Your Privacy

PRINCESS POLLY PRIVACY POLICY

Last Updated: February 11, 2025

At Princess Polly, trust is the cornerstone of a great brand and respecting the privacy rights of our customers is an integral part of building that trust. In this privacy policy, the terms “Princess Polly,” “we,” and “us” refers to Princess Polly, its parent company a.k.a. Brands Holding Corp., and a.k.a. Brands Holding Corp. respective subsidiaries and affiliated companies. This privacy policy explains how we collect and use your personal information to serve you. This policy applies to Princess Polly’s website and all other websites, mobile sites, applications, platforms and tools where this Privacy Policy appears or is linked, and through the use of our services, as well as communications between you and Princess Polly including but not limited to SMS, MMS, chat, and instant messaging communications (collectively, the “Website”).

ARBITRATION NOTICE: THIS PRIVACY POLICY CONTAINS A BINDING ARBITRATION PROVISION, A JURY TRIAL WAIVER, AND A CLASS ACTION WAIVER. DETAILS OF THESE PROVISIONS ARE EXPLAINED BELOW.

YOU KNOWINGLY AND VOLUNTARILY AGREE THAT, UNLESS OTHERWISE STATED, ALL DISPUTES BETWEEN YOU AND PRINCESS POLLY WILL BE RESOLVED BY MANDATORY BINDING ARBITRATION AND YOU WAIVE THE RIGHT TO ASSERT ANY CLAIM ARISING OUT OF OR RELATING TO THIS POLICY IN ANY COURT, EXCEPT AS EXPRESSLY PROVIDED BELOW. YOU KNOWINGLY AND VOLUNTARILY WAIVE THE RIGHT TO A TRIAL BY JURY OR TO PARTICIPATE IN A CLASS ACTION LAWSUIT OR CLASS-WIDE ARBITRATION. YOU ACKNOWLEDGE THAT YOU ARE AGREEING TO THE TERMS OF THIS PRIVACY POLICY VOLUNTARILY AND NOT IN RELIANCE ON ANY PROMISES OR REPRESENTATIONS EXCEPT THOSE CONTAINED IN THIS PRIVACY POLICY.

By accessing or using this Website, you agree to this privacy policy. If you do not agree to this privacy policy, please discontinue your use of the Website. THIS PRIVACY POLICY MAY CHANGE FROM TIME TO TIME AND YOUR CONTINUED USE OF OUR WEBSITE CONSTITUTES YOUR ACCEPTANCE OF THOSE CHANGES. WE ENCOURAGE YOU TO REVIEW THIS PRIVACY POLICY PERIODICALLY.

TYPES OF INFORMATION WE COLLECT

What information do we collect? We may collect and use the following information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information”):

● Contact information, such as name, email address, postal address, phone number;
● Payment information, such as credit card number, bank card numbers, and other payment details;
● Order and refund history, including sizing;
● Demographic information, such as age, estimated income, household information, and occupation;
● Information about your interests, preferences, and purchase history;
● Information may be collected from you if you interact with us on social media sites, such as Facebook, Instagram, TikTok, Pinterest, Twitter, Reddit and Snapchat;
● Information related in signing up to become a brand ambassador, influencer and college ambassador;
● Device and browser information including location information, MAC addresses, IP addresses, Cookies, and other online identifiers;
● Geolocation data;
● Professional employment information related to occupation and estimated income; and
● Any other information that you provide to us and any inferences that might be drawn from collected information.
We may need to collect some personal information in order to provide our products and services you request. If you do not provide the information requested, we may not be able to provide you with these products and services.

Unless we request it, we ask that you not send, and you not disclose, any sensitive personal information or any social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership. If you disclose to us or to our service providers any personal information relating to other people, you represent you have the authority both to disclose and to permit us to use the information in accordance with this Privacy Policy.

HOW WE COLLECT YOUR INFORMATION

In short: We collect information about you in a variety of different ways as you navigate through and interact with our Website.

● Information you provide to us, such as while making a purchase or signing up for a loyalty or rewards program.
● Information we collect while you interact with our Website, social media sites, and other products and services. This often involves information about your device such as IP addresses and MAC addresses, as well as information collected through cookies (as indicated below).
● Information we collect about you from other sources, such as credit card issuers and data analytics firms.
● Information we create ourselves after we analyze the information we collected about you, such as your shopping preferences.

Information You provide to Us

● Online Order Information
When you make a purchase from our Website, we may ask you to provide us with information about your purchase such as your name, email address, shipping address, phone number, and payment information.

● Online Accounts
If you sign up for an online account through our Website, we may ask you to provide your username, password, email address, phone number, payment card information, product preferences. You do not have to create an online account to make a purchase.
If you connect your social media account to your online account, you will share certain personal information from your social media account with us, for example, your name, email address, photo, list of social media contacts, and any other information that may be accessible to us when you connect your social media account to your online account.

● Marketing Communications
If you would like to receive marketing communications from us, you may do so by signing up on our Website. We will ask you to provide your email address or phone number so we can fulfill your request by sending you marketing materials.

● Communicating with us
When you contact us about a customer service issue, or to make other inquiries, we collect the content of those communications, and any additional information about the method of communication such as phone, SMS, MMS, email, chat, instant messaging, or through social media platforms. For example, if you email us, we will collect your email address, if you send us a text message, we will collect your phone number, and so on.

● Promotions
If you sign up for promotions or a contest, you may need to provide certain information such as your name, email, telephone number, or mailing address.

