top of page

Policy

Consent Management, Privacy, and Data Protection Policy

Plushagins LLC

1. Consent Management

Plushagins LLC is committed to transparent, informed, and user-friendly consent practices.

  • Opt-in Consent: Customers must provide explicit consent before subscribing to marketing communications, SMS programs, or newsletters.

  • Granular Choice: Users may choose which types of communication they consent to (e.g., promotions, order updates, customer care).

  • Withdrawal of Consent: Customers may revoke consent at any time through clear unsubscribe links, reply commands (e.g., STOP for SMS), or by contacting Plushagins LLC directly.

  • Parental/Guardian Consent: For products or services directed to children, Plushagins LLC requires consent from a parent or legal guardian in compliance with COPPA (Children’s Online Privacy Protection Act).

 

2. Clarity of the Privacy Policy

Plushagins LLC ensures its privacy policy is written in clear, plain language so that all customers—including families and children—understand how their data is collected and used.

  • Transparency: The policy outlines what personal data is collected (e.g., names, emails, addresses, payment details), why it is collected, and how it is used.

  • Accessibility: The privacy policy is always available on the Plushagins LLC website and in digital communications.

  • No Hidden Practices: Plushagins LLC does not sell, rent, or trade personal information to third parties.

  • Updates: Customers will be notified of significant changes to the privacy policy with clear notice and an opportunity to review.

 

3. Data Protection Practices

Plushagins LLC applies strict safeguards to protect customer and business data.

  • Data Collection: Only the minimum necessary personal data is collected for business operations.

  • Encryption: All sensitive data (including payment and personal details) is transmitted via secure, encrypted channels (SSL/TLS).

  • Storage: Data is securely stored in password-protected, access-controlled systems.

  • Third-Party Compliance: Vendors and partners (e.g., payment processors, shipping carriers) must comply with recognized data protection standards such as GDPR and CCPA where applicable.

  • Retention: Data is retained only as long as necessary for business or legal requirements, after which it is securely deleted.

  • Access Control: Only authorized personnel with business need-to-know may access personal data.

  • Incident Response: Plushagins LLC maintains a procedure for promptly addressing any data breaches, including notifying affected individuals when required by law. Updated 09/10/2025 

bottom of page