Privacy Policy

PRIVACY POLICY

Updated: 5/28/2024

Introduction

We care about your privacy online, so here is relevant information regarding privacy on our Website, BYHEIDIGRACE.COM as owned and operated by HEIDI BAERGEN dba BY HEIDI GRACE (“we”; “us”; or “our”). Our goal is to safeguard the privacy of all our visitors and users; to explain who we are and how and why we collect, store, use, and share personal information; and to explain your rights in relation to your personal information. By using this Website, you agree to the following Privacy Policy. Please read this policy carefully before using this Website. This Policy applies to this Website, and any sites, mobile apps, or products that display or link to this Policy. It does not apply to any website, mobile app, service, or product that does not display or link to this Policy or that contains its own privacy policy.

No Use for Children

Our Website and any offerings or services on it are not intended for anyone under 13 years of age or anyone considered a child under their country’s laws. If you are under 13, you may not use or provide any information on this Website, use any of its features, register for an account, make any purchases, use any of the interactive or public comment/community features, or provide any information about yourself to us.

If we learn that we have received personal information from a child without validated parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at [email protected].

Personal Information We Collect and Use

We collect a variety of information from you when you visit our Website, make purchases, or interact with us on social media or with advertising partners. By accepting this Privacy Policy, you specifically consent to our collection of the data described below, to our use of the data, to the processing of this data, and to our sharing of the data with third-party processors as needed for our legitimate business interests.

The information we collect may include:

Personal Data: Personal Data is information that can be used to identify you specifically, including your name, shipping address, email address, telephone number, or demographic information like your age, gender, or hometown. You consent to giving us this information by providing it to us voluntarily on our Website or any mobile application. You provide some of this information when you register with or make purchases from our Website. You may also provide this information by participating in various activities associated with our site, including interacting with any community features or providing user-generated content, contacting us with questions, or participating in any group or community activity. Your decision to disclose this data is entirely voluntary.  

Derivative Data: Derivative data is information that our servers automatically collect about you when you access our Website, such as your IP address, browser type, the dates and times that you access our Website, and the specific pages you view. If you are using a mobile application, our servers may collect information about your device name and type, your phone number, your country of origin, and other interactions with our application or service.  

Financial Data: Financial data is data that is related to your payment method, such as credit card or bank transfer details. We collect financial data in order to allow you to purchase, order, return, or exchange products or services from our Website and any related mobile apps. We store limited financial data. Most financial data is transferred to our payment processors, Stripe, Paypal, Shop Pay, Google Pay, and Apple Pay, and you should review these processors’ respective Privacy Policies to determine how they use, disclose, and protect your financial data.  

Social Networking Data: We may access personal information from social networking sites and apps, including but not limited to: Facebook, Instagram, LinkedIn, Twitter, Pinterest, TikTok, or other social networking sites or apps not named specifically here, which may include your name, your social network username, location, email address, age, gender, profile picture, and any other public information linked to those accounts. If you do not want us to access this information, please go to the specific social networking site and change your relevant privacy settings.

Mobile Device Data: If you use our Website via a mobile device or app, we may collect information about your mobile device, including device ID, model and manufacturer, and location information.

Other Data: On occasion, you may give us additional data by entering a contest or giveaway or to participate in a survey. You will be prompted for this information, and it will be clear that you are voluntarily offering this kind of information.

Cookies and Similar Technologies

Like many Websites, this site uses cookies, pixels, and similar technologies to track particular aspects of you and other people who visit us. Cookies are tiny files that are downloaded to your computer to track particular aspects of your activity online to help us learn certain things about our Website. This tracking is done to provide us with information on how people move about the site, what is of interest to them and what is not, how our marketing is performing, and incidental items such as what percentage of users access the site from a personal computer versus a mobile phone. You may block most cookies by adjusting your browser settings as well as responding to cookie-consent notices that may appear when you visit this site. This site uses the following cookies: necessary cookies, functional cookies, social media cookies, third-party cookies, analytics cookies, and advertising cookies.

How We Use Your Information

Your personal information allows us to offer you certain products and services, including the use of our Website; to fulfill our obligations to you;  to customize your interaction with our company and our Website; and to allow us to suggest other products and services we think might interest you. We generally store your data and transmit it to a third party for processing. However, to the extent we process your data, we do so to serve our legitimate business interests (such as providing you with the opportunity to purchase our goods or services and interact with our Website).

