Privacy Policy

At Blush Nails LLC (“Company,” “we,” “us,” “our”), we take your privacy seriously. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information when you visit our website blushnails.fun (the “Site”), make a purchase, or interact with us through email, phone, or other communication channels.

We are committed to being transparent about our data practices. We do not sell your personal information to third parties. We do not share your data for marketing purposes without your consent. We use industry-standard security measures to protect your information, including encryption and secure payment processing through Stripe.

Please read this Privacy Policy carefully. By accessing or using the Site, or by providing us with your personal information, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please do not use the Site or provide us with your information.

This Privacy Policy is designed to comply with applicable US privacy laws, including the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR) for our customers in the European Union.

1. Information We Collect

We collect several types of information from and about you, both directly and indirectly, as described below.

A. Personal Information You Provide to Us

When you interact with the Site or our customer service team, you may voluntarily provide us with the following categories of personal information:

Category Examples
Identifiers Full name, email address, postal address (billing and shipping), phone number, IP address.
Payment Information Credit/debit card number, expiration date, CVV, billing ZIP code. Note: All payment information is collected and processed directly by Stripe. We do not store full card numbers on our servers.
Account Credentials Username (email), password (encrypted), order history, saved addresses.
Communications Any information you provide in emails, phone calls, live chat, or contact forms (including order inquiries, return requests, product questions, and feedback).
User-Generated Content Product reviews, ratings, comments, photos, or videos you voluntarily submit to the Site.
Marketing Preferences Your opt-in or opt-out status for email newsletters, SMS marketing, and promotional communications.

B. Information Automatically Collected (Through Cookies and Similar Technologies)

When you browse the Site, we automatically collect certain technical information, including:

Category Examples
Device Information IP address, browser type and version, operating system, device type (desktop, tablet, mobile), screen resolution.
Usage Data Pages viewed, links clicked, time spent on pages, search queries, referring website (e.g., Google, Facebook), date and time of visit.
Location Data Approximate geographic location derived from your IP address (e.g., city, region, country). We do not collect precise GPS location without your explicit consent.
Order Information Items added to cart, abandoned cart data, purchase history.

This information is collected using cookies, web beacons, pixel tags, and similar tracking technologies (see Section 6 for details).

C. Information from Third Parties

We may receive information about you from third-party service providers, including:

  • Payment Processors (Stripe): Stripe provides us with a transaction confirmation and a payment token – not your full card number. Stripe may share your billing address and the last four digits of your card for fraud detection and order verification.

  • Shipping Carriers (USPS, UPS, FedEx, DHL): We receive delivery status updates and, in the case of delivery issues, carrier notes.

  • Analytics Providers (e.g., Google Analytics): We receive aggregated, anonymized data about Site usage and user behavior.

  • Social Media Platforms: If you interact with our social media pages (e.g., Instagram, TikTok), we may receive information you make public, such as your profile name and comments.

We do not purchase or receive personal information from data brokers or marketing lists.

2. How We Collect Your Information

We collect information through the following methods:

  • Direct input by you: When you create an account, place an order, fill out a contact form, subscribe to our newsletter, write a review, or contact us by phone or email.

  • Automated technologies: Cookies, log files, and similar tracking technologies collect device and usage data when you browse the Site.

  • Third-party integrations: Stripe (payment), shipping carriers (fulfillment), Google Analytics (analytics), and email marketing platforms (e.g., Mailchimp – if used).

3. How We Use Your Information

We use your personal information for the following business purposes:

A. Order Processing and Fulfillment

  • To process and accept your payment (via Stripe).

  • To pack and ship your order to the address you provided.

  • To send you order confirmations, shipping updates, and delivery notifications.

  • To manage returns, refunds, and exchanges.

  • To communicate with you about your order (e.g., address confirmation, out-of-stock notifications).

Legal basis: Contractual necessity (to fulfill your purchase).

B. Customer Service and Support

  • To respond to your inquiries via email or phone.

  • To resolve issues with orders, products, or deliveries.

  • To provide technical support for product application.

