Privacy Policy

This Privacy Policy describes how Bad Shirts (the “Site” or “we”) collects, uses, and discloses your Personal Information when you visit or make a purchase from the Site.

Collecting Personal Information

When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support. In this Privacy Policy, we refer to any information that can uniquely identify an individual (including the information below) as “Personal Information.” See the list below for more information about what Personal Information we collect and why.

DEVICE INFORMATION

  • Examples of Personal Information collected: version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the Site.
  • Purpose of collection: to load the Site accurately for you and to perform analytics on Site usage to optimize our Site.
  • Source of collection: collected automatically when you access our Site using cookies, log files, web beacons, tags, or pixels.
  • Disclosure for a business purpose: shared with our processor, WooCommerce/Hostinger.

ORDER INFORMATION

  • Examples of Personal Information collected: name, billing address, shipping address, payment information (including credit card numbers), email address, and phone number.
  • Purpose of collection: to provide products or services to you, fulfill our contract, process your payment information, arrange for shipping, provide invoices and/or order confirmations, communicate with you, screen orders for potential risk or fraud, and, when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
  • Source of collection: collected from you.
  • Disclosure for a business purpose: shared with our processors, WooCommerce and Printify (or other fulfillment partners).

CUSTOMER SUPPORT INFORMATION

  • Examples of Personal Information collected: listed above.
  • Purpose of collection: to provide customer support.
  • Source of collection: collected from you.
  • Disclosure for a business purpose: N/A

MINORS
The Site is not intended for individuals under the age of 18. We do not intentionally collect Personal Information from children. If you are a parent or guardian and believe your child has provided us with Personal Information, please contact us at the address below to request deletion.

Sharing Personal Information

We share your Personal Information with service providers to help us provide our services and fulfill our contracts with you, as described above. For example:

  • We use WooCommerce to power our online store and Printify to fulfill product orders. These service providers may have access to your Personal Information to perform their functions.
  • We may also share your Personal Information to comply with applicable laws and regulations, respond to a subpoena, search warrant, or other lawful request for information, or to otherwise protect our rights.

BEHAVIOURAL ADVERTISING

As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:

  • We use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://policies.google.com/privacy?hl=en.You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
  • We share information about your use of the Site, your purchases, and your interaction with our ads on other websites with our advertising partners. We collect and share some of this information directly with our advertising partners, and in some cases through the use of cookies or other similar technologies (which you may consent to, depending on your location).

For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of targeted advertising by:

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.

Using Personal Information

We use your Personal Information to operate and improve our services. This includes, but is not limited to: offering products for sale, processing and verifying payments, managing the shipping and fulfillment of your order (including through third-party providers such as Printify), and keeping you informed about new products, services, promotions, or other updates related to our store.

LAWFUL BASIC

In accordance with the General Data Protection Regulation (“GDPR”), if you are a resident of the European Economic Area (“EEA”), we process your Personal Information under one or more of the following lawful bases:

  • Your consent – when you voluntarily provide information, such as subscribing to newsletters or accepting cookies.
  • Performance of a contract – when we process data to fulfill our obligations, such as delivering your purchased products.
  • Compliance with legal obligations – when we are required to store or disclose data for tax, regulatory, or legal purposes.
  • Protection of vital interests – in rare cases where processing is necessary to safeguard someone’s life or wellbeing.
  • Public interest – when processing is required to perform a task carried out in the public interest.
  • Legitimate interests – where processing is necessary for our business operations (e.g., fraud prevention, improving website functionality, or direct marketing), provided that these interests do not override your fundamental rights and freedoms.

RETENTION

When you place an order on our Site, we will keep your Personal Information in our records for as long as it is necessary to fulfill the purposes outlined in this Privacy Policy. This includes order history, billing records, and shipping details. We may retain this information even after your order has been completed for purposes such as legal compliance, dispute resolution, accounting, and fraud prevention.

If you wish for your Personal Information to be erased, you may contact us to request deletion, subject to any legal or regulatory obligations that may require us to retain certain data. Please refer to the “Your Rights” section below for more details.

AUTOMATIC DECISION-MAKING

If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (including profiling) when such processing has a legal effect on you or otherwise significantly impacts you.