Specifically, we may use the information and data described above to:

  • Create and administer your account 
  • Deliver any products or services purchased by you to you
  • Correspond with you
  • Process payments or refunds
  • Contact you about new offerings that we think you will be interested in
  • Interact with you via social media
  • Send you a newsletter or other updates about our company or Website
  • Deliver targeted advertising
  • Request feedback from you
  • Notify you of updates to our product and service offerings
  • Resolve disputes and troubleshoot any problems
  • Administer contests or giveaways
  • Generate a profile that is personalized to you, so that future interactions with our Website will be more personal
  • Compile anonymous statistical data for our own use or for a third party’s use
  • Assist law enforcement as necessary
  • Prevent fraudulent activity on our Website or mobile app
  • Analyze trends to improve our Website and offerings

Why We Disclose Your Information

We may share your information with third parties in certain situations. In particular, we may share your data with third-party processors as needed to serve our legitimate business interests, which include administration of our Website, administration of your account, entering into contracts with you, communicating with you, taking orders for goods or services, delivering our goods and services, identifying trends, protecting the security of our company and Website, and marketing additional goods and services to you. The legal basis for our disclosure of your data is both your consent to this Privacy Policy and our own right to protect and promote our legitimate business interests.  

The following are specific reasons why we may share your information.

Third-Party Processing: We may disclose your information to third parties who assist us with various tasks, including payment processing, hosting services, email delivery, and customer service. 

By Law: We may share your data as required by law or to respond to legal process, including a subpoena, or as necessary to protect the rights, property, and safety of others. This includes sharing information with other parties to prevent or address fraud and to avoid credit risks.

To Protect our Company: We may use your information to protect our company, including to investigate and remedy any violations of our rights or policies. We may also disclose your information as reasonably necessary to acquire and maintain insurance coverage, manage risks, obtain financial or legal advice, or to exercise or defend against legal claims.  

Advertisers: We may use third-party advertising companies to run and manage our ads and to produce ads that appear when you visit our Website or mobile app. These companies may use information about your visit to our Website and other Websites that are contained in web cookies to offer you personalized advertisements about goods and services that might interest you. We cannot control the activities of other advertisers or websites and you should consult the respective Privacy Policies of these third-party advertisers for more detailed information on their practices as well as for instructions about how to opt-out of certain practices.

Other Third Parties: We may share information with advertisers, our investors, or other third parties for the purpose of conducting general business analysis. If we do so, we will make reasonable efforts to inform you if required by law.

Sale or Bankruptcy: If our whole company or some of its assets are sold, merged, restructured or the company goes out of business or enters bankruptcy, your information may be an asset that is transferred to a third-party successor. Such a successor is not bound by this Privacy Policy and may have its own privacy terms. 

Interaction with Others: If you interact with others on our Website or mobile app, such as participating in a group chat, group video, program, or online course, other users may have access to some of your data, including your name, image, likeness, profile picture, and your history of interaction with our Website, such as prior comments or posts. Your participation in any such interaction or recording is your consent to that recording and a release of all moral rights to the recording or interaction.

User-Generated Content: If you submit user-generated content including any comments, reviews, or posts online, that content may be viewed by others, and we may distribute that content outside the Website for any purpose.

External Links: Our Website may include links to other Websites not controlled by us. We do not regularly monitor the websites of third parties and are not responsible for any content on the sites or any damages you suffer by using these links. We are not bound by the privacy policies of any third-party website that you access by a link, and they are not bound by ours. We encourage you to read the policies of those third-party websites before interacting with them or making purchases as they may collect different information via different methods than us.

Other Purposes: We may disclose your personal data as necessary to comply with any legal obligation or to protect your interests, or the vital interests of others or our company.

EEA/GDPR Users

This website is operated in the United States and the third parties with whom we might share your personal information as explained above are also located in the United States or other countries located outside the EU. If you are located in the EEA or elsewhere outside of the United States, please be aware that any information you provide will be transferred to the United States. By using this website, participating in any of its services and/or providing your information, you consent to this transfer.

These countries do not have the same data protection laws as the United Kingdom and EEA. While the European Commission has not given a formal decision that such countries provide an adequate level of data protection similar to those which apply in the United Kingdom and EEA, any transfer of your personal information will be subject to the derogation in Article 49 permitting non-repetitive transfers that concern only a limited number of data subjects, as permitted by Article 49 of the General Data Protection Regulation that is designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal information.

If you would like further information, see “How to Contact Us” below or email us at [email protected]. We will not otherwise transfer your personal data outside of the EEA or to any organization (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.

If you are covered by the General Data Protection Regulation, you have a number of rights, including the rights to:

  • Fair processing of information and transparency over how we use your personal information.
  • Access to your personal information and to certain other supplementary information that this Privacy Policy is already designed to address.
  • Correcting any mistakes in your information which we hold.
  • Erasure of personal information concerning you in certain situations.
  • Receiving the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and the right to transmit that data to a third party in certain situations.
  • Objecting at any time to processing of personal information concerning you for direct marketing.
  • Objecting to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you.
  • Objecting in certain other situations to our continued processing of your personal information and restricting our processing of your personal information in certain circumstances.

