Privacy Policy



Rainbow Tales (hereinafter “we,” “our,” “us”) is committed to protecting your privacy and maintaining a safe and enjoyable online experience.


This Privacy Policy explains how we collect, handle, store and protect personal information about you as a visitor and/or user of our website and how you can contact us and/or the supervisory authorities in the event you have questions about how we handle your personal information.


By accessing and/or using our website,, you voluntarily consent to the terms of this Privacy Policy.



Children’s Online Privacy Protection Act (COPPA)


We only collect information for people over the age of 13. If we have inadvertently collected information for anyone under the age of 13, we will delete that information from our records upon request of the child’s parent or guardian.



CAN-SPAM Act of 2003

We have taken the necessary steps to ensure that we are in compliance with the Controlling the Assault of Non-Solicited Pornography And Marketing (CAN-SPAM) Act of 2003.



Personal Information We Collect


We collect the following personal information if you choose to provide it during your interactions with us (in person; by telephone, text or email; through our website):

  • Name and contact data, such as first and last name, email address, telephone number and location.

  • Payment information.

  • Comments, testimonials, questions and any other message you share with us.

We automatically collect personal information when you:

  • Visit, interact with or use our website (see use of cookies below).

  • Access, use or download content from us.

  • Open emails or click links in emails from us.

We process personal information about you:

  • To perform a contract;

  • With your consent;

  • For our legitimate interests;

  • To comply with the law.

This includes:

  • Processing and fulfilling service requests, co-creations, downloads, subscriptions and other transactions.

  • Responding to your requests, inquiries, comments and concerns.

  • Sending marketing emails.

  • Asking for your help to improve our website, products and services.

  • Contacting you for other business reasons, as necessary.

We will never sell or trade your personal information.


We will not transfer your personal information unless we give you advance written notice or need to comply with our lawful obligations, resolve disputes and/or enforce agreements.



Use of cookies


“Cookies” are small text files placed on a computer or other device. Cookies are used to identify the user or device and to collect information when you visit a website.


We use absolutely necessary cookies, which allow you to move around our website and use its features.


With your consent, we may use performance or marketing cookies for future advertising goals and data insights about our customer’s online behavior regarding our site and products.


You can disable cookies through your web browser’s settings, but disabling this function may diminish your experience on our website as some features may not work as intended.



“Do Not Track” (DNT) Signals

Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online.



How information is shared and stored


In order to process the information as necessary to complete a transaction and/or fulfill your request, we will share information with our third-party service providers, agents and representatives, including, but not limited to eCommerce platform providers, payment processing providers, email service providers, IT service providers and security and software service providers. Information will be shared in compliance with this Privacy Policy and any other appropriate confidentiality and security measures.


We will also disclose your personal information if we have a good faith belief that such disclosure is necessary to:

  • Meet an applicable law.

  • Detect, investigate and help prevent security, fraud or technical issues.

  • Protect the rights, property or safety of, our users, employees or others.


Our current third-party service providers include:

  • Wix - Website design & domain hosting


Information Retention


We retain your personal information for as long as necessary to fulfill the transactions you have requested or for other essential purposes such as complying with our lawful obligations, maintaining business and financial records, resolving disputes, maintaining security, detecting and preventing fraud and abuse and enforcing our agreements or until such time as you let us know you would like for us to delete your information.



Information Protection and Security


Our website uses commercially acceptable security measures to prevent your personal information from being lost, used or accessed in an unauthorized way. We use a Secure Sockets Layer (SSL) certificate and never transmit your credit card information via email. If you receive an email from us that appears to be a request for personal information, do not respond because it may be a phishing scam designed to steal your personal information.


We cannot guarantee that your personal information will always be secure. Should we become aware there has been a data breach, we will immediately notify you.



Your Rights to Control Your Information


You can unsubscribe from our e-newsletters or updates at any time through the unsubscribe links found in the communications you receive from us. You can request that we delete your personal information by submitting your request on the “Connect with Us” page of our website (



General Data Protection Regulation (GDPR)


If you are covered by the GDPR, you have the following rights under European laws, and may have similar rights under the laws of other countries:

  • Right of access: to make a written request for access to and a copy of your personal information.

  • Right to rectification: to have your inaccurate personal information corrected or removed.

  • Right to erasure ('right to be forgotten'): to have your personal information erased.

  • Right to restriction of processing: to limit our use of your personal information.

  • Right to object: to object to the processing of your personal information in cases where our processing is based on direct marketing, processing for scientific/historical research and statistics, legitimate interest processing and processing in regards to the performance of a public interest or official authority task.

  • Right to data portability: to have your personal information transferred to you or a third party in machine-readable format.

  • Right to withdraw consent: to withdraw your consent that we handle your personal information at any time. The withdrawal of your consent shall not affect the lawfulness of processing based on your consent before its withdrawal.


These rights are not absolute and they do not always apply in all cases. We will honor your rights under applicable data protection rules.



Use and transfer of your information out of the European Economic Area (EEA)


This website is operated in the United States and the third parties with whom we might share your personal information (as explained above) are also located in the United States or other countries located outside the European Economic Area.


If you are located outside of the United States, please be aware that any information you provide will be transferred to the United States. By using this website, participating in any of its services and/or providing your information, you consent to this transfer.



Filing a complaint


If you are not content with how we manage your personal information, please contact us via the “Connect with Us” page of our website ( If we are unable to remedy the situation and you are covered by the GDPR, you may lodge a complaint with a supervisory authority in the European Union (or European Economic Area) state where you are a resident, work or where the alleged infringement of data protection laws took place.



Contact Us


If you want us to delete your personal information; if you have any questions, comments, complaints or suggestions in relation to data protection or this Privacy Policy; if you have any other concerns about the way we process information about you; or if you wish to change your personal information in our records, please complete the “Connect with Us” form on our website (


Changes to this Privacy Notice


This policy is effective as of 22 September, 2021. We may change, modify or update this Privacy Policy at any time. We will post notice of any such changes on our website, and we will revise the effective date of our Privacy Policy. We recommend that you check the Privacy Policy when you visit our website to be sure that you are aware of our most current policy.