top of page
Privacy Policy

Welcome to Only the Moon Howl’s privacy policy. Only the Moon Howls respects your privacy and is committed to protecting your personal data.

 

  1. Introduction

 

This privacy policy tells you how Only the Moon Howls (“OTMH”) uses personal data when you visit our website (our Site), interact with us and buy our products and services. It applies regardless of where you visit our Site from, or how you interact with us, like through chat, email, social media, phone or if you come to one of our events.

It is important that you read this privacy policy carefully, together with any other privacy notices we may provide, so that you are fully aware of how and why we are using your data.

This privacy policy was last updated on April 10, 2025. 

2. Our website  

Our store is hosted on Wix and they provide their Users—in this case, Users are the owner and developer of the site “Only the Moon Howls”--with the online e-commerce platform that allows us to sell our products to you.  In order for OTMH/Users to fulfil orders made on OTMH, Wix gathers the information of Users-of-Users, which are the visitors and purchasers of Products listed on Only the Moon Howls.  Wix collects, stores, and processes the personal information of Users-of-Users solely at the request of the Users and any information collected by Wix on behalf of Users is the responsibility of Users, including the security, integrity and authorized usage of Personal Information about Users-of-Users’, and for obtaining consents, permissions and providing any required data subject rights and fair processing notices required for the collection and usage of such Personal Information.   Wix has implemented security measures designed to protect Personal Information Users-of-Users share, “including offering HTTPS secure access to most areas on our Services; the transmission of sensitive payment information (such as a credit card number) through our designated purchase forms is protected by an industry standard SSL/TLS encrypted connection; and we regularly maintain a PCI DSS (Payment Card Industry Data Security Standards) certification. We also regularly monitor our systems for possible vulnerabilities and attacks, and regularly seek new ways and Third Party Services for further enhancing the security of our Services and protection of our Visitors’ and Users’ privacy.” [from Wix privacy policy, Section 6, https://www.wix.com/about/privacy]. 

 

3. Personal data which we collect about you

OTMH collects a variety of information from you in order to provide customers with the most stress-free and favorable experience possible.   The personal data collected is as follows: 

Contact data:   Title, first name, last name, gender/pronouns, billing address, delivery address, email address and telephone numbers. If you interact with us through social media, this may include your social media user name.

Device/Technical data:  Internet protocol (IP) address, user browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, other technology on the devices you use to access the Site. Sometimes this is collected via cookies or similar technologies.

Customer/Payment data:   

OTMH relies on Wix Payments for facilitating each transaction made on our site.  Wix Payments complies with the Payment Card Industry Data Security Standards (PCI DSS) which is the highest information security standard for organizations or companies that accept credit card payments. All online payments will be conducted in accordance with these Payment Card Industry (PCI) data security standards and your billing information (which is only used for the purpose of performing fraud protection) is encrypted before being communicated to them. Subject to the below exceptions, your card details are communicated directly from your browser to these payment processors - OTMH never sees your full Permanent Account Number (PAN). This means that the payment form is either off-site or displayed in a frame on the payment page.

For PayPal we only store the tokens required to identify the transaction with PayPal, issue refunds and identify transactions made using PayPal. 

Usage data:  Information about how Users-of-Users use the Site, which might include length of visit, page views, website navigation paths, timing, frequency and pattern of Site use, and any other information about how you use our Site and our Products & Services. Sometimes this is collected via cookies or similar technologies.   

Marketing and Communications Data:  Your preferences in receiving direct marketing from us and your communication preferences.

 

  4. How is your personal data collected?

 

We use different methods to collect data from and about you including through:

Direct interactions. 

When you sign up to stay updated on new products; make inquiries or request information;   order our Products & Services; engage with us on social media; give us your marketing or other preferences; leave comments or reviews on our Products & Services (please be kind!); otherwise contact us (including by post, phone, email, or via a form on our Site, our live chat or social media)

Automated technologies or interactions. 

As you interact with us, including via our Site, we may automatically collect Device/Technical Data about your equipment, browsing actions and patterns. We may also collect Device/Technical Data or Usage Data from cookies and similar technologies when you use our website.  

 

  5. How we use your personal data

 

Most commonly, we will use your personal data in the following circumstances:

  • When you purchase a product and we are setting forth to execute our portion of the contract each purchase generates.

  • Where it is necessary for our legitimate interests to include the interest of our business in conducting and managing our business, or communicating with you.

  • Where we need to comply with a legal or regulatory obligation. For example, keeping records of our sales for tax compliance.

 

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. We may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.   See below for a description of the ways we use personal data, and which of the legal bases we rely on to do so.

 

Building and improving the Site, including providing functionality, analyzing performance, fixing errors and improving usability/effectiveness.  To this end, we may use Contact Data, Device/Technical Data, Customer Payment Data, and Communications Data.  Our legitimate interests for use of this data is to maintain and improve our website/platform and user experience; to build and manage our IT security, network and stack.

Carrying out analytics to improve our products/services, marketing, customer relationships and experiences.            Contact Data, Device/Technical Data, Usage Data, Marketing and Communications Data.   Our legitimate interests for use of this data is to understand how people interact with our website, and our products/services.

Carrying out business development activities.  Contact Data, Device/Technical Data, Marketing and Communications Data, and our legitimate interests for use of this data is to manage / secure our premises; to market our brand, products and services to leads and customers to grow engagement and sales.

