Privacy Policy
Effective Date: September 4, 2025
Last Updated: September 4, 2025
Applicable Laws: GDPR, CCPA, CPRA, and other applicable privacy laws worldwide
Privacy Notice: This Privacy Policy describes how Eklexic Jewelry LLC ("we," "us," or "our") collects, uses, and shares your personal information when you visit or make a purchase from our website at eklexic.com. We serve customers globally and this policy complies with applicable privacy laws worldwide including GDPR, CCPA, CPRA, and other regional privacy regulations.
Important: This privacy policy must be read in conjunction with our Terms of Service, Shipping Policy, and Return & Refund Policy. By using our website, you agree to the terms outlined in all these documents.
1. Information We Collect
1.1 Personal Information You Provide Directly
When you interact with our website, we collect information you provide directly to us:
| Data Category | Specific Information | Collection Source |
|---|---|---|
| Identity Data | First name, last name, username, title | Account registration, order forms, contact forms |
| Contact Data | Email address, telephone number, billing address, shipping address | Account creation, checkout process, customer service |
| Financial Data | Payment card details (processed securely by payment processors) | Checkout process, payment forms |
| Transaction Data | Purchase history, order details, payment amounts, delivery information | Order processing, transaction records |
| Marketing Data | Marketing preferences, communication consent, newsletter subscriptions | Newsletter signup, preference center, marketing opt-ins |
1.2 Information Collected Automatically
When you visit our website, we automatically collect certain information about your device and usage:
| Data Category | Specific Information | Collection Method |
|---|---|---|
| Technical Data | IP address, browser type, device information, operating system, screen resolution | Automatic collection via cookies, server logs, analytics tools |
| Usage Data | Website navigation patterns, page views, time spent, click behavior, search queries | Analytics cookies, tracking pixels, heat mapping tools |
| Location Data | General location based on IP address, shipping addresses, time zone | IP geolocation, address forms, device settings |
2. How We Use Your Personal Information
2.1 Primary Business Purposes
- Order Processing: Process and fulfill orders, arrange shipping, provide invoices and confirmations
- Customer Service: Respond to inquiries, provide support, handle returns and exchanges
- Account Management: Create and manage customer accounts, preferences, and order history
- Payment Processing: Process payments securely through our payment processors
- Fraud Prevention: Screen orders for potential risk, prevent fraudulent transactions
- Legal Compliance: Meet tax, accounting, and regulatory obligations
2.2 Marketing and Analytics
- Marketing Communications: Send promotional emails, SMS, and targeted advertising (with consent)
- Website Optimization: Improve website performance, user experience, and functionality
- Business Analytics: Analyze customer behavior, preferences, and market trends
- Personalization: Provide personalized product recommendations and content
- Campaign Effectiveness: Measure and improve marketing and advertising performance
3. Legal Basis for Processing (GDPR Compliance)
For residents of the European Economic Area (EEA), United Kingdom, and Switzerland, we process your personal information under the following legal bases:
3.1 Contract Performance (Article 6(1)(b) GDPR)
- Processing and fulfilling orders
- Payment processing and transaction management
- Customer service and support
- Account management and maintenance
3.2 Legitimate Interests (Article 6(1)(f) GDPR)
- Fraud prevention and security monitoring
- Website analytics and performance optimization
- Business operations and administration
- Marketing to existing customers (where permitted)
3.3 Legal Compliance (Article 6(1)(c) GDPR)
- Tax and accounting record keeping
- Regulatory compliance requirements
- Legal proceedings and law enforcement
3.4 Consent (Article 6(1)(a) GDPR)
- Marketing communications (where required)
- Non-essential cookies and tracking
- Third-party data sharing for advertising
- Optional features and services
4. Third-Party Data Sharing and Processing
We share your personal information with trusted third parties to help us operate our business and provide services to you. We use Shopify to power our online store—you can read more about how Shopify uses your personal information here: Shopify Privacy Policy.
4.1 E-commerce Platform and Hosting
- Shopify Inc.: Our e-commerce platform provider that hosts our store and processes transactions. See the Shopify Data Processing Addendum for details.