Information We Collect Through Your Interactions With Us

● Website
When you visit one of our Website pages, we may collect your device identifier such as IP address or MAC address, as well as browser and settings information, shopping preferences, and information about how you interact with our Websites and other digital products. We collect this information through our use of cookies or web beacons.

● Investigations
We may collect information about you in connection with investigations into fraudulent or criminal activities on our Websites.

Other Sources
We may also collect information from other sources, including for example, joint marketing partners, data analytics firms, public databases, publicly available social media pages, and other third parties we work with.

Information We Aggregate and Derive

We may aggregate and/or anonymize personal information so that it will no longer be considered personal information. We do so to generate other data for our use, which we may use and disclose for any purpose. For example, we may calculate the percentage of our site users who have a particular telephone area code.

COOKIES AND SIMILAR TECHNOLOGIES

In Short: We may use little bits of computer code stored by the Internet browser on your computer’s hard drive that collect data by tagging along with you while you browse (“cookies”). Cookies allow us to provide you with the best browsing experience possible.

There are a number of different types of cookies our Website uses:

● Essential – These cookies are necessary to the core functionality of our Website and some of its features, such as access to secure areas.

● Performance and Functionality – These cookies are used to enhance the performance and functionality of our Website. For example, we may use these cookies so that we recognize you on our Website and remember your previously selected preferences. These could include what language you prefer and your geographic location. These cookies are nonessential to the use of our Website, however, without these cookies, certain functionality may become unavailable. A mix of first-party and third party cookies are used.

● Advertising – These cookies are used to make advertising messages more relevant to you. They prevent the same ad from continuously reappearing, ensure that ads are properly displayed for advertisers, and in some cases select advertisements that are based on your interests. We sometimes share online data collected through these cookies with our advertising partners. This means that when you visit another Website, you may be shown advertising based on your browsing patterns on our Website.

● Analytics and Customization – We use these cookies and technologies to analyze how the Website is performing, accessed, used, or in order to improve your user experience and to maintain, operate and continually improve the Website.

● Social Media – These are cookies used to connect our Website to a third party social media platform. For example, these cookies enable you to share our Website’s content through third party social networks and other websites. They remember your details after you sign in to a social media account from a website. These cookies may also be used for advertising purposes.

● Unclassified – These are cookies that have not yet been categorized. We are in the process of classifying these cookies with the help of their providers.

Most websites, including ours, wouldn’t work very well without certain cookies. They allow us to prevent crashes, display information, fix bugs, and ensure the security of our Website (and your account). You have the right to decide whether to accept or reject certain cookies. You can set your browser not to accept cookies. However, in a few cases, some of our Website features may not function as a result. Because Essential cookies are strictly necessary for our Website to work, we don’t provide you with an ability to opt-out of these Essential cookies.

Some cookies provide important services but are not strictly necessary for our Website to work. These cookies use information about your interactions with us so we can suggest clothes and special offers for you. If your shopping is interrupted, they remember where you left off and send you reminders that you truly deserve that new outfit. These reminders might be sent to you in an email, on social media or while you’re browsing another website or on another device. We think these cookies are useful and will make it easier for you to shop with us. But you might disagree. If so, you can tell us not to use certain cookies by using the opt-out tools we have placed on our ecommerce websites.

Turning off cookie options vary by geographic region as explained below:

● United States

When accessing the Website in the United States, you can click on the "Do Not Sell My Info" link at the bottom of the Website. You can also visit the Digital Advertising Alliance to learn more about opting out of certain cookies.

● Canada

When accessing the Website in Canada, you can click on the "Interest Based Ads" link at the bottom of the Website to opt-out of certain cookies on those sites.

● European Union & United Kingdom

When accessing the Website in the EU or the United Kingdom, you can click on the “Cookie Options” link at the bottom of the Website to opt-out of certain cookies on those sites. You can also learn more by visiting the European Union Digital Advertising Alliance .

Third-Party Use of Cookies and Other Tracking Technologies

Some content or applications, including advertisements, on the Website are served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Website. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see the “Your Rights and Choices” Section below.

● Google Analytics & Google AdWords Remarketing

Princess Polly use Analytics Remarketing with Google Analytics, and AdWords Remarketing with Google AdWords to advertise online. Third-party vendors, including Google, may show Princess Polly ads on sites across the Internet. This could mean that we advertise to previous visitors who haven’t completed a task on our Website, for example using the contact form to make an inquiry. This could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. Third-party vendors, including Google, use cookies to serve ads based on someone’s past visits to the Princess Polly Website.

Princess Polly and third party vendors, including Google, use first-party cookies (such as the Google Analytics cookie) and third party cookies (such as the DoubleClick cookie) together to inform, optimize, and serve ads based on someone's past visits to our Website, and to report how our ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to visits to our Website.

Any information collected will be used in accordance with this Privacy Policy and Google’s privacy policy.

You can opt-out of Google Analytics for Display Advertising and customize Google Display Network ads HERE.

You can also use this Analytics opt out tool HERE.

● Rakuten Advertising

Rakuten Advertising may collect personal information when you interact with our Website, including IP addresses, digital identifiers, information about your web browsing and app usage and how you interact with our properties and ads for a variety of purposes, such as personalization of offers or advertisements, analytics about how you engage with websites or ads, and other commercial purposes. For more information about the collection, use, and sale of your personal information and your rights, please use the below links.

https://rakutenadvertising.com/legal-notices/services-privacy-policy/
https://rakutenadvertising.com/legal-notices/services-privacy-rights-request-form/

DO NOT TRACK

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or Global Privacy Control (GPC) signal setting you can activate to signal your privacy preference not to have data about your online browsing activities sold or shared.

