The Oz Boutique – English Privacy Policy

PRIVACY POLICY

www.theozboutique.com
The Oz Boutique
Type of site: Online boutique

Purpose of this Privacy Policy

The purpose of this privacy policy is to inform users of our site about the personal data we collect and the following information, where applicable:
a. The personal data we will collect
b. The use of collected data
c. Who has access to the collected data
d. The rights of site users
e. The site’s cookie policy

This privacy policy operates in conjunction with our site’s Terms of Service.

Applicable Laws

This policy complies with the laws set out in the Personal Information Protection and Electronic Documents Act (PIPEDA) applicable in Canada. For residents of Quebec, this privacy policy aims to comply with the Act Respecting the Protection of Personal Information in the Private Sector.

For residents of EU countries, the General Data Protection Regulation (GDPR) governs all data protection policies, regardless of where the site is located. This privacy policy aims to comply with the GDPR. If there are inconsistencies between this policy and the GDPR, the GDPR shall apply.

For residents of the State of California, this privacy policy aims to comply with the California Consumer Privacy Act (CCPA). If there are inconsistencies between this document and the CCPA, state legislation shall apply. If we discover inconsistencies, we will modify our policy to comply with the relevant law.

Consent

Users agree that by using our site, they consent to:
a. The conditions set out in this privacy policy, and
b. The collection, use, and retention of the data listed in this policy.

Personal Data We Collect

Data Collected Automatically
We do not collect any data automatically on our site.

Data Collected Non-Automatically
We may collect the following data when you perform certain functions on our site:
a. First and last name
b. Email address
c. Phone number
d. Home address
e. Payment information

These data may be collected through the following methods:

• Account creation
• Order placement

Please note that we only collect data that helps us achieve the purpose stated in this privacy policy. We will not collect additional data without informing you beforehand.

How We Use Personal Data

Personal data collected on our site will only be used for the purposes specified in this policy or indicated on the relevant pages of our site. We will not use your data beyond what we disclose.

The data we collect when the user performs certain functions may be used for the following purposes:
a. Communication and order shipment

With Whom We Share Personal Data

Employees
We may disclose user data to any member of our organization who reasonably needs access to such data to achieve the purposes set out in this policy.

Third Parties
We may share user data with the following third parties:
We may share user data with third parties for the following purposes:

Third parties will not be able to access user data beyond what is reasonably necessary to achieve the given purpose.

Other Disclosures
We commit not to sell or share your data with third parties, except in the following cases:
a. If required by law
b. If required for any legal proceedings
c. To prove or protect our legal rights
d. To buyers or potential buyers of this company in the event we seek to sell the company

If you follow hyperlinks from our site to another site, please note that we are not responsible and have no control over their privacy policies and practices.

How Long We Store Personal Data

User data will be stored for a period of: 2 years

We will ensure users are notified if their data is kept longer than this period.

How We Protect Your Personal Data

All sensitive information is encrypted using robust technologies. When you connect to our site, your data is transmitted through a secure connection (HTTPS), ensuring protection against interception or manipulation.

While we take all reasonable precautions to secure user data and ensure its protection, some risk always remains. The Internet as a whole can sometimes present vulnerabilities, so we cannot guarantee absolute security of user data beyond what is reasonably achievable.

In the event of a security breach affecting your personal information, we will inform you in accordance with legal obligations and take necessary measures to limit risks.

Minors

For EU residents, the GDPR specifies that persons under 15 are considered minors for data collection purposes. Minors must have consent from a legal representative for their data to be collected, processed, and used.

Your Rights as a User

As a user, you have the right to access all personal data belonging to you that we have collected. Additionally, you have the right to update or correct any personal data in our possession, provided such correction or update is acceptable under the law.

You also have the right to object to the collection and use of your personal data, subject to legal obligations.

You may choose to delete or modify your consent to data collection and use at any time, provided it is legally acceptable to do so and you have informed us within a reasonable timeframe.

How to Modify, Delete, or Contest Collected Data

If you wish to have your information deleted or modified in any way, please contact our Privacy Officer here:
info@theozboutique.com

Modifications

This privacy policy may be amended from time to time to maintain compliance with the law and account for any changes to our data collection process. We recommend our users check our privacy policy periodically to ensure they are informed of any updates. If necessary, we may inform users by email of changes to this policy.

Contact

If you have any questions, please do not hesitate to contact us using the following:
info@theozboutique.com

Effective date of this policy: August 20, 2025