Privacy Policy

1. Introduction

At littlethingsbyjoe ("we", "us", or "our"), we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and purchase our digital cross stitch patterns.

By using our website, you consent to the data practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not access the site.

2. Information We Collect

2.1 Personal Information

We collect information that you provide directly to us, including:

• Email Address: Required for order confirmation, download links, and newsletters
• Name: Optional, used for personalized communications
• Payment Information: Processed securely through Stripe (we do not store your payment card details)
• Order History: Purchase details and download records

2.2 Automatically Collected Information

When you visit our website, we automatically collect:

• Usage Data: Pages viewed, time spent, products browsed
• Device Information: Browser type, operating system, IP address
• Cookies: Small data files stored on your device (see Cookie Policy below)
• Analytics Data: Through Google Analytics to understand how visitors use our site

3. How We Use Your Information

We use the collected information for the following purposes:

• Order Fulfillment: Process and deliver your digital pattern purchases
• Communication: Send order confirmations, download links, and customer support responses
• Marketing: Send newsletters and promotional offers (only if you've subscribed)
• Website Improvement: Analyze usage patterns to enhance user experience
• Fraud Prevention: Detect and prevent fraudulent transactions
• Legal Compliance: Comply with applicable laws and regulations

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal data based on:

• Contract Performance: Processing necessary to fulfill your order
• Consent: For marketing communications and non-essential cookies
• Legitimate Interest: For fraud prevention and website analytics
• Legal Obligation: To comply with tax and financial regulations

5. How We Share Your Information

We do not sell, trade, or rent your personal information. We share data only with:

5.1 Service Providers

• Stripe: Payment processing (subject to Stripe's privacy policy)
• Google Analytics: Website analytics (anonymized data)
• AWS (Amazon Web Services): Cloud file storage and delivery
• Email Service Provider: For sending order confirmations and newsletters

5.2 Legal Requirements

We may disclose your information if required by law or to protect our rights, property, or safety, or that of others.

6. Cookie Policy

We use cookies and similar tracking technologies to improve your experience and analyze how our website is used. When you first visit our site, you'll see a cookie consent banner where you can choose to accept or decline analytics cookies.

6.1 Types of Cookies We Use

• Essential Cookies: Required for website functionality including shopping cart, favorites, and session management. These cookies are always active and do not require consent.
• Analytics Cookies (Google Analytics): Used to understand how visitors interact with our website, which pages are most popular, and how we can improve user experience. These cookies require your consent and are only activated when you click "Accept Cookies" in our consent banner.
• Preference Cookies: Remember your settings and preferences such as dismissed popups, subscription status, and consent choices.

6.2 Google Analytics

We use Google Analytics to collect anonymized information about website usage. This includes:

• Pages visited and time spent on each page
• How you arrived at our site (search engines, direct links, etc.)
• General geographic location (country/city level)
• Device type and browser information

Google Analytics data is anonymized and does not identify individual users. We use this information solely to improve our website and product offerings. For more information, see Google's Privacy Policy.

6.3 Managing Cookie Preferences

You can manage your cookie preferences in several ways:

• Cookie Banner: When you first visit, choose "Accept Cookies" or "Decline" based on your preference.
• Browser Settings: Most browsers allow you to refuse or delete cookies through their settings menu. Note that blocking essential cookies may affect website functionality.
• Google Analytics Opt-Out: You can install the Google Analytics Opt-out Browser Add-on to prevent your data from being collected by Google Analytics across all websites.

If you change your mind after making a choice, you can clear your browser's cookies and localStorage to see the consent banner again on your next visit.

7. Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

• SSL/TLS encryption for data transmission
• Secure payment processing through Stripe (PCI DSS compliant)
• Regular security audits and updates
• Access controls and authentication for admin areas

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

8. Data Retention

We retain your personal information for as long as necessary to:

• Provide you with access to your purchased patterns
• Comply with legal obligations (e.g., tax records for 7 years)
• Resolve disputes and enforce our agreements

You may request deletion of your data at any time (see Your Rights section below).

9. Your Rights

You have the following rights regarding your personal information:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data
• Objection: Object to processing of your data for marketing purposes
• Portability: Request transfer of your data to another service
• Withdraw Consent: Withdraw consent for marketing communications at any time

To exercise these rights, please contact us at [email protected]. We will respond within 30 days.

10. Unsubscribing from Marketing

You can unsubscribe from marketing emails at any time by:

• Clicking the "Unsubscribe" link in any marketing email
• Visiting our unsubscribe page
• Contacting us at [email protected]

Note: You will still receive transactional emails (order confirmations, download links) as these are necessary to fulfill your purchase.

11. Children's Privacy

Our website is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn we have collected information from a child under 13, we will delete it promptly.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place when transferring your data internationally.

13. Third-Party Links

Our website may contain links to third-party websites (e.g., Facebook community, payment processors). We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any information.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this policy periodically. Continued use of our website after changes constitutes acceptance of the updated policy.

15. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

16. Complaints

If you are located in the EEA and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection authority.