Effective date: 22nd day of August, 2025
This Privacy Policy pertains to www.natalieselfshelfholidaystore.com, www.elfshelfregister.com, and www.elfshelfwallet.com (collectively, “the “Sites””) all of which are owned and operated by Natalie's Elf Shelf Holiday Store, LLC. (“Elf Shelf”, “we”, “us”, “our”)
This Privacy Policy is to inform you of our policies and procedures regarding the collection, use, and disclosure of Personally Identifiable Information (as defined below) we receive when you visit and use the Services. As used in this Privacy Policy, the “Services” means visiting or using the Sites or the associated web application accessible online.
We take personal data protection and privacy seriously, and endeavor to protect your data to the greatest extent feasible.
This Privacy Policy applies to information that you provide to us through the Services, or authorize third parties to provide to us on your behalf, and when you access or use any information, services, products or content offered by Elf Shelf through the Services.
By creating a user account or using the Services, you consent to the practices described in this policy, including the processing of your information as set forth in this Privacy Policy now and as amended by us.
________________________________________
In the course of using the Services, we ask you to provide us with certain information that could reasonably be used to contact you or identify you personally (“Personally Identifiable Information”). Personally Identifiable Information may include, but is not limited to, your name and email address. Certain areas like the “Request more Information” page include forms where you actively enter your personal information. We use this personal information to provide you with the latest information pertaining to your initial request. Specifically:
● When you submit a request for information, we need to know your name, E-mail address, and question or comment. This information allows us to process and fill your request and also to notify you of its status.
● We may also use the information we collect to occasionally notify you about important changes to the Internet site, Natalie's Elf Shelf services, products, and special offers we think you may find valuable.
Some features in the Services may ask users to provide certain information that is not personally identifiable, such as city or state of residence. Such demographic and other information is referred to collectively, along with Usage Information (defined below), as “Non-Personally Identifiable Information.” You are not required to provide all requested information, but some features may not function without it. We may use Non-Personally Identifiable Information for a variety of purposes, including enhancing or otherwise improving the Services. Non-Personally Identifiable Information is generally non-identifying, but, if we associate it with you as an identifiable individual, we will treat it as Personally Identifiable Information.
When visitors use our Services, we and our third-party service providers may automatically collect some non-personally identifiable information such as your IP address (which may tell us your general location) or other unique identifier that is associated with your computer, mobile phone, or other device (any, a “Device”) you use to access the Services, the type of computer operating system you are using (e.g., Microsoft Windows or Mac OS), the type of browser you are using (e.g., Internet Explorer, Firefox), or your activity while using our Services (e.g., which of our pages you have viewed, the amount of time spent on a given page) (“Usage Information”).
________________________________________
In addition to the information that you may provide to us, our Services may use software technology such as “cookies,” “pixel tags,” “web beacons,” “embedded scripts,” or other similar technologies (collectively referred to as “Tracking Technologies”). These Tracking Technologies are used to help tailor our content, allow visitors to move between associated websites without logging into each site, provide content protection, and other purposes related to our management of the Services.
Cookies are small text files stored locally on your Device that help store user preferences. Pixel tags, web beacons or “clear gifs” are small pieces of code placed on websites used to collect advertising metrics, such as counting page views, promotion views, or advertising responses. An embedded script is programming code that is temporarily downloaded onto your Device from our web server or a third-party service provider, that is designed to collect information about your interactions with the Services, such as the links you click on. An embedded script is active only while you are connected to the Services, and is deactivated or deleted thereafter. We may use Tracking Technologies to determine how many visitors we have and how often they visit various sections of our Services and to improve or customize the content, offerings and advertisements on our Services. For example, we may use cookies to personalize your experience through our Services, such as to recognize you by your user name and when you return to our Services.
We, our third-party service providers, and/or partners may also use Tracking Technologies, such as cookies, to manage and measure the performance of advertisements displayed on or delivered by or through the Services. Moreover, we, our third-party service providers, and/or our partners may use Tracking Technologies to monitor how visitors use the Services by collecting data about the visitors viewing a web page or using a certain feature.
In addition to the Tracking Technologies, log data collected on our web servers and application databases supply us with aggregate Usage Information about the number of visits to our Services, goals set and accomplished, and other transactional interactions visitors make within the Services. We use such aggregate Usage Information to improve access to content based on our visitors’ browsers and operating system types to make our content available to as many users as possible and to promote the effectiveness and impact our Services are making.
By agreeing to this Privacy Policy, you are consenting to the use of Tracking Technologies as set forth in this Privacy Policy. You can change your privacy preferences regarding the use of cookies and similar technologies through your browser.
Please be aware, however, that:
● blocking cookies and other Tracking Technologies will affect your online experience and may prevent you from enjoying the full features offered through our Services;
● certain areas and features of our Services can only be accessed in conjunction with cookies or other similar devices; and
● disabling Tracking Technologies, including cookies, may prevent you from accessing some of our content.
________________________________________
Personally Identifiable Information and Non-Personally Identifiable Information are used for the following purposes: (i) to provide, optimize, and improve the Services, features, and content, which includes, among other things, determining your general geographic location, (ii) to enable users to enjoy the Services, (iii) to better understand your needs and interests, (iv) to fulfill requests you may make, (v) to personalize your experience, (vi) to provide service announcements, and (vii) to provide you with further information and offers from us or third parties that we believe you may find useful or interesting, including newsletters, marketing, or promotional materials and other information on Elf Shelf related services. If you decide at any time that you no longer wish to receive such communications, please opt out by using the unsubscribe links or instructions included at the bottom of our emails, replying “Stop” to a text message, or deleting an Elf Wallet account. Please note that we will continue to send you service-related communications regardless of any opt-out request for as long as you have an account with us.
We use information we obtain by technical means (such as the automatic recording performed by our servers or through the use of cookies) for the above purposes and:
● in order to monitor and analyze use of the Services,
● for the technical administration of the Services,
● to increase the functionality and user-friendliness of the Services, to better tailor both to your needs,
● to generate and derive useful data and information concerning the interests, characteristics, and website use behavior of our users,
● to comply with such statutory and regulatory requirements as apply to our provision of the Services and our operations,
● and to verify that visitors and users to and of the Services meet the criteria required to process their requests.
By registering with Elf Shelf, you consent to receiving periodic emails including: Elf Shelf updates and newsletters. In addition to these you may opt-in to notifications including: media subscriptions and group updates. We will provide means to opt-out of any email notifications from Elf Shelf and will include links to opt-out in every email.
________________________________________
Third Parties. We will not share or sell Personally Identifiable Information with other organizations for their marketing or promotional uses without your express consent.
Aggregate Information and Non-Personally Identifiable Information. We may share aggregated information that includes Non-Personally Identifiable Information and log data with third parties for industry analysis and demographic profiling, or to deliver targeted advertising about other products and services. Any aggregated information shared in these contexts will not contain your Personally Identifiable Information.
Service Providers. We may employ third party companies and individuals to facilitate the Services, to provide the Services on our behalf, to perform services related to administration of the Services (including, without limitation, maintenance, hosting, and database management services; web analytics; and administration). These third parties have access to your Personally Identifiable Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
The Services rely on the third party tool "Stripe" to process payments. We encourage you to read the privacy policy or statement on their website. We recommend users visit the Stripe Privacy Center and review the relevant materials prior to using these features.
Compliance with Laws and Law Enforcement. Elf Shelf cooperates with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect the property and rights of Elf Shelf or a third party, to protect the safety of the public or any person, or to prevent or stop any activity we may consider to be, or to pose a risk of being, illegal, unethical, inappropriate, or legally actionable.
Business Transfers. Elf Shelf may sell, transfer or otherwise share some or all of its assets, including your Personally Identifiable Information, in connection with a merger, acquisition, reorganization, or sale of assets or in the event of bankruptcy. You will be notified via the Services and/or email of any such change in ownership or control of your Personally Identifiable Information.
