Privacy policy
TOUCH OF MODERN
Privacy Policy
Last modified: May 9, 2026
Introduction
TOMO Services LLC, a Delaware limited liability company, d/b/a Touch of Modern (“Touch of Modern,” “we,” “us,” or “our”) has been building relationships with our customers based on respect and integrity. We appreciate the trust and confidence you place in us when you visit us at touchofmodern.com (the “Website”), the mobile application offered by Touch of Modern (the “App”), and when you do business with us (collectively, the “Services”). Touch of Modern is powered by Shopify, which enables us to provide the Services to you.
Your privacy is important to us. Please read this Touch of Modern Privacy Policy (the “Policy”) to learn about the information that Touch of Modern collects from you and how Touch of Modern uses and discloses that information.
By accessing or using the Services, you acknowledge that you have read this Policy and understand the collection, use, and disclosure of your information as described in it. This Policy may change from time to time (see “Changes to This Privacy Policy”). Where required by applicable law, we will provide notice of material changes.
Notice at Collection
The matrix below summarizes the categories of personal information we collect about consumers, the categories of sources, the purposes for which we use the information, the categories of recipients to whom we disclose it, whether we “sell” or “share” it (as those terms are defined under California, Virginia, Colorado, Connecticut, Texas, Oregon, and other state privacy laws), and the period or criteria we use to determine how long we retain the information. This matrix is provided as a summary; defined terms and detailed descriptions follow.
|
Category of Personal Information |
Sources |
Purposes of Use |
Categories of Recipients |
Sold or Shared? |
Retention |
|
Identifiers (name, postal address, email, phone, account ID, online identifiers) |
Directly from you; automatically from your device; from service providers and partners |
Provide the Services; account management; customer support; marketing and advertising; security and fraud prevention; legal compliance |
Shopify (host); service providers (payment, fulfillment, support, marketing, analytics); ad and marketing partners; affiliates; legal/governmental recipients |
Yes — “shared” for cross-context behavioral advertising. Not sold for monetary consideration. |
While account active and for up to 7 years after account closure to meet tax, accounting, audit, and dispute-resolution obligations. |
|
Account log-in credentials (sensitive PI: username, password, security questions) |
Directly from you |
Authenticate your account; security; fraud prevention |
Service providers performing authentication and security; Shopify |
No |
While account active. Hashed credentials only; no plaintext passwords retained. |
|
Financial / payment information (sensitive PI: card-network token, last 4, transaction ID) |
Directly from you; from payment processors |
Process payments and refunds; chargeback management; fraud prevention; legal/tax compliance |
Payment processors (Shopify Payments and other PCI-DSS-compliant processors); fraud-prevention vendors |
No |
7 years from transaction date for tax, audit, and chargeback purposes. Full primary-account numbers are not stored on our systems; we retain processor-issued tokens and the last four digits of the card. |
|
Commercial information (purchases, returns, cart, wishlist, browsing of Products) |
Automatically from your interactions with the Services |
Provide the Services; personalization and recommendations; marketing; analytics; fraud prevention |
Shopify; service providers; ad and marketing partners; analytics providers |
Yes — “shared” for cross-context behavioral advertising |
7 years from transaction date for tax, audit, and dispute purposes; aggregated/de-identified data may be retained longer. |
|
Communications content (customer-support messages, reviews, survey responses, social-media interactions you initiate with us) |
Directly from you |
Customer support; quality assurance; legal and compliance; product development |
Customer-support and review platforms; service providers; legal/governmental recipients |
No |
Up to 3 years following resolution of the inquiry, unless a longer period is required by law or to defend a legal claim. |
|
Device and usage information (IP address, IDFA/AAID, browser type, OS, pages visited, clickstream) |
Automatically from your device, cookies, SDKs, and pixels |
Provide the Services; security; analytics; personalization; advertising and marketing |
Shopify; analytics providers; advertising and ad-tech partners; security and fraud-prevention vendors |
Yes — “shared” for cross-context behavioral advertising |
Up to 24 months in raw form; aggregated/de-identified data may be retained longer. |
|
Precise geolocation (sensitive PI; only when you affirmatively enable location services in the App) |
Automatically from your device |
Provide location-dependent Services features (e.g., shipping-zone preview) |
Service providers performing geolocation and address-verification |
No |
Not retained beyond the session in which the feature is used, except in aggregated/de-identified form. |
|
Inferences (preferences, predicted characteristics, propensity scores) |
Generated by us from the categories above |
Personalization and recommendations; marketing; advertising; fraud prevention |
Shopify; analytics providers; advertising and ad-tech partners |
Yes — “shared” for cross-context behavioral advertising |
Up to 24 months unless deleted earlier on request or refreshed by new activity. |
Definitions: “Sold” and “shared” have the meanings given in California Civil Code §1798.140 and analogous provisions of other state privacy laws. “Shared” specifically refers to disclosing personal information to a third party for cross-context behavioral advertising. We do not exchange personal information for monetary consideration.
