Privacy policy

Last Updated: 10 March 2026

Bianca’s Touch operates this online store and website (biancastouch.com), including all related content, features, tools, products, and services (the "Services"). We are powered by Shopify to deliver a curated, elegant shopping experience for our timeless, non-tarnish jewelry.

This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit the site, use the Services, make a purchase, or communicate with us. It aligns with South Africa's Protection of Personal Information Act (POPIA) (as the primary law for our SA-based operations), the Consumer Protection Act (CPA), and other applicable laws. If there's a conflict between our Terms and Conditions and this Policy regarding personal information, this Policy prevails.

By using the Services, you acknowledge you have read and agree to this Policy. If you do not agree, please do not use the site or provide personal information.

Personal Information We Collect

"Personal information" means data that identifies or can be linked to you (as defined in POPIA). We collect/process the following categories, as needed and lawfully:

  • Contact details: Name, email, phone, billing/shipping address.
  • Payment/financial info: Card details, transaction history (processed securely via Shopify/payment providers).
  • Account info: Username, password, preferences, wish list/cart items.
  • Transaction/usage data: Viewed/purchased items, browsing behavior, IP address, device/browser info.
  • Communications: Inquiries, support messages, reviews.

We do not collect special personal information (e.g., health, race) unless voluntarily provided and necessary.

Sources of Personal Information

  • Directly from you (e.g., checkout, account creation, emails).
  • Automatically (cookies, analytics, device data—see cookie notice).
  • From Shopify and service providers (e.g., couriers, payment gateways).
  • From partners/third parties (limited, with consent where required).

How We Use Your Personal Information

We process personal information lawfully under POPIA's conditions (accountability, purpose specification, etc.) for:

  • Fulfilling orders, processing payments, shipping (per our Shipping Policy), handling returns/refunds/cancellations (per Returns & Refund and Order Cancellation Policies).
  • Providing customer support and communications.
  • Personalizing your experience (recommendations, preferences).
  • Marketing/promotions (email/SMS)—only with your specific, informed consent (opt-in); you can unsubscribe anytime.
  • Security, fraud prevention, site improvement.
  • Complying with legal obligations (e.g., CPA, tax laws) or defending rights.

We limit processing to what's necessary and retain data only as long as needed (e.g., for orders, disputes, or legal requirements).

Cookies & Similar Technologies

We use cookies for functionality, analytics, and advertising. You can manage preferences via our cookie banner. For details, see our cookie policy (or integrate one).

Disclosure of Personal Information

We share personal information only as necessary:

  • With Shopify (our platform provider/processor) and service providers (e.g., couriers like DHL, payment processors, IT support).
  • With affiliates or in business transfers (e.g., merger).
  • To comply with law, respond to legal requests, or protect rights/safety.
  • With your consent (e.g., social sharing).

Shopify processes data on our behalf and may transfer it internationally (e.g., to Canada/US). We ensure appropriate safeguards (e.g., standard contractual clauses). For Shopify's practices, see their Consumer Privacy Policy at https://www.shopify.com/legal/privacy or privacy portal at https://privacy.shopify.com/en.

International Transfers

Personal information may be transferred/stored outside South Africa (e.g., Shopify servers). We use lawful mechanisms under POPIA (adequacy decisions, binding rules, or contracts) to protect it.

Security & Retention

We implement reasonable technical/organizational measures to secure data (e.g., encryption, access controls). No system is 100% secure—transit risks exist.

Retention: As long as needed for purposes, legal obligations, or disputes (typically 5–7 years for transaction records under SA law).

Your Rights Under POPIA

As a data subject, you may (subject to verification and exceptions):

  • Access/correct/delete your information.
  • Object to processing (including direct marketing).
  • Request portability.
  • Withdraw consent (where consent-based).
  • Lodge complaints with the Information Regulator.

Contact us to exercise rights—we'll respond timely. No discrimination for exercising rights.

Children's Privacy

Services not for children under 18. We do not knowingly collect data from minors without verifiable parental consent.

Changes to This Policy

We may update this Policy—changes posted here with new date. Continued use means acceptance.

Contact & Information Officer

For questions, rights requests, or complaints:
Email: info@biancastouch.com
Business Name: Bianca’s Touch
Location: Cascades, Riverside, Mbombela, South Africa

Our Information Officer (responsible for POPIA compliance) can be reached at the above email.

Thank you for trusting Bianca’s Touch—we're committed to protecting your privacy while delivering elegant, timeless jewelry. Questions? We're here! 💎✨