  • To handle complaints or disputes.

Legal basis: Legitimate interest (to provide customer service) and contractual necessity.

C. Account Management

  • To create and maintain your user account.

  • To save your preferences (e.g., saved addresses, payment tokens).

  • To provide access to your order history.

Legal basis: Contractual necessity and consent.

D. Marketing and Promotional Communications (with Your Consent)

  • To send you email newsletters about new products, sales, events, and promotions.

  • To send you abandoned cart reminders.

  • To deliver targeted ads on social media platforms (e.g., Facebook, Instagram, TikTok) based on your browsing behavior (with appropriate consent where required).

Opt-out: You may unsubscribe from marketing emails at any time by clicking the “Unsubscribe” link at the bottom of any marketing email. You may also email us at lynellelucila13811@gmail.com to request removal from all marketing lists.

Legal basis: Consent (for non-customers) or legitimate interest (for existing customers, with opt-out right).

E. Site Improvement and Analytics

  • To analyze how customers use the Site (e.g., which products are most viewed, where users drop off in checkout).

  • To identify and fix technical issues (e.g., broken links, slow loading pages).

  • To improve product selection, pricing, and user experience.

Legal basis: Legitimate interest (to improve our business and website).

F. Security and Fraud Prevention

  • To detect and prevent fraudulent transactions, identity theft, or other illegal activities.

  • To enforce our Terms and Conditions.

  • To comply with legal obligations (e.g., tax reporting, subpoenas).

Legal basis: Legal obligation and legitimate interest.

G. Legal Compliance

  • To comply with applicable laws, regulations, court orders, or government requests.

  • To respond to lawful requests from law enforcement or regulatory authorities.

Legal basis: Legal obligation.

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal information under the following legal bases under the General Data Protection Regulation (GDPR):

Processing Activity Legal Basis
Processing your order, payment, shipping Contract (performance of the purchase contract)
Customer service communications Contract and legitimate interest
Marketing emails Consent (for new subscribers) or legitimate interest (for existing customers with opt-out)
Analytics and site improvement Legitimate interest (to improve our services)
Fraud prevention and security Legitimate interest and legal obligation
Compliance with legal requests Legal obligation

You have the right to withdraw consent at any time (where consent is the legal basis). See Section 9 for details.

5. How We Share Your Information

We do not sell your personal information to third parties. We do not share your information for cross-context behavioral advertising (interest-based advertising) without your explicit consent.

However, we do share your information with the following categories of third-party service providers who help us operate our business:

A. Payment Processing (Stripe)

  • What we share: Payment amount, billing address, and a token representing your payment method.

  • What we do not share: Your full credit/debit card number (Stripe collects it directly).

  • Why: To process your payment and prevent fraud.

  • Stripe’s Privacy Policy: https://stripe.com/privacy

B. Shipping Carriers (USPS, UPS, FedEx, DHL)

  • What we share: Your name, shipping address, phone number (optional), email address, and order details (product names, quantities, weights).

  • Why: To generate shipping labels, deliver your package, and provide tracking updates.

  • Carrier privacy policies: Available on their respective websites.

C. Analytics Providers (Google Analytics)

  • What we share: Anonymized device and usage data (IP address is masked). We do not share personally identifiable information with Google Analytics.

  • Why: To understand how users interact with the Site and improve its performance.

  • Google’s Privacy Policy: https://policies.google.com/privacy

  • Opt-out: You can install the Google Analytics Opt-out Browser Add-on.

D. Email Marketing Platform (if used)

  • What we share: Your email address, name, and preferences (e.g., product interests).

  • Why: To send you newsletters, promotions, and abandoned cart emails (only if you have opted in or are an existing customer).

  • Opt-out: Unsubscribe link in every email.

E. Legal and Regulatory Authorities

  • What we share: Personal information as required by law, court order, subpoena, or government request.

  • Why: To comply with legal obligations, enforce our Terms, or protect our rights, property, or safety (or that of others).