At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signal.

HOW WE USE YOUR INFORMATION

In short: We use the information that we collect to conduct our business and to provide you with the best possible products, services, and experiences. Which result in a combination of any or all of the information that we collect or obtain.

Under data protection law, we can only use your personal information if we have a proper reason for doing so, for example:
● To comply with our legal and regulatory obligations;
● For the performance of our contract with you or to take steps at your request before entering into a contract;
● For our legitimate interests or those of a third party; or
● Where you have given consent.

A legitimate interest is when we have a business reason to use your information, so long as this is not overridden by your own rights and interests.

Below are our uses of your personal information and our reasons for doing so:
● For the performance of our contract with you or to take steps at your request before entering into a contract.

- To provide you with our Website, products and services; to process, fulfill and communicate with you about your orders; to process your payments; process, maintain, and service your account(s) and memberships;
- To respond to you, such as when you place an order, call us, make a request or inquiry, enter a contest or sweepstakes, complete a survey; or share a comment or concern;

● For our legitimate interests or those of a third party

- For personalization of your experiences with us, including to: remember your interests and preferences; customize the products and services we share with you; facilitate your interactions with our stylists and salespeople; track and categorize your activity and interests on our Website, including by identifying the different devices you use; and to enrich your experience on our Websites, and through our mobile applications, in each case, to be as efficient as we can so we can deliver the best service for you at the best price;
- For marketing and advertising, such as: to send you marketing and advertising communications; and to customize the marketing and advertising that we show you (we offer choices about marketing and advertising as noted in the "Your Rights and Choices" Section below), in each case, to promote our business to former, current, and future customers;
- For analytics, such as: to understand how you use our Websites and mobile applications; understand how you shop with us; determine the methods and devices used to access our Website; and improve our Website, in each case, to be as efficient as we can so we can deliver the best service for you at the best price;
- For our business purposes, such as: to operate and improve upon our business and lawful business activities; to maintain our programs, accounts, and records; for research; to determine your satisfaction with our products and services; to detect and prevent fraud or misuse of our services; and for any other business purpose that is permitted by law, in each case, to be as efficient as we can so we can deliver the best service for you at the best price;
- For updating and enhancing customer records to make sure that we can keep in touch with our customers about existing orders and new products, for the performance of our contract with you or to take steps at your request before entering into a contract, and to comply with our legal and regulatory obligations;
- For preventing unauthorized access and modifications to systems and for detecting fraud against you or Princess Polly to prevent and detect criminal activity that could be damaging for us and for you, to minimize fraud that could be damaging for us and for you, and to comply with our legal and regulatory obligations; and

● To comply with our legal and regulatory obligations

- For legal and safety purposes, such as to: defend or protect us, our customers, you, or third parties, from harm or in legal proceedings; protect our rights; protect our security and the security of our customers, employees, and property; respond to court orders, lawsuits, subpoenas, and government requests; address legal and regulatory compliance; and notify you of product recalls or safety issues.

HOW WE SHARE INFORMATION

In Short: We may share your information with our affiliated companies and brands, with third parties who provide services to you or us, with promotional partners, with social media companies, or with other third parties as needed to carry out our business or comply with a legal obligation.

Non-Personal Information. We may disclose aggregated information or other information that does not identify any individual without restriction.

Personal Information. We may disclose personal information that we collect, or you provide with:

● Our brands and affiliates. When you provide information to one of our brands, we may share it with our other brands under the a.k.a. Brands Holding Corp. such as Petal + Pup, Culture Kings, and mnml to fulfill any purpose described in this Privacy Policy. Our brands operate under a number of corporate subsidiaries and affiliates, which you can see HERE.
● Princess Polly service providers. Princess Polly may use third parties to provide business, professional, or technical support services to you or us and/or to administer activities on our behalf. This may include managing customer information; fulfilling promotions; sending marketing communications; conducting surveys; hosting websites; analyzing data; processing payments; fulfilling and shipping orders; or providing network security, accounting, auditing, and other services. We would not authorize these service providers to use or disclose your information for purposes other than why we have retained them.
● Third party partners. We may share information with other companies with whom we partner to provide the Website, our products, and our services, to promote our products, services, offers, contests, or other promotions to our customers, and to carry out other activities described in this Privacy Policy.
● Our Analytics Providers. We disclose your personal information to parties that assist us in performing analytics and help us measure the effectiveness of the Website and our marketing and advertising efforts.
● Our Marketing and Advertising Partners. We disclose your personal information to our marketing and advertising partners, including social media networks, third party advertising networks, and other parties that assist us in serving, measuring the performance of, and optimizing our advertisements.
● Public posting and social sharing. When you post public comments on our Website, on public forums like our social media sites, blogs, and online reviews, your comments are accessible by other members of the public.
● Social media logins and other integrations. When you log into your customer account using your social media account credentials, or use other social media services with us, your personal information will be disclosed to the social media account provider in connection with your login. By doing so, you authorize us to facilitate this sharing of information, and you understand that this sharing is governed by the social media site’s privacy policy that you used to log into your account.
● Government and Public Authorities. We may share your personal information with government and public authorities if necessary or appropriate, in our good faith judgment, to comply with laws or regulations, including in response to a valid subpoena, order, investigative demand, request for cooperation from a law enforcement agency or similar request from a self-regulatory body or government agency.
● Relevant third parties in connection with a sale or business transaction. We may disclose or otherwise transfer your personal information to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction as well as in the event of any insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets. .