You may exercise rights with respect to this personal information — including the right to opt out of sale, sharing, and targeted advertising; the right to limit use of sensitive personal information; and the right to know, delete, correct, and obtain a copy — as described in “Your Rights and Choices” below.
Personal Information We Collect
We collect several types of information from and about users of the Services. When we use the term “personal information,” we are referring to information that identifies or can reasonably be linked to you. Personal information does not include information that has been aggregated or de-identified so that it cannot reasonably identify you. The categories listed in the Notice at Collection above are described in more detail in this section.
• Identifiers. Name, postal address, email address, telephone number, date of birth (if provided), online identifiers, and any other identifier by which you may be contacted online or offline.
• Account information. Username, password, security questions, preferences, and settings.
• Financial information. Tokens issued by our payment processors, the last four digits of payment cards, financial-account information, transaction details, form of payment, and payment confirmation. We do not store full primary-account numbers on our systems.
• Commercial / transaction information. The items you view, put in your cart, add to your wishlist, or purchase, return, exchange, or cancel; payment confirmation; and your past transactions.
• Communications information. The contents of any messages or files you send to us through customer support, surveys, reviews, or social media.
• Device and usage information. Device identifiers (such as IP address, IDFA, AAID, and browser fingerprint), operating system, browser type, traffic data, and information about how and when you interact with or navigate the Services.
• Inferences. Inferences drawn from any of the above to create a profile reflecting your preferences, characteristics, or predispositions, used for personalization, marketing, and recommendations.
Sources of Personal Information
We collect this information:
• Directly from you when you provide it to us, such as when you create an account, place an order, sign up for marketing, or contact us.
• Automatically as you navigate through the Services, including through cookies, web beacons, advertising pixels, SDKs, and other tracking technologies.
• From our service providers and processors (including Shopify, our payment processors, fraud-prevention providers, fulfillment providers, marketing/email/SMS partners, and customer-support tools).
• From advertising and marketing partners that share data about your interactions with their services.
• From publicly available sources and from co-branding, partner, or referral relationships.
How We Use Your Personal Information
We use information that we collect about you or that you provide to us, including any personal information, for the following purposes:
• Provide the Services. To provide, operate, and improve the Services, including to perform our contract with you, process payments, fulfill orders, manage your account, arrange shipping and returns, and create a customized shopping experience.
• Marketing and Advertising. To send marketing, advertising, and promotional communications by email, text message, or postal mail (with your consent where required), and to show you online advertisements based on items you have purchased or added to your cart and other activity on the Services.
• Personalization and Recommendations. To recommend products, generate inferences about your preferences, and tailor the Services to your interests.
• Security and Fraud Prevention. To authenticate your account, provide a secure payment and shopping experience, and detect, investigate, or take action regarding possible fraudulent, illegal, unsafe, or malicious activity. This includes the use of automated tools and machine-learning models.
• Customer Support and Communication. To respond to your questions, requests, and complaints; to provide effective service; and to maintain our business relationship with you.
• Legal and Compliance. To comply with applicable law or respond to valid legal process, including requests from law enforcement or government agencies; to investigate or participate in civil discovery, potential or actual litigation, or other adversarial legal proceedings; and to enforce or investigate potential violations of our terms or policies.
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
We do not sell your personal information to third parties for them to train generative artificial intelligence models without your consent. We may use AI and automated decision-making in connection with the Services for personalization, fraud prevention, customer-support routing, and similar operational purposes — see “Automated Decision-Making and Profiling” below.
How We Disclose Personal Information
In certain circumstances, we may disclose your personal information to third parties for legitimate purposes subject to this Privacy Policy. The categories of third parties to whom we disclose personal information, and the purposes for which we disclose it, are:
• Shopify. As described in “Relationship with Shopify” below, Shopify hosts the Services and processes personal information about your access to and use of the Services in order to provide and improve the Services for us.
