Bookish Boutique

Bookish Boutique

Privacy Policy

At Bookish Boutique (referred to as “we,” “us,” or “our”), we value your comments, suggestions, and feedback. This Privacy Policy explains how we collect, use, and disclose your information—both “personal information” and “non-personal information”—in relation to Bookish Boutique’s multi-vendor marketplace and associated website (the “Service”).

By accessing or using the Service, you agree to the terms of this Privacy Policy. If you do not agree, you may not use or access the Service.

1. Scope of This Policy

This Privacy Policy applies to all visitors and users of our multi-vendor marketplace. It describes:

  • What information is collected about you.
  • How we use this information.
  • With whom we share this information.
  • How you can access, update, or delete your information.

We will comply with all relevant and applicable legislative requirements, and, in the event of any inconsistency, the legislative requirements will override the provisions of this document.

2. Children’s Privacy

Children under the age of 13 (or any higher minimum age required by local law) are not permitted to use the Service. We do not knowingly collect children’s data. We limit any data collection to purposes that support the internal operations of the Service, in accordance with this Privacy Policy and applicable laws. If you become aware that a child under 13 has provided us with personal information, please contact us immediately so we can remove it.

3. Data We Collect

We may collect information about you that is either personal or non-personal. Sometimes information that initially appears non-personal can become personal if combined with other data that identifies you. We collect data in three main ways:

  • Data collected automatically
  • Data you provide to us
  • Data collected by our partners

We collect this data under the basis of “legitimate interest” under the GDPR and “to support internal operations of the Service” under COPPA. Per the CCPA, data is collected solely for internal purposes reasonably and directly related to your relationship with us.

3.1 Data Collected Automatically

Examples of automatically collected data include:

  • Device Information: Such as device type, operating system, browser type, IP address, and language settings.
  • Usage Information: Logs of how you interact with the Service (e.g., pages visited, items in cart, session identifiers).

3.2 Data You Provide to Us

We collect personal information you submit directly when:

  • Creating an account or making a purchase (e.g., name, email, shipping and billing addresses, phone number).
  • Contacting us directly (e.g., via email, support chats, or other communication channels).

3.3 Data Collected by Our Partners

We rely on various third-party service providers to operate and manage the Service, including but not limited to:

  • Stripe Connect for payment processing.
  • Google (e.g., Google SSO, Google Analytics).
  • Clerk for identity management and session handling.
  • Swell for backend e-commerce functionality.
  • Vercel and Next.js for hosting and site infrastructure.
  • Amazon S3 for file storage.
  • Twilio SendGrid for email communications (e.g., order confirmations, account notifications).

We do not control these third-party platforms. Your use of these services may be governed by their own terms and privacy policies.

3.4 Vendor Newsletter Signups

If you choose to sign up for a particular vendor’s newsletter on our platform (for example, on that vendor’s storefront), we collect your email (and any other data you provide) and share it with that vendor so they can manage their own mailing campaigns. After that point, the vendor is responsible for how they use, store, or further process your email, and such usage is governed by the vendor’s own privacy policy.

4. How We Use the Data We Collect

Regardless of how we collect your data, we handle it according to this Privacy Policy and applicable legislation. Typical uses include:

  • Providing and Maintaining the Service (processing orders, facilitating vendor transactions).
  • Communications (responding to inquiries, sending updates, delivering promotional messages if you opt in).
  • Vendor Fulfillment (sharing relevant customer details with vendors so they can fulfill and ship orders).
  • Analytics and Improvements (reviewing usage patterns to troubleshoot technical issues, improve site performance, and develop new features).
  • Legal Compliance and Security (preventing fraud, enforcing legal terms, and protecting the rights, property, and safety of our users and others).
  • Vendor Newsletter Signups (passing your submitted email/data to a vendor if you sign up for their mailing list).

5. What Is Personal Information?

Personal Information” identifies you as an individual (e.g., your name or email address). We collect personal information only if you submit it to us directly (for example, when creating an account or making a purchase).

Sensitive Information includes data about an individual’s racial or ethnic origin, political or religious beliefs, criminal records, or health information. We do not attempt to obtain or record any sensitive information.

6. Access to Your Data and Data Deletion

We retain your data only as necessary for our legitimate business interests (e.g., tax and legal obligations) or as otherwise required by law. You have the right to:

  • Access the data we hold about you.
  • Update or correct your data.
  • Request deletion of your personal information, subject to exceptions under the law.

If you wish to know what data we hold about you or want to request deletion of your data, please contact us (see “Contact Information” below). We may require proof of identification before processing such requests.

Note: If you have signed up for a vendor’s newsletter, you must typically unsubscribe directly with that vendor or use their provided unsubscribe link. Bookish Boutique does not manage or control vendor mailing lists and cannot remove you from a vendor’s external database.

7. Data Subject Requests

If you are a resident of certain jurisdictions (e.g., the EU/EEA under GDPR or California under the CCPA), you may have additional data subject rights. These can include the right to opt out of certain data sharing, the right to data portability, or to restrict processing. We will respond to such requests in accordance with applicable law.

8. Disclosure and Security of Your Data

We do not sell, trade, or rent your personal information without your prior consent. Your data may be disclosed only to trusted third parties in order to operate the Service, or where required by law.

We store your personal information in a manner that reasonably protects it from misuse, loss, unauthorized access, modification, or disclosure. However, no method of electronic transmission or storage is 100% secure. We recommend that you use strong passwords and protect your own devices against unauthorized access.

9. Changes to This Policy

This Privacy Policy may be updated from time to time. We will post the most current version at a publicly accessible URL (e.g., /privacy). Changes become effective upon posting. We encourage you to review this Privacy Policy regularly so you remain informed about our data practices.

10. Complaints

If you have a complaint regarding any potential breach of this Privacy Policy or relevant laws, please contact us using the details below. We take your privacy concerns seriously and will respond in accordance with applicable regulations.

11. Contact Information

If you have any questions, comments, or requests relating to this Privacy Policy, please contact us at:

  • Email: privacy@bookish.boutique

Privacy policy last updated on April 6, 2025