Shop
Search
0 Wishlist
0
0
Shopping Cart(0)
Your cart is currently empty. Shop all products

Privacy Policy

Effective Date: June 4, 2025

Last Updated: July 2, 2025

1. Introduction

At Dare to Mystic (“we”, “our”, or “us”), your privacy and trust are very important to us. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information when you visit our website at https://daretomystic.com (the “Site”), or engage with our services, such as placing an order, subscribing to our newsletter, or browsing our crystal jewelry collections.

We are committed to protecting your personal data in accordance with applicable privacy laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant local regulations. Whether you’re shopping for your first bracelet or simply exploring our story, we want you to feel safe and informed.

By using our Site, you agree to the collection and use of your information in accordance with this Privacy Policy. If you do not agree with our practices, we recommend you discontinue use of the Site. You always have the right to access, correct, or delete your data, and we’re here to support you in exercising those rights.

This policy is designed to answer questions such as:

  • What information do we collect and why?
  • How is your information stored and protected?
  • Do we share your information with anyone else?
  • What choices do you have about your data?

Please read this Privacy Policy carefully. If you have any questions or concerns, feel free to contact us at privacy@daretomystic.com.

Privacy Policy – How we collect and use your personal information

2. How We Collect and Use Your Personal Information

At Dare to Mystic, we collect personal and non-personal information to process orders, enhance your experience, and ensure the security and functionality of our services. Below is how we collect and use this information:

a. Information You Provide Directly

When you actively engage with our Site—for example, by placing an order, subscribing to our newsletter, creating an account, or contacting our customer service team—you may voluntarily provide us with certain personal information. This information may include:

  • Full name
  • Email address
  • Billing and shipping address
  • Phone number
  • Payment information (securely handled by third-party payment processors; we do not store full card details)
  • Order details, purchase history, and product preferences

We use this information for the following purposes:

  • Order Processing and Fulfillment: To verify and process your payment, confirm your order, and ensure timely shipping and delivery
  • Customer Support: To respond to your inquiries, address issues, and provide after-sales service
  • Marketing Communications: To send promotional emails, newsletters, and product updates, but only if you have opted in to receive such communications
  • Personalized Experience: To suggest products or services based on your previous purchases and browsing behavior
  • Business Analytics and Improvement: To analyze customer behavior and purchasing patterns, helping us improve our product selection, inventory planning, and overall service

We only collect and process the personal data that is necessary for these purposes, and we handle all such information in accordance with applicable data protection laws.

b. Information Collected Automatically

When you visit or interact with our Site, we automatically collect—​as detailed in this Privacy Policy—​certain technical and behavioral information using cookies, embedded scripts, and third-party analytics tools. This information is typically non-personal but may be combined with other data to enhance your experience. The types of data we collect include:

  • Browser type and version
  • Device type, operating system, and screen resolution
  • IP address and approximate geolocation
  • Date, time, and duration of visits
  • Referring URLs and pages viewed on our Site
  • Clickstream data (e.g., navigation paths, time spent on each page)
  • User interactions (e.g., clicks, scrolling behavior, items added to cart or wishlist)

This data is collected through tools such as:

  • Cookies and local storage to remember preferences or maintain sessions
  • WordPress-integrated analytics tools (e.g., Jetpack, WooCommerce Reports)
  • Third-party analytics services (e.g., Google Analytics, Meta Pixel)

We use this information to:

  • Analyze how users interact with our Site in order to improve layout, content flow, and navigation
  • Ensure website stability, security, and performance across different devices and browsers
  • Deliver personalized content, product recommendations, or promotional messages
  • Identify and mitigate fraudulent behavior, bots, or misuse of our services

You may choose to disable cookies through your browser settings, though some Site features may be limited as a result.

