Privacy Policy

We Respect Your Privacy. Here Is How We Protect It.

At HULIVI LLC, we believe that privacy is a fundamental right – not just a legal requirement. When you visit hulivi.shop, browse our belts, hair accessories, hats, purses, and bags, or make a purchase, you entrust us with personal information. We take that trust seriously.

This Privacy Policy explains:

  • What personal data we collect from you and why.

  • How we use, share, and protect your data.

  • Your rights regarding your personal information.

  • How to contact us with privacy concerns.

We comply with applicable US privacy laws (including the California Consumer Privacy Act – CCPA) and respect international standards such as GDPR for our European customers. This policy is written in clear, plain English – no legal jargon hidden in fine print.

If you have any questions after reading, please contact our Privacy Officer at hulivillc@gmail.com or call +84936864468.

1. Information We Collect

We collect two types of information: (1) information you actively provide to us, and (2) information automatically collected when you use our website.

1.1 Information You Provide to Us

When you interact with hulivi.shop, you may choose to provide:

Category Specific Data Points Why We Collect It
Identity & Contact Full name, email address, phone number, shipping address, billing address To process and deliver your order, communicate with you, and verify identity
Account Credentials Username, password (hashed, not stored in plain text) To create and manage your HULIVI account
Payment Information Credit/debit card number, expiration date, CVV (collected directly by Stripe – we do not see full numbers) To complete your purchase via Stripe
Order Details Products purchased, quantities, prices, order history To fulfill orders, process returns, and provide customer support
Communications Emails, chat messages, phone call notes when you contact us To respond to your inquiries and improve customer service
Reviews & Feedback Product reviews, ratings, photos you upload To share your experience with other customers and improve our products
Marketing Preferences Newsletter signup status, preferences for email content To send you relevant promotions (you can opt out anytime)

1.2 Information Automatically Collected (When You Browse)

Even if you do not make a purchase, we automatically collect certain technical data:

Data Point Examples Purpose
Device Information IP address, browser type (Chrome/Safari), operating system (Windows/Mac/iOS/Android), device model To optimize our website for your device, detect fraud, and analyze traffic
Usage Data Pages visited, time spent, clicks, scrolling, search queries, products viewed To improve website navigation, personalize recommendations, and understand customer preferences
Location Data Approximate geographic location derived from IP address (city/region level, not precise GPS) To show relevant shipping options, calculate taxes, and prevent fraud
Referral Source Which website or link brought you to hulivi.shop (e.g., Google, Facebook, email campaign) To measure effectiveness of our marketing campaigns

1.3 Sensitive Information

We do not intentionally collect sensitive personal information such as:

  • Social Security numbers.

  • Driver’s license numbers.

  • Health or medical data.

  • Biometric data (fingerprints, facial recognition).

  • Racial or ethnic origin, political opinions, religious beliefs.

If we ever need such data (e.g., for identity verification in rare fraud cases), we will ask for your explicit consent.

2. How We Collect Your Information

We collect data through the following methods:

Direct Collection (From You)

  • When you create an account or place an order.

  • When you sign up for our email newsletter.

  • When you contact us via email, phone, or our contact form.

  • When you leave a product review or upload photos.

  • When you enter a contest or promotion.

Automatic Collection (Via Technology)

  • Cookies (see Section 4).

  • Web beacons (small transparent images that track email opens).

  • Log files (server logs of requests to our website).

  • Pixel tags (used for analytics and advertising).

Third-Party Sources

  • Stripe – Provides us with payment confirmation and the last 4 digits of your card (but not the full number).

  • Shipping carriers (USPS, UPS, FedEx) – Provide us with delivery confirmation and tracking events.

  • Google Analytics – Provides aggregated, anonymized data about website traffic (see Section 4 for opt-out).

  • Social media platforms (if you log in via Facebook or Google in the future) – We may receive your public profile information.

3. How We Use Your Information

We use your personal data only for legitimate business purposes. Below are the specific uses, organized by legal basis (for GDPR compliance) and business need.