You may also have the right to claim compensation for damages caused by our breach of any data protection laws.

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation, available at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.

If you would like to exercise any of those rights, please:

  • Email, call, or write to us.
  • Provide us enough information to identify you (e.g., name, e-mail address, mailing address, username, billing details).
  • Provide us proof of your identity and address (a copy of your driver’s license or passport and a recent utility or credit card bill).
  • Provide us with the information to which your request relates, including any account, order or reference numbers, if you have them.

California Users’ Rights Under the CCPA

The California Consumer Privacy Act of 2018 (“CCPA”) took effect January 1, 2020 and provides California consumers with certain rights regarding their personal information. 

The section “Personal Information We Collect and Use” explains the specific details of personal information that we collect. The CCPA also requires listing categories of personal information collected. As defined by the CCPA, we collect, or have collected in the past 12 months, the following categories of personal information:

  • Identifiers (such as name, email address, postal address, phone number, IP address)
  • Personal information categories listed in the California Customer Records statute [Cal. Civ. Code § 1798.80(e)] such as name, contact information, employment
  • Commercial information (such as transaction information, purchase history, payment information)
  • Internet or other electronic network activity information (such as browsing history, search history, online behavior)
  • Professional or employment-related information (such as job title and your business contact information)
  • Inference data about you (such as additional features we think would be of interest to you)

Personal information, as defined by the CCPA, does not include publicly available information from government records and de-identified or aggregated consumer information.

We use and disclose the categories of personal information we collect from and about you consistent with the business purposes discussed in the section “How We Use the Information.”

The CCPA also sets forth obligations for businesses that “sell” personal information to third parties.  We do not “sell” personal information and have not sold any personal information in the past 12 months. However, we recognize that exchanging your information to other providers for something of value may be considered “selling” under the CCPA’s definition and want to err on the side of transparency.

If you are a California resident, you may have the following consumer rights under the CCPA:

  1. Right to know about personal information collected, used, disclosed, or sold. You have the right to request that we disclose to you the categories of personal information we collect or disclose (or have collected or disclosed in the past 12 months) about you, the categories of sources of such information, the business or commercial purpose for collecting your personal information, and the categories of third parties with whom we share/disclose personal information.  This information is also explained throughout this Privacy Policy. 
  2. Right to request deletion of personal information. You have the right to request the deletion of your personal information we have collected from you, subject to certain conditions and limitations under the law.
  3. Right to Opt Out of the sale of personal information. The CCPA provides consumers with the right to opt out of the sale of their personal information. We do not share, sell, rent, or trade User Personal Information with third parties for their commercial purposes as defined under the CCPA. 
  4. Right to non-discrimination for exercising a consumer privacy right. We will not discriminate against you for exercising any of your rights under the CCPA. 

To exercise any of your rights as set out above, please contact us at [email protected]. You will be required to verify your identity before we are able to fulfill your request. You can designate an authorized agent to make a request on your behalf. To do so, you will need to provide a written authorization or power of attorney signed by you for the agent to act on your behalf. You will still need to verify your identity with us. Note that consumers may only make a personal information request twice in a 12-month period under the CCPA. We will work to respond to your verifiable request within 45 days of receipt. Certain information may be exempt from requests under applicable law. 

Nevada Users’ Rights

Residents of the State of Nevada have the right to opt out of the sale of certain pieces of their personal information to third parties who will sell or license their information to others. If you are a Nevada resident and would like to make such a request, please contact [email protected] with your request.

Do Not Track Signals

Pursuant to California law, we hereby disclose that we do not currently honor Do Not Track signals issued by browsers or other third-party sources.

Privacy Concerns, Contacting Us, Complaints

You can contact [email protected] with any questions or requests about these policies or your personal data. 

Legal Disclosures of Personal Information

We may process, store, and disclose personal information if required to do so by law or in the good-faith belief that such action is necessary to 1) conform to the edicts of the law or comply with legal process served on us; 2) protect and defend our rights or property; or 3) act under exigent circumstances to protect the safety of the public or users of the site. 

We comply with the Digital Millennium Copyright Act of 1998 and, as part of the compliance process, we may be required to disclose whatever information we have for you to a copyright holder who has submitted a complaint to us.

Severability

If any part of this Privacy Policy is deemed unlawful and/or unenforceable, all other provisions contained herein will remain in full force and effect.

Law and Jurisdiction

This Privacy Policy is governed by and construed in accordance with United States law. Any dispute arising out of or related to the information contained herein is subject to adjudication in the state of MICHIGAN.

Privacy Policy Modifications and Updates

We may update and modify this Privacy Policy at any time. We will email you if we update this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. Your use of the Website and/or its services serves as your acceptance of these updated terms.

How to Contact Us

If you have any questions about this Privacy Policy, please contact us at [email protected].