Privacy Policy

This Privacy Policy describes how (the “Site” or “we”) collects, uses, and discloses your Personal Information when you visit or make a purchase from the Site.

Collecting Personal Information

When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support. In this Privacy Policy, we refer to any information that can uniquely identify an individual (including the information below) as “Personal Information”. See the list below for more information about what Personal Information we collect and why.

Device Information

  • Examples of Personal Information collected: version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the Site.
  • Purpose of collection: to load the Site accurately for you, and to perform analytics on Site usage to optimize our Site.
  • Source of collection: Collected automatically when you access our Site using cookies, log files, web beacons, tags, or pixels.
  • Disclosure for a business purpose: shared with our processors Shopify, PayPal, and Venmo. This information is also shared with our advertisers Google, Facebook, Instagram and Pinterest. We also share this information with the GDPR Cookie Bar +ePrivacy Page plugin developed by Pandectes, to be compliant with applicable international privacy laws.

    Order Information

    • Examples of Personal Information collected: name, billing address, shipping address, payment information (including credit card numbers debit card numbers, third party payment processor account usernames, such as PayPal and Venmo), email address, and phone number.
    • Purpose of collection: to provide products or services to you to fulfill our contract, to process your payment information, arrange for shipping, and provide you with invoices and/or order confirmations, communicate with you, screen our orders for potential risk or fraud, and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
    • Source of collection: collected from you.
    • Disclosure for a business purpose: shared with our payment processors Shopify, PayPal and Venmo. Some of this information may also be shared with our sales channel partners Google, Facebook, Instagram, and Pinterest. Name, shipping address, email address and phone number without billing or payment information included, may also be shared with our third-party suppliers and shipping partners to fulfill and ship your products to you.

      Customer Support Information

      • Examples of Personal Information collected: name, billing address, shipping address, email address, and phone number.
      • Purpose of collection: to provide customer support.
      • Source of collection: collected from you.
      • Disclosure for a business purpose: This information may be shared with Shopify, MailChimp, OmniSend, Ryviu and/or Zapier.

        Information You Provide to  Social Media Platforms

        We may maintain pages for our Company on social media platforms, such as Facebook, Instagram, Pinterest, Twitter, Google and other third-party platforms. When you visit or interact with our pages on those platforms, the platform provider’s privacy policy will apply to your interactions and their collection, use and processing or your personal information. You or the platforms may provide us with information through the platform, and we will treat such information in accordance with this Privacy Policy. 

        If you choose to login to the Services via a third-party platform or social media network, or otherwise connect your account on the third-party platform or network to your account through the Services, we may collect information from that platform or network. For example, this information may include your Facebook username, user ID, profile picture, cover photo, and networks to which you belong (e.g., school, workplace). You may also have the opportunity to provide us with additional information via the third-party platform or network, such as a list of your friends or connections and your email address.  You can read more about your privacy rights and choices in the “Your Rights and Choices” section below.   

        Sharing Personal Information

        Our Services may contain features or links to websites and services provided by third parties. Any information you provide via these websites or services is provided directly to these third-party operators and is subject to their privacy policies, even if accessed through our Services. We encourage you to learn about these third parties’ policies before providing them with your Personal Data.

        In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.  

        However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.

        For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.  

        In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So, if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

        Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

        We may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

        • PayPal- Used to process PayPal transactions when checking out on Grace Through Grit Co websites. PayPal has achieved PCI DSS compliance certification. PayPal Privacy Policy

        If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

        All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. 

        PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

        Grace Through Grit Co does not store or have access to your credit card details. Our websites are powered by Shopify who are certified Level 1 PCI DSS compliant. More information can be found here.

        • We use GDPR Cookie Bar +ePrivacy Page, a Shopify plugin developed by Pandectes, to be compliant with applicable international privacy laws and process privacy requests such as data inquiry requests, data portability requests, data rectification requests, data deletion requests, data restriction requests, data objection requests, and consent withdrawal requests. Pandectes Privacy Policy

        • Google Analytics - We use Google Analytics to better understand audience behavior on our websites and to help us improve the user experience. We do not use personally identifiable data through this service. Google’s Privacy Policy

          You can also opt-out of Google Analytics here:

          • Google Adwords - We utilize Google Adwords and other similar Google services for advertising purposes, which includes remarketing through the use of cookies. Visit Google’s Privacy Policy for a full understanding of the data shared by Google to advertisers.

