Privacy policy

Last updated: October 24, 2025

Own My Heart operates this store and website, including all related information, content, features, tools, products, and services, to provide you with a curated shopping experience (the "Services"). Own My Heart is powered by Shopify, which enables us to provide these Services to you. This Privacy Policy describes how we collect, use, and disclose your personal information when you visit, use, or make a purchase or other transaction using the Services or otherwise communicate with us.
If there is a conflict between our Terms of Service and this Privacy Policy, this Privacy Policy controls with respect to the collection, processing, and disclosure of your personal information.

Please read this Privacy Policy carefully. By using and accessing any of the Services, you acknowledge that you have read this Privacy Policy and understand the collection, use, and disclosure of your information as described here.

Personal Information We Collect or Process

When we use the term "personal information," we are referring to information that identifies or can reasonably be linked to you or another person. Personal information does not include information that is collected anonymously or that has been de-identified, so that it cannot identify or be reasonably linked to you. We may collect or process the following categories of personal information, including inferences drawn from this personal information, depending on how you interact with the Services, where you live, and as permitted or required by applicable law:

  • Contact details including your name, address, billing address, shipping address, phone number, and email address.
  • Financial information including credit card, debit card, and financial account numbers, payment card information, financial account information, transaction details, form of payment, payment confirmation and other payment details.
  • Account information including your username, password, security questions, preferences and settings.
  • Transaction information including the items you view, put in your cart, add to your wishlist, or purchase, return, exchange or cancel and your past transactions.
  • Communications with us including the information you include in communications with us, for example, when sending a customer support inquiry.
  • Device information including information about your device, browser, or network connection, your IP address, and other unique identifiers.
  • Usage information including information regarding your interaction with the Services, including how and when you interact with or navigate the Services.

Personal Information Sources

We may collect personal information from the following sources:

  • Directly from you, for example when you create an account, make a purchase, contact us, or otherwise interact with Own My Heart;
  • Automatically through the Services including from your device when you use our products or services or visit our websites, and through the use of cookies and similar technologies;
  • From our service providers including when we engage them to enable certain technology and when they collect or process your personal information on our behalf;
  • From our partners or other third parties, where permitted by law and as needed to provide our products and services.

How We Use Your Personal Information

Depending on how you interact with us or which of the Services you use, we may process your personal information for the following purposes and in accordance with the legal bases permitted under the General Data Protection Regulation (GDPR):

  • Provide, Tailor, and Improve the Services (Performance of a Contract / Legitimate Interest).
    We use your personal information to operate and improve our Services — including processing orders and payments, managing your account, arranging shipping or returns, and personalizing your shopping experience. This allows us to fulfil our contractual obligations and continuously enhance your experience with Own My Heart.
  • Marketing and Advertising (Consent / Legitimate Interest).
    We may use your personal information to send you marketing communications (by email, SMS, or post) or show you relevant advertisements based on your preferences and activity. You can withdraw your consent or opt out of marketing communications at any time by following the unsubscribe link in our emails.
  • Security and Fraud Prevention (Legitimate Interest / Legal Obligation).
    We process personal information to authenticate accounts, secure payments, detect and prevent fraud, and protect the integrity of our Services. If you have an account, please keep your login details safe and private.
  • Communicating with You (Performance of a Contract / Legitimate Interest).
    We use your information to provide customer support, respond to inquiries, and maintain our ongoing relationship with you.
  • Legal and Regulatory Compliance (Legal Obligation).
    We may process your personal information to comply with applicable EU or national laws, respond to lawful requests, or enforce our Terms and policies.

How We Disclose Personal Information

In certain circumstances, we may share or disclose your personal information to third parties for legitimate business purposes, in accordance with this Privacy Policy and applicable data protection laws. These circumstances may include:

  • We share personal information with Shopify and other trusted vendors who perform services on our behalf, such as IT management, payment processing, data analytics, customer support, cloud storage, order fulfillment, and shipping. These providers process your information only as necessary to perform their services and are bound by confidentiality and data protection obligations.
  • We may share personal information with business and marketing partners to provide marketing services and display personalized advertisements. For example, Shopify supports personalized advertising using information about your activity across our store and other merchants. Our partners process your information according to their privacy policies. Depending on your location, you may have the right to opt out of targeted advertising and marketing. You can exercise these rights via the here .
  • We may disclose personal information when you explicitly request or consent to it, for example, to ship products to a third party or through social media integrations.
  • We may share personal information within our affiliates or corporate group, if applicable, for administrative or operational purposes.
  • We may disclose information in connection with a merger, acquisition, bankruptcy, or other business transaction. We may also disclose personal information to comply with legal obligations, respond to lawful requests (e.g., subpoenas or search warrants), enforce our terms of service or policies, or protect our rights and those of our users.

