When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address. When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates. To withdraw this consent, please select unsubscribe on your e-mail.
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only. If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at firstname.lastname@example.org or mailing us at:
Sassy Southern Bourtique
6190 A. Beatline Rd.
Long Beach, MS 39560
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
BIGCOMMERCE - Our store is hosted on BigCommerce. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Below is their piracy policy to explain the data storage, databases and general BigCommerce application.
BigCommerce is responsible for all onward transfers of Personal Data to third parties in accordance with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework.
- Information Types.
- “Account Information” means data about how and when a BigCommerce account is accessed and the features used.
- “Browser Information” means provided by a browser, including the IP address, the website visited, network connection, device information, and other data, including Cookies.
- “Contact Information” means basic personal details, including such information as first and last name, company name, email address, postal address, phone number, and may include social media account information.
- “Payment Information” means, for example, credit card, ACH or other payment information.
- “Security Information” means user ID, password and password hints, and other security information used for authentication and account access.
- “Support Information” includes hardware, software, authentication data, chat session contents, error reports, performance data, and other communication or technical information and may, with express permission, include remote access to facilitate troubleshooting.
- “Transaction Information” means the data related to transactions that occur on our platform, including product, order, shipping information, Contact Information, and Payment Information.
- Information Types.
- “Automated Decision Making” means a decision made solely by automated means without human involvement.
- “Controller” means an entity that determines the purposes and means of the Processing of Personal Data.
- “Cookie” a small file that resides on your computer’s hard drive that often contains an anonymous unique identifier that is accessible by the website that placed it there, but is not accessible by other sites.
- “Merchant” means an entity that has using BigCommerce Services for ecommerce.
- “Partner” means a separate legal entity that is a participant in our Design and Solution Partner (DSP) Program, our Technology Partner Program or other third-party technology integration with the BigCommerce platform, a theme designer, reseller, or referrer of the Services.
- “Personal Data” means any information relating to an identified or identifiable natural person identifiable information under applicable data protection laws and regulations.
- “Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, including, but not limited to, alteration, collection, organization, recording, retrieval, storage, transmission, and use.
- “Processor” means the entity which processes Personal Data on behalf of the Controller
- “Sensitive Personal Data” means any data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, or data concerning health or a natural person’s sex life and/or sexual orientation.
- “Shopper” means an entity that interacts with the ecommerce offering of a Merchant through the BigCommerce platform.
- Merchant Policies. Merchants should help Shoppers understand how the Merchant and BigCommerce collect and process their Personal Data. To that end, Merchants must:
- obtain informed consent from Shoppers for the use and access of their Personal Data by BigCommerce and other third parties; and
- if the Merchant is collecting any Sensitive Personal Data from Shoppers, obtain affirmative, explicit, and informed consent and allow such Shoppers to revoke their consent to the use and access of Sensitive Personal Data at any time.
- Information Collected. When a Merchant interacts with our Website, for example, by signing up for a trial, a subscription, or a newsletter, or performing transactions, BigCommerce may collect and control information such as Account Information, Browser Information, Contact Information, Payment Information, Support Information, and Security Information.
- Information Usage. We use this information to provide Merchants with our Services, confirm identities, provide support, for advertising and marketing, invoicing, to resolve incidents related to the use of our Website and Services, to improve and personalize our Services, and to comply with legal requirements. We may use this information in other cases where we have received express permission.
- Information Collected. When a Partner signs up for a partner account or signs up a Merchant for our Services, BigCommerce may collect and control information such as Account Information, Browser Information, Contact Information, Payment Information, Support Information, and Security Information.
- Information Usage. We use this information to provide Partners with our Services, confirm identities, provide support, for advertising and marketing, invoicing, to resolve incidents related to the use of our Website and Services, to improve and personalize our Services, and to comply with legal requirements. We may use this information in other cases where we have received express permission.
- Information Collected. When Shoppers interact with a Merchant’s ecommerce offering through the BigCommerce platform, we may collect and process Browser Information and Transaction Information of the Shopper on behalf of the Merchant.
- Information Usage. We use this information as a Processor to provide our Services to Merchants, support and process orders, improve and personalize our Services, and manage risk and fraud.
