This Notice of Privacy Practices was updated on June 9, 2018.

Here’s a summary of what we’ve updated:

  •          Re-organized this Notice to better explain why, what, and how we collect and process customer information;
  •          Updated subsidiary, affiliate and other partner information;
  •          Expanded scope of technology-enabled collection services such as Beacons, In-Store Wi-Fi, RFID, Voice-Enabled Services and Video Cameras;
  •          Descriptions of how we safeguard information; and
  •          Expanded scope on how to Manage Your Preferences that includes updates on Social Network & New Tech Advertising programs and your choices related to technology-enabled collection services.

This Notice of Privacy Practices (“Notice”) applies to information collected, processed or stored by  Heather online at, and via Secrett Curves mobile applications (e.g. Secrett Curves Big Brown Bag app or accessed through your mobile device) (Collectively, “Services”). This Notice describes the extent of data collection and use for these Secrett Curves Services.

This Notice of Privacy Practices explains:

  • Why We Collect & use Information
  • What We Collect & Share
  • Our Use of Information Technologies
  • Managing Your Preferences
  • Ownership of Customer Data
  • Additional Disclosures ( including COPPA, California Privacy Rights)
  • Safeguarding Information

Your access to and use of our Services means you agree to the terms in this Notice and our Terms of Use. We encourage you to refer to this Notice periodically so that you understand our current privacy practices.

If you have any questions about this Notice, please contact our Customer Service department Via email to :


We at Secrett Curves understand that you entrust your data to us. We value that trust. Our collection and use of customer data is guided by our corporate principle of Customers First and subject to our Secrett Curves Responsible Information Management program.

We may use the information we collect for the following primary reasons:

  1. Product & Service Fulfillment (FUL)
  2. Marketing, Promotions & Advertising (ADV)
  3. Internal Operations (OPS)
  4. Fraud Prevention, Security & Compliance (SEC)

We may combine information collected from different sources (see section on What We Collect & Share). Below is a summary of some of the ways we collect and use information:

1. Product & Service Fulfillment (FUL)

  •          To complete, fulfill, manage, and communicate with you about transactions.
  •          To establish and service your online profile on one of our websites or mobile applications;
  •          To provide customer service and alert you to product or shipping information; and
  •          To administer loyalty programs (e.g., Loyalist).

2. Marketing, Promotions & Advertising (ADV)

  •          To deliver information about our products, services, and promotions (e.g., personalized offers delivered to your home, email, or mobile devices);
  •          To provide interactive features on our websites and mobile applications (e.g., product ratings and reviews, real-time offers, and location-based services such as store maps);
  •          To identify product preferences and shopping preferences (e.g., services and promotions of possible interest); and
  •          To administer contests, sweepstakes, promotions, surveys, and focus groups.

3. Internal Operations (OPS)

  •          To improve the effectiveness of our websites, stores, mobile applications, merchandise assortment, and customer service;
  •          To conduct research and analytics related to our operations; and
  •          To perform other logistics and operation activities as needed.

4. Fraud Prevention, Security and Compliance (SEC)

  •          To protect our assets and prevent fraudulent transactions;
  •          To validate credentials and authenticate customers when logging into your online profile, applications, or transacting in store;
  •          To protect the security and integrity of our Services and our data; and
  •          To assist law enforcement and respond to legal/regulatory inquiries.

The rest of this Notice refers to the collection and use codes above (FUL; ADV; OPS; SEC). This is so you can better understand why we collect and use different types of information in accordance with our privacy practices and our Responsible Information Management program.


We collect information from a variety of sources, including: information provided by you, transaction information, technology-enabled services, and information we collect about you from third party sources. The following are select examples of the types of information we may collect and share:

         Information you provide: (FUL, ADV, OPS, SEC)

We collect various information when you create a profile, place an order, create a registry or take advantage of other programs online or in store. Information we may collect includes: Name, Address (billing and shipping), Zip code, e-mail address, Telephone number(s), Cellular phone number(s), Credit card number(s), Birth date, and Security question answers. (To express your preferences related to information you provide, go to the Manage Your Preferences section below).

         Technology-Enabled Collections: (FUL, ADV, OPS, SEC)

We collect data when you visit our websites, use our mobile applications, shop in our stores, or interact with our wireless services and other technologies. This information is either automatically collected or is customer initiated.

         Transaction Information: (FUL, ADV, OPS, SEC)

Transaction Information includes items purchased and date and time of your transaction, for in-store or online purchases.

When you make a purchase or create a gift registry, we may share information about you and your transaction with other companies necessary to process your transaction or offer you products or services that may be of interest.

         Affiliate & Subsidiary Sharing: (FUL, ADV, OPS, SEC)

Secrett Curves, a trademark of Heather, may share your information within organization including its subsidiaries and affiliates. This Notice does not cover the privacy practices of affiliates.

         Third Parties: (FUL, ADV, OPS, SEC)

We may receive your updated shipping information from a third party carrier.

We may collect or use information made available to us through third party platforms, online databases and directories, or other means. We specify that data sourced from a third party must be legitimately and legally obtained. Some or all of this information may be governed by the privacy statements of the third party.

We may share information with third parties who provide services to us or who work with us to offer products or services online or in our stores.  Secrett Curves also may share information with third parties so that they may directly offer their products or services to you if we think they may be of interest to you.

We participate in consortiums with partners to share information or match (look alike or similar) customer data. When shared, this information is de-identified and anonymized.


The following section describes various types of technologies we use when you interact with us online, through our mobile applications, shop in our stores, or use our wireless services, and your choices regarding those technologies:

Cookies, Pixel Tags, and Flash Cookies (FUL, ADV, OPS, SEC)

On our websites and other digital platforms we use Cookies, Pixel Tags, and more limitedly, Flash Cookies. This section briefly describes each:

A Cookie is a small piece of computer code sent by a website and stored on the hard disk of your computer. A pixel tag (also known as a tracking pixel, web beacon, or clear GIF) is an embedded image on a website that may register a user’s website activity. A Flash Cookie (also known as a Local Shared Object) is a data file stored on your computer by the websites that you visit. Flash Cookies provide similar functionality as Cookies, but are based on different technology, provide richer data collections, and are persistent; they do not go away when you exit your browser and generally cannot be deleted through your browser option tools.

At Secrett Curves we use two kinds of Cookies: session cookies and persistent cookies. Session cookies exist only for as long as your browser remains open. We use session cookies, for example, to manage items added to your shopping bag. Persistent cookies last from visit to visit; they do not go away when you exit your browser. We use persistent cookies to enable an easier log-in process, give you a more personalized shopping experience, or help you navigate our website more efficiently. For example, we use persistent cookies to show you items you have previously browsed. From time to time, we may use Flash Cookie(s) on our website(s), for example, to enable or control richer Flash-based content.

If you block cookies from, you will not be able to make purchases on our website.

Website Optimization Services (ADV, OPS)

Secrett Curves shares data with Digital Analytics tools to understand and optimize website performance and enhance site usability for our customers. Digital Analytics runs in the background of our sites analyzing site usage information and then returning reports to us through an encrypted connection. Data Analytics is required to maintain data securely and confidentially, and is not permitted to share data collected with parties other than Secrett Curves. Credit card or password data is not collected through Digital Analytics.

Interest-Based or Online Behavioral Advertising (OBA) (ADV, OPS)

Secrett Curves uses third-party advertising companies to serve interest-based advertisements. These companies compile information from various online sources (including mobile-enabled browsers and applications) to match user profiles with ads we believe will be most relevant, interesting and timely based on that user profile.

Social Network & New Tech Advertising Programs (ADV)

Secrett Curves has relationships with several social networks and new tech companies. These companies have specific Interest-Based Ads programs that match people that have shown interest in Heather  through our website or other services with their profiles (such as on Facebook) and platforms (such as Facebook and Google properties).  This matching allows us to deliver relevant, interest-based ads on those companies’ networks.

Do Not Track (DNT) (ADV, OPS)

Secrett Curves does not currently recognize and process Do Not Track signals from different web browsers. Customers may manage their preferences for tracking across sites in the Interest-Based Advertising section above. For more information on Do Not Track please visit

Secrett Curves Mobile Applications (FUL, ADV, OPS, SEC)

Secrett Curves offers mobile applications that you may download from your phone or smart device’s “app store” as well as apps that you can download from your Internet-connected devices (e.g., smart television).

Secrett Curves mobile applications, with your permission, may use your device’s camera, microphone, or location information to enable features or services.  For example, geolocation (e.g., GPS) can help you find a nearby store or learn about upcoming nearby store events. Another example is in-store location using Bluetooth signals to connect to our Beacons or our In-Store Wi-Fi Services, which can help you while inside our store to find nearby products or receive real-time offers.

Secrett Curves Mobile Application Preferences are managed in the Secrett Curves application and through your device’s settings.

Beacons (FUL, ADV, OPS, SEC)

Beacons are small appliances that we use to enhance and make the Secrett Curves in-store experience more interactive. Beacons broadcast a Bluetooth signal that can be received by Bluetooth-enabled devices, such as a mobile phone, when those devices are within proximity of a beacon. Beacons do not collect or pull in personal data; they only push out radio signal pulses to map nearby Bluetooth-enabled devices, much in the same way radar works. In-app permissions, such as permission to access location and accept Push Notifications (sometimes shown as ‘PNS’ on your devices), must be enabled for a Beacon to interact with your specific Bluetooth-enabled device. Interactions with and notifications delivered to your device may include customer service information, in-store directions, offers and advertisements from Secrett Curves as well as other non- Secrett Curves applications and advertisers.

Beacon Preferences are managed through your device (Bluetooth, Location, and PNS settings).

In-Store Wi-Fi Services (FUL, ADV, OPS, SEC)

Many Secrett Curves locations offer free Wi-Fi Services to visitors. Wi-Fi routers capture certain data from devices that interact with the router. Some examples of data automatically collected through our Wi-Fi Service include:

  •          Information about your device, including a MAC Address, and telemetry data (such as signal strength and quality) related to your use of our Wi-Fi service.
  •          Vendors that analyze Wi-Fi data automatically collected to provide operational insights such as foot traffic volumes, dwell times, and how costumers move through our stores.

Unless we receive consent to use Wi-Fi data in a manner that identifies you or your device(s), Wi-Fi data is anonymously collected or de-identified.


Radio Frequency Identification (RFID) tags consist of a small chip and antenna that provide a unique identifier for objects. RFID serves the same purpose as a bar code and must be scanned by a specific type of reader in close proximity to the tag to retrieve tag data. Secrett Curves uses RFID for inventory management (such as locating shoes in the stock room) and logistics support. RFID is not used to track or monitor any items once you leave our stores.

Video Cameras (FUL, OPS, SEC)

We use cameras in our stores for security purposes, loss prevention, and asset protection. We also use cameras in our stores for operational purposes, such as traffic pattern analysis. Cameras may include technology to capture demographic information, such as age, gender and dwell time.

We will not use cameras to personally identify you, without your consent, except when the identification is for security or law enforcement purposes.

Voice-Enabled Services (FUL, OPS)

We may use voice-enabled services (VES) to provide you greater functionality and easier shopping experiences with services such as voice search for products (for e.g., “Show me Style & Company Handbags”). VES will only be used to facilitate specific requests. Voice files are not used to personally identify an individual and will not be associated within any individual Secrett Curves account. Voice files will be retained by Secrett Curves and any third party voice-enabled service providers.

Voice-enabled services are opt-in by use. If you do not wish to opt-in to VES, do not use those features. VES do not include phone answering machine messages.


This section details, in one place, how you may express preferences including electing to opt-out of some data collections or uses.

Access to Accounts, Online Profiles, and Orders

  •          If you are a registered user of, you can update your information in My Account.
  •          If you have questions about your order, you may check your order status online in My Order.
  •          To learn more about your options for managing your preferences with respect to your Secrett Curves credit card account,
  •          If you have any additional questions, please send email to

Data Sharing Preferences

If you prefer that we not share your information with third parties for marketing purposes, you can contact us via email :

Email Communications

Promotional or Marketing Emails:

To opt-out of receiving promotional or marketing e-mails from Secrett Curves at a specific email address, you may:

  •                   Unsubscribe by signing into your account on, or clicking on my profile and indicating your opt-out preference.
  •                   Or contact us via email

Note: It may take up to 10 business days to process your request.

         Customer Survey Emails: We may separately send surveys, via e-mail, to our customers in order to collect opinions and feedback about their shopping experiences. To opt-out of receiving survey emails from Secrett Curves, you may use the unsubscribe link at the bottom of any survey email.

         Specialized Email Programs: You may have signed up for one of our specialized email programs (e.g.  Registry Star Rewards). To opt-out of receiving emails from one of those specialized programs, you may use the unsubscribe link at the bottom of any of these emails.

Note: Operational emails (e.g. shipping confirmation or product recall information) do not provide an opt-out option.

Direct Mail or Telemarketing

         Direct Mail or Telemarketing: To opt-out of receiving direct mail or telemarketing calls, you may contact us Via email at .

Note on Opting-Out of Direct Mail: Because direct mailings are often prepared well in advance (12-16 weeks, in some cases) you may, for a period of time, continue to receive some physical mail after you send us your request.

Website & Online Services Preferences

         Cookies & Flash Cookies: Managing cookie preferences differs from browser to browser so please refer to your browser for further information. If you would like to disable cookies and web beacons, please use the help function in your web browser to restrict cookies from our website(s). If you block cookies from, you will not be able to make purchases on our website.  To manage the Flash Cookie settings and preferences for your computer, mobile phone or wireless device and you will be directed to the Settings Manager on Adobe’s website. You may also be able to manage Flash Cookies from your browser, depending on the version of your browser.

         Website Optimization Services: You may choose to opt-out of Digital Analytics’ analysis of your browsing and purchasing behavior on our website, or you may choose to allow Digital Analytics to analyze your behavior in a de-identified manner

         Interest-Based Adverting: If you would like to opt-out of interest-based advertising.  Please note that you will be opted out of all interest-based advertising from all business members of the Network Advertising Initiative for that specific browser on that specific device. If you opt-out, you may continue to see or receive online advertising from Secrett Curces; however, these ads may not be as relevant to you.

Note: To opt-out of interest-based advertising in mobile applications, you can turn off mobile device ad tracking or reset the advertising identifier in your device settings.

         Social Network & New Tech Advertising: You can manage your preferences for many of these advertising programs through the links provided below:

  •                   Facebook
  •                   Google
  •                   Pinterest
  •                   Twitter
  •                   Instagram

Technology-Enabled Collection & Use Preferences

         Mobile Marketing: To opt-out of mobile marketing for a specific mobile number, via email to You will receive a confirmation text that you have been opted out. For customers with a Secrett Curves online account, you may also opt-out via your profile.

Note on Opting-Out of Mobile Marketing: If you opt-out of mobile marketing using any means, please allow 3-5 business days after contacting us to process your request. We do not share your mobile number with any third parties for marketing purposes.

         Secrett Curves Mobile Applications: You can opt out from allowing Secrett Curves mobile applications to access your device’s camera, microphone, or location information by adjusting the permissions in your mobile device.??Note: To opt-out of interest-based advertising in mobile applications, you can turn off mobile device ad tracking or reset the advertising identifier in your device settings.

         In-Store Wi-Fi Services: If you do not wish for us to use your Wi-Fi analytic data in a de-identified manner, please turn off your phone or refrain from using our Wi-Fi Services. For more information, visit htts://


If Secrett Curves, its parent company or any of its subsidiaries is sold to or otherwise acquired by a third party, all Secrett Curves data assets will become the property of the acquiring party. Such a party will be subject to any consent(s), opt-outs or other customer conditions on data.  A change in data ownership may or may not include a notice on the primary online sites of Secrett Curves or affected subsidiary sites.


Information About Children Under 13

The Children’s Online Privacy Protection Act imposes requirements on Web sites that collect personal information about children under 13 years old (for example – name, address, email address, social security number, etc.). Our current policy is not to collect any personal information on any person under 13 years old online. For this reason, our sweepstakes and other promotions conducted online are restricted to entrants who are at least 13 years old.

If this policy changes, we will revise this portion of our Notice of Privacy Practices and will comply with the requirements of the Children’s Online Privacy Protection Act, which includes providing notice and choice to each child’s parent or guardian before collecting any personal information.

Your California Privacy Rights

Under California Civil Code sections 1798.83-1798.84, California residents are entitled to ask us for a notice describing what categories of personal information we share with third parties or corporate affiliates for those third parties or corporate affiliates’ direct marketing purposes. That notice will identify the categories of personal information shared with third parties and used for direct marketing purposes and the name and address of the third parties that received such personal information. If you are a California resident and want a copy of this notice, please submit a written request to the following email In your request, please specify that you want a “Your Secrett Curves California Privacy Rights Notice.” Please allow 30 days for a response.

If you are a minor under 18 and have a profile on, you may ask us to remove reviews or other content that you posted on the site by writing to  We will begin to process your request within 30 days.  Please note that processing your request does not ensure complete or comprehensive removal of content that you posted.


Secrett Curves has put various procedural, technical, and administrative measures in place to safeguard the information we collect and use. We designed our technology-enabled services to accept orders only from Web and mobile browsers that permit communication through a Secure Socket Layer (SSL). SSL is an encryption standard that provides a layer of security while information is being transmitted over the Internet.

As a matter of policy, we do not disclose details regarding our security measures as this could be beneficial information to criminals and other bad actors.

Be advised, no security safeguards or standards are guaranteed to provide 100% security. You should always use appropriate self-protection measures and practice safe browsing on all websites.

Additionally, sometimes bad actors attempt to use our brand to create fake web pages, send fake texts or emails, and conduct other illegal activities to commit fraud or attempt to breach consumers’ security.  We actively monitor for these illegal scams and shams. We provide FAQ’s and Consumer Protection Alerts in our Customer Protection Centre as we learn of these activities. If you receive anything with the Secrett Curves brand that seems suspicious, you can check to see if there is an alert on the CPC or email to customer service department.