            You can opt-out of Google’s targeted marketing here:


            We share information about your use of the Site, your purchases, and your interaction with our ads on other websites with our advertising partners, such as Facebook, Instagram and Pinterest. We collect and share some of this information directly with our advertising partners, and in some cases through the use of cookies or other similar technologies (which you may consent to, depending on your location).

            • Facebook- We utilize Facebook for advertising purposes, which includes remarketing through the use of cookies. We do not use personally identifiable data through this service. Facebook Privacy Policy

              You can opt-out of targeted Facebook Ads here:


              • Instagram – We utilize Instagram for advertising purposes, which provide remarketing through the use of cookies. We do not use personally identifiable data through this service. Instagram Privacy Policy
              • Pinterest – We utilize Pinterest for advertising purposes, which provide remarketing through the use of cookies. We do not use personally identifiable data through this service. Pinterest Privacy Policy

                For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at:


                Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at:

                • We use Shopify, MailChimp and/or OmniSend to obtain email subscribers interested in updates regarding new Grace Through Grit Co products, sales or other information. Users can opt-out of their subscription by simply using the unsubscribe link in any email sent from Grace Through Grit Co. Shopify, MailChimp, and OmniSend also hold your order details passed through from Shopify so that we can better deliver relevant content that you would most likely be interested in. Mailchimp Privacy Policy   OmniSend Privacy Policy
                • Zapier- Used to pass information from one platform to another. The Zapier platform is simply a gateway and only temporarily holds data when necessary. Zapier Privacy Policy
                • Ryviu - We like to hear what our customers think of us, so we use the Ryviu Service to collect customer reviews. Depending on the level of feedback, some personally identifiable user data may be collected. Ryviu Privacy Policy

                Using Personal Information

                We use your personal Information to provide our services to you, which includes: offering products for sale, processing payments, shipping and fulfillment of your order, and keeping you up to date on new products, services, and offers.


                When you place an order through the Site, we will retain your Personal Information for our records unless and until you ask us to erase this information. For more information on your right of erasure, please see the ‘Your Rights’ section below.

                Automatic Decision-Making

                If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.

                We DO NOT engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.

                Our processor Shopify uses limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.

                Services that include elements of automated decision-making include:

                • Temporary denylist of IP addresses associated with repeated failed transactions. This denylist persists for a small number of hours.
                • Temporary denylist of credit cards associated with denylisted IP addresses. This denylist persists for a small number of days.

                  Selling Personal Information

                  Grace Through Grit Co does not sell personal information to third parties.  As we explain in this Privacy Policy, we use cookies and other tracking technologies to analyze website traffic and facilitate advertising. If you would like to opt out of our (and our third-party advertising partners’) use of cookies and other tracking technologies, please review the instructions provided in this policy.

                  Your Rights


                  If you are a resident of the EEA, you have the right to access the Personal Information we hold about you, to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the GDPR Requests Link at the bottom of the website or via the contact information provided below.

                  Your Rights and Choices

                  Unless otherwise provided under applicable law, you have the following rights:

                  • Access and Portability. You may ask us to provide you with a copy of the Personal Data we maintain about you, including a machine-readable copy of the Personal Data that you have directly provided to us, and request information about its processing.
                  • Rectification and Deletion. You may ask us to update and correct inaccuracies in your Personal Data, or to have the information anonymized or deleted, as appropriate.
                  • Restriction and Objection. You may ask us to restrict the processing of your Personal Data, or object to such processing.
                  • Consent Withdrawal. You may withdraw any consent you previously provided to us regarding the processing of your Personal Data, at any time and free of charge. We will apply your preferences going forward and this will not affect the lawfulness of the processing before you withdrew your consent.
                  • Complaint. You may lodge a complaint with a supervisory authority, including in your country of residence, place of work, or where an incident took place.

                  You may exercise these rights by contacting us using the contact details at the end of this Policy. Note that there are exceptions and limitations to each of these rights, and that we may nevertheless retain Personal Data about you where we reasonably believe that we have a legitimate reason to do so.