3.1 To Fulfill Your Orders (Contractual Necessity)

  • Process payments through Stripe.

  • Pack and ship your products to your address.

  • Send order confirmations, shipping updates, and delivery notifications.

  • Handle returns, refunds, and exchanges.

  • Provide customer support (order changes, address corrections, etc.).

Without this data, we cannot sell you products.

3.2 To Improve Our Website & Products (Legitimate Interest)

  • Analyze browsing behavior to identify popular products and improve website layout.

  • Detect and fix technical errors (e.g., broken pages, slow loading).

  • Personalize product recommendations (“Customers who bought this belt also bought…”).

  • Conduct surveys and collect feedback (with your consent when required).

3.3 Marketing & Promotions (Consent / Legitimate Interest)

  • Send you promotional emails about new arrivals, sales, and exclusive offers – only if you have opted in via newsletter signup.

  • Show you relevant ads on social media (Facebook, Instagram, Google) using anonymized data.

  • Measure the effectiveness of our email campaigns (e.g., open rates, click-through rates).

You can opt out of marketing emails at any time by clicking “Unsubscribe” at the bottom of any promotional email.

3.4 Fraud Prevention & Security (Legitimate Interest / Legal Obligation)

  • Screen orders for potential fraud using automated tools (Stripe Radar).

  • Verify billing addresses to reduce chargebacks.

  • Monitor website activity for hacking attempts, bots, or malicious behavior.

  • Comply with legal requests from law enforcement or regulatory agencies.

3.5 Legal Compliance (Legal Obligation)

  • Respond to subpoenas, court orders, or other legal process.

  • Enforce our Terms and Conditions.

  • Protect the rights, property, or safety of HULIVI, our customers, or others.

4. Cookies & Tracking Technologies

4.1 What Are Cookies?

Cookies are small text files stored on your device (computer, phone, tablet) by your web browser. They help websites remember your actions and preferences over time.

4.2 Types of Cookies We Use

Cookie Type Purpose Examples
Essential (Strictly Necessary) Required for the website to function. Cannot be disabled. Shopping cart contents, login session, security tokens
Functional Remember your preferences for a better experience. Language preference, saved items in cart, previously viewed products
Analytics/Performance Help us understand how visitors use our site (anonymous aggregate data). Google Analytics (_ga, _gid), Hotjar (if used)
Targeting/Advertising Track your browsing to show relevant ads on third-party sites. Facebook Pixel, Google Ads Remarketing

4.3 Third-Party Cookies

We allow certain third parties to place cookies on your device when you visit hulivi.shop:

  • Google Analytics – Collects anonymized traffic data. You can opt out using Google’s opt-out browser add-on: https://tools.google.com/dlpage/gaoptout

  • Stripe – Uses essential cookies for payment processing and fraud prevention.

  • Facebook (Meta) – If you have a Facebook account and are logged in, Facebook may place a cookie to show you HULIVI ads. You can manage ad preferences in your Facebook settings.

  • TikTok / Pinterest – For future advertising.

4.4 Your Cookie Choices

You can control cookies through your browser settings:

  • Block all cookies – The website may not function properly (e.g., cart may not remember items).

  • Delete existing cookies – Clears your stored preferences.

  • Enable “Do Not Track” (DNT) – We honor DNT signals (see Section 12).

You can also use browser extensions like Privacy Badger or uBlock Origin to manage third-party trackers.

For EU/UK visitors: We ask for your consent before placing non-essential cookies via a cookie banner when you first visit hulivi.shop.

5. Sharing Your Information (Third Parties)

We never sell your personal information to third parties for monetary compensation. However, we share data with trusted partners who help us run our business.