In addition to the data you provide directly or that we collect automatically, we may also receive limited information from trusted third-party service providers and platforms that help us operate and improve our Site. These include:

1. Payment Processors

  • Transaction status (e.g., success, failure, refund), fraud alerts, and dispute notifications
  • Enables secure order fulfillment and protects against fraudulent activity

2.Marketing and Advertising Platforms

  • Campaign data such as impressions, click-through rates, conversions, and user engagement metrics
  • Attribution insights to understand how users discover and interact with our brand
  • Allows us to refine our marketing strategy and deliver relevant promotions

3.Social Media Platforms

  • Publicly available profile data (e.g., username, profile picture) and engagement insights when you interact with our content on platforms like Instagram, TikTok, or Facebook
  • Referral traffic data to track which posts or campaigns lead users to our Site
  • Helps maintain brand consistency and better serve community engagement

4.WordPress and Connected Plugins

As our Site is built on WordPress, we may receive data via:

  • Core WordPress features (e.g., user account creation, comment submissions, form entries)
  • E-commerce plugins (e.g., WooCommerce – for order tracking, customer accounts, cart data)
  • Analytics tools integrated through WordPress (e.g., Jetpack, MonsterInsights)
  • Security plugins (e.g., firewall logs, login attempt tracking, spam detection)

These tools help us:

  • Manage orders and customer profiles
  • Enhance website performance and detect issues
  • Secure the Site from malicious activity
  • Understand general visitor behavior to improve content and usability

We only integrate plugins and services that are reputable, regularly updated, and compliant with major privacy regulations such as GDPR and CCPA.

3. How We Use Your Information

We use the personal information we collect for various legitimate business purposes, all aimed at enhancing your shopping experience and maintaining a secure, functional platform. Specifically, we use your information to:

1.Fulfill and Manage Orders

  • Process payments securely through third-party providers
  • Confirm orders and send transactional communications (e.g., receipts, shipping updates, delivery confirmations)
  • Handle returns, exchanges, and refund requests
  • Maintain a record of past purchases to support order tracking or repurchasing

2.Provide Customer Support

  • Respond to your inquiries or issues submitted via email, contact forms, or live chat
  • Resolve technical problems or service-related concerns
  • Customize support based on your previous interactions or order history

3.Communicate Marketing and Promotional Content (With Consent)

  • Send newsletters, special offers, and new product announcements if you have opted in
  • Personalize marketing content based on your browsing and purchase behavior
  • Allow you to participate in contests, surveys, or promotional campaigns

4.Improve Website Functionality and User Experience

  • Analyze user behavior and preferences to enhance website navigation and performance
  • Optimize product presentation, search functionality, and overall shopping flow
  • Test new features and implement design improvements

5.Ensure Platform Security and Fraud Prevention

  • Detect and investigate suspicious activities or unauthorized transactions
  • Protect user accounts and prevent misuse of our services
  • Enforce our terms of service and protect our rights and property

6.Comply with Legal and Regulatory Obligations

  • Respond to legal requests, such as subpoenas or court orders, where required
  • Maintain appropriate records for tax, accounting, or auditing purposes
  • Uphold consumer rights laws and international data protection regulations (e.g., GDPR, CCPA)

4. Legal Basis for Processing

For users located in the European Economic Area (EEA), the United Kingdom (UK), or other regions where data protection laws such as the General Data Protection Regulation (GDPR) apply, we are required to explain the legal bases on which we process your personal data. Depending on the context and type of information involved, we rely on one or more of the following lawful bases:

  • Contractual Necessity: We process your name, shipping address, billing details, and payment information as necessary to fulfill and manage your orders, deliver products, and facilitate returns or refunds.
  • Explicit Consent: We use your email address and communication preferences to send newsletters, promotional offers, and other marketing content only if you have opted in. You can withdraw consent at any time.
  • Legitimate Interests: We collect and analyze technical data such as your IP address, device type, and browsing behavior to help detect fraud, secure our Site, and ensure smooth functionality. These activities support our legitimate interest in operating a safe and efficient platform without unduly affecting your rights and freedoms.
  • Consent or Legitimate Interest (for Analytics and Cookies): For website analytics and cookie tracking, we rely on either your consent (where required under law, such as in the EU) or our legitimate interest in understanding user behavior to improve the performance and usability of our Site.

We only process your personal data for purposes that are necessary, proportionate, and compliant with the applicable legal framework. If you have questions about our legal basis for a specific type of data processing, feel free to contact us at privacy@daretomystic.com.

5. How We Store and Protect Your Information

We take data security seriously and implement a range of industry-standard technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. Our approach is designed to ensure both data integrity and confidentiality, whether the information is in transit or at rest.

