Privacy Policy

Privacy Policy

Site: thatvelvetlady.com
Effective Date: May 1, 2026

1. Introduction and Who We Are

Welcome to That Velvet Lady (“we,” “us,” or “our”). This site is a luxury fashion and style blog accessible at thatvelvetlady.com. We publish fashion editorials, trend analyses, beauty reviews, styling guides, brand spotlights, and curated shopping recommendations for readers who appreciate quality craftsmanship and elevated personal style.

We take your privacy seriously. This Privacy Policy explains what personal information we collect when you visit That Velvet Lady, how we use it, who we share it with (if anyone), and what rights you have over your own data. It applies to all visitors, subscribers, and customers regardless of where you are located — including users in the United States, the European Union, the United Kingdom, and Australia.

By using this website, you agree to the practices described in this policy. If you do not agree, please do not use the site. We may update this policy from time to time — the “Effective Date” at the top of this page will always reflect the most recent version.

If you have any questions about this policy or how we handle your data, please reach out via our Contact Us page.

2. Data Controller

For the purposes of the General Data Protection Regulation (GDPR), the Australian Privacy Act 1988, and other applicable data protection legislation, the data controller responsible for your personal data is the individual who owns and operates thatvelvetlady.com.

We are not a registered corporation. That Velvet Lady is a personal fashion blog operated by an individual. All data processing activities described in this policy are carried out by or on behalf of the site owner. If you need to contact us regarding data protection matters, please use our Contact Us page.

3. What Personal Information We Collect

We collect a limited amount of personal data, and only what is necessary to operate the site and communicate with our readers. Below is a breakdown of the different ways data may be collected.

3.1 Blog Comments

When you leave a comment on a blog post, WordPress (our content management system) collects the information you enter in the comment form — typically your name, email address, and any optional website URL you provide. Your IP address and browser user agent string are also logged to help with spam detection.

Your email address is not publicly displayed alongside your comment. Your name and comment content will be publicly visible on the page. We use this data to manage and display comments and to identify and prevent spam. By submitting a comment, you consent to us storing this information as part of the normal operation of the site.

3.2 Newsletter and Email Subscriptions

We offer a newsletter that readers can subscribe to in order to receive new posts, style guides, trend updates, and curated shopping picks. When you subscribe, we collect your email address and, if you choose to provide it, your first name. This information is stored in our WordPress database via our newsletter plugin.

We use this data solely to send you the newsletter you signed up for. We do not send unsolicited marketing emails, and we do not share your email address with third-party marketers. You can unsubscribe at any time using the link included in every newsletter email. Upon unsubscribing, your information will be removed from the active mailing list; we may retain a suppression record to honor your unsubscribe request and prevent accidental re-addition.

3.3 Contact Form Submissions

Our contact page allows you to send us a message directly through the site. When you submit the form, it collects the information you enter — typically your name, email address, and the message content — and forwards it to us. Certain metadata (such as your IP address) may also be logged for spam prevention purposes.

We use contact form submissions solely to respond to your inquiry. We do not use this data for marketing, and we do not share it with third parties outside of the context of your inquiry.

3.4 WooCommerce and E-Commerce Data

If we offer products for sale through our site using WooCommerce, we may collect additional personal information necessary to process your order. This may include your full name, billing and shipping address, phone number, email address, and payment information. Payment card details are processed by our third-party payment gateway and are not stored on our servers.

WooCommerce also creates an account for you based on your order information. Order history, transaction records, and associated personal data are retained as necessary to fulfill orders, process returns, and comply with tax and accounting obligations. You may request deletion of your account data by contacting us via our Contact Us page, subject to any legal retention requirements.

3.5 Cookies and Server Logs

Like most websites, That Velvet Lady uses cookies and collects standard server log data. Cookies are small text files placed on your device by your browser when you visit our site. Server logs are automatically generated records of your activity on the site.

The types of cookies used on this site include:

  • Strictly necessary cookies: Set by WordPress and WooCommerce to manage your session, remember cart contents, and store preferences (such as consent banner choices). These are essential for the site to function and cannot be disabled.
  • Analytics cookies: Set by Google Analytics to collect information about how visitors use the site. See Section 3.6 for full details.
  • Comment cookies: If you leave a comment, WordPress may set a cookie to remember your name and email for future comments.
  • Affiliate cookies: Set by affiliate networks when you click product links. See Section 4 for details.

