top of page

Privacy Policy

Last Updated: November 18, 2025

Ms. Toma’s Creations (“we,” “our,” or “us”) is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or make a purchase through our online shop. By using our website, you agree to the practices described in this policy.

1. Information We Collect

We may collect the following types of personal information:

  • Contact information: name, email address, phone number, and mailing address.

  • Payment information: credit/debit card details or other payment method information (processed securely through Wix Payments or other payment providers).

  • Purchase history and preferences: products you buy or are interested in.

  • Website usage information: Our website is built on Wix, which may automatically collect basic information such as your device type, browser, general location (city/region based on your IP address), pages viewed, time spent on the site, and cookie/analytics data that help the site function smoothly. Messages you submit through our contact form are stored in our Wix account so we can respond.

2. How We Collect Your Information

  • Directly from you when you:

    • Subscribe to our newsletter

    • Make a purchase

    • Contact us via forms or email

  • Automatically through website tracking tools and analytics (e.g., cookies and Wix analytics).

3. How We Use Your Information

Your information is used for purposes including, but not limited to:

  • Fulfilling orders and delivering products or services.

  • Communicating with you regarding your account, orders, or inquiries.

  • Sending newsletters, promotions, and updates (if you have opted in).

  • Improving our website, services, and customer experience.

  • Complying with legal and regulatory obligations.

For visitors in the European Union and the United Kingdom, we process personal data based on the following General Data Protection Regulation (GDPR) legal bases:

  • Consent: You have given consent for one or more specific purposes (e.g., marketing communications)

  • Contractual necessity: Data processing is necessary to fulfill your orders or provide our services

  • Legitimate interests: Processing is necessary for the operation and improvement of our website and services, provided it does not override your rights

4. Sharing Your Information

We do not sell or rent your personal information to third parties. We may share your information only as necessary, such as:

  • With service providers and business partners who help us operate our website, process payments, or deliver products (e.g., Wix, payment processors, shipping providers).

  • To comply with legal requirements or respond to lawful requests by authorities.

  • To protect our rights, safety, or property, or that of our users or others.

Note: If you follow external links from our website, we are not responsible for the privacy practices of those sites.

5. Data Retention

We retain your personal information only as long as necessary to provide our services, fulfill legal obligations, resolve disputes, and enforce agreements.

6. Your Rights

Under Canadian privacy law, you have the right to:

  • Access and request a copy of the personal information we hold about you.

  • Request corrections to your personal information.

  • Withdraw your consent for marketing communications at any time.

  • Request that we delete your personal information, subject to legal or contractual obligations.

EU/UK (GDPR)

For visitors from the European Union and the United Kingdom, your personal data is protected under the General Data Protection Regulation (GDPR) and related UK data protection laws. In addition to the above, you have the following rights:

  • Right to be informed

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to restrict processing

  • Right to data portability

  • Right to object to processing

To exercise these rights, please contact us at: hello.mstoma@gmail.com

You may opt out of newsletters or promotional emails at any time by:

7. Protecting Your Information

In order to protect your security, we use the strongest available browser encryption and store all data on servers in secure facilities. All personal information is only accessible to the website administrators.

While we take all reasonable precautions to ensure that user data is secure and that users are protected, there is always a residual risk. The Internet as a whole can be insecure at times, and therefore, we cannot guarantee the security of user data beyond what is reasonably practical.

8. Cookies and Tracking Technologies

Our website may use cookies and similar tracking technologies to enhance your experience, analyze trends, and improve website functionality. You may manage or disable cookies through your browser settings; however, some features may not function properly without them.

9. Children’s Privacy

We do not knowingly collect or use personal data from children under 16 years of age. If we learn that we have collected personal data from a child under 16, we will delete it as soon as possible. Parents or guardians of a child under 16 who has provided personal data may contact our privacy officer to request access or deletion.

10. Updates to This Policy

We may update this Privacy Policy from time to time. Updated policies will be posted on this page with the “Effective Date” updated accordingly.

11. Contact

If you have questions about this Privacy Policy or how we handle your personal information, please contact us at hello.mstoma@gmail.com

bottom of page