Privacy Policy

1. Introduction

At Sister's Promise, we respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, share, and protect your data when you use our website and mobile application.

By using our services, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

We collect several types of information to provide and improve our services:

2.1 Account Information

When you create an account, we collect:

• Name and email address
• Password (encrypted and stored securely)
• Contact preferences

2.2 Transaction Information

When you make a purchase, we collect:

• Shipping and billing addresses
• Payment information (processed securely through Square)
• Order history and preferences

2.3 Device and Usage Information

We automatically collect certain information about your device and how you interact with our services:

• Device type, operating system, and browser information
• IP address and location data
• Pages visited and features used
• Time and date of visits

2.4 Analytics Data

We use Google Analytics 4 (GA4) to understand how our services are used. This includes:

• User engagement metrics
• Page views and session duration
• Traffic sources and conversion data

2.5 Email Communications

If you subscribe to our mailing list, we collect:

• Email address
• Communication preferences
• Email engagement data (opens, clicks)

3. How We Use Your Information

We use the information we collect for the following purposes:

• Order Processing: To process and fulfill your orders, including shipping and delivery
• Customer Support: To respond to your inquiries and provide customer service
• Marketing Communications: To send you promotional emails, newsletters, and special offers (with your consent)
• Service Improvement: To analyze usage patterns and improve our products and services
• Fraud Prevention: To detect and prevent fraudulent transactions and protect our users
• Legal Compliance: To comply with applicable laws, regulations, and legal processes

4. Data Sharing and Third Parties

We do not sell your personal information to third parties. We may share your information with trusted service providers who help us operate our business:

4.1 Payment Processing

Square: We use Square to process payments securely. Square collects and processes payment information according to their own privacy policy.

4.2 Email Services

SendGrid/Nodemailer: We use email service providers to send transactional emails and marketing communications.

4.3 Analytics

Google Analytics: We use Google Analytics to understand user behavior and improve our services. Google may collect and process data according to their privacy policy.

4.4 Hosting and Infrastructure

We use trusted hosting providers to store and process your data securely.

4.5 Legal Requirements

We may disclose your information if required by law, legal process, or to protect the rights, property, or safety of Sister's Promise, our users, or others.

5. Data Security

We take the security of your personal information seriously and implement industry-standard measures to protect it:

• Encryption: All sensitive data is encrypted in transit using SSL/TLS protocols
• Secure Servers: Our servers are hosted in secure data centers with restricted access
• Authentication: We use JWT tokens for secure user authentication
• Regular Audits: We conduct regular security audits and updates to protect against vulnerabilities
• Access Controls: We limit access to personal information to authorized personnel only

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Your Rights

You have certain rights regarding your personal information:

• Access: You can request access to the personal information we hold about you
• Correction: You can request that we correct inaccurate or incomplete information
• Deletion: You can request that we delete your personal information, subject to certain legal obligations
• Opt-Out: You can opt out of marketing communications at any time by clicking the unsubscribe link in our emails or contacting us
• Data Portability: You can request a copy of your data in a portable format

To exercise any of these rights, please contact us at the email address provided below.

7. Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes described in this Privacy Policy. Specifically:

• Account Data: Retained while your account is active and for a reasonable period after closure
• Transaction Data: Retained for tax, accounting, and legal compliance purposes (typically 7 years)
• Marketing Data: Retained until you unsubscribe or request deletion
• Analytics Data: Aggregated and anonymized data may be retained indefinitely for statistical purposes

You may request deletion of your personal information at any time by contacting us.

8. Children's Privacy

Our services are not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will take steps to delete such information.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make changes, we will:

• Update the "Last Updated" date at the bottom of this policy
• Notify you via email if the changes are significant
• Post a notice on our website or mobile app

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

10. Contact Us