- When visitors browse our Website, or engage in communications with us online or offline, we may collect and control, as applicable, Browser Information, Support Information, and Contact Information submitted or communicated to us.
- We use this information to provide our Services, and improve and personalize communications, interactions, our Services, and provide support if needed.
- Promotional. We may deliver and personalize our communications with Merchants, Partners, and visitors. For example, we may notify a Merchant by email or other means when a subscription is ending, or invite the recipient to participate in a survey. For information about managing email subscriptions and promotional communications, please go to our email preferences page.
- Account. We send certain required communications, such as account notices or information, to users of our Services. You may not opt out of receiving these communications if you have an active storefront.
- Information Sharing.
Our Services are possible because of a variety of third parties and service providers. Sometimes it is necessary to share Merchant, Partner, or Shopper Personal Data with them to support our Services. We may access, transfer, disclose, and/or preserve that Personal Data with consent or in the following circumstances.
- Compliance. If we have a good faith belief that doing so is necessary to: (i) comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies; or (ii) protect the rights or property of BigCommerce, including enforcing the terms governing the use of the Services.
- Protection. If we have a good faith belief that doing so is necessary to: (i) protect Merchants, Partners, Shoppers, or visitors; for example, to prevent spam or attempts to defraud users of our Services, or in response to threats of safety of any person; (ii) operate and maintain the security of our products, including to prevent or stop an attack on our computer systems or networks.
- Affiliates. We share Personal Data among BigCommerce-controlled affiliates and subsidiaries.
- Payment Processing. We share payment data with banks and other entities that process payment transactions or provide other financial services, and for fraud prevention and credit risk reduction.
- Apps. Upon receiving a Merchant’s consent to install an application, we will share the Merchant’s Contact Information with the app Partner.
- Merger; Sale. We may also disclose Personal Data as part of a corporate transaction such as a merger or sale of assets.
- Automated Decision-Making.
Some Personal Data may be used in Automated Decision Making to help us screen accounts for risk, fraud, or abuse concerns.
- Information Protection.
- We maintain administrative, technical, and physical security measures designed to provide reasonable protection for Personal Data against unauthorized access, disclosure, alteration, loss, and misuse. These security measures include access controls, encryption, and firewalls. We are certified as a PCI DSS Level 1 compliant service provider, which is the highest level of compliance available, and our platform is audited annually by an independent third-party qualified security assessor. Unfortunately, no method of Internet use, data transmission, or electronic storage is completely secure, so we cannot guarantee the absolute security of Personal Data.
- While we are dedicated to securing our Website and Services, you are responsible for securing and maintaining the privacy of your passwords and account information. We are not responsible for protecting Personal Data shared with a third-party based on an account connection that you have authorized.
- Accountability for Onward Transfer.
- Privacy Shield. We provide services around the world. To provide our Services, it may be necessary to transmit Personal Data outside of the country, state, or province where the data was received. As a participant in the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework, we are subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.
- Data Processors. We will only share or disclose Personal Data to Processors that we have contractually obligated to provide at least the same level of privacy protection required by the principles underlying the Privacy Shield. Furthermore, we will obligate any Processor to the specified, explicit and legitimate purposes consistent with your consent.
- Remedial Measures. If we learn Personal Data is not protected according to our contract, or is being processed beyond your consent, we will take reasonable steps to protect your information and/or cease its illegitimate processing.
- Access to Your Personal Data.
- We understand that you have rights over your Personal Data, and provide reasonable steps to allow you to access, correct, amend, delete, port, or limit the use of your Personal Data. This includes the right to withdraw, at any time, your consent for our collection and use. Additionally, you may have the right to make a complaint with the Data Protection Authority in your country.
- Merchants, Shoppers, and Partners are able to update many types of collected Personal Data directly within their accounts. Please contact us if you are unable to access or otherwise change your Personal Data within your account, or if you are concerned about other data collected.
- Shoppers, we are a Processor to your Merchant. You may also wish to contact your Merchant(s) directly regarding your Personal Data they have collected. We can only forward your request to them. Any deletion or limitation on the use of your Personal Data may negatively affect your use of our Services.
- Enforcement; Recourse.
In compliance with the Privacy Shield Principles, BigCommerce commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact BigCommerce at: