Information Security

At Timtommy Bucket Hat, protecting the privacy and security of our customers is one of our highest priorities. This Information Security Policy outlines how we collect, store, and protect customer data when you use our services on jeryhoutston.com. Please read carefully, as using our website constitutes agreement with the following terms.

1. Introduction
We understand that in the digital age, customer trust is built upon strong protection of personal data. Our Information Security Policy is designed to safeguard sensitive information from unauthorized access, alteration, loss, or misuse. Whether you are browsing our store, signing up for an account, or completing a purchase, you can rest assured that we take extensive measures to keep your information secure.

2. Information We Collect
When you shop on our website, we may collect the following data:

  • Personal details: name, shipping address, billing address, email, and phone number.

  • Payment information: credit/debit card details, PayPal account, or other payment gateway data (processed securely and never stored in plain text).

  • Order history: details of items purchased, frequency of purchases, and delivery preferences.

  • Technical information: IP address, browser type, device type, operating system, and cookies for website functionality.

  • Communication records: customer inquiries, emails, and live chat messages for support purposes.

3. Purpose of Data Collection
Data collected is used for:

  • Processing and fulfilling customer orders.

  • Communicating order updates and shipping details.

  • Providing customer service and support.

  • Offering promotional content, newsletters, and personalized recommendations (with consent).

  • Detecting and preventing fraudulent activities.

  • Improving our website experience through analytics and user behavior insights.

4. Data Storage and Security Measures
All collected information is stored on secure servers. We implement industry-standard practices, including SSL encryption for all data transmissions, firewalls for protection against intrusions, and regular backups to ensure data integrity. Customer payment information is never stored on our servers but processed through certified third-party payment gateways that comply with PCI DSS (Payment Card Industry Data Security Standards).

5. Access Control
Only authorized staff with relevant duties have access to customer information. Access is strictly role-based, ensuring employees can only view the information necessary to perform their tasks. Internal policies prevent unauthorized sharing or misuse of data.

6. User Account Protection
Customers who register an account at jeryhoutston.com are responsible for maintaining the confidentiality of their login credentials. We encourage the use of strong passwords containing letters, numbers, and special characters. Customers should immediately notify us at [email protected] if they suspect unauthorized access to their account. We will reset credentials and take preventive measures.

7. Cookie Usage
Our website uses cookies to enhance functionality and improve the shopping experience. Cookies may track browsing behavior, cart items, or login sessions. Customers can disable cookies in their browser settings, though this may limit certain features.

8. Third-Party Services
We may use third-party services for payment processing, shipping logistics, or analytics. All third parties are carefully selected to ensure compliance with data protection standards. We do not sell or trade customer data to third parties for profit.

9. Data Retention
Customer data is retained only as long as necessary for business purposes or as required by law. Once no longer needed, data is securely deleted or anonymized. For example, tax regulations may require us to retain invoices for a set period, but personal identifiers may be removed after fulfillment.

10. Data Breach Protocol
In the event of a security breach, our team will take immediate steps to contain the issue, notify affected customers, and cooperate with relevant authorities. Customers will be informed via email about the scope of the breach, potential risks, and recommended protective actions.

11. Children’s Privacy
We do not knowingly collect data from children under 13. If such data is mistakenly collected, it will be deleted promptly upon discovery.

12. Customer Rights
Customers may request access to, correction of, or deletion of their personal data. To exercise these rights, please contact us at [email protected] We will respond within the legally required timeframe.

13. International Data Transfers
Because we ship worldwide, customer data may be processed in different jurisdictions. In such cases, we ensure data transfers comply with applicable laws, including GDPR for EU customers.

14. Policy Updates
We reserve the right to update this Information Security Policy to reflect evolving legal requirements, technology, or business practices. Updated versions will be posted on jeryhoutston.com, and customers will be notified via email if significant changes occur.

15. Final Statement
By using Timtommy Bucket Hat, you agree to this Information Security Policy. Our commitment is to provide a safe, transparent, and trustworthy shopping environment. If you have concerns, please reach out at [email protected]