5.1 Service Providers (Processors)

Provider Data Shared Purpose Location of Processing
Stripe, Inc. Payment card details (encrypted), billing address, order total Payment processing USA (and global)
USPS, UPS, FedEx Name, shipping address, phone number (optional), order value Shipping & delivery USA / international
Google LLC (Analytics) Anonymized IP address, browsing behavior, device info Website analytics USA
Shopify (if we migrate in future) Order data, customer data E-commerce platform USA
Email marketing platform (e.g., Klaviyo, Mailchimp) Email address, name, purchase history Sending newsletters and abandoned cart emails USA
Return processing centers Order number, customer name, return reason Handling returns and refunds USA

All service providers are contractually obligated to protect your data and use it only for the specified services.

5.2 Legal & Safety Disclosures

We may disclose your information if required by law or in good faith belief that such action is necessary to:

  • Comply with a subpoena, court order, or legal process.

  • Protect the rights or property of HULIVI LLC.

  • Investigate or prevent fraud, security breaches, or illegal activity.

  • Enforce our Terms and Conditions.

5.3 Business Transfers

If HULIVI LLC is acquired by or merged with another company, or if we undergo bankruptcy or asset sale, your personal information may be transferred as part of that transaction. We will notify you via email and a prominent notice on our website before your data becomes subject to a different privacy policy.

5.4 Aggregated or Anonymized Data

We may share aggregated, anonymized statistics (e.g., “35% of our customers prefer crossbody bags”) with partners, advertisers, or investors. This data cannot identify you personally.

6. Data Retention

We keep your personal information only as long as necessary for the purposes described in this policy, plus any legal retention requirements.

Type of Data Retention Period Reason
Order history (customer name, address, purchase details) 7 years US tax and accounting requirements (IRS)
Customer support emails and chat logs 3 years To resolve disputes and improve service
Account information (email, hashed password, saved addresses) Until you delete your account, plus 30 days To allow you to access your order history and faster checkout
Newsletter subscription data Until you unsubscribe (then deleted within 30 days) To honor your marketing preferences
Product reviews Indefinite (associated with a pseudonym or first name only) To provide social proof for other shoppers
Website analytics (Google Analytics) 26 months (automatically aggregated) To analyze long-term trends
Payment information (via Stripe) Stripe retains as required by payment card industry rules (typically 13 months to 7 years) Chargeback and fraud prevention

Deletion Requests: You may request deletion of your personal data (see Section 7). However, we may retain certain data for legal compliance or legitimate business interests (e.g., you cannot ask us to delete your order record that is needed for tax audit).

7. Your Privacy Rights (CCPA, GDPR, and Other Laws)

Depending on where you live, you have specific rights regarding your personal information. HULIVI LLC respects these rights for all customers, regardless of location, to the extent technically feasible.

7.1 For California Residents (CCPA/CPRA)

If you are a California consumer, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the CPRA:

Right What It Means How to Exercise
Right to Know Request disclosure of the specific pieces of personal information we have collected about you in the past 12 months (categories, sources, business purpose, third parties shared with). Email hulivillc@gmail.com with “CCPA Request – Right to Know”
Right to Delete Request deletion of your personal information, subject to exceptions (e.g., we need to retain for tax or fraud prevention). Email hulivillc@gmail.com with “CCPA Request – Deletion”
Right to Correct Request correction of inaccurate personal information. Email with “CCPA Request – Correction” and the correct data
Right to Opt-Out of Sale/Sharing We do not sell your personal information. However, we do share data for cross-context behavioral advertising (cookies). You can opt out of that sharing via our “Do Not Sell or Share My Personal Information” link (available in website footer). Click the link or email us
Right to Limit Use of Sensitive Information We do not collect sensitive personal information as defined by CPRA. N/A
Right to Non-Discrimination We will not deny service, charge different prices, or provide a different level of service if you exercise your privacy rights. Automatic

Verification: For CCPA requests, we will verify your identity by asking for your order number, email address, and matching information in our records. For sensitive data access, we may require a signed declaration under penalty of perjury.

Authorized Agent: You may designate an authorized agent to submit requests on your behalf. The agent must provide written permission signed by you, and you may need to verify your identity directly with us.

