Privacy policy

Last updated: September 15, 2025

Grace Headwear (“Grace”, “we”, “our”, “us”) operates this website and online store, including all related information, features, tools, products, and services (the “Services”), to provide customers with a curated shopping experience. Our Services are powered by Shopify, which enables us to deliver secure e-commerce functionality.

This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit, use, or make a purchase through our Services, or otherwise communicate with us. In the event of a conflict between our Terms of Service and this Privacy Policy, this Privacy Policy governs with respect to the handling of your personal information.

By accessing or using our Services, you confirm that you have read, understood, and agreed to this Privacy Policy.

1. PERSONAL INFORMATION WE COLLECT

For purposes of this Privacy Policy, “personal information” means information that identifies, relates to, or could reasonably be linked to you. Personal information does not include data that has been de-identified or aggregated in a way that it can no longer reasonably identify you.

We may collect the following categories of personal information depending on how you interact with our Services and as permitted by law:

  • Contact details: name, billing and shipping addresses, email address, and phone number.

  • Financial information: credit or debit card details, payment account information, transaction details, and payment confirmations.

  • Account information: username, password, security questions, preferences, and settings.

  • Transaction information: details about items you view, add to your cart or wishlist, purchase, return, exchange, or cancel.

  • Communications: information you share with us, such as customer support inquiries.

  • Device and usage information: device type, browser, IP address, network information, and interaction data (including cookies and tracking technologies).

2. SOURCES OF PERSONAL INFORMATION

We collect personal information from:

  • Direct interactions: when you create an account, place an order, or contact us.

  • Automatic collection: when you use our Services, through cookies, analytics, and similar technologies.

  • Service providers: such as payment processors, shipping partners, and IT service providers.

  • Business partners and third parties: including advertising or marketing partners where legally permitted.

3. HOW WE USE PERSONAL INFORMATION

We may use your personal information to:

  • Provide and improve the Services: process payments, fulfill orders, manage accounts, handle returns and exchanges, arrange shipping, and personalize your shopping experience.

  • Marketing and advertising: send promotional emails, text messages, or display tailored online ads based on your interactions with our Services (subject to your consent where required).

  • Security and fraud prevention: verify accounts, detect and prevent fraudulent or illegal activity, and secure our Services.

  • Customer support and communication: respond to inquiries, provide updates, and maintain our relationship with you.

  • Legal compliance: comply with applicable laws, respond to valid requests from authorities, and enforce our Terms of Service.

4. HOW WE DISCLOSE PERSONAL INFORMATION

We may disclose your personal information to:

  • Shopify and other service providers who assist with payment processing, shipping, IT services, analytics, and customer support.

  • Business and marketing partners to deliver personalized advertising and promotions.

  • Affiliates and corporate group members in connection with business operations.

  • Third parties with your consent, such as social media integrations or requested disclosures.

  • Authorities or legal processes when required by law or to protect our rights.

  • Business transactions (e.g., mergers, acquisitions, restructuring, or bankruptcy).

5. SHOPIFY RELATIONSHIP

Our Services are hosted by Shopify. Shopify may collect and process your personal information to operate, secure, and improve their platform. This may involve sharing data across merchants using Shopify’s enhanced features.

To learn more about Shopify’s data practices and your rights, please review the Shopify Consumer Privacy Policy.

6. THIRD-PARTY WEBSITES AND LINKS

Our Services may contain links to third-party websites or platforms not operated by Grace. We are not responsible for their privacy or security practices. Please review their privacy policies before engaging with them.

7. CHILDREN’S DATA

Our Services are not intended for children, and we do not knowingly collect personal information from individuals under the age of majority in their jurisdiction. If you believe a child has provided us with personal data, please contact us to request deletion.

8. SECURITY AND RETENTION

We implement appropriate safeguards, including SSL encryption, to protect your personal information. However, no system is completely secure, and we cannot guarantee absolute protection.

We retain personal information only as long as necessary to fulfill the purposes described in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce agreements.

9. YOUR RIGHTS AND CHOICES

Depending on where you live, you may have the right to:

  • Access / Know – Request access to the personal information we hold about you.

  • Delete – Request deletion of your personal information.

  • Correct – Request correction of inaccurate or incomplete information.

  • Portability – Request a copy of your data in a portable format.

  • Opt out – Object to the sale, sharing, or processing of personal data for targeted advertising.

  • Manage communication preferences – Unsubscribe from promotional emails (transactional communications will still be sent).

For residents of the UK and EEA, you may also have rights to:

  • Object to or restrict processing of your personal data.

  • Withdraw consent where processing is based on consent.

To exercise these rights, please contact us using the details below.

10. INTERNATIONAL TRANSFERS

We may transfer and store your personal information outside your country of residence, including in the United States. Where required, such transfers are safeguarded using legal mechanisms such as the EU Standard Contractual Clauses or equivalent protections.

11. CHANGES TO THIS POLICY

We may update this Privacy Policy periodically to reflect legal, technical, or business changes. Updates will be posted on this page with a new “Last updated” date.

12. CONTACT US

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:

contact@graceheadwear.com

Grace Headwear is the data controller responsible for your personal information under applicable law.