We may also need to share some personal information with other parties to the extent we believe it is necessary or appropriate to (1) protect our operations and those of our affiliates and subsidiaries; (2) investigate and prevent against fraud and other illegal activity; (3) protect our rights, privacy, safety, property, and/or those of others; or (4) allow us to pursue available remedies or limit damages that we may sustain.

We may disclose your personal information for other reasons described at the time of information collection or prior to disclosing your information. Additionally, we may disclose your personal information with your consent or when you direct us to do so.

Except as set forth above, we will not share your personal information with any other third party.

YOUR RIGHTS AND CHOICES

In Short: We want you to be comfortable with the information we collect and use, therefore, we strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information: You have the right to make requests regarding your personal information. While these rights may vary based on your residency, we strive to allow you to control how your personal information is used.

Under certain circumstances, you may be able to:

● Review the personal information we have about you or request a copy of it;
● Ask us to update or correct personal information if it is inaccurate;
● Request that we delete your personal information;
● Opt-out of sharing your personal information with third parties for some purposes, including sharing that may be defined as a sale under applicable laws;
● Object to certain types of uses of your personal information;
● Make choices about receiving email marketing; and
● Tell us which cookies you want us to use when you shop online as described in this Privacy Policy.

In addition to the rights you may be provided above:

● Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of this site may become inaccessible or not function properly.
● Promotional Offers. If you do not wish to have your email address/contact information used by Princess Polly to promote our own or third parties’ products or services, you can opt-out by unchecking the relevant box located on the Contact Information form during the checkout process. If you don’t want us to send you marketing messages anymore, you can reach out to us here: hi@princesspolly.com or just unsubscribe from the link in one of our email messages or reply “STOP” for SMS. This opt out does not apply to information provided to Princess Polly as a result of a product purchase, warranty registration, product service experience or other transactions.
● Non-promotional Purposes. If you have opted out of receiving marketing or promotional communications from us, we may still contact you for transactional or informational purposes (such as for customer service). We may also still contact you to comply with our legal or other compliance obligations.
● Text marketing and Notifications. By entering your phone number in the checkout and initializing a purchase, subscribing via our subscription form or a keyword, you agree that we may send you text notifications (for your order, including abandoned cart reminders) and text marketing offers. Text marketing messages will not exceed 30 a month. You acknowledge that consent is not a condition for any purchase. If you wish to unsubscribe from receiving text marketing messages and notifications reply with STOP to any mobile message sent from us or use the unsubscribe link we provided you with in any of our messages. You understand and agree that alternative methods of opting out, such as using alternative words or requests will not be accounted as a reasonable means of opting out. Message and data rates may apply. For any questions please text HELP to the number you received the messages from. You can also contact us for more information. If you wish to opt out, please follow the procedures above. We may still contact you to comply with our legal or other compliance obligations. We may ask you to confirm or update your marketing preferences if you instruct us to provide further products and/or services in the future, or if there are changes in the law, regulation, or the structure of our business.

Unless specified otherwise, personal information requested when using the Website is voluntary, which means that it is not a statutory or contractual requirement, or a requirement necessary to enter into a contract. Users are free not to provide such personal information without consequences to the availability or the functioning of the Website. Where the provision of personal information is mandatory, such a requirement is stated. In that case, failure to provide such personal information may make it impossible for the Website to work properly or for us to provide any services to you.

Some of these rights may vary depending on where you reside. But we will make reasonable efforts to honor your request, even if your country or state does not require us to do so. If you ask us to delete or stop using your personal information, we may not be able to honor that request if the information is required to process your payments or returns, fulfill your order, or comply with tax, audit or regulatory requirements. If you are located in the European Economic Area, the UK, or you reside in Australia, Canada or the State of California, Colorado, Connecticut, Iowa, Montana, Oregon, Texas, Utah, Virginia please go to our Privacy Notice Addendum to learn about additional rights you may have under applicable data protection laws.

Princess Polly does not conduct any automated decision making through or for the Platforms or Services, including profiling.

HOW WE STORE AND SECURE YOUR INFORMATION

In Short: We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure, however, no system can be completely secure and transmissions over the internet are never entirely secure. Therefore, although we take steps to secure your information, we cannot guarantee your information, searches, or other communications will always remain secure. Any such transmission of information by you is at your own risk.

We do our best to provide you with a safe and convenient shopping experience. We have put in place a wide variety of technical and organizational security measures to help protect you and the personal information we collect about you.

We use reasonable and appropriate physical, technical, and administrative safeguards designed to protect your information from unauthorized use, access, loss, misuse, alteration, or destruction. We endeavor to protect the personal information we receive, gather and store, by such means as password protection, firewalls and other means. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality. We also require that third party service providers acting on our behalf or with whom we share your information also provide appropriate security measures in accordance with industry standards. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Please note that we will never email you asking for account information like your username, date of birth, credit card information, or other personal information. Finally, we will never email you with attachments that can be opened. If you received a suspicious email that appears to be from us, please contact us.

WHERE YOUR PERSONAL INFORMATION IS HELD

Princess Polly is a global company with a global footprint, but the majority of the Personal Information that we collect is stored in the United States. Your personal information may be subject to the laws of the countries in which it is stored or used. By providing us with any personal information, you understand that your information may be transferred, processed, or stored outside of your country of residence, including the United States, which may have a different data protection regime from the country in which you reside, as further described in the Data Transfers Outside the United States Section below. In certain circumstances, courts, law enforcement agencies, regulatory agencies, or security authorities in those other countries may be entitled to access your personal information. Non-United States based customers can read more about this topic below.