________________________________________
Certain portions of the Services may allow us to contact you via telephone text messages.
You agree that we may contact you via telephone or text messages including by an automatic telephone dialing system at any of the phone numbers provided by you or on your behalf in connection with your use of the Services, including for marketing purposes (including store reminders and promotional offers).
You understand that you are not required to provide this consent as a condition of purchasing any products or working with us.
You also understand that you may opt out of receiving text messages from us at any time, by contacting us at support@elfshelfholidaystore.com or texting “STOP” to 580-228-8788. After you send the text message "STOP" to us, we will send you a text message to confirm that you have been unsubscribed. After this, you will no longer receive text messages from us.
If you want to join again, just respond back to 580-228-8788 “start”. If you are experiencing issues with the messaging program, you can call 580-399-4177 for more assistance, or you can get help directly at support@elfshelfholidaystore.com.
Carriers are not liable for delayed or undelivered messages. As always, message and data rates may apply for any messages sent to you from us and to us from you. Messaging frequency may vary. If you have any questions about your text plan or data plan, it is best to contact your wireless provider. If you do not choose to opt out, we may contact you as outlined in our privacy policy.
________________________________________
We Process all data in the United States. “Process” means using or touching information in any way, including, but not limited to, collecting, storing, deleting, using, combining, and disclosing information; or using Tracking Technologies on a Device, all of which will take place in the United States.
If you reside outside the United States, in order to use the Services, you must opt in to allow your information to be transferred, processed, and stored there under United States privacy standards. You may opt out of this transfer or revoke your authorization at any time by: (i) requesting deletion of your account, or (ii) contacting us through any of the methods listed in Section 9 “Exercising Your Rights.” Please understand that this will terminate your ability to use the Services.
If you stop using the Services without deleting your account or asking us to, we will not delete your Personally Identifiable Information for at least twelve months, and we may retain deidentified, aggregated Non-Personally Identifiable Information for as long as that information is useful to us in our analysis of the Services’ usage and performance. Deidentified data means data that cannot reasonably be used to identify you.
Personally Identifiable Information and Non-Personally Identifiable Information will be stored until the purpose the data was collected for has been achieved. You will be notified if your Personally Identifiable Information is kept for longer than this period.
________________________________________
The Services may contain links to other websites. If you click on a link to an external site, also called a third party link, you will be directed to that third party’s website. Clicking on links to third party websites may redirect away from the Sites, or open in new browser windows or tabs, depending on your device and browser settings. The fact that we link to a website is not an endorsement, authorization or representation that we are affiliated with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third party websites. These other websites may place their own cookies or other files on your computer, collect data, or solicit Personally Identifiable Information from you. Other websites and services follow different rules regarding the use or disclosure of the Personally Identifiable Information you submit to them. We encourage you to read the privacy policies or statements of the other websites you visit.
________________________________________
Elf Shelf is committed to ensuring that you have meaningful control over your Personally Identifiable Information. Regardless of your jurisdiction, we provide the following core rights to all users:
● Access – You can request a copy of the Personally Identifiable Information we hold about you.
● Correction – You can ask us to correct inaccurate or incomplete Personally Identifiable Information.
● Deletion – You can request that we delete your Personally Identifiable Information, subject to certain legal or operational exceptions.
● Objection or Restriction – You can object to or request that we restrict certain types of data processing.
● Portability – Where technically feasible, we can provide your data in a portable format.
● Withdraw Consent – Where we rely on your consent to process your data, you may withdraw that consent at any time.
To exercise any of these rights, please see Section 9.3, below. We will respond to your request within a reasonable timeframe and in accordance with applicable laws.
________________________________________
Depending on where you live, you may have certain legal rights regarding how your data is collected, used, and stored. These rights may include:
9.2.1. European Union and United Kingdom (GDPR)
If you are located in the EU or the UK, the General Data Protection Regulation (GDPR) provides additional rights:
● The right to lodge a complaint with your local Data Protection Authority (DPA).
