PRIVACY POLICY

This website (the “Site”) is operated by Shayda Campbell and Team Shayda Campbell, based in Ontario, Canada. For any privacy questions or requests, contact: team@shaydacampbell.com.

​

Scope. This policy applies to visitors and customers worldwide who access the Site, blog, shop, and embedded content. It does not cover third-party platforms we link to (e.g., Patreon, Teachable, YouTube, Instagram) or your interactions with those platforms outside our Site.

Canadian lawful framework. We comply with PIPEDA (Canada). International visitors also receive disclosures to address GDPR/UK GDPR (EU/UK) and U.S. privacy laws (including California CPRA/CCPA).

a) Data you provide

• Newsletter & downloads: name, email (via ConvertKit/Kit).

• Shop & checkout: name, email, billing/shipping address; order details; and payment tokenization handled by Stripe and/or PayPal (we don’t see your full card or PayPal account numbers).

• Contact forms & support: name, email, message content.

• Blog comments or submissions: public display name, comment text, and timestamp.

b) Data collected automatically

• Device & usage data: IP address, approximate location, device/browser type, pages viewed, referrers, time on page, events (via Wix Analytics and Google Analytics/GA4).

• Cookies/trackers: see “Cookies & Similar Technologies” below.

• Embedded content interactions: playing/liking/commenting on YouTube videos or Instagram posts embedded on our pages may allow those providers to set cookies or log interactions per their policies.

Children. Our Site targets a general audience and is not directed to children. See “Children’s Privacy” below.

We process personal data only where a lawful basis applies:

• Consent — for newsletters, non-essential analytics/cookies (EU/UK), and certain marketing.

• Contract — to fulfill purchases, deliver digital items, and provide customer support.

• Legal obligation — tax, accounting, fraud prevention, and recordkeeping.

• Legitimate interests — site security, basic analytics (where allowed), preventing abuse, and improving content (balanced against your rights).
  You can withdraw consent at any time (see “Your Rights”).

• We use cookies and similar technologies for essential site functions (e.g., security, checkout) and optional purposes (e.g., analytics, embedded media performance).

• EU/UK visitors: We obtain prior consent for non-essential cookies. Until you consent, such cookies will not be set. You can change or withdraw consent at any time via the banner/preferences tool (if shown) or your browser.

• For details on cookie categories, lifetimes, and vendors, see our cookie banner or settings panel when available.

If you subscribe, we store and send newsletters through ConvertKit (Kit). Every email includes an unsubscribe link. You can also email team@shaydacampbell.com to stop marketing communications.

From address. Newsletter emails come from team@shaydacampbell.com.

Payments are processed by Stripe and/or PayPal; we do not store card or full payment details on our servers. Stripe/PayPal process your data in accordance with their own policies and security certifications.

• Stripe Privacy: stripe.com/privacy

• PayPal Privacy: paypal.com/webapps/mpp/ua/privacy-full

We receive only limited transaction metadata needed for fulfillment, receipts, fraud prevention, taxes, and accounting.

• Wix (hosting, security, analytics features)

• Google Analytics/GA4 (usage metrics; where required, based on consent)

• YouTube & Instagram (embedded content may set their own cookies/trackers)

• ConvertKit/Kit (email list management and delivery)

These providers act as processors or independent controllers depending on context. Each processes data under its own privacy policy and may operate globally. Where applicable, we implement contractual and technical safeguards (see “International Transfers”).

• We do not “sell” personal information as defined by California law.

• We do not “share” personal information for cross-context behavioral advertising.
  If our practices change in the future, we will update this policy and provide a “Do Not Sell or Share My Personal Information” mechanism (including respect for Global Privacy Control signals) before any such activity begins.

Canada (PIPEDA)

You have rights to access, correct, and challenge compliance, among others consistent with the 10 Fair Information Principles. Contact us to exercise these rights. Office of the Privacy Commissioner+1

EU/UK (GDPR/UK GDPR)

You may have rights to access, rectification, erasure, restriction, portability, objection (including to processing based on legitimate interests), and to withdraw consent without affecting prior lawful processing. You also have the right to lodge a complaint with your local supervisory authority. GDPR

U.S. (including California CPRA/CCPA and other state laws)

Residents of certain states (e.g., California, Colorado, Connecticut, Utah, Virginia and others) may have rights to access, correct, delete, opt-out of sale/sharing/targeted advertising, and data portability, as well as non-discrimination.

• California: You may direct a business not to sell or share your personal information; businesses must honor opt-out signals such as Global Privacy Control. We currently do not sell/share. California DOJ Attorney General

How to submit a request: Email team@shaydacampbell.com with the subject “Privacy Request.”
Identity verification: We may request reasonable information to verify your identity.
Authorized agents (California): Agents must provide written permission and verification.
Appeals (where required by state law): If we deny a request, you may appeal by replying to our decision email with “Privacy Request Appeal,” and we will review and respond within the time required by applicable law.

We retain personal data only as long as necessary for the purposes described above, including legal, tax, and accounting requirements. Typical examples:

• Orders & tax records: up to 7 years (or longer if required by law)

• Marketing lists: until you unsubscribe or your consent is withdrawn/expired

• Support & contact records: as needed to respond and maintain records of requests
  We also apply criteria-based retention to minimize storage where feasible.

Because our audience is global and our providers operate internationally, your data may be processed outside your province/state/country. Where EU/UK data is transferred to third countries without an adequacy decision, we rely on Standard Contractual Clauses (SCCs) and complementary measures as needed.

We use administrative, technical, and organizational measures appropriate to risk, including HTTPS encryption, account/access controls, and reputable service providers (Wix, Stripe, PayPal, ConvertKit, Google). No method of transmission or storage is 100% secure.

Our Site is not directed to children. We do not knowingly collect personal information from:

• Children under 13 (U.S. COPPA standard), or

• Children under 16 in the EU/UK (unless a lower age is set by local law with parental consent).
  If you believe we have collected personal information from a child in violation of these standards, contact us to delete it.

We will honor Global Privacy Control opt-out signals where legally required (e.g., California). If we implement sale/share activities in the future, we will integrate the required opt-out link and signal handling.

• Email marketing: Unsubscribe using the link in any message or email team@shaydacampbell.com.

• Cookies (EU/UK): Use our cookie banner/preferences to accept/decline non-essential cookies; otherwise, manage cookies in your browser settings.

• Embedded media: You can block third-party cookies at the browser level, but some features may not work.

We are not required to appoint a Data Protection Officer. All privacy inquiries should be directed to team@shaydacampbell.com.
If we cannot resolve your concern, you may contact your local data protection authority (EU/UK) or the Office of the Privacy Commissioner of Canada (PIPEDA).

We may update this Policy to reflect changes in laws, our practices, or service providers. Changes will be posted here with a new “Last Updated” date. If changes are material, we will provide additional notice as required.