Loading...
Menu
0 Cart

CozyFrost Outfitters
  • Menu
  • Home
  •  
  • Privacy Policy

CozyFrost Outfitters Privacy Policy

At CozyFrost Outfitters (“we,” “us,” or “our”), we take your privacy seriously. This Privacy Policy explains how we collect, use, store, protect, and share your personal data when you visit our website (www.cozyfrost.com), purchase our products, subscribe to our communications, or interact with our services (collectively, the “Services”). We comply with applicable data protection laws, including the European Union’s General Data Protection Regulation (GDPR) and relevant national laws across Europe, to ensure your personal data is handled responsibly.

1. Introduction

This Policy applies to all users of our Services, including visitors browsing the site, customers placing orders, subscribers to our email newsletters, and users creating accounts. By using our Services, you acknowledge that you have read, understood, and agree to the collection and use of your personal data as described herein. If you do not agree with this Policy, please do not use our Services.

2. What Personal Data We Collect

We only collect personal data that is necessary to provide, improve, and secure our Services. The types of data we collect depend on your interaction with us, and may include:

2.1 Personal Identification Data
  • Contact details: Full name, email address, phone number, shipping/billing address (including postal code and country).
  • Account credentials: Username, password (stored in encrypted form only), and security questions (if applicable).
  • Demographic information: Age range, gender (optional, provided voluntarily), and preferred language.
2.2 Transaction & Order Data
  • Purchase details: Products ordered, order number, payment method (e.g., last 4 digits of credit card—we do not store full card details), transaction amount, shipping carrier, and delivery status.
  • Order history: Past purchases, returns, exchanges, and refund requests.
2.3 Browsing & Usage Data
  • Technical information: IP address, browser type (e.g., Chrome, Safari), device type (e.g., smartphone, laptop), operating system, screen resolution, and internet service provider.
  • Website activity: Pages visited, time spent on each page, links clicked, search queries (on our site), and referral source (e.g., how you found our site: Google, social media, or a partner link).
  • Cookie data: Information collected via cookies and similar technologies (see Section 7 for details).
2.4 Voluntarily Provided Data
  • Communications: Emails, chat messages, or support tickets you send to our team (including content and attachments).
  • Newsletter subscriptions: Your consent to receive marketing emails (and any preferences you share, e.g., favorite product categories).
  • Feedback: Surveys, reviews, or ratings you submit about our products or Services.
3. How We Use Your Personal Data

We use your personal data only for specific, legitimate purposes that align with our business operations and your needs. These purposes include:

3.1 Fulfill Orders & Provide Services
  • Process and ship your purchases (e.g., share your shipping address with our logistics partners to deliver your order).
  • Manage returns, exchanges, and refunds (e.g., verify your order details to process a refund).
  • Communicate with you about your order (e.g., shipping confirmations, delivery updates, or issues with your order).
3.2 Improve Our Services
  • Analyze browsing and usage data to identify trends (e.g., which products are most viewed) and optimize our website (e.g., improve load times or navigation).
  • Test new features (e.g., a updated checkout process) and gather feedback to enhance user experience.
  • Personalize your experience: Recommend products based on your browsing history or past purchases (e.g., “You might also like this knit sweater”); show content in your preferred language; or remember your shipping address for future orders.
3.3 Communicate With You
  • Transactional communications: Emails/SMS about your order, account updates (e.g., password reset), or service alerts (e.g., a product you ordered is out of stock).
  • Marketing communications: Emails about sales, new product launches, or exclusive offers—only if you have given us consent (you can unsubscribe at any time via the “Unsubscribe” link in every marketing email).
  • Customer support: Respond to your questions, complaints, or requests (e.g., help with sizing or tracking a package).
3.4 Ensure Security & Compliance
  • Protect our site and users from fraud, unauthorized access, or abuse (e.g., verify your identity when logging into your account; detect unusual transaction activity).
  • Comply with legal obligations: Respond to requests from law enforcement (e.g., subpoenas) or regulatory bodies; maintain records for tax or accounting purposes; or resolve disputes.
4. How We Store & Protect Your Personal Data
4.1 Storage Duration

We store your personal data only for as long as necessary to fulfill the purposes outlined in this Policy, or as required by law. For example:

  • Order data: Retained for 7 years (to comply with tax and accounting laws) after your last purchase.
  • Account data: Retained until you delete your account (or we delete inactive accounts—we will notify you via email before deleting an inactive account).
  • Marketing consent: Retained until you unsubscribe or withdraw your consent.

After the storage period ends, we securely delete or anonymize your data (so it can no longer be linked to you).

4.2 Security Measures

We implement technical, administrative, and physical safeguards to protect your personal data from unauthorized access, loss, or misuse:

  • Encryption: Personal data (e.g., passwords, payment details) is encrypted in transit (via SSL/TLS) and at rest (stored on secure servers).
  • Access controls: Only authorized team members (e.g., customer support, order processing) can access your data, and they are required to follow strict security protocols.
  • Third-party security: Our payment processors (e.g., PayPal, Stripe) and hosting providers (e.g., AWS) are certified for data security and comply with global standards (e.g., PCI DSS for payment data).
  • Regular audits: We conduct periodic security reviews to identify and fix vulnerabilities (e.g., updating software to patch security holes).

