Privacy Policy

Effective Date: August 16, 2025

Tonny Collectables (“Company,” “we,” “our,” or “us”) operates https://tonnycollectables.com. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit or make a purchase from our website.

Contact Email: orders@tonnycollectables.com

1. Information We Collect

Information You Provide to Us
When you use our WooCommerce-powered store, we collect:
• Full name
• Billing and shipping address
• Email address
• Phone number
• Order details
• Account login information (if registered)
• Comments or reviews
• Communications you send to us
Payment information is processed securely through third-party payment gateways. We do not store full credit card numbers on our servers.
B. Automatically Collected Information
We may collect IP address, browser type, device information, referring website, pages visited, and timestamps for analytics, fraud prevention, and security monitoring.
C. Comments
We collect comment form data, IP address, and browser user agent string. An anonymized email hash may be shared with Gravatar. Approved comments may display your profile image publicly.
D. Media Uploads
Avoid uploading images with embedded location data (EXIF GPS). Visitors may extract such data from images.

2. WooCommerce & WordPress Data Processing

Our website operates on WordPress with WooCommerce. These systems:
• Store order and customer data
• Use cookies for cart functionality
• Maintain session data for checkout
• Store account information
• Log failed login attempts for security

WooCommerce stores order data for tax and legal compliance.

3. Cookies & Tracking Technologies

We use cookies to enable shopping cart functionality, process checkout, remember login sessions, store preferences, improve performance, and detect fraud.

You may disable cookies in your browser settings, though checkout functionality may not work properly.

4. How We Use Your Information

We use personal information to:
• Process and fulfill orders
• Provide customer support
• Prevent fraud
• Comply with legal obligations
• Improve website performance
• Send transactional emails

We do not sell personal information.

5. How We Share Information

We may share your information with payment processors, shipping carriers, hosting providers, IT/security providers, tax professionals, and law enforcement when legally required.

If you request a password reset, your IP address will be included in the reset email.

6. Data Retention

We retain:
• Order information for tax and accounting compliance
• Account information while active
• Comments indefinitely
• Security logs for fraud prevention

Data may be retained longer where required by law.

7. New York SHIELD Act Compliance

We comply with the New York SHIELD Act by implementing reasonable administrative, technical, and physical safeguards including:
• Secure hosting environments
• SSL encryption
• Access controls
• Limited administrative access
• Routine software updates
• Malware scanning and monitoring
• Payment tokenization

In the event of a data breach affecting New York residents, we will provide notification as required by law.

8. CCPA-Style Consumer Rights

You have the right to:
• Know what personal information we collect
• Access your personal information
• Request deletion (subject to legal exceptions)
• Request correction of inaccurate data
• Non-discrimination for exercising privacy rights

To submit a request, email: orders@tonnycollectables.com

We do not sell or share personal information for cross-context behavioral advertising.

9. Children’s Privacy

Our website is not directed to children under 13. We do not knowingly collect personal information from children.

10. Data Security

We implement SSL encryption, secure payment processing, firewall protection, access controls, and routine system updates. However, no internet transmission is completely secure.