While we do not engage in automated decision-making that creates significant legal effects, our service providers may use limited automated systems for fraud prevention and risk management. For example, WooCommerce, payment gateways, and related providers may implement automated tools to detect and prevent fraudulent transactions.

Examples of services that involve limited automated decision-making include:

  • Temporary denylisting of IP addresses that are repeatedly linked to failed payment attempts. This denylist generally remains in place for only a few hours.
  • Temporary denylisting of credit cards associated with denylisted IP addresses. This denylist typically remains in effect for a few days.

These measures are designed to protect both our business and our customers from fraudulent activity and do not have a long-term or significant effect on your legal rights.

Your Rights

GDPR (GENERAL DATA PROTECTION REGULATION)

If you are a resident of the European Economic Area (EEA), you are entitled to certain rights regarding the Personal Information we collect and process about you. These rights include:

  • Right of Access – You may request a copy of the Personal Information we hold about you.
  • Right to Portability – You may request that we transfer your Personal Information to another service provider, in a structured, commonly used, and machine-readable format.
  • Right to Rectification – You may ask that your Personal Information be corrected or updated if it is inaccurate or incomplete.
  • Right to Erasure (“Right to be Forgotten”) – You may request that we delete your Personal Information from our records, subject to any legal or regulatory requirements that may obligate us to retain some data.
  • Right to Restrict Processing – You may request that we limit the way we use your Personal Information in certain circumstances.
  • Right to Object – You may object to specific uses of your Personal Information, including for direct marketing purposes.
  • Right not to be subject to Automated Decision-Making – You may object to being subject to decisions based solely on automated processing if those decisions produce legal or significant effects.

If you would like to exercise any of these rights, please contact us using the contact details provided at the end of this Privacy Policy.

Please note: Your Personal Information may be initially processed in the European Union (for example, through WooCommerce servers or payment processors located in the EU) and then transferred outside of Europe for storage and further processing. This may include transfers to countries such as the United States, Canada, and others where our third-party partners (including Printify, shipping providers, and analytics tools) operate.

We take steps to ensure that any transfer of your Personal Information outside of the EEA is carried out in accordance with applicable data protection laws, using appropriate safeguards such as Standard Contractual Clauses (SCCs) or other lawful mechanisms.

CCPA (CALIFORNIA CONSUMER PRIVACY ACT)

If you are a resident of California, you are granted specific rights regarding your Personal Information under the CCPA. These include:

  • Right to Know – You may request that we disclose what categories and specific pieces of Personal Information we have collected about you, the sources of that information, the purposes for collecting it, and the categories of third parties with whom it is shared.
  • Right to Portability – You may request a copy of your Personal Information in a format that allows you to transfer it to another service.
  • Right to Correction – You may ask that any inaccurate or outdated Personal Information we hold about you be corrected.
  • Right to Deletion – You may request that we delete your Personal Information, subject to certain exceptions (for example, if retaining the information is required to complete a transaction, comply with legal obligations, or detect security incidents).
  • Right to Opt-Out of Sale – You may request that your Personal Information not be sold to third parties. We do not “sell” Personal Information in the traditional sense, but we may share certain data with advertising or analytics providers, which could be considered a “sale” under the CCPA. You can opt-out of such data sharing at any time.

If you would like to exercise any of these rights, please contact us using the details provided in the Contact Us section of this Privacy Policy.

If you wish to appoint an authorized agent to make requests on your behalf, you must provide us with written authorization or verify your own identity directly with us before we can process such requests.

For deletion requests, you may also visit our CCPA Opt-Out page at: https://thebadshirts.com/do-not-sell-my-personal-information/

Cookies

A cookie is a small piece of data that is downloaded to your computer or device when you visit our website. At Bad Shirts, we use a variety of cookies, including functional cookies, performance cookies, advertising cookies, and social media or content cookies. Cookies help improve your browsing experience by allowing the site to remember your actions and preferences (such as login credentials, region selection, and language preferences). This eliminates the need to re-enter information each time you return to the site or navigate between pages. Cookies also provide valuable insights into how visitors use our website—for example, whether it is their first visit or if they are repeat customers.