F. Business Transfers

  • In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred to the successor entity. We will notify you via email and/or a prominent notice on the Site if such a transfer occurs and your information becomes subject to a different privacy policy.

We do not otherwise share your personal information with any third parties without your explicit consent.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience, analyze Site traffic, and personalize content.

What Are Cookies?

Cookies are small text files stored on your device (computer, tablet, smartphone) when you visit a website. They help the website remember your actions and preferences over time.

Types of Cookies We Use

Cookie Type Purpose Duration
Essential (Strictly Necessary) Required for the Site to function (e.g., cart contents, checkout, login). Cannot be disabled. Session or persistent (up to 1 year)
Preference (Functionality) Remember your preferences (e.g., language, currency, saved addresses). Up to 1 year
Analytics (Performance) Collect anonymized data about how visitors use the Site (e.g., pages visited, time on site). We use Google Analytics. Up to 2 years
Marketing (Targeting) Used to deliver relevant ads on third-party platforms and measure ad effectiveness. We only use these with your consent. Up to 2 years

Third-Party Cookies

Some cookies are placed by third-party services we integrate, such as:

  • Stripe: For payment processing and fraud prevention.

  • Google Analytics: For website analytics.

  • Social media plugins (if added in the future): For sharing content.

Your Cookie Choices

You can control and manage cookies in several ways:

  • Browser settings: Most browsers allow you to block or delete cookies. However, disabling essential cookies may prevent the Site from functioning properly (e.g., you may not be able to add items to your cart or check out).

  • Cookie banner: When you first visit the Site, you will see a cookie consent banner. You may accept or decline non-essential cookies.

  • Google Analytics opt-out: Download and install the Google Analytics Opt-out Browser Add-on here.

Do Not Track (DNT)

Some browsers offer a “Do Not Track” (DNT) setting that signals to websites that you do not want to be tracked. We currently do not respond to DNT signals because no uniform standard has been adopted. Instead, we rely on the cookie consent mechanism described above.

7. Data Security

We take the security of your personal information seriously. We implement appropriate technical and organizational measures to protect your data from unauthorized access, disclosure, alteration, or destruction.

Security Measures We Use

  • SSL/TLS Encryption: All data transmitted between your browser and our Site is encrypted using 256-bit SSL/TLS. Look for the padlock icon in your browser’s address bar.

  • Tokenization (Payment): We do not store full credit card numbers. Stripe replaces sensitive card data with a unique token that is useless to anyone outside of Stripe.

  • Access Controls: Access to customer data within our company is restricted to authorized employees who need it to perform their jobs (e.g., customer service, order fulfillment). All employees undergo privacy training.

  • Secure Hosting: Our website is hosted on secure servers with firewalls, intrusion detection, and regular security audits.

  • Password Hashing: Customer account passwords are hashed (not stored in plain text) using industry-standard algorithms.

Limitations

No method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and applicable regulators as required by law.

If you have reason to believe that your interaction with us is no longer secure (e.g., you received a suspicious email purporting to be from us), please contact us immediately.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, or reporting requirements.

Specific Retention Periods

Data Type Retention Period
Order records (name, address, purchase details) 7 years (to comply with US tax and accounting laws)
Account information (email, password hash, saved addresses) Until you delete your account, plus 30 days for backup
Customer service emails and chat logs 3 years from the last interaction
Marketing preferences and consent records Until you unsubscribe or request deletion
Website usage analytics (anonymized) 26 months (standard Google Analytics retention)
Product reviews Indefinitely (or until you request removal)

After the retention period expires, we will securely delete or anonymize your personal information.

Your Right to Deletion

You may request that we delete your personal information (subject to certain exceptions, such as ongoing orders or legal obligations). See Section 9 for instructions.

9. Your Privacy Rights

Depending on where you reside, you may have certain rights regarding your personal information. We honor these rights for all customers to the extent possible, regardless of location.