• Service providers and processors. Vendors and other third parties that perform services on our behalf, including (by category): payment processing, fraud prevention and chargeback management, fulfillment and shipping, returns processing, customer support, email and SMS messaging, marketing and advertising operations, analytics, hosting, infrastructure, sales-tax calculation, and IT support. We require these vendors to use personal information only as necessary to provide services to us and to maintain appropriate confidentiality and security safeguards.
• Advertising and marketing partners. Advertising networks, social media platforms, ad-tech vendors, and third-party publishers that help us deliver advertisements about our Products to you and to others like you. Some of these activities constitute a “sale” or “sharing” of personal information under California, Virginia, Colorado, Connecticut, Texas, Oregon, and other state laws, and you can opt out as described in “Your Rights and Choices.”
• Affiliates. Our subsidiaries and affiliates for purposes consistent with this Policy.
• Business transactions. In connection with a merger, acquisition, financing, reorganization, business bankruptcy, receivership, or sale of all or substantially all of our assets, in which case personal information may be transferred or disclosed to the prospective or eventual acquirer or successor.
• Legal and safety. To comply with any applicable legal obligation (including subpoenas, search warrants, court orders, and similar requests), to enforce or apply our Terms of Service and other agreements, and to protect the rights, property, or safety of Touch of Modern, our affiliates, our customers, or others.
• With your direction or consent. When you direct, request us, or otherwise consent to our disclosure of certain information to third parties, such as through your use of social media widgets or login integrations.
Within the past 12 months, we have disclosed each of the categories of personal information described in “Personal Information We Collect” to one or more of the categories of recipients listed above for the business purposes described in “How We Use Your Personal Information.”
Sensitive Personal Information
Some of the personal information we collect is considered “sensitive” under California, Connecticut, Virginia, Colorado, Texas, and other state privacy laws. The sensitive categories we collect are:
• Account log-in credentials (such as your username and password).
• Financial-account information used to process payments (such as the last four digits of a payment card and authorization tokens received from our payment processor).
• Precise geolocation, only where you affirmatively enable location services in the App.
We use sensitive personal information only for purposes that are necessary to provide the Services and that are permitted under applicable law (for example, processing payments, authenticating your account, preventing fraud, and complying with legal obligations). We do not use or disclose sensitive personal information for the purpose of inferring characteristics about you. We do not sell sensitive personal information. California residents may exercise the right to limit our use of sensitive personal information as described under “Your Rights and Choices.”
Cookies, Tracking Technologies, and Targeted Advertising
As you navigate through and interact with the Services, we may use automatic data-collection technologies to collect certain information about your equipment, browsing actions, and patterns, including details of your visits, IP address, operating system, and browser type. We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking).
The technologies we use for this automatic data collection may include:
• Cookies. Small files placed on your device. You may refuse to accept browser cookies by activating the appropriate setting on your browser, but if you do so you may be unable to access certain parts of the Services.
• Web Beacons / Pixels. Small electronic files (also referred to as clear gifs, pixel tags, or single-pixel gifs) used, for example, to count users who have visited certain pages or opened an email and for other related Service statistics.
• SDKs and similar technologies. In the App, we may use software development kits and similar technologies provided by analytics, advertising, and crash-reporting vendors.
Some content or applications, including advertisements, on the Services are served by third parties — including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use the Services. The information they collect may be associated with your personal information or they may collect information about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.
Targeted Advertising and the Right to Opt Out
Some of our advertising and marketing activities involve sharing personal information with third parties for cross-context behavioral advertising or otherwise constitute a “sale” or “sharing” of personal information under California, Virginia, Colorado, Connecticut, Texas, Oregon, Montana, Delaware, and other state laws. You can opt out of these activities at any time by visiting our Privacy Choices / Do Not Sell or Share My Personal Information page or by emailing privacy@touchofmodern.com. We will treat opt-out requests in accordance with applicable law and within the time periods required by applicable law.
Global Privacy Control (GPC) and Other Universal Opt-Out Signals
If you visit the Services with the Global Privacy Control opt-out preference signal enabled in your browser or device, we will treat that signal as a request to opt out of the sale or sharing of personal information for cross-context behavioral advertising for the device and browser sending the signal, in accordance with applicable law. If we are able to associate the GPC signal to a known account, we will apply the opt-out request to that account as well. We honor GPC as a “Universal Opt-Out Mechanism” under the Colorado Privacy Act and as an opt-out preference signal under California, Connecticut, Texas, Oregon, and other state privacy laws that recognize qualifying signals. To learn more about Global Privacy Control, visit https://globalprivacycontrol.org/.
Do Not Track
Currently, we do not alter our data collection and use practices in response to “Do Not Track” signals (other than the Global Privacy Control signal as described above).
