parents or guardians who believe their child has provided us with personal information should contact us.

Security Measures

We take reasonable administrative, technical, and physical precautions to protect your personal information from unauthorized access, alteration, disclosure, or destruction.

  • Encryption: Sensitive data transmitted online is encrypted using Secure Socket Layer (SSL) technology.
  • Access Controls: Access to personal information is limited to authorized personnel.
  • Monitoring: We regularly monitor our systems for vulnerabilities and attacks.

However, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

  • Order Information: Retained for legal and accounting purposes.
  • Account Information: Retained as long as your account is active.
  • Marketing Preferences: Retained until you opt-out or request deletion.

When we no longer need your personal information, we will securely destroy or anonymize it.

International Data Transfers

Your personal information may be transferred to, stored, and processed in countries other than your own, including the United States.

  • Data Protection Standards: We implement appropriate safeguards to protect your personal information during international transfers.
  • Legal Bases for Transfer: Transfers are made in accordance with applicable data protection laws, such as Standard Contractual Clauses approved by the European Commission.
  • Your Consent: By using our Services, you consent to the transfer of your information to countries outside your country of residence.

Automated Decision-Making and Profiling

We may use automated decision-making and profiling to personalize your experience, deliver relevant content, and improve our Services. This may include:

  • Personalized Marketing: We analyze your browsing and purchasing behavior to provide product recommendations and tailored promotions.
  • Risk Assessment: Automated tools help us detect and prevent fraudulent activities.

Your Rights Regarding Automated Processing

You have the right to object to decisions based solely on automated processing that produce legal or similarly significant effects. To exercise this right, please contact us through our contact form.

Complaints

If you have any concerns or complaints about our privacy practices, please contact us using the information provided below.

  • Resolution Process: We will investigate and attempt to resolve any complaints promptly and in accordance with applicable laws.
  • Right to Lodge a Complaint: If you are not satisfied with our response, you have the right to file a complaint with your local data protection authority.

California Residents' Privacy Rights

If you are a California resident, you have specific privacy rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). This section provides additional information required under California privacy laws.

Categories of Personal Information Collected

We collect the following categories of personal information:

  • Identifiers: Name, email address, postal address, phone number, IP address.
  • Commercial Information: Records of products or services purchased, obtained, or considered.
  • Internet or Other Electronic Network Activity Information: Browsing history, search history, interaction with our Site.
  • Geolocation Data: Physical location or movements.
  • Inferences Drawn: Profile reflecting preferences, characteristics, behavior.

Purposes for Collecting Personal Information

We collect personal information for the purposes described in the How We Use Your Information section.

Categories of Third Parties with Whom We Share Personal Information

We share personal information with the categories of third parties described in the Disclosure of Your Information section.

Your Rights Under California Law

  • Right to Know: You have the right to request that we disclose certain information about our collection and use of your personal information over the past 12 months.
  • Right to Delete: You have the right to request that we delete your personal information, subject to certain exceptions.
  • Right to Correct: You have the right to request correction of inaccurate personal information.
  • Right to Opt-Out: You have the right to opt-out of the sale or sharing of your personal information.
  • Right to Limit Use of Sensitive Personal Information: You may have the right to limit the use of sensitive personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

Exercising Your California Privacy Rights

To exercise your rights under California law, please:

  • Submit a Request: Contact us through our contact form.
  • Verification: We may need to verify your identity before processing your request.
  • Authorized Agents: You may designate an authorized agent to make a request on your behalf by providing written permission and verifying your identity directly with us.

Do Not Sell or Share My Personal Information

We do not sell personal information for monetary consideration. However, under the CCPA's broad definitions, certain data sharing practices may be considered a "sale" or "sharing" of personal information.

To opt-out of such sharing, please:

  • Contact us at through our contact form
  • Use the "Privacy Preferences" link in the footer of our Site.

Mobile App Data Collection and Permissions

  • When using our mobile application Dawn, we may collect additional types of information not otherwise collected via our website. This may include:

    • Device and App Usage Data: Including your device ID, device type, operating system, crash reports, and usage statistics.

    • Geolocation Data: If enabled, we may collect precise or approximate location data to enhance features or tailor content. You can disable location tracking through your device settings.

    • Push Notifications: We may send you in-app messages or push notifications. You can disable these through your device settings.

    • Media Access: If you choose to upload photos, audio, or video, we will request access to your device's camera, microphone, or media library. Access is only used for the intended functionality and never without your permission.

    • Contacts or Calendars (if applicable): We may request access to your contacts or calendar if the App offers sharing, invitations, or event syncing features. Access is optional and controlled by you.

Third-Party SDKs and App Analytics

Our App uses third-party SDKs and analytics tools to improve functionality, diagnose errors, understand usage, and deliver relevant content. These third parties may collect:

  • App usage data (e.g., screen views, session length)

  • Device identifiers (IDFA, AAID)

  • Crash logs

  • Advertising identifiers

Examples of such tools include Firebase, Appsflyer, and social media SDKs. These providers are contractually required to protect your data and use it only for authorized purposes.

Apple and Google Platform Disclosures

Apple iOS:
If you use the iOS version of the App, we comply with Apple’s App Tracking Transparency (ATT) requirements. We will prompt you to opt in before tracking your activity across third-party apps and websites for advertising purposes.

Google Play:
We also comply with Google Play's Data Safety policies. You can view the types of data we collect and why we collect it in our Play Store listing. We follow platform rules for secure data collection, storage, and sharing.

App-Specific Marketing and Opt-Out Options

You may receive in-app notifications, alerts, or messages. To manage these:

  • Disable notifications in your device’s settings.

  • Adjust your marketing preferences in the App under Settings > Notifications or contact us through our contact form.

Your Rights as a Mobile User

All privacy rights described in the Your Rights and Choices section apply to both web and mobile users. If you only interact with us through the Dawn App, your rights remain fully intact, including the right to access, delete, correct, or restrict your data.

To exercise these rights as a mobile user, please contact us through our contact form, and we will guide you through the appropriate process.

Biometric and Sensitive Information

If Dawn uses biometric authentication features (such as Face ID or Touch ID), such data is processed locally on your device and not transmitted to our servers. We do not store or process biometric identifiers unless explicitly required and consented to.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Whimsington

  • Email: please refer to our contact form

Last Updated

This Privacy Policy was last updated on October 1, 2024.