Server logs automatically record your IP address, browser type, operating system, referring URL, pages visited, and date/time of visit. This information is used to monitor site performance, diagnose technical issues, and detect abuse. We do not attempt to identify individual visitors from server logs alone.

You can control cookies through your browser settings. Disabling cookies may affect some functionality of the site (such as comment forms, shopping cart, and checkout). For more detail on how we use cookies, please see our Cookie Policy.

3.6 Analytics — Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC (“Google”), to understand how visitors find and use our content. Google Analytics places cookies on your device and collects information such as:

  • Pages you visit and how long you spend on each page
  • How you arrived at the site (e.g., search engine, direct, social media, referral link)
  • General geographic location (country/city level — not your precise address)
  • Your browser type, device type, and operating system
  • Whether you are a new or returning visitor

This data is processed by Google and transmitted to Google’s servers. We use it in aggregated form to improve the site — for example, to understand which fashion topics resonate with readers or which pages need improvement. We do not use Google Analytics to collect personally identifiable information about individuals.

Google may use the data collected to personalize ads in its own ad networks. You can opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on. If you are an EU user, we rely on your cookie consent before activating analytics cookies. More information on Google’s data practices is available at policies.google.com/privacy.

3.7 Embedded Content from Other Websites

Some blog posts on That Velvet Lady may include embedded content from third-party platforms — such as Instagram posts, Pinterest pins, YouTube videos, or similar services. Embedded content from other websites behaves in exactly the same way as if you had visited those websites directly. These third-party sites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with the embedded content — including tracking your interactions if you have an account and are logged in to those services.

We do not control the data practices of these third parties. Please review their respective privacy policies if you have concerns about how they handle your data.

4. Affiliate Program Participation

That Velvet Lady participates in affiliate marketing programs. This means that some of the links on this site are affiliate links — if you click on them and make a qualifying purchase, we may earn a small commission at no additional cost to you.

Affiliate programs we currently participate in or may participate in include, but are not limited to:

  • Amazon Associates — for fashion items, beauty products, accessories, and lifestyle goods
  • RewardStyle / LTK (LIKEtoKNOW.it) — for luxury and contemporary fashion, beauty, and home products
  • ShareASale — for fashion brands, beauty retailers, and lifestyle products
  • Other fashion and beauty affiliate networks and direct brand partnerships

Affiliate links do not affect the editorial independence of our content. We only recommend products and brands that we genuinely believe align with the style and quality our readers expect. The presence of an affiliate link does not mean we endorse a product unconditionally — always do your own research before making any purchase decision.

When you click an affiliate link and make a purchase, the affiliate program may set cookies on your device to track the referral. These cookies are set by the third-party platform, not by us, and are governed by their respective privacy policies. We do not receive any personally identifiable information about you from affiliate programs — we only receive aggregated commission reports.

In compliance with FTC guidelines in the United States and similar disclosure requirements in the EU, UK, and Australia, affiliate relationships are disclosed on any page containing affiliate links, typically through a visible disclosure statement near the top of the post.

5. Sponsored Content and Brand Partnerships

From time to time, That Velvet Lady may publish sponsored posts or work with fashion brands, beauty companies, and lifestyle labels in paid or gifted partnerships. Sponsored content means that a brand, company, or organization has provided compensation (financial or in-kind — such as complimentary products, experiences, or event access) in exchange for coverage on this blog.

When a post is sponsored or contains paid partnerships, it will be clearly labeled as such — for example, with a disclosure statement such as “This post is sponsored by [Brand]” or “In partnership with [Brand].” We are committed to transparency and comply with FTC guidelines in the US, ASA guidelines in the UK, and equivalent advertising standards in the EU and Australia.

Sponsorship does not compromise our editorial integrity. We retain full editorial control over what we write, and we will only accept partnerships with brands or products that we believe are genuinely relevant and aligned with our aesthetic. We will not publish sponsored content that we find misleading or that we would not personally stand behind.

In the context of brand partnerships, a brand may share your contact details with us if you have previously engaged with them and consented to such sharing — however, this is uncommon for a personal fashion blog. If it applies in a specific campaign, additional disclosures will be made at that time.