Relationship with Shopify
The Services are hosted by Shopify, which collects and processes personal information about your access to and use of the Services in order to provide and improve the Services for you. Information you submit to the Services will be transmitted to and shared with Shopify, as well as third parties that may be located in countries other than where you reside, in order to provide and improve the Services for you. To help protect, grow, and improve our business, we use certain Shopify enhanced features that incorporate data and information obtained from your interactions with our Store, along with other merchants and with Shopify. To provide these enhanced features, Shopify may make use of personal information collected about your interactions with our store, along with other merchants, and with Shopify. In these circumstances, Shopify is responsible for the processing of your personal information, including for responding to your requests to exercise your rights over use of your personal information for these purposes.
To learn more about how Shopify uses your personal information and any rights you may have, you can visit the Shopify Consumer Privacy Policy at https://www.shopify.com/legal/consumer-privacy-policy. Depending on where you live, you may exercise certain rights with respect to your personal information through the Shopify Privacy Portal at https://privacy.shopify.com/en.
Children's Privacy
The Services are intended for individuals 18 years of age or older. We do not knowingly collect personal information from children under 13. We do not knowingly sell or share personal information of consumers under 16. We do not knowingly process the personal information of any consumer we know or reasonably should know is under 18 for purposes of targeted advertising or for the sale of personal information, and we do not collect or process precise geolocation or other sensitive personal information of such minors except as strictly necessary to provide a Service the minor (or the minor’s parent or guardian) has expressly requested.
If you are the parent or guardian of a child who has provided us with personal information, you may contact us at privacy@touchofmodern.com to request deletion.
Consumer Health Data Notice (Washington Residents)
This section applies if you are a Washington State resident or your consumer health data is collected in Washington and constitutes a separate notice for purposes of the Washington My Health My Data Act (RCW 19.373; “MHMDA”).
Categories of consumer health data we may collect. Where applicable, the categories of consumer health data we may collect, the purposes for which we use them, the categories of sources, and the categories of recipients are described in the Notice at Collection matrix above and in “How We Use Your Personal Information.”
Consent and authorization. We will not collect, use, or share your consumer health data except (i) to provide a Product or Service that you have requested, (ii) with your affirmative consent for purposes that go beyond providing the requested Product or Service, or (iii) as otherwise permitted under MHMDA. We will not sell consumer health data without your separate written authorization. Where consent or authorization is required, we will provide you with the disclosures required under RCW 19.373 before obtaining your consent or authorization.
Your rights. Washington residents have the right, with respect to consumer health data: to confirm whether we are collecting, sharing, or selling such data and to access it; to withdraw consent to our collection and sharing of such data; and to have such data deleted (we will also notify our affiliates, processors, contractors, and third parties to whom we have shared the data of the deletion request). To exercise these rights, please email privacy@touchofmodern.com or visit our Privacy Choices page. If we deny your request, you may appeal as described in “Appeals.”
Where this notice is published. A direct link to this Consumer Health Data Notice is published on the homepage of the Services as required by RCW 19.373.030, in addition to its location within this Privacy Policy.
Data Security and Retention
We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. These measures include encryption in transit (HTTPS/TLS), restricted access controls, monitoring of our hosting environment (which is provided by Shopify and its sub-processors), and contractual safeguards with our service providers.
Please be aware that no security measures are perfect or impenetrable. The transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to the Services. Any transmission of personal information is at your own risk.
Retention. Specific retention periods or criteria are listed by category in the Notice at Collection matrix above. In general, how long we retain your personal information depends on different factors, including whether we need the information to maintain your account, to provide you with the Services, to comply with legal or tax obligations, to resolve disputes, to enforce our agreements, or to protect against fraudulent or unlawful activity. When personal information is no longer required for these purposes, we will delete or de-identify it in accordance with our retention schedule and applicable law.
Automated Decision-Making and Profiling
We use automated processing — including machine-learning models — for limited operational purposes, including: (i) detecting fraudulent or high-risk transactions, (ii) personalizing product recommendations and the on-site shopping experience, (iii) routing customer-support inquiries, and (iv) optimizing the timing and content of marketing communications. These automated processes do not, on their own, produce legal or similarly significant effects on you. If we use automated decision-making for any purpose that does produce such effects, we will provide additional notice and any rights required under applicable law (including, where applicable, the right to opt out and the right to human review).