4.2 Marketing and Advertising Partners
- Meta (Facebook & Instagram): Social media advertising, analytics, and customer engagement through Meta Business Tools and pixels
- Google (Analytics & Ads): Website analytics, search advertising, YouTube integration, and conversion tracking
- Microsoft (Clarity & Advertising): Website analytics, user behavior tracking, and search advertising through Microsoft Channel
- TikTok: Social media advertising and analytics through TikTok Ads Manager
- Pinterest: Social media advertising, analytics, and product promotion
- Awin: Affiliate marketing network and performance tracking
4.3 Email and SMS Marketing
- Klaviyo: Email marketing automation, SMS campaigns, and customer segmentation
- Yotpo: Email marketing, SMS campaigns, and customer reviews
4.4 Customer Service and Support
- Gorgias: Customer support helpdesk, live chat, and ticket management
- Judge.me: Customer reviews, ratings, and feedback collection
4.5 Analytics and Business Intelligence
- Microsoft Clarity: Website analytics, user behavior tracking, and heat mapping
- Databox: Business analytics, reporting, and performance dashboards
- Lifetimely: Customer lifetime value analytics and profit tracking
4.6 Sales Channels and Marketplaces
- Amazon: Product sales through Amazon marketplace
- Faire: Wholesale marketplace for retail buyers
- Collective: Merchant-to-merchant sales platform
- Hubventory: Wholesale marketplace and inventory management
- Brandboom: Wholesale sales and order management
- TopDawg: Wholesale dropshipping platform
- Mirakl: Marketplace integration and management
4.7 Content Creation and Design Tools
- Canva: Design and content creation for marketing materials
- Soona: Product photography and user-generated content
- Tolstoy: Shoppable video content and interactive quizzes
- Foxify: Website page building and customization
- Replo: Landing page creation and optimization
4.8 Operational and Utility Applications
- Pandectes: GDPR compliance, cookie consent management, and privacy tools
- Matrixify: Data import/export operations and bulk editing
- Hextom: Bulk product editing and store optimization
- Metafields Guru: Custom data management and metafield operations
- UpPromote: Affiliate marketing and referral program management
- Upsell by AMP: Product upselling and cross-selling optimization
5. International Data Transfers
Your information, including personal data, may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ.
5.1 Transfer Safeguards
For transfers from the EEA, UK, or Switzerland, we ensure appropriate safeguards including:
- Adequacy Decisions: Transfers to countries with European Commission adequacy decisions
- Standard Contractual Clauses: EU-approved contractual terms with service providers
- Certification Schemes: Providers certified under recognized privacy frameworks
- EU-US Data Privacy Framework: For participating US companies
6. Shopify Network Intelligence and Enhanced Services
Our store is hosted on Shopify Inc. If we have enabled Shopify Network Intelligence, Shopify may collect and process your personal data to provide Enhanced Services, which enable us to:
- Provide you with a more customized experience
- Serve you more relevant advertisements
- Understand how you interact with our store and advertisements
Information about your activity on our store may be shared with Shopify and third parties in other countries to provide Enhanced Services. For more information:
7. Your Privacy Rights
7.1 European Residents (GDPR Rights)
If you are a European resident, you have the right to:
- Access: Request access to your personal information
- Rectification: Correct inaccurate or incomplete information
- Erasure: Request deletion of your personal information
- Restriction: Limit how we process your information
- Portability: Receive your data in a portable format
- Object: Object to processing based on legitimate interests
- Withdraw Consent: Withdraw consent for consent-based processing
7.2 US Residents (State Privacy Laws)
If you are a resident of California, Virginia, Colorado, Connecticut, Utah, or other US states with comprehensive privacy laws, you may have rights including:
- Right to Know: Information about personal data collection and use
- Right to Delete: Request deletion of personal information
- Right to Correct: Correct inaccurate personal information
- Right to Opt-Out: Opt out of sale or sharing of personal information
- Right to Non-Discrimination: No discrimination for exercising rights
7.3 How to Exercise Your Rights
Multiple Ways to Contact Us:
- Online: Data Subject Rights Request Form
- Email: info@eklexic.com or customersupport@eklexic.com
- Phone: (917) 750-8066
- Shopify Portal: https://privacy.shopify.com
Opt-Out Options:
- Data Sharing Opt-Out - Control targeted advertising
- Do Not Sell My Data - California residents opt-out
8. Data Retention
We retain personal information for different periods depending on the purpose and legal requirements:
| Data Type | Retention Period | Legal Basis |
|---|---|---|
| Account Information | Until account deletion requested | Contract performance, legitimate interests |
| Order/Transaction Data | 7 years | Legal compliance (tax, accounting laws) |
| Marketing Data | Until consent withdrawn or 3 years inactivity | Consent, legitimate interests |
| Analytics Data | 26 months | Legitimate interests |
| Security Logs | 12 months | Legitimate interests (security) |
9. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance your experience and understand how you use our website. This includes cookies from third-party services for analytics, advertising, and functionality.
