Privacy Policy – TrueGrimmStories

Effective date: 01 October 2025

Who we are

TrueGrimmStories (“we,” “us,” “our”) is a storytelling and media website and channel focused on original Brothers Grimm tales. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you visit truegrimmstories.com, interact with our social channels, shop our merchandise, use affiliate links, or support us (e.g., tips)

Controller

For visitors in the EEA/UK, the controller is TrueGrimmStories.
Contact: privacy@truegrimmstories.com

If we appoint an EU/UK representative or Data Protection Officer (DPO), we will update this Policy.

1) Information We Collect

We collect information that you provide directly, that is collected automatically, and that comes from third parties.

A. You provide

  • Contact data: name, email, social handle, message content (e.g., via forms or email).
  • Newsletter data: email address, preferences.
  • Purchase data (merch): order details, shipping info; payment is processed by third-party providers (we don’t store full payment card numbers).
  • Support/Tips data: e.g., PayPal account email shown to us by PayPal; if you tip via crypto, wallet addresses and on-chain metadata are public by design.
  • User-generated content: comments you post (on our site, if enabled) or content you share with us.

B. Collected automatically

  • Device/usage data: IP address, browser type, device identifiers, pages viewed, referring/exit pages, timestamps, approximate location (from IP).
  • Cookies & similar tech: pixels, SDKs, local storage used for site functionality, analytics, and (if enabled) advertising measurement.

C. From third parties

  • Merch/Payment partners: confirmation of payment, delivery status.
  • Analytics/Ads/Embeds: (e.g., analytics provider(s), YouTube/Vimeo/TikTok/Instagram/X embeds).
  • Affiliates: clicks/attribution for affiliate links (e.g., OpenArt).
  • Social platforms: if you engage with our pages/profiles.

2) How We Use Information (Purposes)

We use personal information to:

  • Provide and operate the site, content, embeds, and features you request.
  • Process orders and tips, and handle customer support.
  • Send communications, including newsletters you opt into, service messages, and updates about our content.
  • Measure and improve site performance, content, and audience (analytics).
  • Personalize content and (if applicable) measure/limit advertising on our site or social channels.
  • Detect, prevent, and respond to fraud, abuse, security incidents, and legal requests.
  • Comply with legal obligations and enforce terms.

Legal bases (EEA/UK):

  • Contract: to provide requested services (e.g., orders, newsletter delivery).
  • Consent: for non-essential cookies/analytics/marketing; for newsletters; for certain international transfers where required.
  • Legitimate interests: site security, audience measurement with privacy-respecting safeguards, product improvement.
  • Legal obligation: tax, accounting, and compliance.

3) Cookies & Similar Technologies

We use:

  • Strictly necessary cookies (essential for the site to function).
  • Analytics cookies (help us understand usage; consent-based in EEA/UK).
  • Advertising/measurement cookies (if used, consent-based in EEA/UK).

Your choices:

  • Our banner lets EEA/UK visitors accept/decline non-essential cookies and change settings anytime.
  • Browser settings may block or delete cookies; some features may not work without them.

Global Privacy Control (GPC): We honor recognized GPC signals as an opt-out of “sale/share” where applicable under U.S. law.

4) How We Disclose Information

We disclose personal information to:

  • Service providers/processors: hosting, security, analytics, email delivery, customer support, e-commerce fulfillment, payment processing.
  • Merch/tips/affiliate partners: to fulfill transactions, confirm purchases, attribute commissions.
  • Social/Video Embeds: When you interact with embedded content (e.g., YouTube), those platforms may collect data under their own policies.
  • Legal and safety: to comply with law, enforce our terms, protect rights, safety, or property.
  • Business transfers: in a merger, acquisition, or asset sale, data may transfer as permitted by law.

We do not sell personal information for money. We may “share” personal information (as defined by CPRA) for cross-context behavioral advertising/measurement only if enabled on our site; you can opt out (see Section 9).

5) International Transfers

We may transfer personal information to countries outside your own (including the U.S.), where laws may differ.

  • For EEA/UK data, we rely on adequacy decisions (where available) or Standard Contractual Clauses (SCCs) plus supplementary safeguards as required.
  • You may request a copy of relevant transfer mechanisms by contacting us.

6) Retention

We keep personal information only as long as necessary for the purposes in this Policy, including:

  • Transactions & legal: retain records as required by tax/accounting laws.
  • Newsletters: until you unsubscribe and for a short period after to honor the request.
  • Analytics logs: typically short to moderate periods; aggregated data may be retained longer.
    We also retain backups for limited, rolling periods.