International Transfers
Our primary servers and operations, and Shopify’s, are located in the United States and Canada. Personal information we collect may be transferred to, stored, and processed in those and other countries that may not have the same data protection laws as your jurisdiction. Where required by applicable law, we rely on recognized cross-border transfer mechanisms — including the European Commission’s Standard Contractual Clauses and the UK International Data Transfer Addendum — when transferring personal information out of the European Economic Area, the United Kingdom, or Switzerland to a country that has not been determined to provide an adequate level of protection.
Your Rights and Choices
Depending on where you live, you may have some or all of the rights below in relation to your personal information. Rights are not absolute, may apply only in certain circumstances, and may be subject to exceptions under applicable law. We may need to verify your identity before processing a request, and we will respond within the time periods required by applicable law.
• Right to Access / Know. Request access to the personal information we hold about you, the categories of sources from which we collected it, the purposes for which we use it, the categories of third parties to whom we disclose it, and (where applicable) specific pieces of personal information.
• Right to Correct. Request that we correct inaccurate personal information we maintain about you.
• Right to Delete. Request that we delete personal information we maintain about you, subject to legal exceptions.
• Right to Portability. Receive a copy of the personal information you have provided to us in a portable format and, where technically feasible, transmit it to another controller.
• Right to Opt Out of Sale, Sharing, and Targeted Advertising. Direct us not to “sell” or “share” your personal information or to use it for cross-context behavioral advertising or “targeted advertising,” as those terms are defined in applicable state privacy laws. You may exercise this right through our Privacy Choices page, by emailing privacy@touchofmodern.com, or by enabling the Global Privacy Control signal in your browser.
• Right to Limit Use of Sensitive Personal Information. California residents may direct us to limit our use of sensitive personal information to those uses necessary to provide the Services and other purposes permitted under California law.
• Right to Opt Out of Profiling. In Colorado, Connecticut, Virginia, Oregon, Texas, Montana, and certain other states, opt out of profiling in furtherance of decisions that produce legal or similarly significant effects.
• Rights Concerning Consumer Health Data. Washington residents have additional rights with respect to consumer health data, as described in “Consumer Health Data Notice (Washington Residents).”
• Right to Non-Discrimination. Not be subject to discriminatory treatment for exercising any of the rights described above.
• Managing Communications. We may send you promotional emails and text messages. You may opt out at any time by using the unsubscribe option displayed in our emails to you, by texting STOP to any of our SMS programs, or by contacting us at support@touchofmodern.com.
How to Exercise Your Rights. You may submit a rights request through the on-site Privacy Choices page, by emailing privacy@touchofmodern.com, or by calling (415) 230-0750. To learn more about how Shopify processes personal information and any Shopify-side rights you may have, you can visit https://privacy.shopify.com/en.
Authorized Agents. In accordance with applicable laws, you may designate an authorized agent to make a request on your behalf. Before accepting an agent request, we will require that the agent provide proof of your authorization (for example, a power of attorney or signed permission) and we may need to verify your identity directly with us.
Appeals. If we decline a request you have made, you may appeal our decision by emailing privacy@touchofmodern.com with the subject line “Privacy Appeal” and including a copy of your original request and the basis of your appeal. We will respond within the time period required by applicable law. If your appeal is denied, you may contact your state attorney general or the data-protection authority where you reside. Delaware residents may contact the Delaware Department of Justice at privacy@delaware.gov. California residents may contact the California Privacy Protection Agency or the California Attorney General. Washington residents whose consumer-health-data rights are at issue may contact the Washington Attorney General.
State-Specific Privacy Disclosures
California Residents
If you are a California resident, you have the rights described in “Your Rights and Choices,” including under the California Consumer Privacy Act and the California Privacy Rights Act. The categories of personal information we collect, the purposes for which we use it, the categories of sources, the categories of third parties to whom we disclose it, and our retention practices are described in the Notice at Collection matrix and in this Policy. We have not “sold” personal information for monetary consideration in the preceding 12 months. We have “shared” personal information for cross-context behavioral advertising as described in “Cookies, Tracking Technologies, and Targeted Advertising,” and you can opt out of that sharing through the Privacy Choices page or by enabling the Global Privacy Control.
Shine the Light. California Civil Code §1798.83 (“Shine the Light”) permits California residents to request, once per calendar year, certain information about our disclosures of personal information to third parties for those third parties’ direct-marketing purposes. To make such a request, please email privacy@touchofmodern.com.
Notice of Financial Incentive (California)
From time to time, we may offer programs, discounts, or other incentives in exchange for the collection, retention, sale, or sharing of your personal information (each, a “Financial Incentive”). The most common example is a discount on your first order in exchange for joining our marketing email or SMS list.