7.2 For European Economic Area (EEA), UK, and Switzerland Residents (GDPR)

If you are in the EEA, UK, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR):

Right Description
Right to Access Obtain a copy of your personal data we hold (free of charge, once per year).
Right to Rectification Correct inaccurate or incomplete data.
Right to Erasure (“Right to be Forgotten”) Request deletion of your data when it is no longer necessary for the purposes collected, or when you withdraw consent.
Right to Restrict Processing Limit how we use your data (e.g., while we verify accuracy).
Right to Data Portability Receive your data in a structured, machine-readable format (e.g., CSV) and transmit it to another controller.
Right to Object Object to processing based on legitimate interests (e.g., direct marketing).
Rights Related to Automated Decision-Making We do not use automated decision-making that has legal or significant effects (no credit scoring, etc.).

To exercise GDPR rights: Email hulivillc@gmail.com with “GDPR Request” in the subject line. We will respond within 30 days (or up to 60 days for complex requests). We may ask for proof of identity (e.g., order number and matching email).

Lodging a Complaint: If you believe we have violated your GDPR rights, you may lodge a complaint with your local supervisory authority (e.g., ICO in the UK, CNIL in France). However, we encourage you to contact us first so we can resolve the issue directly.

7.3 For Other US States (Virginia, Colorado, Connecticut, Utah, etc.)

Residents of states with comprehensive privacy laws (VCDPA, CPA, CTDPA, UCPA) have similar rights to access, delete, correct, and opt out of targeted advertising. Please email us to exercise those rights. We will honor them as required by applicable law.

7.4 For All Other Customers

Even if your jurisdiction does not grant specific privacy rights, you may still contact us to request access, correction, or deletion of your data. We will consider all reasonable requests.

8. Children’s Privacy (COPPA Compliance)

HULIVI LLC does not knowingly collect personal information from children under the age of 13. Our products (belts, hair accessories, hats, purses, bags) are designed for adults and teenagers with parental supervision. We do not market to children.

If you are a parent or guardian and believe your child under 13 has provided us with personal information, please contact us immediately at hulivillc@gmail.com. We will delete the information promptly.

For users aged 13–18: We recommend that you have a parent or guardian review this Privacy Policy and supervise your use of our website.

9. Security of Your Information

We implement industry-standard security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction.

9.1 Technical Safeguards

  • Encryption: All data transmitted between your browser and our website is encrypted using TLS 1.2/1.3 (SSL). Look for the padlock icon in your address bar.

  • PCI Compliance: Our payment processor Stripe is Level 1 PCI DSS certified. We never store full credit card numbers on our servers.

  • Access Controls: Only authorized HULIVI employees who need access to perform their jobs (e.g., customer service, shipping) can view your data. They are bound by confidentiality agreements.

  • Hashing: Passwords are hashed using bcrypt (or similar one-way algorithm) – we cannot see your password in plain text.

  • Firewalls & Intrusion Detection: Our hosting environment uses firewalls and real-time monitoring for suspicious activity.

9.2 Organizational Safeguards

  • Employee training on data privacy and security best practices.

  • Regular reviews of third-party service providers’ security practices.

  • Incident response plan in case of a data breach.

9.3 What You Can Do

  • Use a strong, unique password for your HULIVI account (do not reuse passwords from other sites).

  • Keep your email account secure – we send order confirmations and password resets to your email.

  • Log out of your account after using a shared computer.

  • Be cautious of phishing emails. We will never ask for your password or full credit card number via email.

9.4 Data Breach Notification

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify affected users and relevant authorities within 72 hours (as required by GDPR) or as required by applicable US state laws.

10. International Data Transfers

HULIVI LLC is based in the United States (Florida). When you visit hulivi.shop from outside the US, your personal information may be transferred to and processed in the US. US privacy laws may not be equivalent to those in your country.

For customers in the European Economic Area (EEA), we ensure adequate protection for your data through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission, which we have in place with our service providers (e.g., Stripe, Google).