A. For US Residents (Including CCPA)

Under the California Consumer Privacy Act (CCPA) and similar state laws (e.g., Virginia CDPA, Colorado CPA, Connecticut CTDPA), you have the following rights:

Right Description
Right to Know You have the right to request that we disclose: (1) the categories of personal information we collected about you; (2) the sources of that information; (3) the business purpose for collecting it; (4) the categories of third parties with whom we share it; and (5) the specific pieces of personal information we hold about you.
Right to Delete You have the right to request that we delete your personal information, subject to certain exceptions (e.g., to complete a transaction, detect fraud, comply with legal obligations).
Right to Opt-Out of Sale/Sharing We do not sell your personal information. However, if you are a California resident, you have the right to opt out of the “sale” or “sharing” of your information for cross-context behavioral advertising. We do not engage in such sharing, so no action is needed.
Right to Non-Discrimination We will not discriminate against you for exercising any of your privacy rights (e.g., by charging different prices or providing a different level of service).

B. For EU Residents (GDPR)

If you are located in the European Economic Area (EEA), you have the following rights under the GDPR:

Right Description
Right to Access You may request a copy of the personal information we hold about you.
Right to Rectification You may request that we correct inaccurate or incomplete information.
Right to Erasure (Right to be Forgotten) You may request that we delete your personal information, subject to legal exceptions (e.g., tax records).
Right to Restrict Processing You may request that we limit how we use your data (e.g., while we verify accuracy).
Right to Data Portability You may request a machine-readable copy of your data to transfer to another controller.
Right to Object You may object to processing based on legitimate interests (e.g., direct marketing).
Right to Withdraw Consent If processing is based on your consent, you may withdraw it at any time (without affecting the lawfulness of processing before withdrawal).

C. How to Exercise Your Rights

To exercise any of the above rights, please contact us using one of the following methods:

  • Email: lynellelucila13811@gmail.com with the subject line “Privacy Request – [Your Right]” (e.g., “Privacy Request – Access” or “Privacy Request – Deletion”).

  • Phone: (+1) 319 674 8202 (Monday–Friday, 9 AM – 5 PM MT)

To verify your identity: We may ask you to provide information that matches the data we have on file (e.g., your order number, email address, or a copy of a government ID for sensitive requests). We will not fulfill requests without proper verification.

Response time: We aim to respond to all verified requests within 30 days (or as required by applicable law). If we need more time (up to 90 days for complex requests), we will notify you.

Cost: We will not charge a fee to exercise your rights unless your request is excessive, repetitive, or manifestly unfounded.

Authorized agents: You may designate an authorized agent to make a request on your behalf. The agent must provide written permission signed by you, and we may still require you to verify your identity directly.

10. Children’s Privacy

The Site is not intended for children under the age of 13 (or under 16 in certain jurisdictions). We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately. Upon verification, we will delete that information from our records.

If we learn that we have inadvertently collected personal information from a child under 13 without parental consent, we will delete it as soon as possible.

11. Third-Party Links

The Site may contain links to third-party websites, products, or services (e.g., social media platforms, payment provider pages, blog references). We do not control those third parties’ privacy practices. This Privacy Policy applies only to information collected by Blush Nails LLC.

We encourage you to read the privacy policies of any third-party website you visit. We are not responsible for the content, security, or privacy practices of any linked third-party site.

12. International Data Transfers

Blush Nails LLC is headquartered in the United States. Your personal information may be transferred to, processed, and stored in the United States, which may have data protection laws different from those in your country.

For EU/EEA Customers

If you are located in the European Economic Area, please note that your personal information will be transferred to the United States. We rely on the following safeguards to ensure an adequate level of protection:

  • Standard Contractual Clauses (SCCs): For transfers of data to our third-party service providers (e.g., Stripe, Google), we rely on the European Commission’s Standard Contractual Clauses, which impose data protection obligations equivalent to GDPR.

  • Stripe’s Data Processing Agreement: Stripe participates in the EU-US Data Privacy Framework and provides SCCs.

By using the Site and providing us with your information, you consent to the transfer of your data to the United States as described in this Privacy Policy.

13. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). We have already summarized your rights in Section 9(A). Here are additional details required by California law.