While we take all reasonable steps to protect your data, no online service is 100% secure. If a data breach occurs, we will notify you and relevant authorities (as required by law) within 72 hours of discovering the breach, and provide steps you can take to protect yourself.

5. Who We Share Your Personal Data With

We do not sell your personal data to third parties for marketing purposes. We only share your data with trusted partners who help us provide or improve our Services, and who are contractually required to protect your data and use it only as we instruct. These partners include:

5.1 Service Providers
  • Logistics partners (e.g., DHL, UPS): To deliver your order (we share your name, shipping address, and order number).
  • Payment processors (e.g., Stripe, PayPal): To process your payment (we share your name, billing address, and last 4 digits of your credit card—full card details are handled directly by the processor).
  • Hosting & IT providers (e.g., AWS, Shopify): To host our website, manage our database, and provide technical support.
  • Marketing tools (e.g., Mailchimp): To send newsletters (only if you have consented—we share your email address and preferences).
5.2 Legal & Regulatory Authorities
  • We may share your data if required by law (e.g., to comply with a subpoena, tax audit, or anti-fraud investigation) or to protect our rights (e.g., to resolve disputes or prevent illegal activity).
5.3 Business Transfers
  • If we are acquired, merged, or sell all or part of our business, your personal data may be transferred to the new owner—we will notify you of such a transfer and ensure the new owner complies with this Policy.
6. Your Rights Regarding Your Personal Data

Under applicable data protection laws (e.g., GDPR), you have the following rights regarding your personal data. To exercise any of these rights, contact us using the details in Section 10:

6.1 Right to Access

You can request a copy of the personal data we hold about you (e.g., your order history, account details).

6.2 Right to Correct

You can ask us to update or correct inaccurate data (e.g., a wrong shipping address) or complete incomplete data (e.g., adding your phone number to your account).

6.3 Right to Delete

You can request that we delete your personal data (also called the “right to be forgotten”)—we will comply unless we are required by law to retain it (e.g., order records for tax purposes).

6.4 Right to Restrict Use

You can ask us to stop using your data (but not delete it) in certain cases (e.g., if you dispute the accuracy of the data).

6.5 Right to Data Portability

You can request a copy of your data in a structured, machine-readable format (e.g., a CSV file) to transfer to another service provider (e.g., if you switch to a different online store).

6.6 Right to Withdraw Consent

If you gave us consent to use your data (e.g., for marketing emails), you can withdraw it at any time (e.g., click “Unsubscribe” in our emails—this will not affect data we use for transactional purposes).

We will respond to your request within 30 days (or 60 days for complex requests) and will not charge you for exercising your rights (unless your request is excessive or repetitive).

7. Cookies & Similar Technologies

We use cookies (small text files stored on your device) and similar technologies (e.g., web beacons, pixel tags) to improve your experience on our site. These tools help us:

7.1 Types of Cookies We Use
  • Necessary cookies: Required to use our Services (e.g., cookies that remember your cart items or login status). You cannot disable these (they are essential for basic functionality).
  • Analytical cookies: Track how you use our site (e.g., pages visited, time spent) to help us improve performance. We use tools like Google Analytics for this—you can opt out of these via your browser settings.
  • Functional cookies: Personalize your experience (e.g., remember your preferred language or shipping address).
  • Marketing cookies: Used to show you relevant ads (e.g., on social media) or track the success of our marketing campaigns—only used if you have given consent.
7.2 How to Manage Cookies

You can control cookies via your browser settings (e.g., Chrome: Settings > Privacy and security > Cookies; Safari: Preferences > Privacy). You can delete existing cookies or block new ones, but disabling necessary cookies may break some features of our site (e.g., you may not be able to complete a purchase).

8. Children’s Privacy

Our Services are not intended for children under the age of 16, and we do not knowingly collect personal data from children under 16. If we learn that we have collected data from a child under 16 without parental consent, we will immediately delete that data. Parents or guardians who believe their child has provided data to us can contact us to request deletion.

9. Changes to This Privacy Policy

We may update this Policy from time to time to reflect changes in our business, technology, or laws. When we make changes, we will:

  • Update the “Effective Date” at the top of this page.
  • Notify you via email (if you have an account with us) or by posting a notice on our homepage.

We encourage you to review this Policy periodically to stay informed about how we protect your data. Your continued use of our Services after changes are made means you accept the updated Policy.

10. How to Contact Us

If you have questions about this Policy, want to exercise your data rights, or report a privacy concern, please contact our Data Protection Officer (DPO) via:

  • Email: kkshi356782@gmail.com

If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority (e.g., in Germany: Datenschutzbehörde; in the UK: ICO).