  • Data Processing Agreements with all third-party processors.

By using our website or providing us with your information, you consent to the transfer and processing of your data in the United States.

11. Third-Party Links

hulivi.shop may contain links to external websites (e.g., Stripe’s documentation, social media platforms, our shipping carriers). This Privacy Policy applies only to HULIVI LLC. We are not responsible for the privacy practices of third-party websites. We encourage you to read their privacy policies before providing any personal information.

12. Do Not Track Signals

Some web browsers offer a “Do Not Track” (DNT) setting that signals to websites that you do not want your browsing activity tracked. HULIVI LLC honors DNT signals. If you enable DNT in your browser, we will not use tracking cookies (other than strictly necessary cookies) and will disable Google Analytics and advertising pixels.

To enable DNT:

  • Chrome: Settings → Privacy and Security → “Send a ‘Do Not Track’ request”

  • Firefox: Settings → Privacy & Security → “Send websites a ‘Do Not Track’ signal”

  • Safari: Preferences → Privacy → “Ask websites not to track me”

  • Edge: Settings → Privacy, search, and services → “Send Do Not Track requests”

Please note that some features may be limited if you enable DNT (e.g., personalized recommendations).

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or technology. The “Last Updated” date at the bottom of this page indicates when the policy was last revised.

If we make material changes (e.g., new data sharing practices, different retention periods), we will notify you by:

  • Sending an email to the address associated with your account (if you have one).

  • Posting a prominent notice on hulivi.shop for at least 30 days.

Your continued use of our website after the effective date constitutes your acceptance of the updated Privacy Policy. If you do not agree, you may delete your account and stop using hulivi.shop.

14. Contact Information & Privacy Officer

HULIVI LLC is the data controller (or “business” under CCPA) for all personal information collected through hulivi.shop.

Privacy Officer Contact:
📧 Email: hulivillc@gmail.com (please include “PRIVACY” in the subject line for faster routing)
📞 Phone: +84936864468
🏢 Mail: HULIVI LLC, ATTN: Privacy Officer, 7901 4TH ST N STE 300, ST. PETERSBURG, FL 33702, USA

For general privacy questions: Use the same email.

For data subject requests (access, deletion, correction): Email with the specific request type in the subject line (e.g., “GDPR ACCESS REQUEST” or “CCPA DELETION REQUEST”). To help us verify your identity, please provide:

  • Your full name.

  • The email address used on hulivi.shop.

  • Your order number (if applicable).

  • For deletion requests, a statement that you understand we may need to retain certain records for legal compliance.

Response Time: We will acknowledge your request within 3 business days and provide a substantive response within 30 days (or up to 60 days for complex requests, with notice).

Complaints: If you are not satisfied with our response, you may escalate to your local privacy regulator. For US customers, you may file a complaint with the Federal Trade Commission (FTC) at ftc.gov/complaint.

Summary of Your Privacy Rights (At a Glance)

If You Live In… You Have the Right To…
California (USA) Know, delete, correct, opt-out of sale/sharing, non-discrimination
EEA/UK/Switzerland Access, rectify, erase, restrict, port, object, withdraw consent
Virginia/Colorado/Connecticut/Utah Access, delete, correct, opt-out of targeted advertising
All other US states Contact us for reasonable requests

Our Pledge to You

At HULIVI LLC, we do not view privacy compliance as a burden. We see it as a fundamental part of building trust with our customers. You share your name, address, and payment information with us so that we can deliver beautiful belts, hair accessories, hats, purses, and bags to your doorstep. We owe you nothing less than complete transparency and rigorous protection of that data.

We do not sell your personal information. We do not use shady tracking. We do not bury policy changes in fine print. If you ever feel uncomfortable with how we handle your data, please speak up – email hulivillc@gmail.com or call +84936864468. We are listening.

Thank you for trusting HULIVI. Shop with peace of mind at hulivi.shop.