● The right to data portability in a structured, commonly used, and machine-readable format.
● The right to erasure ("right to be forgotten") under certain conditions.
● Automated decision-making safeguards (though we do not use your data for fully-automated decision-making of any kind).
9.2.2. Canada (PIPEDA)
Canadian users have rights under the Personally Identifiable Information Protection and Electronic Documents Act (PIPEDA), including:
● The right to access and correct Personally Identifiable Information.
● The right to challenge the accuracy and completeness of your data.
● The right to file a complaint with the Office of the Privacy Commissioner of Canada.
9.2.3. Mexico (LFPDPPP)
If you are a resident of Mexico, you may exercise your ARCO rights:
● Access – Know what personal data we hold.
● Rectification – Request corrections to your data.
● Cancellation – Request that we delete your data.
● Opposition – Object to the processing of your data.
You may exercise these rights by submitting a request to us via the contact methods in Section 13, in accordance with the procedures set forth by the Federal Law on Protection of Personal Data Held by Private Parties.
California law requires us to provide California residents with additional information regarding how we collect, use, and share your “Personally Identifiable Information” (as defined in the California Consumer Privacy Act (“CCPA”)).
Categories of Personally Identifiable Information we collect. In Section 1, above, and otherwise throughout this Policy, we discuss in detail the specific pieces of information we collect from and about users. Below are the categories of Personally Identifiable Information we collect:
■ Identifiers (such as name and title, contact details, and company name);
■ Internet or other network or device activity (such as browsing history or app usage);
■ Inference data about you; and
■ Other information that identifies or can be reasonably associated with you.
Use of categories of Personally Identifiable Information. We may disclose the categories of Personally Identifiable Information identified above for our operational purposes where the use is reasonably necessary and proportionate to achieve the operational purpose for which it was collected or processed, or for another compatible operational purpose.
Sale of Personally Identifiable Information. The CCPA sets forth certain obligations for businesses that “sell” Personally Identifiable Information. Based on the definition of “sell” under the CCPA and under current regulatory guidance, we do not believe we engage in such activity and have not engaged in such activity in the past twelve months (including that we do not “sell” the Personally Identifiable Information of minors under 16 years of age). We do share certain information as set forth in Sections 1 and 2 of this Policy, and allow third parties to collect certain information about your activity, for example through cookies, as explained in Section 8 of this Policy.
Individual Rights. California law may provide you with certain rights and permit you to request the following:
■ Provide you the categories of Personally Identifiable Information we have collected or disclosed about you in the last twelve months; the categories of sources of such information; the business or commercial purpose for collecting or selling your Personally Identifiable Information; and the categories of third parties with whom we shared Personally Identifiable Information.
■ Provide access to and/or a copy of certain information we hold about you.
■ Delete certain information we have about you.
You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. For example, we need certain types of information so that we can provide the Services to you and for compliance with applicable law. If you ask us to delete certain information, you may no longer be able to access or use the Services.
9.2.4.2. California Civil Code Section 1798.83)
Under California Civil Code Section 1798.83, California residents who provide us with Personally Identifiable Information in obtaining products or services for personal, family, or household use are entitled to request and obtain from us one time per calendar year information about the customer information we shared, if any, with other businesses for their own direct marketing uses. Alternatively, the law provides that a company may comply, as Elf Shelf does, by disclosing in its privacy policy that it provides consumers choice (opt-out or opt-in) regarding sharing Personally Identifiable Information with third parties for those third parties’ direct marketing purposes, and information on how to exercise that choice. As stated above in this Privacy Policy, Elf Shelf provides you choice prior to sharing your Personally Identifiable Information with third parties for their direct marketing purposes. If you do not opt-in or if you choose to opt-out at the time Elf Shelf offers that choice, Elf Shelf does not share your information with that identified third party for its direct marketing purposes.