9.1 Cookie Management
For visitors from the EEA, UK, or Switzerland, we obtain consent before using non-essential cookies through our Pandectes GDPR compliance system. You can:
- Manage cookie preferences through our cookie banner
- Visit our Cookie Policy for detailed information
- Adjust browser settings to control cookies
- Contact us to update your preferences
10. Data Security
The security of your personal data is important to us. We implement appropriate technical and organizational security measures including:
- Encryption: Data encrypted in transit and at rest
- Access Controls: Role-based access with authentication
- Monitoring: Continuous security monitoring and threat detection
- Training: Regular staff training on data protection
- Auditing: Regular security assessments and compliance reviews
For information about Shopify's security measures, visit: Shopify Security
11. Children's Privacy
Our service does not address anyone under the age of 13 (or 16 in the EEA). We do not knowingly collect personally identifiable information from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately.
12. Changes to This Privacy Policy
We may update our privacy policy from time to time to reflect changes in our practices, legal requirements, or business operations. We will notify you of material changes through:
- Email notification to registered users
- Prominent notice on our website
- Updated "Last Updated" date at the top of this policy
13. Contact Information
For questions about our privacy practices, to make a complaint, or to exercise your rights, please contact us:
Eklexic Jewelry LLC
Email: info@eklexic.com
Customer Support: customersupport@eklexic.com
Phone: (917) 750-8066
Address: 21926 Town Place Drive, Boca Raton, Florida 33433, United States
14. Privacy Management Resources
We provide dedicated pages to help you manage your privacy preferences and exercise your rights:
- Your Privacy Choices - Opt out of data sharing and targeted advertising
- Do Not Sell My Data - California residents can opt out of data sales
- Customer Data Requests - Request access to or deletion of your personal data
- Cookie Policy - Detailed information about our use of cookies
- GDPR Compliance - Information for EU, UK & Switzerland residents
- CCPA Disclosure - Information for California residents
15. Related Policies
This privacy policy should be read alongside our other important policies:
16. Third-Party Privacy Policies
For information about how our partners handle your data, please review their privacy policies:
- Shopify Privacy Policy
- Shopify Consumer Privacy Policy
- Shopify Data Processing Addendum
- Meta (Facebook/Instagram) Privacy Policy
- TikTok Privacy Policy
- Pinterest Privacy Policy
- Klaviyo Privacy Policy
- Microsoft Privacy Statement
- Google Privacy Policy
17. Jurisdiction-Specific Information
17.1 California Residents
Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have specific rights. For detailed information:
- Visit: Shopify Privacy Portal
- Use our Data Sharing Opt-Out page
- Use our Do Not Sell My Data page
- See our CCPA Disclosure for complete information
17.2 European Economic Area, United Kingdom, and Switzerland
For residents of these regions, additional information about data processing and your rights:
- GDPR Information: GDPR Compliance
- Data Subject Rights: Customer Data Requests
- Shopify Privacy Portal: https://privacy.shopify.com
- Cookie Management: Cookie Policy
18. Legal Compliance Framework
This privacy policy is designed to comply with:
- International: General Data Protection Regulation (GDPR), ePrivacy Directive
- United States: California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), Utah Consumer Privacy Act (UCPA)
- Shopify Requirements: Shopify Terms of Service, Shopify Data Processing Addendum, Shopify Acceptable Use Policy
Comprehensive Compliance Statement: This privacy policy includes detailed disclosures for all third-party services and applications we use, contains all required cross-references and links as mandated by applicable privacy laws, and provides functional privacy management tools. All privacy rights can be exercised through multiple channels, and we maintain the highest standards of data protection and transparency.
This privacy policy represents our commitment to transparency and compliance with global privacy laws. We regularly review and update our practices to ensure continued protection of your personal information. For specific legal questions about your rights, we recommend consulting with a qualified legal professional. Last updated: September 4, 2025.
Free Shipping within the USA