6. Legal Bases for Processing (GDPR)

If you are located in the European Union, the European Economic Area, or the United Kingdom, we are required under the General Data Protection Regulation (GDPR) and the UK GDPR to identify a lawful basis for processing your personal data. The legal bases we rely on are:

  • Consent: For newsletter subscriptions, analytics cookies, and non-essential cookies, we rely on your explicit consent. You can withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.
  • Legitimate interests: For operating the website, responding to comments, processing contact form inquiries, and maintaining site security, we rely on our legitimate interest in running a functional and responsive website, balanced against your privacy rights.
  • Contractual necessity: For processing WooCommerce orders, we process your data as necessary to fulfill the contract of sale between you and us (i.e., to deliver your order and handle returns).
  • Legal obligation: Where we are required by law to retain or process data — for example, tax records related to e-commerce transactions.

7. How We Use Your Information

The personal information we collect is used in the following ways:

  • To operate the website: Maintaining comments, processing contact form messages, enabling newsletter subscriptions, and processing e-commerce orders all require basic personal data to function.
  • To communicate with you: If you contact us via our Contact Us page, we will use your name and email to reply to your message. If you subscribe to the newsletter, we will use your email to send you updates.
  • To fulfill orders: If you purchase products via WooCommerce, we use your order information to process, ship, and manage your purchase.
  • To analyze and improve the site: Aggregated analytics data (via Google Analytics) helps us understand reader behavior and improve the quality and relevance of our content.
  • To detect and prevent spam and abuse: IP addresses and other metadata collected via forms, comments, and server logs help us identify and block malicious activity.
  • To meet legal obligations: In some circumstances, we may be required to retain or disclose data to comply with applicable law, a court order, or a request from a regulatory authority.

We do not use your personal data for automated decision-making or profiling. We do not build individual behavioral profiles of our readers. We do not use personal data collected on this site for any advertising or marketing purposes beyond the newsletter you explicitly subscribed to.

8. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information to any third party. Period. Your data is not a product here.

However, in the normal course of running a website, certain data may be shared with or accessible to service providers we use to operate the site. This includes:

  • Our web hosting provider: Our hosting provider has access to server log data and stored website data (including the WordPress database) as part of providing hosting services. They act as a data processor under our instructions.
  • Google (Google Analytics): Analytics data is transmitted to and processed by Google. See Section 3.6 for details.
  • Payment processors: If you make a purchase through WooCommerce, your payment information is processed by our third-party payment gateway. We do not store card details on our servers.
  • WordPress plugin providers: Plugins process data locally within our WordPress installation. If a plugin connects to a third-party service (e.g., for spam filtering), their data handling will be governed by their own privacy policies.
  • Affiliate networks: When you click an affiliate link, the affiliate network (e.g., Amazon, LTK, ShareASale) may receive data about that click (such as your IP address or referrer URL) via cookies. This is handled by the affiliate platform, not by us.

We may disclose personal data if required to do so by law, in response to valid legal process (such as a subpoena or court order), or to protect the rights, property, or safety of That Velvet Lady, its readers, or the public.

If we ever decide to transfer or sell the assets of this website, personal data held by the site may be transferred as part of that transaction. You will be notified via a notice on the site prior to any such transfer.

9. International Data Transfers

That Velvet Lady is operated from India and uses service providers located in various countries. If you are visiting from outside India — particularly from the EU/EEA, the United Kingdom, or Australia — your personal data may be transferred to and processed in countries that may not provide the same level of data protection as your home country.

Where your data is transferred internationally, we take reasonable steps to ensure it remains protected. This includes relying on:

  • Standard Contractual Clauses (SCCs) approved by the European Commission, where applicable
  • Adequacy decisions by the European Commission for countries deemed to offer adequate data protection
  • The EU-US Data Privacy Framework, where service providers are certified participants
  • Contractual obligations with service providers requiring them to protect personal data to appropriate standards

Google LLC, our analytics provider, participates in the EU-US Data Privacy Framework and processes data in accordance with its obligations under that framework. For details, see Google’s Privacy Policy.

10. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. Specifically:

  • Comments: Comments and associated metadata (name, email, IP) are retained indefinitely as part of the public record of the post, unless you request deletion or a comment is removed for moderation reasons.
  • Newsletter subscriptions: Your email address is retained for as long as you remain subscribed. Upon unsubscribing, it is removed from the active list. We may retain a suppression record to honor your unsubscribe request.
  • Contact form submissions: Messages sent via our contact form are retained for as long as necessary to resolve your inquiry, and typically for no longer than 12 months thereafter, unless a longer retention period is legally required.
  • WooCommerce orders: Order data is retained for the period necessary to fulfill orders, process returns, and comply with tax and accounting obligations (typically 7 years for financial records).
  • Server logs: Raw server log data is typically retained for 30-90 days, depending on our hosting provider’s configuration, and is then deleted or anonymized.
  • Analytics data: Google Analytics data retention is configured within our Google Analytics account. By default, user-level data is retained for 26 months.

If you wish to request deletion of your personal data before the end of these retention periods, please contact us via our Contact Us page. We will respond to deletion requests in accordance with applicable law.

11. Your Rights Under CCPA / CPRA (California Residents)

If you are a resident of California, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), grants you specific rights regarding your personal information. Please note that CCPA thresholds may mean that some of these rights apply differently to a small personal blog; however, we are committed to honoring them in good faith.

Under the CCPA/CPRA, California residents have the right to:

  • Know: Request disclosure of the categories and specific pieces of personal information we have collected about you, the categories of sources, the purposes for collection, and the categories of third parties with whom we share it.
  • Delete: Request that we delete personal information we have collected from you, subject to certain exceptions.
  • Opt out of sale or sharing: That Velvet Lady does not sell or share personal information for cross-context behavioral advertising. There is nothing to opt out of in this regard.
  • Non-discrimination: You have the right not to be discriminated against for exercising your CCPA rights. We will not deny you access to the site or provide a lesser experience as a result of a privacy request.
  • Correct: Request correction of inaccurate personal information.
  • Limit use of sensitive personal information: We do not collect sensitive personal information as defined by the CPRA (such as health data, financial data, precise geolocation, or government IDs).

To submit a CCPA request, please contact us via our Contact Us page and identify yourself as a California resident.

12. Australian Privacy Act (Australian Residents)

If you are located in Australia, the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs) govern how we handle your personal information. We are committed to complying with these principles to the extent applicable to an individual operating a personal website.

Australian residents have the right to:

  • Access: Request access to personal information we hold about you.
  • Correction: Request correction of personal information that is inaccurate, out of date, incomplete, or misleading.
  • Complaints: If you believe your privacy rights have been breached, please contact us via our Contact Us page so we can investigate and resolve the matter.

We will not use your personal information for any purpose other than the purposes for which it was collected, and we will take reasonable steps to protect it from misuse, interference, loss, and unauthorized access.

13. Children’s Privacy

That Velvet Lady is intended for a general adult audience interested in fashion and lifestyle content. We do not knowingly collect any personal information from children under the age of 13, in compliance with the Children’s Online Privacy Protection Act (COPPA) in the United States, and equivalent protections in other jurisdictions.

If you are under 13 years old, please do not submit any personal information through this website — including through comment forms, contact forms, or newsletter sign-ups. If we become aware that we have inadvertently collected personal information from a child under 13, we will delete that information promptly. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately via our Contact Us page so we can remove it.

14. Data Security

We take reasonable measures to protect the personal data you share with us from unauthorized access, disclosure, alteration, or destruction. These measures include:

  • Using HTTPS (SSL/TLS encryption) to protect data transmitted between your browser and our server
  • Keeping WordPress core, themes, and plugins updated to reduce the risk of security vulnerabilities
  • Restricting access to the WordPress admin area to authorized personnel only
  • Using strong, unique passwords and appropriate authentication practices for site administration
  • Processing payments through PCI-compliant third-party payment gateways (if WooCommerce is active)

That said, no method of data transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security. If you have reason to believe that your interaction with us is no longer secure, please let us know immediately via our Contact Us page.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the “Effective Date” at the top of this page. For significant changes, we may also post a notice on the homepage or send a notification to newsletter subscribers.

We encourage you to review this policy periodically to stay informed about how we are protecting your information. Your continued use of the site after any changes to this policy constitutes your acceptance of those changes.

Archived versions of previous privacy policies are available upon request via our Contact Us page.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, we would love to hear from you. Please reach out via our Contact Us page.

We aim to respond to all privacy-related inquiries as promptly as possible.

Thank you for reading and for trusting That Velvet Lady with your information. We are committed to being transparent, respectful, and responsible with any data you share with us.

This Privacy Policy was last updated on May 1, 2026.