9.2.4.3. California Online Privacy Protection Act Notice Concerning Do Not Track Signals.
This notice is provided in response to AB370. Note that your browser settings may allow you to automatically transmit a “Do Not Track” signal to websites and online services you visit. There is no consensus among industry participants as to what “Do Not Track” means in this context. If you enable “Do Not Track” functionality on your browser, Google Analytics will not track your usage of our website. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
________________________________________
If you are a California resident and you have questions about our practices with respect to sharing information with third parties for their direct marketing purposes and your ability to exercise choice, please email our Privacy Officer, Natalie Larman, at natalie@elfshelfholidaystore.com or send written correspondence to the following mailing address: 18964 Northeast 23rd Street Suite 102/104 Suite 102/104 Harrah, OK 73045. You must put the statement “Your California Privacy Rights” in the subject line of your message or include it in your writing if you choose to write to us at the designated mailing address. You must include your name, street address, city, state, and zip code. We will respond to you at your mailing address, or at our option, your e-mail address. We are not responsible for notices that are not labeled or sent properly, or do not have complete information.
9.3.2. Residents of Other Jurisdictions.
If you have questions about how we comply with privacy laws in your jurisdiction, or wish to exercise any privacy rights afforded to you under local regulations, please send a request via the form at https://natalieselfshelfholidaystore.com/contact-us or to the following mailing address: 18964 Northeast 23rd Street Suite 102/104 Suite 102/104 Harrah, OK 73045. Such requests should include information to allow us to verify your identity, such as your name, address, email address, or other information we may reasonably require. You must put the statement “Your [Jurisdiction] Privacy Rights” in the subject field of your e-mail or include it in your writing if you choose to write to us at the designated mailing address, replacing the word [Jurisdiction] with your state or country of residence. You must include your name, street address, city, state, and zip code. We will respond to you at your mailing address, or at our option, your e-mail address. We are not responsible for notices that are not labeled or sent properly, or do not have complete information.
9.3.3. Responses to Requests to Exercise Privacy Rights.
When we receive your request to exercise one of these rights, we will respond without undue delay and within the time required by applicable law. This may be extended in certain circumstances, e.g., where requests are complex or numerous. We may ask for verification of your identity before processing your request. If we are unable to fulfill your request due to legal or operational limitations, we will let you know why.
________________________________________
We have put in place commercially reasonable physical, electronic, and managerial procedures in an effort to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information we collect online. All Personally Identifiable Information is accessible only by our employees. Our employees are bound by strict confidentiality agreements, and breach of an agreement would result in the employee's termination. Our third-party service providers are similarly contractually bound.
In order to protect your security, we use the strongest available browser encryption and store all of our data on servers in secure facilities. When personal information (such as a credit card number) is transmitted to other Web sites, it is protected through the use of encryption, such as the Secure Socket Layer (SSL) protocol. However, no data transmission over the Internet, wireless transmission, or electronic storage of information can be guaranteed to be 100% secure. Please note that we cannot ensure or warrant the security of any information we collect. You use our Services and provide us with your information at your own risk.
________________________________________
Elf Shelf’s Sites and Services are not intended for use by children. We do not use any of our Services to knowingly solicit data from or market to children under the age of 16. We require that all individuals provide a valid credit card number before completing a purchase order on the site. If we learn that we have inadvertently collected personal information from a child under 16, we will attempt to notify such child's parent or guardian and erase such information from our records, unless the child's parent or guardian consents to our maintaining such information. If a parent or guardian becomes aware that their child has provided Elf Shelf with information without parental consent, that parent should contact us at at https://natalieselfshelfholidaystore.com/contact-us.
________________________________________
This Privacy Policy may be updated from time to time. We will notify you of any material changes by posting the new Privacy Policy through the Services. It is your responsibility to review this Privacy Policy from time to time for any changes.
________________________________________
To contact us for any reason relating to your exercise of rights under any privacy law, please see section 9.3 “Exercising Your Rights.”
To contact us for any other reason, please visit https://natalieselfshelfholidaystore.com/contact-us and provide a brief and clear message. We endeavor to respond to all inquiries in a timely manner, but we cannot promise a specific time frame for general inquiries.