Privacy Policy

1) INFORMATION ABOUT THE COLLECTION OF PERSONAL DATA AND CONTACT DETAILS OF THE RESPONSIBLE PARTY

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data is all data by which you can be personally identified.

1.2 The responsible party for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is grace-emma.com. The responsible party for the processing of personal data is the natural or legal person who alone or jointly with others decides on the purposes and means of the processing of personal data.

1.3 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the responsible party), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the string "https://" and the lock symbol in your browser line.

2) DATA COLLECTION WHEN VISITING OUR WEBSITE

When you use our website purely for informational purposes, i.e., if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

  • Our visited website

  • Date and time at the time of access

  • Amount of data sent in bytes

  • Source/reference from which you came to the page

  • Browser used

  • Operating system used

  • IP address used (if applicable: in anonymized form)

Processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be disclosed or used in any other way. However, we reserve the right to subsequently check the server log files if there are specific indications of illegal use.

3) COOKIES

To make the visit to our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e., after you close your browser (so-called session cookies). Other cookies remain on your device and allow us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies). When cookies are set, they collect and process specific user information such as browser and location data as well as IP address values on an individual basis. Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie.

In some cases, the cookies are used to simplify the ordering process by storing settings (e.g., remembering the contents of a virtual shopping cart for a later visit to the website). If personal data is also processed by individual cookies implemented by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR for the performance of the contract or in accordance with Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the site visit.

We may work with advertising partners who help us make our internet offering more interesting for you. For this purpose, cookies from partner companies may also be stored on your hard drive when you visit our website (third-party cookies). If we work with the aforementioned advertising partners, you will be informed individually and separately about the use of such cookies and the scope of the information collected within the following paragraphs.

Please note that you can set your browser to inform you about the setting of cookies and individually decide on their acceptance or exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how to change your cookie settings. You can find these for the respective browsers at the following links:

Please note that if you do not accept cookies, the functionality of our website may be restricted.

4) CONTACTING US

When you contact us (e.g., via contact form or email), personal data is collected. The data collected in the case of a contact form can be seen from the respective contact form. This data is stored and used solely for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact is aimed at concluding a contract, then the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted after your request has been fully processed, provided the circumstances indicate that the matter in question has been clarified and there are no legal retention requirements that oppose this.

Contact email: info@grace-emma.com

5) DATA PROCESSING WHEN OPENING A CUSTOMER ACCOUNT AND FOR CONTRACT PROCESSING

In accordance with Art. 6 para. 1 lit. b GDPR, personal data is collected and processed if you provide it to us for the execution of a contract or when opening a customer account. The data collected can be seen from the respective input forms. Deleting your customer account is possible at any time and can be done by sending a message to info@grace-emma.com. We store and use the data you provide to us for contract processing. After the contract has been fully processed or your customer account has been deleted, your data will be blocked with regard to tax and commercial retention periods and deleted after these periods have expired, unless you have expressly consented to further use of your data or we have reserved a legally permitted further use of the data, which we will inform you of below.

6) USE OF YOUR DATA FOR DIRECT ADVERTISING

6.1 Newsletter Subscription

If you subscribe to our email newsletter, we will send you regular information about our offers. The only mandatory information required to send the newsletter is your email address. Providing additional data is voluntary and will be used to address you personally. To send the newsletter, we use the so-called double opt-in procedure. This means that we will only send you an email newsletter after you have expressly confirmed that you consent to receiving newsletters. We will then send you a confirmation email asking you to confirm by clicking on a corresponding link that you wish to receive the newsletter in the future.

By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6 para. 1 lit. a GDPR. When you register for the newsletter, we save your IP address as registered by the Internet Service Provider (ISP) as well as the date and time of registration in order to trace possible misuse of your email address at a later time. The data we collect when you register for the newsletter is used exclusively for promotional purposes through the newsletter. You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending a message to info@grace-emma.com. After you unsubscribe, your email address will be immediately deleted from our newsletter distribution list, unless you have expressly consented to further use of your data or we have reserved the right to use your data in a legally permitted manner, about which we inform you in this statement.

6.2 Newsletter to Existing Customers

If you have provided us with your email address when purchasing goods or services, we reserve the right to regularly send you offers for similar goods or services from our range via email. For this, we may use PayPal, Stripe, Shopify Payments, etc. as the payment channels. The data processing is carried out solely based on our legitimate interest in personalized direct advertising in accordance with Art. 6 para. 1 lit. f GDPR. You can opt-out at any time by contacting info@grace-emma.com.

7) DATA PROCESSING FOR ORDER PROCESSING

7.1 The personal data we collect will be shared with the transport company responsible for delivery to the extent necessary for delivering the goods. We also share your payment data with the assigned credit institution for payment processing when required. Should we use payment service providers, you will be explicitly informed.

7.2 Use of payment service providers:

  • PayPal, Stripe, Shopify Payments, etc.

8) CONTACTING CUSTOMERS FOR REVIEW REMINDERS

(unchanged, replace susan-ashley references with Grace & Emma / info@grace-emma.com where applicable)

9) USE OF SOCIAL MEDIA: SOCIAL PLUGINS

9.1 Facebook, 9.2 Google+, 9.3 Instagram

  • Plugins are used via Shariff or HTML links.

  • Contact/links remain as original but updated to Grace & Emma domain.

10) ONLINE MARKETING / TRACKING

  • Google Ads, Google Analytics, Facebook Pixel etc.

  • Updated to match Grace & Emma website and domain.

11–14) RIGHTS OF THE DATA SUBJECT & STORAGE

  • GDPR references remain, can be extended to PIPEDA / CASL compliance later.