1.Data Transmission Security

  • All data transmitted between your browser and our Site is protected using SSL (Secure Socket Layer) encryption, which ensures that personal and payment information is securely encrypted during checkout and account interactions.
  • We enforce HTTPS across our website to maintain encrypted sessions at all times.

2.Data Storage and Infrastructure

  • Our website is hosted on WordPress-based infrastructure, utilizing Rocket.net (or applicable hosting provider) which provides server-side firewalls, malware scanning, and DDoS protection.
  • Access to our database and admin systems is restricted to authorized personnel only, using role-based access controls and multi-factor authentication (MFA) where applicable.
  • Customer data is stored on secure servers with regularly patched operating systems and up-to-date security protocols.

3.Payment Security

  • We do not store full credit card information on our servers. All payment transactions are processed securely through third-party PCI-DSS compliant providers such as Stripe or PayPal, depending on your checkout method.
  • Tokenization or encryption is used by processors to protect your payment data.

4.Monitoring and Threat Detection

  • We perform regular security audits and vulnerability assessments on our Site and plugins.
  • Real-time monitoring tools help us detect suspicious activities such as brute-force attacks, unauthorized login attempts, or abnormal traffic patterns.
  • Backup systems are in place to allow for quick data recovery in case of accidental loss or system failure.

5.Data Retention and Minimization

  • We only retain your personal data for as long as it is necessary to fulfill the purposes outlined in this policy, or as required by law (e.g., for tax, compliance, or warranty-related obligations).
  • Unnecessary or outdated data is anonymized or securely deleted on a routine basis.

While no system can guarantee 100% security, we are committed to continuously reviewing and improving our security practices to keep your personal information safe.

6. Sharing of Information

We respect your privacy and only share your personal information with third parties when it is necessary for business operations, legally required, or when you have provided your consent. We do not sell, rent, or trade your personal data to any third parties.

We may share your information with the following categories of trusted service providers:

  • Payment Processors
    (e.g., PayPal) to securely process your payments and handle transactions. These providers are PCI-DSS compliant and do not share your full payment details with us.
  • Shipping and Fulfillment Partners
    (e.g., USPS, FedEx, DHL) to ensure timely and accurate delivery of your orders, as well as to facilitate returns or exchanges.
  • Email and Marketing Platforms
    (e.g., Mailchimp) to manage email newsletters, abandoned cart reminders, and promotional communications, but only if you’ve opted to receive marketing messages.
  • Analytics and Performance Tools
    (e.g., Google Analytics, Meta Pixel, Jetpack) to help us understand how visitors use our website, evaluate marketing performance, and improve customer experience.
  • Website Hosting and Security Providers
    (e.g., Rocket.net, Cloudflare) to ensure the secure and stable operation of our Site, including SSL encryption, firewall protection, and uptime monitoring.

Our commitments when sharing your information:

  • All third-party service providers are required by contractual agreement to use your data solely for the specific services they provide to us, and only in accordance with applicable data protection laws, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) where relevant.
  • We conduct due diligence on our providers to ensure they maintain robust security practices and do not use your data for their own marketing or unrelated purposes.

Your data will never be sold or disclosed to unauthorized entities. We value your trust and remain committed to maintaining the confidentiality and integrity of your personal information.

7. Your Rights and Choices

We are committed to ensuring that you remain in control of your personal information. Depending on your location and applicable data protection laws, you may have the following rights:

You have the right to:

  • Access
    Request access to the personal data we hold about you, including the categories of data, the purposes for which it is used, and the parties with whom it may be shared.
  • Rectification
    Request correction of any inaccurate, incomplete, or outdated personal information.
  • Erasure (“Right to be Forgotten”)
    Request the deletion of your personal data, subject to certain exceptions (e.g., legal or transactional record-keeping requirements).
  • Restriction of Processing
    Request that we limit the processing of your personal data under certain circumstances—for example, if you contest the accuracy or object to processing.
  • Data Portability
    Request a copy of your personal information in a structured, commonly used, and machine-readable format, and (where feasible) the transfer of this data to another service provider.
  • Withdraw Consent
    Withdraw previously given consent for marketing or other data processing activities. This will not affect the lawfulness of processing based on consent before its withdrawal.
  • Object to Processing
    Object to certain types of processing, including the use of your data for direct marketing or profiling.

