PRIVACY POLICY
Last updated July 31, 2025
Fireflies Performance Costumes LLC (“Fireflies,” “we,” “our,” or “us”) values your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit firefliesperformancecostumes.com (the “Site”) or interact with us in-store, at events, or through our marketing channels. By using the Site, you consent to the data practices described below. If you do not agree, please do not use the Site.
1. Information We Collect
| Type of Data | Examples | How We Collect |
|---|---|---|
| Identification & Contact | Name, billing and shipping address, phone number, email, social-media handle | Checkout pages, account sign-up, appointment request forms, social-media messages |
| Transaction Details | Items purchased or reserved, order total, payment method (tokenized), delivery status, returns | Secure Square checkout, order-management system |
| Payment Information | Credit/debit card last four digits, Square transaction ID (no raw card data) | Square’s PCI DSS–compliant payment gateway |
| Marketing Preferences | Newsletter opt-in, coupon sign-ups, wish-list items | On-site forms, Mailchimp pop-ups, event sign-in sheets |
| Device & Usage | IP address, browser type, referring URL, pages visited, time on page, approximate geolocation | First-party cookies, Google Analytics, Facebook Pixel, Pinterest Tag |
| User-Generated Content | Product reviews, photos, contest entries, social-media comments or messages | Voluntarily submitted by you |
We do not knowingly collect data from children under 13. Parents who believe their child has provided us data should contact us at privacy@firefliesperformancecostumes.com.
2. How and Why We Use Your Information
-
Order Processing & Customer Service – to confirm orders, arrange shipping, handle exchanges/returns, and answer questions.
-
Custom Fittings & Style Recommendations – to suggest dresses that match your measurements, music, or color preferences.
-
Marketing & Promotions – to send coupons, product launches, or event invites via Mailchimp email campaigns, Facebook ads, and Pinterest promoted pins; you may opt out at any time (Section 8).
-
Analytics & Site Optimization – to understand traffic patterns, improve page load speed, and refine inventory using Google Analytics, Facebook Business Tools, and Pinterest Analytics.
-
Fraud Prevention & Security – to verify transactions, detect abuse, and protect our customers and business.
-
Legal & Compliance – to meet tax, accounting, or regulatory obligations (e.g., U.S. consumer-protection laws, GDPR for EU visitors, CCPA for California residents).
3. Legal Bases for Processing (EEA/UK Visitors)
-
Contractual necessity – fulfilling your purchase or service request.
-
Legitimate interests – improving products, preventing fraud, and marketing similar goods you may reasonably expect.
-
Consent – sending promotional emails, installing non-essential cookies.
-
Legal obligation – retaining invoices for tax authorities.
You may withdraw consent at any time without affecting the lawfulness of prior processing.
4. Sharing & Disclosure
We never sell or rent your personal data. We share limited information only with:
| Recipient | Purpose | Safeguards |
|---|---|---|
| Square, Inc. | Payment processing, PCI DSS Level 1 encryption | Tokenization; Fireflies never sees raw card numbers |
| Mailchimp (Intuit Inc.) | Email newsletters, automated coupons | Data Processing Addendum & EU SCCs |
| Google LLC | Analytics & reCAPTCHA spam defense | IP anonymization enabled for EU traffic |
| Meta Platforms, Inc. (Facebook Pixel) | Ad retargeting, custom audiences | Hashed email lists only, no purchase values shared |
| Pinterest Tag | Conversion tracking for promoted pins | Event data pseudonymized |
| Shipping Carriers | USPS, UPS, DHL – to deliver your package | Labels include only ship-to details |
| Service Providers | Web-hosting (WP Engine), IT security, accountants, marketing agencies | Bound by confidentiality agreements |
| Legal Authorities | When required to comply with law, enforce our terms, or protect rights | Limited to what the request mandates |
5. Cookies & Similar Technologies
We use first- and third-party cookies, pixels, and local-storage objects:
| Category | Examples | Opt-Out |
|---|---|---|
| Strictly Necessary | WordPress session cookie, Square payment token | Cannot be disabled |
| Analytics | _ga, _gid (Google Analytics) | Browser add-on or cookie settings |
| Advertising | _fbp, _pinterest_sess | Facebook Ad Preferences, Pinterest Ad Settings |
| Functional | Wish-list remember-me flag | Browser settings |
A banner gives EU/UK visitors the choice to reject non-essential cookies in line with the ePrivacy Directive.
6. Data Security
-
HTTPS Everywhere – SSL/TLS encrypts all traffic between your browser and our servers.
-
PCI DSS Compliance – Square handles all card data in a Level 1 secure vault.
-
Access Controls – Employee access to customer records is role-based and logged.
-
Routine Audits – WordPress core, themes, and plugins are patched weekly; malware scans daily.
-
Incident Response – If we ever detect a breach affecting your data, we will notify you within 72 hours as required by applicable law.
7. Retention Periods
| Data Type | Retention |
|---|---|
| Order & payment records | 7 years (tax & accounting) |
| Email marketing lists | Until you unsubscribe or after 24 months of inactivity |
| Support tickets & fitting notes | 3 years from last interaction |
| Analytics logs | 26 months (Google default), then aggregated |
We may keep data longer if necessary for legal claims.
8. Your Choices & Rights
| Jurisdiction | Rights |
|---|---|
| All users | Access, correction, deletion, objection to marketing, cookie controls |
| EU/UK (GDPR) | Portability, restriction, lodge complaint with supervisory authority |
| California (CCPA/CPRA) | Know categories & specific pieces of data, opt-out of “sharing,” no discrimination |
To exercise any right, email privacy@firefliesperformancecostumes.com or mail the address in Section 11. We will verify your identity (and, in California, your authorized agent) before actioning the request.
9. Third-Party Links
Our Site may link to external sites (e.g., Instagram reels, YouTube tutorials). We do not control their privacy practices; review those sites’ policies before providing data.
10. Children’s Privacy
Our products are marketed to skaters and dancers of all ages, but we do not knowingly collect personal data from anyone under 13 without verifiable parental consent. Parents may request deletion of their child’s data via privacy@firefliesperformancecostumes.com.
11. Contact Us
Fireflies Performance Costumes LLC
302 Heartland Road, Suite A
Buffalo, MN 55313 USA
✉ privacy@firefliesperformancecostumes.com
☎ (763) 360-7270
12. Changes to This Policy
We may update this Privacy Policy to reflect operational, legal, or regulatory changes. When we post revisions, we will update the “Last updated” date and, for material changes, provide a prominent notice (e.g., pop-up or email).
Quick Reference (One-Page Snapshot)
-
We collect: contact details, order info, cookies.
-
We use it for: processing orders, customer service, marketing (with opt-out).
-
We share with: Square, Mailchimp, Google, Facebook, Pinterest, shippers—never sold.
-
Your choices: unsubscribe, cookie controls, data access/deletion.
-
Security: HTTPS, PCI-compliant payments, role-based access.
Your trust fuels every twirl—thank you for choosing Fireflies Performance Costumes.