Material terms of the Financial Incentive. If you provide your email address (and, for SMS, your mobile phone number) and opt in to our marketing list, we will send you a one-time promotional code for use on a future qualifying purchase, subject to the offer terms presented at the time of signup (e.g., minimum purchase amount, exclusions, expiration). The discount value, minimum purchase, and other terms are stated at the point of signup.
Categories of personal information implicated. Identifiers (email address, telephone number), commercial information (purchase activity), inferences (marketing engagement and preferences), and device/usage information (interactions with our marketing communications).
How to opt in. Submit the email or SMS signup form on the Services and confirm your opt-in (for SMS, by replying as instructed in the verification message).
How to withdraw. You may withdraw at any time by clicking the unsubscribe link in any of our marketing emails, by replying STOP to any SMS marketing message, or by contacting privacy@touchofmodern.com. Withdrawing will not affect your ability to redeem any promotional code already issued, subject to its terms.
Good-faith estimate of the value of the consumer’s data. We have made a good-faith estimate of the value of the personal information involved in this Financial Incentive based on the incremental revenue we reasonably expect to generate from marketing communications sent to a subscriber, less the discount provided and operating costs allocable to the program. Based on that methodology, we estimate the value of a subscriber’s personal information to be reasonably related to the value of the discount or other incentive offered. The methodology used to calculate this value is available on request.
Why this Financial Incentive is permitted. The Financial Incentive is reasonably related to the value of your personal information to us. Participation is voluntary and you may withdraw at any time without penalty other than the loss of the incentive itself.
Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Delaware, Iowa, Tennessee, New Hampshire, New Jersey, Minnesota, Maryland, Indiana, Kentucky, Rhode Island, and Nebraska Residents
If you are a resident of one of these states (or any other state with a comprehensive consumer privacy law in effect that grants the rights described below), applicable law may provide you with additional rights regarding our use of your personal information, including the rights described in “Your Rights and Choices.” To exercise these rights, including your right to opt out of sale, sharing, targeted advertising, and profiling, please visit the Privacy Choices page or email privacy@touchofmodern.com. If we deny your request, you may appeal as described in “Appeals.”
Maryland Residents
If you are a Maryland resident, the Maryland Online Data Privacy Act applies. In addition to the rights described above, we observe the following Maryland-specific operational rules:
• We collect, process, and share personal information only as reasonably necessary and proportionate to provide the specific Product or Service you have requested, or for compatible purposes you would reasonably expect.
• We do not sell sensitive personal information, and we do not process sensitive personal information except where strictly necessary, with your consent, or as otherwise permitted under Maryland law.
• We do not knowingly process the personal information of any consumer we know or reasonably should know is between 13 and 17 years of age for purposes of targeted advertising or for the sale of personal information.
• To exercise Maryland privacy rights or to appeal a denial, contact privacy@touchofmodern.com. If your appeal is denied, you may submit a complaint to the Maryland Attorney General’s office.
Washington Residents
Washington residents have rights with respect to consumer health data as described in the “Consumer Health Data Notice (Washington Residents)” section above, in addition to any rights they may have under the Washington consumer privacy laws.
Links to Third-Party Websites
Our Services, newsletters, email updates, and other communications may, from time to time, contain links to and from the websites of others, including our partner networks, retail partners, advertisers, and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.
Complaints
If you have a complaint about how we process your personal information, please contact us at privacy@touchofmodern.com. Depending on where you live, you may also have the right to lodge a complaint with your state attorney general (for Delaware residents, the Delaware Department of Justice at privacy@delaware.gov), the California Privacy Protection Agency, the Washington Attorney General (for consumer health data complaints), or the data-protection authority of the country where you reside.
Changes to This Privacy Policy
We may update this Policy from time to time, including to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will post the revised Privacy Policy on this page, update the “last modified” date, and provide notice of material changes as required by applicable law (for example, by posting a prominent notice on the Services or by emailing you if you have provided your email address).
Contact Information
If you have any remaining questions about how we treat your privacy, please contact us by:
• Email — privacy: privacy@touchofmodern.com (privacy-rights requests, including access, deletion, correction, opt-out, appeals, Washington consumer health data, and Financial Incentive questions).
• Email — general: support@touchofmodern.com
• Phone: (415) 230-0750
Mail: TOMO Services LLC, Attn.: Privacy Office, 3216 E Cactus Rd, Phoenix, AZ 85032