Categories of Personal Information Collected (Past 12 Months)

Category Examples Collected?
Identifiers Name, email, address, phone, IP address Yes
Customer records Billing address, payment token (not full card) Yes
Protected classifications Age (implied from birth year if provided) No (we do not ask)
Commercial information Purchase history, products viewed Yes
Internet activity Browsing history, search queries Yes
Geolocation data Approximate location from IP Yes
Sensory data Product review photos (if uploaded) Yes (voluntary)
Inferences Preferences, shopping behavior Yes (for analytics)
Sensitive personal information Precise geolocation, SSN, driver’s license No

Sources of Personal Information

  • Directly from you (orders, account creation, contact forms).

  • Automatically from your device (cookies, analytics).

  • From third parties (Stripe, shipping carriers).

Business Purpose for Collection

See Section 3 (How We Use Your Information) above.

Sharing of Personal Information (Past 12 Months)

We have “shared” (as defined by the CCPA) personal information with analytics providers (Google Analytics) and advertising partners (if applicable) for cross-context behavioral advertising. However, we do not do so without obtaining your consent via cookie banner. You may opt out of such sharing by rejecting non-essential cookies.

California’s “Shine the Light” Law

Under California Civil Code Section 1798.83, California residents may request information about our disclosure of personal information to third parties for their direct marketing purposes. We do not disclose personal information to third parties for their own direct marketing purposes. If you have any questions, please contact us.

14. Nevada Privacy Rights

Nevada residents have the right to opt out of the “sale” of their personal information (as defined by Nevada law). We do not sell personal information. If you are a Nevada resident and wish to opt out of any future sale (should we ever engage in such activity), please contact us.

15. Changes to This Privacy Policy

We reserve the right to modify or update this Privacy Policy at any time. Changes become effective immediately upon posting to the Site.

  • Minor changes (e.g., typographical corrections, clarification of existing practices) will be posted without prior notice.

  • Material changes (e.g., new data collection purposes, new categories of third-party sharing) will be highlighted on the Site and/or communicated via email to active account holders at least 30 days before the changes take effect.

Your continued use of the Site after any changes constitutes your acceptance of the revised Privacy Policy. If you do not agree to the changes, you must stop using the Site and, if applicable, request deletion of your account.

The “Last Updated” date at the top of this page indicates when the most recent changes were made. We encourage you to review this Privacy Policy periodically.

16. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Blush Nails LLC
Attn: Privacy Officer
1209 Mountain Road Pl Ne Ste R
Albuquerque, NM 87110
United States

Email: lynellelucila13811@gmail.com
Phone: (+1) 319 674 8202

For privacy-related inquiries only, please include the phrase “PRIVACY INQUIRY” in the subject line of your email. This helps us route your request to the appropriate person.

For general customer service (orders, returns, product questions), please use the same email address – we will route it accordingly.

Complaints and Regulatory Oversight

If you believe we have violated your privacy rights, you have the right to file a complaint with the relevant supervisory authority:

  • For US residents: You may contact the Federal Trade Commission (FTC) or your state’s Attorney General.

  • For EU residents: You may lodge a complaint with your local Data Protection Authority (DPA). A list of EU DPAs is available at https://edpb.europa.eu/about-edpb/board/members_en.

We would appreciate the opportunity to resolve your concerns before you contact a regulator. Please contact us first.

Summary: Your Rights at a Glance

Right How to Exercise
Access your data Email lynellelucila13811@gmail.com with “Privacy Request – Access”
Correct your data Email with “Privacy Request – Correction”
Delete your data Email with “Privacy Request – Deletion”
Opt out of marketing emails Click “Unsubscribe” in any marketing email
Opt out of cookies Adjust browser settings or reject non-essential cookies via banner
Data portability Email with “Privacy Request – Portability”
Lodge a complaint Contact us first; then regulatory authority

Blush Nails LLC
1209 Mountain Road Pl Ne Ste R, Albuquerque, NM 87110 US
Phone: (+1)3196748202
Email: lynellelucila13811@gmail.com
Website: blushnails.fun