Who I am
Tiffany Burriss (“I” or “my”) operates https://tiffanyburriss.com (“website”, “service”, “shop” or “store”).
“Personal Information” can include, but is not limited to, your name, postal address (including billing and shipping addresses), telephone number, email address, payment card number, and other financial account information.
- to respond to a question or review that you have left;
- to provide you with information you have requested or have agreed upon receiving;
- to process payments, confirm mailing addresses, create shipping labels, or send purchased goods;
- to send you my newsletter, if you signed up for it;
- to notify you about changes to my service; as part of my effort to keep my site safe and secure; and to ensure that content from my site is presented in the most effective manner for you and your computer.
Personal Data Collection
Reviews & Yotpo
I use Yotpo, a third-party content marketing service to help drive ratings and reviews to my Website’s Store. After you purchase a product, Yotpo will send you an email several days later and request that you review or rate any purchased products.
Through there, you will often submit Personal Information, such as your name, email address, any attached media, and a written review on any of my products or service. Your IP address may be collected as well. I use this information to respond to reviews, which will then send a notification email to you saying that your review has a response. I do not use or share the information collected for anything.
Visitor reviews may be checked through an automated spam detection service.
If you upload images to the Website, such as when you are leaving a Review, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you use a contact form on my website, you will be submitting your name and email address, along with any other pertinent Personal Information regarding the reason that you’re contacting me. For example, if you are contacting me about an order you made in my shop, you might be providing additional information such as your mailing address and phone number.
I will keep contact form submissions for one year, for customer service and communication purposes.
Newsletter & Mailchimp
My website contains a newsletter signup form where users can opt-in to receive emails from me by submitting their name and email address. The newsletter that I will send will typically include shop-related information regarding new products, discount codes, upcoming sales, and other things.
My newsletter signup form is connected with Mailchimp, an online marketing platform. I use their service to help collect subscriber emails, and send and manage email campaigns (newsletters). Mailchimp uses web beacons in the emails that I send newsletter subscribers, which means they track certain behavior such as whether the email sent was delivered and opened, and whether links within the email were clicked. They also collect information such as your IP address, browser, email client type and other similar details, which are available to my eyes only. They use that information to measure the performance of my email campaigns, and to provide analytics information and enhance the effectiveness of their services.
You may have the opportunity to update some of your Personal Information that was submitted through my Newsletter form by electing to update or manage your preferences via an email you receive from me. There will be a link somewhere in the email about managing your existing information.
You have the following data protection rights:
- To access, correct, update or request deletion of your Personal Information. Mailchimp takes reasonable steps to ensure that the data we collect is reliable for its intended use, accurate, complete, and up to date. You may contact Mailchimp directly at any time about accessing, correcting, updating or deleting your Personal Information, or altering your data, by submitting a request. Mailchimp will consider your request in accordance with applicable laws.
- In addition, if you are a resident of the EEA, you can object to processing of your Personal Information, ask Mailchimp to restrict processing of your Personal Information or request portability of your Personal Information. Again, you can exercise these rights by emailing Mailchimp at firstname.lastname@example.org.
- You have the right to complain to a data protection authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA are available here.
To read more about your Privacy as a Contact after signing up to my Newsletter, such as what they do with your information and the cookies they collect, read the Privacy For Contacts section at Mailchimp here.
These cookies help me make the website function properly, make the website more secure, provide better user experience, understand how the website performs, and to analyze what works and where it needs improvement. On the one hand, this serves the user-friendliness of website and thus serves users in future interactions with my website (e.g. storing login data). On the other hand, cookies serve the purpose of collecting statistical data on website use and harnessing the data obtained in this way for marketing purposes.
Some cookies will be deleted automatically from your terminal device as soon as you leave the website (so-called “session cookies”). Other cookies will be stored for a specified period of time that cannot exceed two years in each case (“persistent cookies”). This website also uses so-called third party cookies, which are managed by third parties, such as Google Analytics, in order to offer certain services.
If you leave a comment on my site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, it will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, it will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
This website uses Google Analytics. It also uses MonsterInsights, which is a third-party Google Analytics integration plugin for WordPress. Google Analytics is used to track user ID / hashed personal data, IP addresses, cookies, and other behavioral profiling event data. This means that it tracks and reports all traffic that passes through my website. Google Analytics will store your data in cookies for 26 months.
Payments & Woocommerce
The Tiffany Burriss website has an online shop that runs on WooCommerce. I accept payments through a payment provider, called PayPal. If you are a customer of my shop, you may pay through your own PayPal account, or you can use PayPal Checkout to use any major credit and debit cards.
Should you (a “customer”) pay for goods on the Tiffany Burriss website, your Personal Information will be passed to the respective third party, including any information that is required to process or support the payment, such as the purchase total and the customer’s billing information. In order to process payments, this website will collect Personal Information to share with the payment provider.
Payments and Personal Information are collected only when the customer purchases goods from the shop, and is only used to process payments, create shipping labels, to send purchased goods, to confirm addresses or correspond with through email, or to recall on during legal matters.
To learn more about what information is collected from PayPal, and how they may use your information, visit this page.
As outlined above, the Personal Information that gets collected from my site and transferred to third-party websites include Google Analytics, Mailchimp, Yotpo, and PayPal. You can read their Privacy Policies on their respective pages to see what they may do with your Personal Information.
If you leave a review, the review and its metadata are retained indefinitely. This is so other users can get some insight about a product that they may be purchasing from me. The review is also left there so that I can answer any questions or respond to reviews accordingly.
For users that register on my website (as customers), I also store the personal information they provide in their user profile. All users can see, edit, or delete their own personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Purchases made on the website will be kept indefinitely for accounting purposes. Purchase information that will be kept includes a customer’s name, email address, and order total.
If you have an account on this site, or have left reviews, you can request to receive an exported file of the personal data that I hold about you, including any data you have provided to me. You can also request to change or erase any personal data that I hold about you. This does not include any data that I am obliged to keep for administrative, legal, or security purposes. Just use the Shop Contact form and I will get that fixed for you as soon as possible.
The California Consumer Privacy Act (“CCPA”) provides consumers with specific rights regarding their Personal Information. You, the consumer, have:
1) The right to request disclosure of my business’ data collection and sales practices in connection with the requesting consumer, including the categories of Personal Information I have collected, the source of the information, my use of the information and, if the information was disclosed or sold to third parties, the categories of Personal Information disclosed or sold to third parties and the categories of third parties to whom such information was disclosed or sold;
2) The right to request a copy of the specific Personal Information collected about you during the 12 months before your request (together with right #1, a “Personal Information request”);
3) The right to have such information deleted (with exceptions);
4) The right to request that your Personal Information not be sold to third parties, if applicable (note: as discussed in the Data Sharing section of this page, I do not sell any of your Personal Information to anyone);
5) The right to not be discriminated against because you exercised any of the new rights.
How I protect your data
The security of your Personal Information is important to me, and I strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information I store, in order to protect it from unauthorized access, destruction, use, modification, or disclosure.
However, please be aware that no method of transmission over the internet, or method of electronic storage, is 100% secure and I am unable to guarantee the absolute security of the Personal Information we have collected from you. Any transmission is at your own risk.
Data breach procedures in place
I take data breaches very seriously. Should there be a breach, I will contact you immediately via email to inform you. Whether there’s a breach on my website or at any of the third-party apps that might expose your Personal Information (such as PayPal, which I solely use as my third-party payment system and all security risk regarding your payment details and shipping/billing address is entirely on them), you WILL be notified via the email that’s attached to your account on my website.