How to Exercise Your Rights

To submit a request regarding any of the rights listed above, please contact us at:

Email: privacy@daretomystic.com

We may request additional information to verify your identity before processing your request. We aim to respond to all requests within 30 days unless a longer period is required by law.

Please note: Some rights may not be applicable in all jurisdictions, and certain requests may be declined where permitted by law (e.g., when the data is required for legal compliance or ongoing transaction support).

8. Do Not Track and Global Privacy Control

Some browsers offer a “Do Not Track” (DNT) feature that lets you signal your preferences regarding tracking across websites. Please note that our Site does not currently respond to DNT signals.

However, we recognize and honor Global Privacy Control (GPC) signals in jurisdictions where it is legally required. When such a signal is received from a supported browser or extension, we will treat it as a valid request to opt out of the sale or sharing of your personal information under applicable state privacy laws, such as the California Consumer Privacy Rights Act (CPRA) and similar U.S. legislation.

9. Cookies and Tracking Technologies

Our Site uses cookies and similar tracking technologies to enhance your browsing experience, analyze traffic, and deliver relevant content and advertising. These technologies help us understand how users interact with our website and personalize features accordingly.

What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They contain information such as browser type, session duration, user preferences, and sometimes personal identifiers. Cookies do not harm your device and cannot access files or programs.

Types of Cookies We Use

We use both first-party (set by us) and third-party (set by external services) cookies. These may include:

  • Essential Cookies
    Necessary for the Site to function properly, such as enabling secure login, cart management, or checkout processes.
  • Performance & Analytics Cookies
    Help us measure traffic, identify usage patterns, and improve the Site’s functionality. For example, Google Analytics cookies collect anonymous usage data.
  • Functional Cookies
    Remember your preferences (such as language or region), so you don’t have to re-enter them on each visit.
  • Marketing & Advertising Cookies
    Track browsing behavior to display relevant ads across other websites or social platforms (e.g., via Meta Pixel, Google Ads, etc.). These cookies are only active if you consent.

Other Tracking Technologies

We may also use:

  • Web beacons (pixels) – small graphic files used to monitor website traffic or email campaign effectiveness
  • Local storage – similar to cookies but capable of storing larger amounts of data in your browser

Your Choices and Controls

You have the right to accept or reject cookies:

  • Browser Settings: Most browsers allow you to block or delete cookies through their settings. However, blocking essential cookies may limit the Site’s functionality.
  • Cookie Consent Banner: Upon your first visit, you will be presented with a cookie consent tool that allows you to choose which categories of cookies you allow.
  • Opt-Out Tools: You can opt out of certain third-party advertising cookies through the following platforms:

You can also opt out of Google Analytics by installing Google’s opt-out browser add-on.

We do not sell or share your personal information as defined under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).

If we ever engage in such practices in the future, you will be provided with a clear opt-out mechanism, including a “Do Not Sell or Share My Personal Information” link on our homepage.

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • The right to know what categories of personal information we collect, use, disclose, and retain
  • The right to access and request a copy of your personal information
  • The right to delete your personal data, subject to legal exceptions
  • The right to opt out of the sale or sharing of your data (if applicable)
  • The right to non-discrimination for exercising your privacy rights

Each cookie has a unique expiration time. Session cookies expire when you close your browser, while persistent cookies may remain on your device for up to 24 months or as specified by the third-party provider.

To submit a request under the CCPA/CPRA, please contact us at privacy@daretomystic.com.

For more information about how we manage cookies or to change your cookie settings at any time, please refer to our [Cookie Settings Panel] or contact us at privacy@daretomystic.com.

10. International Data Transfers

Our operations—and those of many of our service providers—are based in the United States and other countries outside of your place of residence. If you are accessing our Site from outside the U.S., please be aware that your personal information may be transferred to, stored in, or processed in jurisdictions that may not offer the same level of data protection as your home country.

How We Safeguard International Transfers

To ensure that your data remains protected regardless of where it is processed, we implement appropriate legal and contractual safeguards, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission for international data transfers
  • Data Processing Agreements (DPAs) with all third-party service providers who process personal information on our behalf
  • Vendor vetting and due diligence to ensure that all partners maintain industry-standard security and privacy practices
  • Encryption and access controls to secure your data both in transit and at rest

Where applicable, our U.S.-based service providers are certified under the EU-U.S. Data Privacy Framework for compliant data transfers from the European Economic Area (EEA), ensuring that your information receives an adequate level of protection under EU standards.

