At Tiara Creation ("we", "us", or "our"), we respect your privacy and are committed to protecting the personal information you share with us when shopping on tiaracreation.co. This policy explains what data we collect, why we collect it, and how we keep it safe.
1 Information We Collect
We collect information you provide directly when you:
- Create an account — name, email address, password (hashed)
- Place an order — billing/shipping address, phone number, and payment reference
- Contact us — name, email, and the content of your message
We also automatically collect certain technical data such as your IP address, browser type, pages visited, and referring URLs for analytics and security purposes.
2 How We Use Your Information
- Process and fulfil your orders
- Send order confirmations and shipping updates
- Respond to enquiries and support requests
- Improve our website and product offerings
- Prevent fraud and ensure platform security
- Comply with applicable legal obligations
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
3 Payment Information
All card payments are processed securely through Paystack. We do not store your full card details on our servers. M-Pesa transactions are processed through Safaricom's secure API. Payment references are stored solely to reconcile your order.
4 Cookies
We use essential session cookies to keep you logged in and maintain your shopping cart. We may also use analytics cookies (e.g. Google Analytics) to understand how visitors use our site. You can disable cookies in your browser settings, though some features may not work correctly.
5 Data Sharing
We share your data only with trusted third parties necessary to operate our business:
- Paystack — payment processing
- Safaricom (M-Pesa) — mobile money processing
- Courier partners — order delivery (name and address only)
- Cloud hosting providers — secure server infrastructure
All third-party partners are contractually required to protect your data.
6 Data Retention
We retain your account and order data for as long as your account is active or as required by Kenyan tax and commercial law (typically 7 years). You may request deletion of your account at any time (see Section 8).
7 Data Security
We implement industry-standard security measures including HTTPS encryption, hashed passwords, and restricted database access. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.
8 Your Rights
You have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Request deletion of your account and data
- Withdraw consent for marketing communications at any time
To exercise any of these rights, email us at info@tiaracreation.co.
9 Children's Privacy
Our services are not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
10 Policy Changes
We may update this policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of our website after changes constitutes your acceptance of the revised policy.
11 Contact Us
If you have any questions about this Privacy Policy, please contact us:
- Email: info@tiaracreation.co
- Website: tiaracreation.co/contact