DATA TRANSFERS OUTSIDE OF THE United States

Princess Polly is headquartered in the United States and operates globally and utilizes service providers both in the United States and throughout the world. As such, Princess Polly and our service providers may transfer your personal information to, or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. To bring you our Website, it is sometimes necessary for us to share your personal information outside the country where we originally collected your personal information, for example:

● With our offices outside the country where such personal information is collected;
● With you and our service providers located throughout the world; or
● Where there is an international dimension to the services we are providing to you.

These transfers may be subject to special rules under local data protection law.

These outside countries do not have the same data protection laws as the country where we originally collected the personal information. In particular, you are advised that the United States uses a sectoral model of privacy protection that relies on a mix of legislation, governmental regulation, and self-regulation. We will, however, ensure the transfer complies with data protection law and all personal information will be secure. If you are located outside the United States, we will only transfer your personal information if:

● you provide your explicit consent;
● the country to which the personal information will be transferred has been granted an appropriate adequacy decision by your local supervisory authority; or
● we have put in place appropriate safeguards in respect of the transfer, for example we have entered into the appropriate standard contractual clauses and required additional safeguards with the recipient, or the recipient is a party to binding corporate rules approved by a supervisory authority.

Where the laws of your country allow you to do so, by using the Website or our products or services, you consent and authorize Princess Polly and its service providers to transfer, store, and use all such information in the United States and any other country where we operate which may not offer an equivalent level of protection to that required in the country where you reside and to the processing of that information by us and our service providers on our and their servers located in the United States and any other country where we operate as described in this Privacy Policy. If you do not want your personal information transferred to the United States or any other country where we operate, please do not submit any information to us or use our Website or our products or services.

If you would like further information, please contact us (see the “Contact Information” Section below).

Information Retention

We will retain your personal information for as long as needed to provide the service to you (for example, as long as you have an online account with us) or as needed to fulfill our own obligations, such as preventing fraud, meeting legal or other regulatory requirements, resolving disputes, improving our services or maintaining security, and in each case, as consistent with applicable law.

Different retention periods apply for different types of personal information. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of personal information; the potential risk from unauthorized use or disclosure of the personal information; the purpose(s) for which we use or may use the personal information; whether we can achieve the purpose(s) through other means; and the applicable legal requirements.

When it is no longer necessary to retain your personal information, we will delete it or we may anonymize it. If we anonymize or de-identify information, we will maintain and use the information in anonymized or de-identified form and not attempt to re-identify the information except as required or permitted by law. We may retain non-personal information that has been sufficiently aggregated or anonymized for a longer period.

Third Party Services

We are not responsible for, and this Privacy Policy does not address, the privacy practices of other third parties, such as Facebook, Apple, Google, Microsoft, or any other app developers, social media platforms, operating system providers, wireless or telecommunications service providers, or device manufacturers. If, in your interactions with the Website, you are linked or directed to, or click on, a third party website, we cannot control what information you may provide to that party or on that website, and we are not responsible for how that party may use or disclose any information you may provide to them. This is not as an endorsement by us of any third party website, content that may be offered on such third party website, or of any products or services provided by such third party. We do not control, nor are we responsible for, such third party websites, product or service offerings. As such, we urge that you exercise caution before providing them with your personal information and to review the third party’s privacy policy for information on its data processing practice.

You should contact the site administrator for such third party website if you have any complaints, claims, concerns or questions regarding such third party website or its privacy practices.

Third Party Payment Service

We make certain third party payment service processors available to you such as PayPal or Apple Pay. If you wish to use one of these services, your personal information will be collected by such a third party and will be subject to the third party’s privacy policy. We have no control over, and are not responsible for this third party’s collection, use, and disclosure of your personal information.

CHILDREN AND OUR SITE

Our Website is not directed to children, and you may not use our Website if you are under the age of 16. If you are under 16, do not use our services, access the Website, or provide any information about yourself including, without limitation, your name, address, email address or any screen name or username you may use.

If we learn that we have collected or received personal information from a child under 13 without verification of parental consent, in compliance with the Children’s Online Privacy Protection Act, we will purge such information from our database and cancel the corresponding accounts. If you believe we may have any information from or about a child under 13, please see our “Contact Information” Section below. Please visit the FTC’s website at www.ftc.gov for tips on protecting children’s privacy online.

CHANGES TO OUR PRIVACY POLICY

This Privacy Policy was published on the date “Last Updated” above.

We may change this Privacy Policy from time to time. We will post updates to our Privacy Policy on our Website. Please check our Privacy Policy periodically for changes. We will post the date our Privacy Policy was last updated at the top of the Privacy Policy.

CONTACT INFORMATION

To ask questions or comment about this Privacy Policy and our privacy practices, contact us at:

Attention: Privacy Officer Princess Polly
750 N San Vicente Blvd, Suite RE1450
West Hollywood, CA 90069

Email: privacy@princesspolly.com

Please note that the legal department of Princess Polly also receives a copy of your message via this email address.

PRIVACY NOTICE ADDENDUM

This Privacy Notice Addendum (“Notice”) supplements the information contained in the Princess Polly Privacy Policy and applies solely to all visitors, users, and others located in the European Economic Area, the UK, or who reside in Australia, Canada or the State of California, Colorado, Connecticut, Iowa, Montana, Oregon, Texas, Utah, Virginia, ("consumers" or "you").

