Privacy Policy

This Privacy Policy applies to personal information collected by PrettyLittleThing. PrettyLittleThing is bound by the Personal Data (Privacy) Ordinance (Cap. 486), which governs how organizations collect, use, store, and disclose personal information.

This Service is based in Hong Kong SAR. We make no claims regarding whether the Content may be downloaded, viewed, or is appropriate for use outside of Hong Kong SAR. If you access the Service or Content from outside Hong Kong SAR, you do so at your own risk. You are solely responsible for ensuring compliance with the laws of your jurisdiction.

SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?

When you purchase something from our store, as part of the buying and selling process, we collect personal information such as your name, address, and email address.

When you browse our store, we also automatically receive your computer’s internet protocol (IP) address to help us understand your browser and operating system.

Email marketing (if applicable): With your permission, we may send you emails about our store, new products, and other updates.

SECTION 2 - CONSENT

How do you give consent?
When you provide personal information to complete a transaction, verify your credit card, place an order, arrange for delivery, or return a purchase, we imply that you consent to collecting and using it for that specific purpose only.

If we request your personal information for a secondary purpose, such as marketing, we will either ask for your explicit consent or provide an opportunity to decline.

How do you withdraw consent?
If you change your mind after opting in, you may withdraw your consent at any time by contacting us at support@prettylittlething.com.

SECTION 3 - DISCLOSURE

We may disclose your personal information if required by law or if you violate our Terms of Service.

SECTION 4 - SHOPIFY

Our store is hosted on Shopify Inc., which provides the e-commerce platform that allows us to sell our products and services.

Your data is stored through Shopify’s data storage systems and databases, secured behind a firewall.

Payment:
If you choose a direct payment gateway, Shopify stores your credit card data encrypted through PCI-DSS standards. Transaction data is retained only as long as necessary to complete the purchase and is then deleted.

All payment gateways adhere to PCI-DSS standards set by the PCI Security Standards Council (including Visa, MasterCard, American Express, and Discover).

SECTION 5 - THIRD-PARTY SERVICES

Third-party providers collect, use, and disclose your information only as necessary to perform their services. However, some providers (such as payment gateways) have their own privacy policies.

We recommend reviewing their policies to understand how your information is handled.

Some providers may operate in jurisdictions different from yours or ours. If you proceed with a transaction involving such providers, your information may be subject to the laws of those jurisdictions.

Once you leave our website or are redirected to a third-party platform, this Privacy Policy and our Terms of Service no longer apply.

SECTION 6 - SECURITY

We take reasonable precautions and follow industry best practices to protect your personal information from loss, misuse, unauthorized access, disclosure, alteration, or destruction.

Credit card data is encrypted using SSL technology and stored with AES-256 encryption. While no method of transmission over the Internet is 100% secure, we comply with PCI-DSS and additional industry standards.

SECTION 7 - COOKIES

We use cookies to enhance your browsing experience. Examples include:

_session_id: Stores session information (referrer, landing page, etc.)
_shopify_visit: Tracks visits (30-minute persistence)
_shopify_uniq: Counts visits per customer (expires next day)
cart: Stores cart contents (2 weeks)
_secure_session_id: Secure session token
storefront_digest: Determines access if the store is password-protected

You may choose to disable cookies through your browser settings.

SECTION 8 - AGE OF CONSENT

By using this site, you confirm that you are at least the age of majority in your state or province, or that you have given consent for your minor dependents to use this site.

SECTION 9 - CHANGES TO THIS PRIVACY POLICY

We reserve the right to modify this policy at any time. Changes take effect immediately upon posting.

If significant updates are made, we will notify you so you are aware of what information we collect, how we use it, and under what circumstances it may be disclosed.

If our business is acquired or merged, your information may be transferred to the new owners.

SECTION 10 - ACCOUNT DELETION RIGHT

You have the right to request deletion of your account at any time without charge.

To delete your account:
Log in → [Settings] → [My Account] → [Delete Account], and follow the confirmation steps.

QUESTIONS AND CONTACT INFORMATION

If you would like to access, correct, amend, or delete any personal information, file a complaint, or request more information, please contact our Privacy Compliance Officer at:

support@prettylittlething.com

All terms are governed by the laws of Hong Kong SAR.