We use the following categories of cookies to optimize your experience on our site and to enable us to provide our services effectively:

COOKIES NECESSARY FOR THE FUNCTIONING OF THE STORE 

WooCommerce-powered store and Printify integration function correctly. Examples include:

woocommerce_cart_hash – Helps WooCommerce determine when the contents of the cart change.

woocommerce_items_in_cart – Records when items are placed in the shopping cart.

wp_woocommerce_session_* – Stores a unique code for each customer so that WooCommerce knows where to find the cart data in the database for each session.

wordpress_logged_in_* – Indicates when you are logged in and who you are, for most interface use.

store_notice[notice id] – Allows customers to dismiss the store notice banner.

secure_customer_sig – Used in connection with customer login.

cart, cart_sig, checkout_token, checkout_session_id – Used during the checkout process to ensure smooth order placement and payment.

REPORTING AND ANALYTICS

These cookies allow us to understand how our customers use the site, track the effectiveness of marketing campaigns, and optimize user experience. Examples include:

_ga, _gid, _gat – Google Analytics cookies used to collect information about how visitors use the site, including traffic sources and user behavior.

_fbp – Facebook Pixel cookie used to deliver relevant ads to users and measure advertising effectiveness.

_clck, _clsk – Microsoft Clarity cookies used to understand user interactions for website improvement.

hjSessionUser* and hjSession* – Hotjar cookies used to analyze visitor behavior for usability improvements.

_landing_page, _orig_referrer – Track landing pages and referral sources to understand how customers arrive at our store.

COOKIE DURATION

The length of time a cookie remains on your computer or mobile device depends on whether it is a “session” cookie or a “persistent” cookie. Session cookies last only for the duration of your browsing session and are deleted once you close your browser. Persistent cookies remain stored until they expire or are manually deleted. The persistent cookies we use generally expire between 30 minutes and 2 years from the date they are downloaded to your device.

MANAGING COOKIES

You have the ability to control and manage cookies in various ways. Please note that disabling or blocking certain cookies may negatively impact your browsing experience and some parts of our website may no longer be fully accessible or function as intended.

Most web browsers automatically accept cookies, but you can modify your browser settings to refuse cookies or to notify you when cookies are being placed on your device. Instructions for managing cookies are usually found in your browser’s “Help,” “Tools,” or “Preferences” menus.

For more detailed information about cookies, including how to block, manage, or delete them, you can visit: www.allaboutcookies.org
.

Additionally, please note that blocking cookies may not fully prevent the sharing of information with third-party advertising partners. To exercise your rights or opt out of specific uses of your information by these parties, please refer to the instructions in the “Targeted Advertising and Opt-Out Rights” section above.

DO NOT TRACK

Some browsers offer a “Do Not Track” (DNT) setting, which signals to websites that you do not want your online activity to be tracked. At this time, there is no industry-wide standard on how websites should respond to DNT signals. Therefore, our website does not currently alter its data collection and usage practices when it receives a DNT signal from your browser.

Changes

We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.

Contact Us

If you would like more information about our privacy practices, if you have specific questions, or if you would like to file a complaint, you can contact us using the methods listed below:

  • By Contact Form: You may submit inquiries directly through this form available on our website. Please ensure that you include sufficient details regarding your request so we can respond accurately and promptly.
  • By Email: You can reach us at support@thebadshirts.com. We will make every effort to respond to all requests, inquiries, or complaints within a reasonable time frame, typically within 30 days or as otherwise required by applicable law.

We are committed to addressing any privacy-related concerns in a timely and transparent manner.

If you are not satisfied with the response you receive from us regarding your complaint, you have the right to escalate the matter to the appropriate data protection authority in your jurisdiction. This right exists in order to ensure that your concerns are properly investigated and addressed by an independent regulatory body.

  • European Union / EEA Residents: You may contact your local data protection authority. A list of EU Data Protection Authorities is available here: https://edpb.europa.eu/about-edpb/about-edpb/members_en
    .
  • United Kingdom Residents: You may lodge a complaint with the Information Commissioner’s Office (ICO). Guidance on how to do so is available here: https://ico.org.uk/make-a-complaint/
    .
  • California Residents (CCPA/CPRA): You may also have the right to contact the California Privacy Protection Agency (CPPA). More information is available here: https://cppa.ca.gov/
    .
  • Other Jurisdictions: If you reside outside of the areas listed above, please contact the appropriate supervisory authority in your region.

We strongly encourage you to reach out to us directly first, as we are committed to working with you in good faith to resolve any concerns regarding the use or handling of your personal information.