By using our Site and submitting your personal information, you acknowledge and consent to this transfer, processing, and storage of your information outside of your country of residence, including to the United States.

We remain committed to protecting your personal data regardless of where it is handled, and we continually monitor legal developments related to cross-border data transfers to ensure ongoing compliance.

11. Children’s Privacy

Our Site is not intended for children under the age of 13, and we do not knowingly collect personal information from children under this age as defined by the Children’s Online Privacy Protection Act (COPPA).

We do not knowingly collect, use, or store personal data from children without verified parental or legal guardian consent. If you are a parent or guardian and believe that your child has provided personal information to us without your consent, please contact us immediately at: privacy@daretomystic.com

Upon verification, we will promptly:

  • Review and remove the child’s information from our systems
  • Prevent further contact or processing of the child’s data
  • Take steps to ensure future compliance

We encourage parents and guardians to monitor their children’s online activities and to help enforce this Privacy Policy by instructing children never to provide personal data through any website or platform without parental consent.

12. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Process and deliver your orders
  • Provide customer support and service history
  • Comply with legal, tax, accounting, and regulatory requirements
  • Resolve disputes and enforce our agreements
  • Improve our website and product offerings through analytics and feedback

Retention Periods

  • Order and transaction records: Retained for up to 7 years to comply with legal and financial obligations
  • Customer service interactions: Retained for up to 2 years after resolution for quality assurance and training
  • Marketing preferences and consent: Retained until you withdraw your consent or request deletion
  • Inactive customer accounts: Retained for 24 months of inactivity, after which data may be anonymized or securely deleted

When we no longer need to retain personal data, we will either:

  • Securely delete or anonymize the information, or
  • Restrict access to archived data and store it in a secure manner until deletion is feasible

We retain as long as reasonably necessary for business or legal purposes. You may request deletion of your personal data at any time by contacting us at privacy@daretomystic.com, subject to certain limitations (e.g., if the data is required for legal compliance).

13. Sensitive Personal Data

We are committed to collecting only the information that is necessary and relevant to provide our services. In line with this commitment, we do not knowingly collect, request, or process the following categories of sensitive personal data:

We actively avoid collecting sensitive data, and we instruct our team and service providers to refrain from requesting or processing such information.

  • Government-issued identification numbers, such as national ID cards, Social Security numbers, or passport information
  • Biometric or genetic data, including facial recognition, fingerprint scans, DNA profiles, or similar identifiers
  • Health or medical information, such as diagnoses, treatment history, prescriptions, or insurance details
  • Racial or ethnic origin, religious or philosophical beliefs, political opinions, or union memberships
  • Sexual orientation or gender identity-related data, unless you voluntarily disclose it through public interactions (e.g., social media comments)

In the unlikely event of a data breach involving your personal data, we will assess the risk, notify affected users without undue delay, and comply with legal obligations to inform data protection authorities where required.

Our Site and services are not designed to require or process such information. If we become aware that such sensitive data has been provided to us unintentionally or without lawful basis, we will take immediate steps to securely delete it.

If you believe we have received such information in error, please contact us at privacy@daretomystic.com so we can investigate and remove it as appropriate.

14. Changes to This Policy

We may update this Privacy Policy from time to time in response to legal, regulatory, operational, or business developments. When changes are made, we will:

  • Revise the “Last Updated” date at the top of this page to reflect the latest version
  • Post the updated Privacy Policy on this page so that it is accessible at all times
  • In the case of material changes (e.g., new data collection practices or user rights), we will provide additional notice, such as via email or a prominent notice on our homepage, where required by applicable law

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of the Site after any changes are published constitutes your acceptance of the updated terms.

If you do not agree with any part of the revised Privacy Policy, you should discontinue use of our Site and services.

15. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or the way we handle your personal information, please feel free to contact us. We are committed to responding in a timely and transparent manner.

If you are located in the European Economic Area (EEA), the United Kingdom (UK), or another region with specific data protection laws, you may also have the right to lodge a complaint with your local data protection authority.

What are you looking for?

Image Newsletter
purchased
verified