Privacy Policy

Last updated: 9/3/2025

Introduction

IzzyLeigh.com ("we," "our," or "us") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services. This policy complies with applicable international privacy laws including GDPR, CCPA, PIPEDA, and other regional regulations.

Information We Collect

Personal Information You Provide

We may collect the following types of personal information that you voluntarily provide:

  • Account Information: Name, email address, password
  • Contact Information: Billing and shipping addresses, phone number
  • Payment Information: Credit card details (processed securely by third-party processors)
  • Order Information: Purchase history, preferences, and order details
  • Communication Data: Messages, feedback, and customer service interactions

Information Automatically Collected

When you visit our website, we may automatically collect:

  • Device Information: IP address, browser type, operating system
  • Usage Data: Pages visited, time spent, clickstream data
  • Technical Data: Cookies, session information, and website analytics
  • Location Data: General geographic location based on IP address

How We Use Your Information

We use your personal information for the following purposes:

Service Provision

  • Process and fulfill your orders
  • Manage your account and preferences
  • Provide customer support
  • Communicate about your orders and account

Business Operations

  • Improve our website and services
  • Conduct analytics and research
  • Prevent fraud and ensure security
  • Comply with legal obligations

Legal Basis for Processing (GDPR)

Under GDPR, we process your personal data based on the following legal grounds:

  • Contract: To fulfill our obligations under our terms of service
  • Legitimate Interest: To improve our services and prevent fraud
  • Consent: For marketing communications and non-essential cookies
  • Legal Obligation: To comply with applicable laws and regulations

Information Sharing and Disclosure

We may share your information in the following circumstances:

Service Providers

We work with trusted third-party service providers who assist us in:

  • Payment processing (Square, PayPal, etc.)
  • Shipping and logistics

Legal Requirements

We may disclose your information when required by law or to:

  • Comply with legal processes or government requests
  • Protect our rights and property
  • Ensure user safety and prevent fraud
  • Investigate potential violations of our terms

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

Data Retention

We retain your personal information for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations
  • Resolve disputes
  • Enforce our agreements

Specific retention periods vary by data type and purpose, typically ranging from the duration of your account plus 3-7 years for financial and legal compliance.

Your Rights and Choices

Universal Rights

  • Access: Request information about the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data (subject to legal requirements)
  • Opt-out: Unsubscribe from marketing communications

GDPR Rights (EU Residents)

  • Data Portability: Receive your data in a portable format
  • Restriction: Limit how we process your data
  • Object: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for consent-based processing
  • Complaint: File a complaint with your local data protection authority

CCPA Rights (California Residents)

  • Know: What personal information is collected and how it's used
  • Delete: Request deletion of personal information
  • Opt-out: Opt-out of the sale of personal information
  • Non-discrimination: Equal service regardless of privacy choices
Exercise Your Rights

To exercise any of these rights, please contact us at privacy@izzyleigh.com

International Data Transfers

Your personal information may be transferred to and processed in countries other than your own. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions by relevant authorities
  • Other appropriate safeguards as required by law

Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption: Data transmission and storage encryption
  • Access Controls: Limited access to personal data on a need-to-know basis
  • Regular Audits: Security assessments and vulnerability testing
  • Staff Training: Regular privacy and security training for employees
  • Incident Response: Procedures for detecting and responding to data breaches

Children's Privacy

Our services are not intended for children under 18 years of age (or the minimum age in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete such information promptly.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website. For detailed information about our cookie practices, please see our Cookie Policy.

Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

  • Posting the updated policy on this page
  • Updating the "Last updated" date
  • Sending email notifications for significant changes (where we have your email)
  • Displaying prominent notices on our website

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Privacy Officer
Email: privacy@izzyleigh.com
Response Time: We will respond to privacy requests within 30 days

Regional Representatives

EU Representative: [EU Representative Contact Information]

UK Representative: [UK Representative Contact Information]

Supervisory Authorities

If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with the relevant supervisory authority in your jurisdiction:

  • EU: Your local Data Protection Authority
  • UK: Information Commissioner's Office (ICO)
  • Canada: Office of the Privacy Commissioner of Canada
  • California: California Attorney General's Office
Quick Links
Cookie Policy
Your Rights
  • ✓ Access your data
  • ✓ Correct inaccuracies
  • ✓ Delete your data
  • ✓ Data portability
  • ✓ Withdraw consent
  • ✓ File complaints
Compliance
GDPR CCPA PIPEDA LGPD