7) Security

We use administrative, technical, and physical safeguards appropriate to the nature of the information. No system is perfectly secure. If we detect a data breach posing a risk to your rights and freedoms, we will notify you and regulators where required by law.

8) Your Privacy Rights

A. EEA/UK (GDPR)

You have the right to:

  • Access your personal data and receive a copy.
  • Rectify inaccurate or incomplete data.
  • Erase (right to be forgotten) in certain cases.
  • Restrict or object to processing (including profiling) in certain cases.
  • Portability of data you provided to us.
  • Withdraw consent at any time where processing is based on consent.
  • Lodge a complaint with your supervisory authority (e.g., the Office of the Commissioner for Personal Data Protection in Cyprus, or your local authority).

B. U.S. State Rights (e.g., CA/VA/CO/CT/UT)

Depending on your state, you may have the right to:

  • Know/access the categories and specific pieces of personal information we have collected.
  • Correct inaccuracies.
  • Delete personal information.
  • Opt-out of: (i) sale of personal information; (ii) sharing for cross-context behavioral advertising; (iii) targeted advertising; and (iv) certain profiling.
  • Limit use/disclosure of sensitive personal information (CA, if applicable).
  • Appeal if we deny your request (VA/CO/CT).

How to exercise your rights

Email us at privacy@truegrimmstories.com with:

  • the right you wish to exercise,
  • your state/country of residence, and
  • sufficient information to verify your identity (we may request additional details solely to verify).

Appeals (VA/CO/CT): If we deny your request, you may appeal by replying to our decision with “Appeal” in the subject line. If you remain unsatisfied, you may contact your state attorney general.

9) Your Choices

  • Emails: Unsubscribe any time via the link in our emails or by contacting us.
  • Cookies & tracking: Use our cookie banner (EEA/UK) or adjust browser/device settings.
  • Do Not Sell/Share / Targeted Ads (U.S.): Use our “Do Not Sell or Share My Personal Information” link (where available) or email us. We honor Global Privacy Control signals.
  • Analytics/Ads opt-outs: See provider tools where available (e.g., Google’s Ads Settings).
  • Crypto tips: Blockchain transactions are public; avoid putting personal details in memo fields.

10) Children’s Privacy

Our content and site are intended for a general audience and are not directed to children. We do not knowingly collect personal information from children under 13 (U.S. COPPA) or under the age of digital consent in the EEA/UK (typically 16, but may vary by country). If you believe a child has provided personal information, contact us and we will delete it.

11) Third-Party Links & Features

Our site includes links to third-party sites, services, stores, and embedded media players. Your interactions with those services are governed by their privacy policies—not ours. Review their terms and settings (e.g., YouTube, Instagram, TikTok, X, Facebook, PayPal, merchandise platforms, and affiliate partners).

12) California “Notice at Collection”

Categories collected: Identifiers (e.g., email, IP), commercial information (orders/tips), internet activity (usage/analytics), approximate geolocation (from IP), inferences (limited, if any).
Sources: You, your device/browser, our service providers, and partners.
Purposes: Site operation, transactions, communications, security, analytics, measurement, legal compliance.
Retention: As outlined in Section 6.
Selling/Sharing: We do not sell personal information for money. If we engage in cross-context behavioral advertising, it may be considered “sharing” under CPRA; you can opt out via our site controls or by contacting us.
Sensitive data: We do not intentionally collect or use sensitive personal information to infer characteristics.
Your rights: See Section 8 and Section 9.

13) Nevada & Other Jurisdictions

Nevada residents may opt out of the sale of personal information by emailing privacy@truegrimmstories.com with “Nevada Do Not Sell” in the subject line. We continuously review and apply additional rights as local laws require.

14) User Responsibilities

  • Do not submit personal information about others without authorization.
  • Do not include sensitive information (e.g., health, government IDs) in free-text fields.
  • Be mindful that public blockchains are transparent (crypto tips).

15) Changes to This Policy

We may update this Policy to reflect changes in our practices or applicable law. We will post the updated Policy with a new Effective date and, where required, provide additional notice.

16) Contact Us

Questions or requests about this Policy or your personal information:
Email: privacy@truegrimmstories.com
If you are in the EEA/UK, you also have the right to contact your supervisory authority.