We adopt this Notice to comply with the Australian Privacy Act 1988 and the Australian Privacy Principles, the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA), General Data Protection Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR), the UK version of the GDPR California Shine the Lights law, the California Consumer Privacy Act of 2018 (CCPA), the California Privacy Rights Act of 2020 (CPRA), the Colorado Privacy Act of 2021, the Connecticut Data Privacy Act of 2022, the Iowa Consumer Data Protection Act of 2023, the Montana Consumer Data Privacy Act of 2024, the Oregon Consumer Privacy Act of 2024, the Texas Data Privacy and Security Act of 2024, the Utah Consumer Privacy Act of 2022, the Virginia Consumer Data Protection Act of 2023, and certain other privacy and data protection laws, as applicable (collectively, the "Statutes"). Any terms defined in the Statutes will have the same meaning when used in this Notice. Any terms used in this Notice but undefined herein shall have the meaning provided in the Privacy Policy.

As further set forth in our Privacy Policy, we may collect certain information that is (i) linked or reasonably linkable to an identified or identifiable individual or natural person, or (ii) that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a consumer or household, or (iii) as further defined in the Statutes as “Personal Data” or “Personal Information,” as further described in our Privacy Policy.

TYPES OF INFORMATION WE COLLECT

Categories of Personal Information	Examples Personal Information	Collected
Category A - Identifiers	A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.	Yes (name, postal address, IP address, email address)
Category B - Customer records information (i.e. Information that identifies, relates to, describes, or is capable of being associated with, a particular individual)	Name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.	Yes (name, address, telephone number, credit card number, bank account number)
Category C - Characteristics of protected classifications under state or federal law	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	Yes (age)
Category D - Commercial information	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	Yes (order and refund history and sizing)
Category E - Biometric information	Retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry.	No
Category F - Internet or other electronic network activity information	Browsing history, search history, and information regarding a consumer’s interaction with an Internet website, application, or advertisement.	Yes (browsing history, search history, and information regarding a consumer’s interaction with an Internet website, application, or advertisement)
Category G – Geolocation data	Physical location or movements.	Yes (physical location)
Category H - Sensory data	Audio, electronic, visual, thermal, olfactory, or similar information.	No
Category I - Professional or employment-related information.	Place of employment, position, job history, salary, resume, and other related data.	Yes (occupation, estimated income)
Category J - Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (FERPA)	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.	No
Category K - Sensitive personal information	(1) personal information that reveals: A person’s social security, driver’s license, state identification card, or passport number; A person’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; A person’s precise geolocation; A person’s racial or ethnic origin, religious or philosophical beliefs, or union membership; The contents of a person’s mail, email, and text messages unless the business is the intended recipient of the communication; or A person’s genetic data. (2) the processing of biometric information for the purpose of uniquely identifying a consumer; (3) personal information collected and analyzed concerning a consumer’s health, or a personal information collected and analyzed concerning a consumer’s sex life or sexual orientation.	No
Category L - Inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	An inference is essentially a characteristic deduced about a consumer (such as ‘married,’ ‘homeowner,’ ‘online shopper,’ or ‘likely voter’) that is based on other information a business has collected.	Yes

SHINE THE LIGHT LAW.

California Civil Code Section 1798.83, also known as the “Shine The Light” law permits individuals who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please contact us in accordance with the “How to Exercise Your Rights” Section below.

PERSONAL INFORMATION WE SOLD OR DISCLOSED FOR A BUSINESS PURPOSE.

In the preceding 12 months, we have sold to one or more third parties the following categories of personal information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household:

● Category A - Identifiers
● Category B - Customer records information
● Category C - Characteristics of protected classifications under state or federal law
● Category D - Commercial information
● Category F - Internet or other electronic network activity information
● Category G - Geolocation data
● Category I - Professional or employment-related information
● Category L - Inferences drawn from collected personal information

In the preceding 12 months, we have disclosed for a business purpose to one or more third parties the following categories of personal information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household:

YOUR RIGHTS UNDER THE CCPA.

You may have the right under the CCPA, the CPRA, and certain other privacy and data protection laws, as applicable, to exercise free of charge:

Disclosure of Personal Information We Collect About You	You have the right to know: The categories of personal information we have collected about you; The categories of sources from which the personal information is collected; Our business or commercial purpose for collecting or selling personal information; The categories of third parties with whom we share personal information, if any; and The specific pieces of personal information we have collected about you. Please note that we are not required to: Retain any personal information about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained; Reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered personal information; or Provide the personal information to you more than twice in a 12-month period.
Personal Information Sold, Shared, Disclosed, or Used for a Business Purpose	In connection with any personal information we may sell or disclose to a third party for a business purpose, you have the right to know: The categories of personal information about you that we sold and the categories of third parties to whom the personal information was sold; and The categories of personal information that we disclosed about you for a business purpose. You have the right under the California Consumer Privacy Act of 2018 (CCPA) and certain other privacy and data protection laws, as applicable, to opt-out of the sale of your personal information. If you exercise your right to opt-out of the sale of your personal information, we will refrain from selling your personal information, unless you subsequently provide express authorization for the sale of your personal information. To opt-out of the sale of your personal information, visit our homepage and click on the Do Not Sell My Personal Information link here:
Right to Limit Use and Disclosure of Sensitive Personal Information.	You have the right to opt-out of the use and disclosure of your sensitive personal information for anything other than supplying requested goods or services. We do not collect sensitive personal information.
Right to Correction	You have the right to request correction of inaccurate personal information maintained by us about you. Upon receipt of a verifiable request from you, we will use commercially reasonable efforts to correct the inaccurate personal information.
Right to Deletion	Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will: Delete your personal information from our records; and Direct any service providers to delete your personal information from their records. Please note that we may not delete your personal information if it is necessary to: Complete the transaction for which the personal information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us; Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity; Debug to identify and repair errors that impair existing intended functionality; Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law; Comply with the California Electronic Communications Privacy Act; Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent; Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us; Comply with an existing legal obligation; or Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.
Protection Against Discrimination	You have the right to not be discriminated against by us because you exercised any of your rights under the CCPA. This means we cannot, among other things: Deny goods or services to you; Charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; Provide a different level or quality of goods or services to you; or Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services. Please note that we may charge a different price or rate or provide a different level or quality of goods and/or services to you, if that difference is reasonably related to the value provided to our business by your personal information. Princess Polly provides special offers and benefits to customers who participate in our Loyalty Rewards Program or sign up to receive communications from us via email, text, chat, and social media. Loyalty Rewards Program: Individuals who participate in the Loyalty Rewards Program earn points when they purchase products that can be used to discount the price of the individual’s future purchases. We estimated the value of personal information we request from our Loyalty Rewards Program customers by comparing the amount spent by Loyalty Rewards Program customers to similarly situated customers who do not participate in the Loyalty Rewards Program over a 12-month period. Other Special Offers: The value of this personal information varies based on the special offer provided at the time the individual signs up, the amount purchased by the individual using that special offer, and value of future special offers the individual receives from us and uses to make purchases. For example, a 20% discount offer will be valued differently depending on how much the individual purchases.

