Privacy Policy

1. Information We Collect

We collect information that you voluntarily provide to us when placing an order, creating an account, subscribing to our newsletter, or contacting us for support. This includes:

  • Contact Information: Name, email address, phone number, and shipping/billing address
  • Payment Information: Credit or debit card details, PayPal email, or other payment information. Note: We do not store your full card number. All sensitive payment data is processed through PCI-DSS compliant payment processors.
  • Order Information: Products purchased, order number, order date, and order history
  • Communication Data: Any information you choose to share when contacting us by email, phone, or text

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Order Fulfillment: To process and ship your order, send order confirmations and shipping updates, and handle returns or refunds
  • Customer Support: To respond to your inquiries, resolve issues, and provide assistance
  • Marketing (with consent): To send promotional emails or newsletters if you have opted in. You can unsubscribe at any time
  • Analytics: To understand how visitors use our website and improve the shopping experience
  • Legal Compliance: To comply with applicable laws and regulations, including tax and consumer protection laws

3. Cookies & Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing and shopping experience on our website.

  • Essential Cookies: Required for core site functionality such as checkout and account login — these cannot be disabled
  • Performance Cookies: Help us understand how visitors interact with our site so we can improve usability
  • Marketing Cookies: Used to deliver relevant advertisements on our site and across other platforms. You can manage your cookie preferences through your browser settings or our cookie consent banner

For more details on how we use cookies, please review the cookie consent notice displayed when you first visit our website.

4. Data Sharing & Third Parties

We do not sell, trade, or rent your personal information to third parties for their marketing purposes. Your data may only be shared with the following categories of service providers, and solely for the purposes described in this policy:

  • Payment Processors: PCI-DSS compliant payment processors (e.g., Shopify Payments, PayPal) — used to process transactions securely
  • Shipping Carriers: USPS, UPS, FedEx, or other carriers — used to deliver your orders
  • Website Platform Provider: Shopify — our e-commerce platform provider, which hosts our website and processes order data in accordance with their privacy policy
  • Email Service Providers: Used to send order confirmations, shipping updates, and marketing communications (if you have opted in)
  • Legal Authorities: We may disclose information if required by law, court order, or governmental regulation, or if we believe disclosure is necessary to prevent fraud or protect our rights

5. Data Security

The security of your personal information is our top priority. We have implemented the following measures to protect your data:

  • SSL Encryption: All data transmitted between your browser and our website is encrypted using SSL technology
  • PCI-DSS Compliance: We do not store your full credit card details. All payment data is handled by PCI-DSS certified payment processors
  • Secure Platform: Our website is hosted on Shopify's secure infrastructure, which includes regular security monitoring and vulnerability patching
  • Access Controls: Access to customer data is limited to authorized personnel only, and protected by password authentication

While we take commercially reasonable measures to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to maintaining appropriate safeguards.

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy, including:

  • Order Records: Retained for a minimum of 7 years to comply with tax, accounting, and consumer protection legal requirements
  • Account Data: Retained for as long as your account is active, and for a period of up to 2 years after account closure or last activity
  • Marketing Data: If you have opted in to receive marketing communications, your email address is retained until you unsubscribe

After the retention period, your data is securely deleted or anonymized in accordance with our data retention schedule.

7. Your Rights

You have the following rights regarding your personal information:

  • Access: You may request a copy of the personal information we hold about you
  • Correction: You may request that we correct inaccurate or incomplete information
  • Deletion: You may request that we delete your personal information, subject to legal retention requirements
  • Opt-Out of Marketing: You can unsubscribe from marketing emails at any time by clicking the "Unsubscribe" link in any promotional email or by contacting us directly
  • Withdraw Consent: Where processing is based on consent, you may withdraw that consent at any time

To exercise any of these rights, please contact us at:

  • Email: info@laboutiquebyrosa.com
  • Phone: +1 (516) 255-5500
  • Address: 4181 Merrick Rd #6012, Massapequa, NY 11758

We will respond to your request within 30 days. For complex requests, we may extend this period by an additional 30 days and will notify you accordingly.

8. Children's Privacy

Our website is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13 without parental consent, we will take steps to delete that information promptly. If you believe a child under 13 has provided us with personal information, please contact us immediately.

9. Third-Party Links

Our website may contain links to external websites that are not operated by us (e.g., social media platforms, payment processors). We are not responsible for the privacy practices of these third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

10. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. Any changes will be effective immediately upon posting on this page. The "Last Updated" date at the bottom of this policy will reflect the date of the most recent revision.

We encourage you to review this Privacy Policy periodically. Your continued use of our website after any changes constitutes your acceptance of the updated policy.

11. Your Rights Under California Law (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

  • Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of collection, the business purpose for collection, and the third parties with whom we share it.
  • Right to Delete: You may request that we delete your personal information, subject to certain exceptions.
  • Right to Opt-Out of Sale/Sharing: We do not sell or share your personal information for cross-context behavioral advertising. If this changes, you will be notified and provided with an opt-out mechanism.
  • Right to Correct: You may request that we correct inaccurate personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

Categories of Personal Information Collected: Identifiers (name, email, address), commercial information (order history), internet activity (browsing behavior on our site), and geolocation data (shipping address).

How to Submit a Request: Email us at info@laboutiquebyrosa.com with the subject line "CCPA Request." We will verify your identity before processing your request.

For more details on your privacy choices, visit our Your Privacy Choices page.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal information, please contact us:

  • Store Name: La Boutique by Rosa
  • Address: 4181 Merrick Rd #6012, Massapequa, NY 11758
  • Phone: +1 (516) 255-5500
  • Email: info@laboutiquebyrosa.com
  • Business Hours: Tuesday – Saturday 11:00 AM – 6:00 PM | Sunday 11:00 AM – 5:00 PM