Privacy policy

Privacy Policy

Effective Date: February 6, 2026

 Last Updated: February 6, 2026

CeCe Freade™ (“we,” “our,” “us”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and protect your information when you visit our website, make a purchase, or interact with us online or offline (collectively, the “Services”).

Our online store is hosted on Shopify Inc., which provides the e-commerce platform that allows us to sell our products and services to you. By using our Site or providing your information, you agree to this Privacy Policy and to Shopify’s processing of your information as described in their privacy policy, available at https://www.shopify.com/legal/privacy. If you do not agree, please do not use our Services.

1. Information We Collect

We collect information from you in several ways:

A. Information You Provide Directly When you interact with our Site, we may collect:
• Contact information: name, email address, billing/shipping address, phone number
• Account information: username, password, preferences (if you create an account)
• Payment information: credit/debit card or other payment details (processed securely through our payment partners; we do not store full payment data)
• Communications: messages, reviews, survey responses, or other correspondence

B. Information Collected Automatically When you visit our Site, we may automatically collect:
• Device and usage data: IP address, browser type, operating system, referring URLs, pages viewed, and interaction data
• Cookies and tracking technologies: used for analytics, personalization, and advertising purposes (see Section 8 for cookie details)

C. Information from Third Parties We may receive limited personal information from trusted partners such as payment processors, marketing platforms, or shipping carriers to complete your order or improve our Services.

California Category Mapping. During the preceding 12 months, we may have collected the following categories of personal information:

Identifiers and contact information, such as name, email address, billing address, shipping address, phone number, IP address, and account username.

Customer records and transaction information, such as billing and shipping information, order information, purchase history, and payment-related information processed by our payment partners.

Commercial information, such as products purchased, obtained, or considered, order history, return or exchange information, and customer preferences.

Internet or other electronic network activity information, such as browser type, operating system, referring URLs, pages viewed, interaction data, cookies, and similar tracking information.

Approximate geolocation information, such as general location information that may be inferred from an IP address, if applicable.

Communications and user-provided content, such as messages, reviews, survey responses, customer-service communications, and other correspondence.

Inferences or preferences, such as shopping preferences, marketing preferences, or profile information that we may create based on your interactions with the Services.

Sensitive personal information, only to the extent collected or processed, such as account login credentials or payment-related information processed by payment partners.

We collect personal information from the following categories of sources: you; your device or browser; cookies, pixels, tags, analytics tools, and similar technologies; Shopify; payment processors; shipping carriers; marketing and analytics providers; customer-service providers; and other service providers or business partners that support our Services.

We collect and use these categories of personal information for the following business and commercial purposes: to operate and provide the Services; process orders, payments, shipping, returns, and exchanges; create and manage accounts; provide customer support; communicate with you about orders, accounts, products, promotions, and policy updates; personalize website content and shopping experiences; conduct analytics and measure website performance; support marketing and advertising; detect, prevent, and respond to fraud, security incidents, misuse, or unlawful activity; comply with legal, regulatory, tax, accounting, and recordkeeping obligations; maintain business records; and enforce our Terms of Service and other policies.

2. How We Use Your Information

We use your information to:
• Process and fulfill your orders and payments
• Communicate with you about your purchases, inquiries, or account
• Send marketing emails or newsletters (you may unsubscribe at any time)
• Personalize your online experience
• Improve our products, website, and customer experience
• Comply with legal obligations and prevent fraud
We never sell your personal information.

3. Legal Bases for Processing (for EU/UK Customers)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data under the following legal bases:
• Contract: to fulfill an order or provide requested Services
• Consent: for marketing and cookie use
• Legitimate interest: to operate, improve, and secure our Services
• Legal obligation: to comply with applicable laws or regulations

4. How We Share Information

We share your information only as necessary with:
• Shopify Inc., which hosts our online store and processes your personal data to provide us with e-commerce functionality. Your information is stored through Shopify’s data storage, databases, and general application, secured behind a firewall. For more information, please review Shopify’s privacy policy: https://www.shopify.com/legal/privacy.
• Service providers such as payment processors, shipping companies, and website hosts
• Analytics and marketing partners that help us understand site performance and improve advertising relevance
• Legal or regulatory authorities when required by law or to protect our rights

We enter into written agreements with our data processors that require them to protect personal data and use it only for the purposes specified in the contract, consistent with applicable law. All third parties are required to protect your information and use it only for authorized purposes.

During the preceding 12 months, we may have disclosed the categories of personal information described in Section 1 for business purposes, including order processing, payment processing, shipping and fulfillment, customer support, website hosting, analytics, marketing support, fraud prevention, legal compliance, and business administration. We do not authorize our service providers, contractors, or other recipients to use personal information except as necessary to provide services to us or as otherwise permitted by applicable law.

5. Your Rights and Choices

A. Email and Marketing Preferences You can unsubscribe from marketing emails by clicking the “unsubscribe” link in any email or contacting us directly. Transactional emails (e.g., order confirmations, shipping updates) cannot be unsubscribed from.
B. Cookies and Tracking Technologies You can adjust your browser settings to refuse cookies or alert you when cookies are being used. Some parts of the Site may not function properly without cookies.
C. Access, Correction, and Deletion Depending on where you live, you may have the right to:
• Access and receive a copy of your personal information
• Request correction or updates
• Request deletion of your data (“right to be forgotten”)
• Object to or restrict certain processing activities
• Not be subject to a decision based solely on automated processing, including profiling, which has a significant effect on your rights
To make a request, please email [insert privacy contact email] with the subject line “Privacy Request.”
EU residents have the right to lodge a complaint with their local data protection authority (supervisory authority) if they believe their data protection rights have been infringed.

6. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have specific privacy rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

Right to Know/Access. You may request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which we collected it, the business or commercial purposes for collecting, selling, sharing, or disclosing it, and the categories of third parties to whom we disclose it.
Right to Delete. You may request that we delete personal information we collected from you, subject to applicable exceptions.
Right to Correct. You may request that we correct inaccurate personal information we maintain about you.
Right to Opt Out of Sale or Sharing. We do not sell personal information for money. We also do not knowingly share personal information for cross-context behavioral advertising unless disclosed and subject to your right to opt out. If any of our advertising, analytics, or tracking activities constitute a “sale” or “sharing” under California law, you may opt out by contacting us as described below.
Right to Limit Sensitive Personal Information. We do not use or disclose sensitive personal information for purposes that require a right to limit, unless stated otherwise at the point of collection.
Right to Non-Retaliation. We will not retaliate against you for exercising privacy rights available under California law.

We do not knowingly sell or share the personal information of consumers under 16 years of age.

To submit a California privacy request, please email us at privacy@cecefreade.com with the subject line “California Privacy Request.” We may ask you to provide information reasonably necessary to verify your identity and match your request to information we maintain. You may designate an authorized agent to submit a request on your behalf where permitted by law. We may require the agent to provide proof of authorization and may require you to verify your identity directly with us, unless an exception applies. Where required by applicable law, we will honor legally recognized opt-out preference signals. Our processing of such signals will depend on the browser, device, account, or tool through which the signal is transmitted and the information reasonably available to us at the time of the request.

If we offer a discount, loyalty reward, giveaway, promotion, or other financial incentive that involves the collection, retention, sale, or sharing of personal information, we will provide a separate Notice of Financial Incentive explaining the material terms of the program before you participate. Participation will be voluntary, and you may withdraw as described in the applicable notice.

We will verify your identity before responding to requests as required by law.
Notice of Financial Incentives If CeCe Freade™ offers discounts, loyalty rewards, or giveaways, participation may involve sharing limited personal information (such as name and email). Participation is voluntary, and you may withdraw at any time.

7. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, or resolve disputes.

8. Cookies and Analytics

We use cookies, pixels, tags, analytics tools, and similar technologies to operate the Site, remember preferences, analyze traffic and performance, personalize content and shopping experiences, and support advertising, marketing, and promotional activities. Some of these technologies may be provided by third-party analytics or advertising partners, and those parties may collect information about your online activities over time and across different websites or online services when you use our Site.

You can control cookies through your browser settings and, where available, through our cookie banner or preference tool. Some Site features may not function properly if cookies are disabled. At this time, we do not respond to browser “Do Not Track” signals. Most web browsers and some operating systems offer a “Do Not Track” (“DNT”) setting. No common industry or legal standard for recognizing or honoring DNT signals has been finalized, so we do not currently take action in response to these signals. If a uniform standard for responding to DNT signals is adopted that we are required to follow, or if we change our practices, we will update this Privacy Policy accordingly. Some browsers and extensions let you send a Global Privacy Control (“GPC”) signal. Where required by law, we treat a GPC signal as a request to opt out of the sale or sharing of your personal information for that browser or device.

9. Data Security and Breach Notification

We use industry-standard encryption and security measures to protect your personal information from unauthorized access, disclosure, or misuse.

Our safeguards include:
• Technical Safeguards: Using encryption to protect your data while in transit and at rest; maintaining firewalls and other network security measures; and regularly monitoring our systems for vulnerabilities.
• Administrative Safeguards: Limiting internal access to private information to employees and service providers who have a legitimate business need to access it; providing regular data security training to our employees; and maintaining a written incident response plan.
• Physical Safeguards: Securing our physical premises and data centers against unauthorized access.

In addition, your personal data is securely processed and stored through trusted partners, including Shopify Inc., which maintains industry-leading safeguards to protect data on its servers.

However, no method of transmission over the Internet is completely secure, and we cannot guarantee absolute security.

In the event of a "breach of the security of the system," as defined by New York law, where your "private information" was or is reasonably believed to have been accessed or acquired by an unauthorized person, we will notify you. Notice will be made in the most expedient time possible and without unreasonable delay, consistent with the needs of law enforcement and any measures necessary to determine the scope of the breach and restore the integrity of our data system. Such notice will describe the categories of information affected, include contact information for you to ask questions, and provide information for relevant state and federal agencies regarding identity theft prevention .

10. Children’s Privacy

Our Site and products are not intended for those under 18, and we do not knowingly collect personal information from anyone under that age. If we become aware that we have inadvertently collected such data, we will delete it promptly.

11. International Data Transfers

If you are visiting from outside the United States, please note that your information will be transferred to and processed in the U.S., where data protection laws may differ from those of your country.

When we transfer your personal data outside the EEA or UK, we do so in accordance with applicable law and rely on a lawful transfer mechanism.

12. Changes to This Policy

We may update this Privacy Policy from time to time. The “Last Updated” date above reflects the most recent revision. Changes will be effective when posted unless a later effective date is stated. Continued use of the Site after updates means you accept the revised Policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us at:

CeCe Freade™ Privacy Team 

Email: privacy@cecefreade.com

This Privacy Policy is intended to be available in a printable format. If you need this Privacy Policy in an alternative format because of a disability, please contact us at privacy@cecefreade.com or info@cecefreade.com.