YOUR RIGHTS UNDER OTHER STATE PRIVACY LAWS

Colorado, Connecticut, Iowa, Montana, Oregon, Texas, Utah, Virginia, also provide consumers who are residents of these states with certain rights regarding their personal data. This Section describes the rights you may have under these state privacy laws, under certain circumstances and subject to certain exceptions. Please contact us in accordance with the “How to Exercise Your Rights” Section below.

Consumer Right	Explanation
The Right to Opt-Out	You may have the right to opt out of the processing of personal data concerning you for the purposes of: Targeted Advertising; The Sale of personal data; or Profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer.
The Right of Access	You may have the right to confirm whether we are processing personal data concerning you and to access your personal data. Please note, there may be restrictions on how often you may exercise this right.
The Right to Correction	You may have the right to correct inaccuracies in your personal data, taking into account the nature of the personal data and the purposes of the processing of your personal data.
The Right to Deletion	You may have the right to delete personal data concerning you or to request that we delete personal data provided by, or obtained about, you.
The Right to Data Portability	You may have the right to obtain a copy of your personal data in a portable, and to the extent technically feasible, readily usable format that allows you to transmit the data to another entity without hindrance. Please note, there may be restrictions on how often you may exercise this right.
The Right to Appeal	We hope that we can resolve any query or concern you raise about our use of your personal data. However, if we do not take action on your request to exercise any of your rights, we will inform you without undue delay after the receipt of the request for not taking action. You may appeal any decision we have made about your request by following the instructions in the communication you receive from us notifying you of our decision.

YOUR RIGHTS UNDER THE PRIVACY ACT 1988 AND THE AUSTRALIAN PRIVACY PRINCIPLES.

In Australia, you have certain rights under applicable data protection laws:

● You have the right to access your personal information. We will not charge you a fee for your access request, but we may recover from you our reasonable costs of supplying you with access to this information. In some circumstances, it may not be possible for us to provide you with all of your personal information, or an exception to access under the Privacy Act may apply. For example, we may not be able to give you access if it would unreasonably affect someone else’s privacy. If we do not provide access to the personal information held about you, we will tell you why.
● You also have the right to correct any personal information we hold about you that you think is inaccurate. We will take reasonable steps to make sure that the information is corrected. We reserve the right to refuse to correct your personal information in some circumstances. If we refuse to correct any personal information about you, and we cannot reach a subsequent agreement, you may request that a note or statement regarding the correct request be attached to the file that contains your personal information.

If you would like to exercise your right to access or correct your personal information, please contact us in accordance with the “How to Exercise Your Rights” Section below.

If you think we have breached applicable privacy law, or you wish to make a complaint about the way we have handled your personal information, you can contact us using the details in the “Contact Information” Section of our Privacy Policy. You should include your name, email address, and/or telephone number and clearly describe your complaint. We will acknowledge your complaint and respond to you regarding your complaint within a reasonable period of time. If you are unhappy with our response to your complaint, please let us know and we will provide you with information about the further steps you can take.

If you are a resident of Australia and are not satisfied with our response, you may also lodge a complaint with the Office of the Australian Information Commissioner by telephone: 1300.363.992 or email: enquiries@oaic.gov.au.

YOUR RIGHTS UNDER THE GDPR AND THE UK GDPR.

In some regions (like the European Economic Area and the UK), you have certain rights under applicable data protection laws.