Relationship with Shopify

The Services are hosted by Shopify, which collects and processes personal information about your access to and use of the Services to provide and improve the Services for you. Information you submit to the Services may be transmitted to and shared with Shopify, as well as third parties located outside your country of residence, to provide and improve the Services. To help protect, grow, and improve our business, we may use certain Shopify enhanced features that incorporate data from your interactions with our Store, other merchants, and Shopify. In these circumstances, Shopify is responsible for processing your personal information, including responding to requests to exercise your rights over its use. To learn more about how Shopify uses your personal information and the rights you may have, please visit the Shopify Consumer Privacy Policy . Depending on where you live, you may also exercise certain rights with respect to your personal information through the Shopify Privacy Portal Link.

Third Party Websites and Links

The Services may provide links to websites or other online platforms operated by third parties. If you follow links to sites not affiliated or controlled by us, you should review their privacy and security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy or security of such sites, including the accuracy, completeness, or reliability of information found on these sites. Information you provide on public or semi-public venues, including information you share on third-party social networking platforms may also be viewable by other users of the Services and/or users of those third-party platforms without limitation as to its use by us or by a third party. Our inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators, except as disclosed on the Services.

Children's Data

The Services are not intended to be used by children, and we do not knowingly collect any personal information about children under the age of majority in your jurisdiction. If you are the parent or guardian of a child who has provided us with their personal information, you may contact us using the contact details set out below to request that it be deleted. As of the Effective Date of this Privacy Policy, we do not have actual knowledge that we "share" or "sell" (as those terms are defined in applicable law) personal information of individuals under 16 years of age.

Security and Retention of Your Information

Please be aware that no security measures are perfect or impenetrable, and we cannot guarantee "perfect security." In addition, any information you send to us may not be secure while in transit. We recommend that you do not use unsecure channels to communicate sensitive or confidential information to us.

How long we retain your personal information depends on different factors, such as whether we need the information to maintain your account, to provide you with Services, comply with legal obligations, resolve disputes or enforce other applicable contracts and policies.

Your Rights and Choices

Depending on where you live, you may have some or all of the rights listed below in relation to your personal information. However, these rights are not absolute, may apply only in certain circumstances and, in certain cases, we may decline your request as permitted by law.

  • Right to Access / Know. You may have a right to request access to personal information that we hold about you.
  • Right to Delete. You may have a right to request that we delete personal information we maintain about you.
  • Right to Correct. You may have a right to request that we correct inaccurate personal information we maintain about you.
  • Right of Portability. You may have a right to receive a copy of the personal information we hold about you and to request that we transfer it to a third party, in certain circumstances and with certain exceptions.
  • Managing Communication Preferences. We may send you promotional emails, and you may opt out of receiving these at any time by using the unsubscribe option displayed in our emails to you. If you opt out, we may still send you non-promotional emails, such as those about your account or orders that you have made.

If you reside in the UK or European Economic Area, and subject to exceptions and limitations provided by local law, you may exercise the following rights in addition to the rights outlined above:

  • Objection to Processing and Restriction of Processing: You may have the right to ask us to stop or restrict our processing of personal information for certain purposes.
  • Withdrawal of Consent: Where we rely on consent to process your personal information, you have the right to withdraw this consent. If you withdraw your consent, this will not affect the lawfulness of any processing based on your consent before its withdrawal.

You may exercise any of these rights where indicated on the Services or by contacting us using the contact details provided below. To learn more about how Shopify uses your personal information and any rights you may have, including rights related to data processed by Shopify, you can visit https://privacy.shopify.com/en.

We will not discriminate against you for exercising any of these rights. We may need to verify your identity before we can process your requests, as permitted or required under applicable law. In accordance with applicable laws, you may designate an authorized agent to make requests on your behalf to exercise your rights. Before accepting such a request from an agent, we will require that the agent provide proof you have authorized them to act on your behalf, and we may need you to verify your identity directly with us. We will respond to your request in a timely manner as required under applicable law.

Complaints

If you have complaints about how we process your personal information, please contact us using the contact details provided below. Depending on where you live, you may have the right to appeal our decision by contacting us using the contact details set out below, or lodge your complaint with your local data protection authority. For the EEA, you can find a list of the responsible data protection supervisory authorities here.

International Transfers

Please note that we may transfer, store and process your personal information outside the country you live in.

If we transfer your personal information out of the European Economic Area or the United Kingdom, we will rely on recognized transfer mechanisms like the European Commission's Standard Contractual Clauses, or any equivalent contracts issued by the relevant competent authority of the UK, as relevant, unless the data transfer is to a country that has been determined to provide an adequate level of protection.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time, including to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will post the revised Privacy Policy on this website, update the "Last updated" date and provide notice as required by applicable law.

Contact

Should you have any questions about our privacy practices or this Privacy Policy, or if you would like to exercise any of the rights available to you, please email us at hello@ownmyheart.com For the purpose of applicable data protection laws, we are the data controller of your personal information.