                  International Data Transfers

                  We may transfer your Personal Data outside of Europe and, in particular, to USA and other non-European countries, where the level of protection of Personal Data may be different than in your country. If we do so, we will comply with applicable data protection laws, in particular by relying on an EU Commission adequacy decision, rely on contractual protections for the transfer of your Personal Data, on Binding Corporate Rules or on the EU-U.S. Privacy Shield framework. For more information about how we transfer Personal Data outside of Europe, or to obtain a copy of the contractual safeguards we use for such transfers, please contact us as specified below.

                  Your Personal Information will be initially processed in Ireland and then will be transferred outside of Europe for storage and further processing, including to Canada and the United States. For more information on how data transfers comply with the GDPR, see Shopify’s GDPR Whitepaper:

                  Data Security and Data Retention

                  We use physical, managerial, and technical safeguards that are designed to improve the integrity and security of Personal Data that we collect, maintain and otherwise process. We take measures to delete your Personal Data or keep it in a form that does not permit identifying you when this information is no longer necessary for the purposes for which we process it, unless we are required by law to keep it for a longer period. When determining the retention period, we take into account various criteria, such as the type of products or services provided to you, the nature and length of our relationship with you, mandatory retention periods and the statute of limitations.


                  A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.

                  We may use the following cookies to optimize your experience on our Site and to provide our services.

                  Cookies Strictly Necessary for the Functioning of the Store:




                  Used in connection with access to admin.


                  Used in connection with navigation through a storefront.


                  Used in connection with shopping cart.


                  Used in connection with shopping cart.


                  Used in connection with checkout.


                  Used in connection with checkout.


                  Used in connection with shopping cart.


                  Used in connection with checkout.


                  Used in connection with checkout.


                  Used in connection with navigation through a storefront.


                  Used in connection with merchant login.


                  Used in connection with checkout.


                  Used in connection with checkout.


                  Used in connection with checkout.


                  Used in connection with checkout.


                  Used in connection with customer login.


                  Used in connection with customer login.


                  Used in connection with checkout.


                  Used for managing customer privacy settings.


                  Used for managing customer privacy settings.


                  Used for managing customer privacy settings.


                  Used to facilitate updating customer account information.


                  Tracking preferences.


                  Used in connection with checkout.


                  Used in connection with checkout.


                  Used for privacy and consent compliance.

                  Performance Cookies Used for Reporting and Analytics:




                  Track landing pages.


                  Track landing pages.


                  Shopify analytics.


                  Shopify analytics.


                  Shopify analytics.


                  Shopify analytics.


                  Shopify analytics relating to marketing & referrals.


                  Shopify analytics relating to marketing & referrals.


                  Shopify analytics.


                  Shopify analytics.


                  Google analytics.


                  Google analytics.


                  Google analytics.


                  Pinterest analytics.


                  Facebook analytics relating to store visits across websites.

                  Information Collected from Other Sources

                  • Third Parties. We obtain Personal Data about you from third parties, such as Outbound marketing vendors and others. This information may include Outbound marketing lists and other similar information.

                    Information We Collect by Automated Means

                    • Social media. We may collect Personal Data via social media tools, widgets, or plug-ins to connect you to your social media accounts. These features may allow you to sign in through your social media account, share a link, or post directly to your social media account. When you visit a website that contains such tools or plugins, the social media or other service provider may learn of your visit. Your interactions with these tools are governed by the privacy policies of the corresponding social media platforms.
                    • Cookies. We collect Personal Data via cookies and similar technologies (see table above for more information).

                      How We Use Personal Data

                      We use the Personal Data we collect for the following purposes:

                      • Provide, operate, maintain, and improve the Service to you.
                      • Provide information about our products and services to you. 
                      • Establish and maintain your user profile on the Service.
                      • Facilitate your ability to login to the Services via third-party identity and access management providers, such as Facebook.
                      • Fulfill any order(s) you place with us, including to facilitate shipping and returns.
                      • Operate and communicate with you about events or contests in which you participate.
                      • Provide support and maintenance for the Services to you.
                      • To display user testimonials and feedback.  We often receive testimonials and comments from users who have had positive experiences with our Products and Services.  We occasionally publish such content. When we publish this content, we may identify our users by their first and last name and may also indicate their home city.  We obtain the user’s consent prior to posting his or her name along with the testimonial. In addition, we may post user feedback on the Site from time to time. We will share your feedback with your approve name only.  If you make any comments on a blog or forum associated with our Site, you should be aware that any personal data you submit there can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages.  We are not responsible for the personally identifiable information you choose to submit in these blogs and forums. 
                      • Communicating with You, including to contact you for administrative purposes (e.g., to provide services and information that you request or to respond to comments and questions) or to send you marketing communications, including updates on promotions and events, relating to products and services offered by us.
                      • Personalization, including to customize our Services to you and provide you with the most relevant marketing and advertising materials.
                      • Analytics and Product Development, including to analyze usage trends and preferences in order to improve our Services, and to develop new products, services, and features.
                      • Customer and Vendor Relationship Management, including to track emails, phone calls, and other actions you have taken as our customer or vendor.
                      • Aggregation. We may aggregate or otherwise de-identify Personal Data and use the resulting information for statistical analysis.
                      • Administrative and Legal, such as to address administrative issues or to defend our legal rights and to comply with our legal obligations and internal policies.

                        Legal Basis for the Processing of Personal Data

                        We rely on a legal basis to process your Personal Data, including:

                        • Consent. You have consented to the use of your Personal Data, for example to send you electronic marketing communications or for the use of certain cookies.
                        • Contract. We need your Personal Data to provide you with our Services and to respond to your inquiries.
                        • Legal Obligation. We have a legal obligation to use your Personal Data, for example to comply with tax and accounting obligations.
                        • Legitimate Interest. We or a third party have a legitimate interest in using your Personal Data, for example we have a legitimate interest in using your Personal Data for product development and analytics purposes. We only rely on this legal basis when our or a third party’s legitimate interests are not overridden by your rights and interests.

                          How We Disclose Personal Data

                          We may disclose Personal Data about you in the following circumstances:

                          • Group Entities. We may disclose Personal Data about you to our affiliates and subsidiaries.
                          • Public Posts. Any information that you voluntarily choose to post to a publicly accessible area of our Services will be available to anyone who has access to that content.
                          • Service Providers. We work with third-party service providers to provide services such as hosting, maintenance, and support. These third parties may have access to or process your Personal Data as part of providing those services to us.
                          • Legal. We may disclose your Personal Data if we believe, in good faith, that this is appropriate (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations; (f) to protect our rights, privacy, safety, or property, and/or that of our affiliates, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
                          • Merger. Information about our users, including Personal Data, may be disclosed and otherwise transferred to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.
                          • Aggregated Information. We may use and disclose aggregated or otherwise de-identified information for any purpose, unless we are prohibited from doing so under applicable law.

                          The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.

                          You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.

                          Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as

                          Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Sharing Personal Information” section above.

                          Do Not Track

                          Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.


                          The Site is not intended for individuals under the age of 16. We do not intentionally collect Personal Information from children. If you are the parent or guardian and believe your child has provided us with Personal Information, please contact us at the address below to request deletion.


                          We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.


                          You can make requests related to GDPR privacy rights by using the GDPR Requests link at the bottom of our website, by contacting us via email at: and include “Privacy Request” in the subject line, or by mail using the details provided below:


                          Grace Through Grit Co

                          Attention: Privacy Requests

                          3941 Park Drive #699 STE 20

                          El Dorado Hills, CA 95762, United States


                          Please be aware that we do not accept or process requests through other means (e.g., via fax, social media, phone, etc.) 

                          When you make a request, we may ask you to provide verifying information, such as your name, email, and/or phone number. We will review the information provided and may request additional information via email or other means to ensure we are interacting with the correct individual. Please also be aware that making any such request does not ensure complete or comprehensive removal or deletion of Personal Information or content you may have posted, and there may be circumstances in which the law does not require or allow us to fulfill your request.

                          Last updated: 1/1/2021

                          If you are not satisfied with our response to your complaint, you have the right to lodge your complaint with the relevant data protection authority. You can contact your local data protection authority, or our supervisory authority here:

                          Not enough items available. Only [max] left.
                          Shopping cart

                          Your cart is empty.

                          Return To Shop

                          Add Order Note Edit Order Note