Right to Access	The right to be provided with a copy of your personal data (the right of access).
Right to Rectification	The right to require us to correct any mistakes in your personal data.
Right to be Forgotten	The right to require us to delete your personal data —in certain situations. At your request, we will delete your personal data promptly if: it is no longer necessary to retain your personal data; you withdraw the consent which formed the basis of your personal data processing; you object to the processing of your personal data and there are no overriding legitimate grounds for such processing; the personal data was processed illegally; or the personal data must be deleted for us to comply with our legal obligations. We will decline your request for deletion if processing of your European Personal Data is necessary: to comply with our legal obligations; in pursuit of a legal action; to detect, predict and monitor fraud; or for the performance of a task in the public interest.
Right to Restriction of Processing	The right to require us to restrict processing of your personal data —in certain circumstances, e.g. if you contest the accuracy of the data, if your personal data was processed unlawfully and you request a limitation on processing, rather than the deletion of your personal data, we no longer need to process your persona data, but you require your personal data in connection with a legal claim, or you object to the processing pending verification as to whether an overriding legitimate ground for such processing exists. We may continue to store your European Personal Data to the extent required to ensure that your request to limit the processing is respected in the future.
Right to Data Portability	The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations. At your request, we will provide you free of charge with your European Personal Data in a structured, commonly used and machine-readable format, if: you provided us with personal data; the processing of your personal data is based on your consent or required for the performance of a contract; or the processing is carried out by automated means.
Right to Object	The right to object: at any time to your personal data being processed for direct marketing (including profiling); in certain other situations to our continued processing of your personal data, e.g. processing carried out for the purpose of our legitimate interests. We will comply with your request unless we have compelling legitimate grounds for the processing which override your rights and freedoms, or where the processing is in connection with the establishment, exercise or defense of legal claims. Please note that even if we stop all marketing communications, you may still receive administrative communications from us.
Right Not to be Subject to Automated Individual Decision-Making	The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you, unless you have given us your explicit consent or where they are necessary for a contract with us.
Right to withdraw consent	You have the right to withdraw any consent you may have previously given us at any time.

For further information on each of those rights, including the circumstances in which they apply, see the guidance from the UK Information Commissioner's Office (ICO) on individual rights under the General Data Protection Regulation.

While we hope that we can resolve any query or concern you raise about our use of your information, the GDPR also gives you right to lodge a complaint with a supervisory authority, in the European Union (or European Economic Area) state where you work, normally live, or where any alleged infringement of data protection laws occurred. The current list of supervisory authorities who may be contacted are provided HERE.

CANADA’S PERSONAL INFORMATION PROTECTION AND ELECTRONIC DOCUMENTS ACT

The Personal Information Protection and Electronic Documents Act (PIPEDA) provides consumers who are Canadian residents with specific rights regarding their personal information. This section describes your rights under PIPEDA and explains how to exercise those rights.

● You have a right to know how your personal information will be used. We will explain why we need your personal information before or when we collect it, if the purpose is not already clear.
● We will collect Personal Data only for the purposes we’ve identified or for the primary uses described in our Privacy Policy. We shall collect information by fair and lawful means only.
● We will not use or disclose your Personal Data other than for the purposes for which it was collected unless we receive your consent or unless we are required or permitted to by law.
● We will keep your personal information only for as long as we need it for the purposes identified in our Privacy Policy, as required by law, or as necessary to resolve any disputes you may have concerning our Website or services. We will follow internally set guidelines and use care in the disposal, destruction, or de-identification of personal information to prevent unauthorized parties from gaining access to such personal information.
● We will maintain accurate, complete and up-to-date personal information as required for the identified purposes associated with its collection. Please let us know if your contact or other personal information changes.
● Upon your written request, and subject to exceptions as permitted or mandated by law, we will inform you of the existence, use and disclosure of your personal information and will give you access to that personal information. You may challenge the accuracy and completeness of your personal information and have it amended as appropriate.

We maintain procedures for addressing and responding to all inquiries or complaints from you about our handling of personal information. We will inform individuals who make inquiries or lodge complaints of the existence of relevant complaint procedures. We may seek external advice where appropriate before providing a final response to individual complaints. We shall investigate all complaints. If a complaint is found to be justified, we will take appropriate measures, including, if necessary, amending our policies and procedures.

HOW TO EXERCISE YOUR RIGHTS.

If you would like to exercise any of your rights as described in the Privacy Policy or this Notice, please:

● Complete a data subject request form available on our Website HERE;
● Email us at privacy@princespolly.com.

Please note that you may be restricted on the number of data access or data portability disclosures you may make within a 12-month period.
If you choose to contact us to exercise any of your rights as described in the Privacy Policy or this Notice, we will take steps to verify your identity before granting you access to your personal information or complying with your request. In order to help protect your privacy and maintain security, you will need to provide us with:

● Enough information to identify you (e.g., your full name, address, email address, telephone number, birth date, or customer or matter reference number);
● Proof of your identity and address (e.g., a copy of your driving license or passport and a recent utility or credit card bill); and
● A description of what right you want to exercise and the information to which your request relates.

In addition, if you ask us to provide you with specific pieces of personal information, we may require you to sign a declaration under penalty of perjury that you are the individual whose personal information is the subject of the request.

You may use a representative, called an "authorized agent," to submit a request to us.
In some states, an authorized agent must be a natural person, or a business entity registered with the appropriate Secretary of State, that you have authorized to act on your behalf.

In order to protect your privacy, Princess Polly requires you to confirm that you have provided the authorized agent permission to submit the request and you must provide the authorized agent with signed permission. "Signed" means that the written attestation, declaration, or permission has either been physically signed or provided electronically pursuant to the Uniform Electronic Transactions Act. In California, an authorized agent that has power of attorney pursuant to California Probate Code section 4121 to 4130 must submit proof of statutory power of attorney, but in such cases, consumer verification will not be required.

Princess Polly may deny a request from an authorized agent that does not submit proof that they have been authorized to act on your behalf. Requests submitted by an authorized agent will still require verification of the person who is the subject of the request in accordance with the process described above.

We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information or is someone authorized to act on such person’s behalf.

Any personal information we collect from you to verify your identity in connection with your request will be used solely for the purposes of verification.

Trending Searches

Collections

Trending Searches

Collections

${ item.title }

COLOR: ${ colorOptionTitle }

SIZE: ${ sizeOptionTitle }