Detecting and preventing fraud.   Contact Data, Customer Payment Data, Device/Technical Data Customer Payment Data, Usage Data.   We engage in this with regard to legal obligation to the laws on the prevention of fraud and in the public interest for preventing fraud. 

Ensuring our website, information and communication systems and premises are secure, including preventing unauthorized access to our computer and electronic communications systems and preventing malicious software distribution          Contact Data, Device/Technical Data, Marketing and Communications Data.  Our legitimate interests for the use of this data is to build and manage our IT security.

Processing and fulfilling a customer order.  Contact Data, Customer Payment Data.           Our legitimate interests for using this data is to enable us to fulfil our obligations under the contract with our customer and provide good customer service. 

Providing customer service and quality assurance, including to send order updates, receive feedback and provide support on our website and products (by email, telephone or our online chat function).  We use Contact Data, Customer Payment Data, Device/Technical Data Account Data Marketing and Communications Data.  This data is necessary for the performance of a contract to which the data subject is a party Our legitimate interests (to enable us to fulfil our obligations under the contract with our customer and provide good customer service; to understand how people interact with OTMH's website, products/services and customer service to improve these and associated strategies (such as CRM, marketing, etc))

Updating customers, for example if our terms or privacy policy has changed.  For this we use Contact Data.  Our legitimate interests for use of this data is to enable us to fulfil our obligations under the contract with our customer and provide good customer service.

 

  6. Advertising, marketing and your communications preferences

 OTMH may send you marketing communications if you have previously requested such information from us or purchased our Products & Services from us and you have either not opted out of receiving that marketing or filled out the “Keep me up to date” form on our site. You have a right at any time to change your mind and say no thank you and opt out.

If you want to see and/or update your marketing and communications preferences (including opting out), you can email us at onlythemoonhowls@proton.me or by filling out the Contact Us form found at the bottom of the Homepage. 

7. Cookies

 

Cookies are small pieces of data stored on a site visitor's browser. They are typically used to keep track of the settings users have selected and actions they have taken on a site.

We use the following categories of cookies:

Required cookies. These are needed for the Site to work. They help you move around it and use our services and features. For example, they make it easy to log in and move from page to page, and make things stay in your cart while you go off and look at other pages.

Functional cookies. These allow us to collect useful info about the way you use the Site – helping us to measure and improve performance. For instance, which pages visitors go to most often, and if they get error messages from web pages. They might also include cookies which allow our Site to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customize.

When you use our Site, your device or browser may be sent cookies from third parties, for example when using embedded content and social network links. It’s important for you to know that we have no access to or control over cookies used by these companies or third-party websites. We suggest you check the third-party websites for more information about their cookies and how to manage them.

You can set your browser to refuse all or some browser cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

Please see more information about Cookies at https://allaboutcookies.org/

8. Disclosures of your personal data

 

We may share personal data with the following categories of third party, for the purposes set out in this privacy policy:

  • Suppliers and service providers (such as technology service providers, payment processing and fraud prevention providers, marketing service providers, manufacturers and post and courier services);

  • Governmental authorities, regulators and law enforcement if we are required to do so.

We also share data with third parties connected to advertising, retargeting and analytics, such as Google Analytics. You can learn more about Google’s practices by visiting https://www.google.com/policies/privacy/partners/. Please see Cookies above, and ‘Cookie Preferences’ on our Site, for more information.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

 

9. Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed.

  10. Third-party links

 

This website may include links to third-party websites, plug-ins and applications (for example, to leave a review on TrustPilot). Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

  11. Data retention

 

We will only keep your personal data for as long as necessary to fulfil the purposes we collected it for.  To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

By law we have to keep basic information about our customers (including certain Contact Data relating to transactions) for six years after they stop being customers for tax purposes.

 

  12. Your legal rights

 

Depending on where you live, you may have some or all of the following rights:

  • The right to be informed – that’s an obligation on us to inform you how we use your personal data (and that’s what we’re doing that in this privacy policy);

  • The right of access – that’s a right to make what’s known as a ‘data subject access request’ for copy of the personal data we hold about you;

  • The right to rectification – that’s a right to make us correct personal data about you that may be incomplete or inaccurate;

  • The right to erasure – that’s also known as the ‘right to be forgotten’ where in certain circumstances you can ask us to delete the personal data we have about you (unless there’s an overriding legal reason we need to keep it);

  • The right to restrict processing – that’s a right for you in certain circumstances to ask us to suspend processing personal data;

  • The right to data portability – that’s a right for you to ask us for a copy of your personal data in a common format (for example, a .csv file);

  • The right to object – that’s a right for you to object to us processing your personal data (for example, if you object to us processing your data for direct marketing);

  • Rights in relation to automated decision making and profiling – that’s a right you have for us to be transparent about any profiling we do, or any automated decision making; and

  • Rights in relation to the sale or sharing of your personal data for the purposes of targeted advertising – residents of certain US states have the right to opt-out from these kinds of uses of their personal data. Those rights can be exercised here.

These rights are subject to certain rules, exceptions and limitations around when and how they can be exercised.

If you wish to exercise any of the rights set out above, please contact us. 

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

 

  13. Changes to this privacy policy

 

Data protection law and guidance continues to evolve, so you may see little updates to our privacy from time to time. We will post any adjustments to the privacy policy on this page, and the revised version will be effective when it is posted. Be sure to check in and have a read every now and then.

 

Thank you.

bottom of page