Privacy

Last Updated: October 20, 2025

This Privacy Policy governs the manner in which Cosabella collects, uses, maintains and discloses information collected from users (each, a "User") of the cosabella.com website ("Site"). It also describes the choices and rights available to Users with respect to their personal information, as well as the legal bases on which we rely when processing personal data.  This privacy policy applies to the Site and all products and services offered by Cosabella, including any related mobile applications, email communications, and offline interactions where this Privacy Policy is referenced. By accessing or using our Site, you acknowledge that you have read and understood this Privacy Policy.

Please note that this Privacy Policy may be supplemented by additional notices, terms, or agreements depending on your location (for example, if you are a resident of California, the European Union, or the United Kingdom). In such cases, those jurisdiction-specific rights and disclosures will apply in addition to this Privacy Policy.

This Privacy Policy does not apply to third-party websites, applications, or services that may be linked through our Site; we encourage you to review the privacy practices of those third parties directly.

Personal identification information

We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our site, register on the site, place an order, subscribe to the newsletter, respond to a survey, fill out a form, and in connection with other activities, services, features or resources we make available on our Site. Users may be asked for, as appropriate, name, email address, mailing address, phone number, credit card information. We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personal identification information, except that it may prevent them from engaging in certain Site related activities.

We may also collect your email address via cookies and pixels on the Site through the use of trusted third-party partners. These partners may also combine your email information with other information they have access to (such as mailing address) so that we may serve relevant marketing offers to you via email and direct mail. If you do not want us to collect information about you, please contact Customer Service to opt out. We may also collect information from third parties or other sources.

In addition to the categories listed above, we may collect identifiers (such as account login credentials), commercial information (such as purchase history and product preferences), payment and billing details, geolocation data (such as approximate location based on IP address), and information you choose to provide in communications with us (such as customer service requests or product reviews).

We may also collect information from social media platforms if you interact with our official accounts, as well as information obtained from our affiliates, business partners, or service providers.

We will not intentionally collect sensitive personal information (such as health data, government-issued identification numbers, or biometric data) unless it is strictly necessary for providing our services and you have explicitly consented or provided it voluntarily. If we do request such information, we will provide a clear explanation of why it is needed and how it will be protected.

Where required by law, we will only collect and process your personal information with your consent, to fulfill a contract with you, to comply with a legal obligation, or where we have a legitimate interest that is not overridden by your rights.

Non-personal identification information

We may collect non-personal identification information about Users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as the IP Address (which could be used to determine location), operating system and the Internet service provider’s utilized and other similar information.

No Sale of Data

How we use collected information

Cosabella may collect and use Users personal information for the following purposes:

- To improve customer service: Information you provide helps us respond to your customer service requests and support needs more efficiently.

- To personalize user experience: We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site.

- To improve our Site: We may use feedback you provide to improve our products and services.

- To process payments: We may use the information Users provide about themselves when placing an order only to provide service to that order. We do not share this information with outside parties except to the extent necessary to provide the service.

- To run a promotion, contest, survey or other Site feature: To send Users information they agreed to receive about topics we think will be of interest to them.

- To send periodic emails: We may use the email address to send User information and updates pertaining to their order. It may also be used to respond to their inquiries, questions, and/or other requests. If User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email or User may contact us via our Site.

- To provide you with information about our products and services through email, direct mail, and advertisements that you may see when browsing online.

- To carry out market research and for product development.

- To screen transactions for fraud, and, if necessary, to decline to do business with you if any of your information has been linked by us or a third-party data processor with fraudulent activity.

- To conduct activities and data processing described elsewhere in this Privacy Policy.

- To comply with legal requirements or obligations to law enforcement, regulators and the court service.

- To deliver targeted advertising and promotional communications tailored to your interests, based on information collected about your browsing behavior, purchase history, or interactions with our Site and third parties.

- To analyze usage trends, measure the effectiveness of our advertising campaigns, and generate insights to help us understand our audience.

- To enforce our Terms of Service, prevent abuse, resolve disputes, and protect the security and integrity of our systems, Users, and business operations.

- To facilitate business transfers: in the event of a merger, acquisition, reorganization, or sale of assets, your information may be used or transferred as part of that transaction.

How we protect your information

We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.

Sensitive and private data exchange between the Site and its Users happens over a SSL secured communication channel and is encrypted and protected with digital signatures. Our Site is also in compliance with PCI vulnerability standards in order to create as secure of an environment as possible for Users.

Sharing your personal information

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information unless we provide you with advance notice, except as described below. The term "outside parties" does not include our affiliates and website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property, or safety.

Occasionally, we may provide your personal information with carefully screened companies such as third-party marketing partners in an effort to make you aware of products or services in which you may have an interest and, in turn, we are able to mail our catalogs to certain customers of other retail companies. These third-party marketing partners may use your personal information for commercial or marketing purposes. If you prefer that we do not share your personal information with these companies, please contact us at eshop@cosabella.com .

Non-personally identifiable visitor information, including generalized or aggregated visitor information, may be provided to other parties for marketing, advertising, or other uses.

SMS Marketing

 

We may offer Users the opportunity to enroll in our SMS or text message marketing program (the “Messaging Service”). When you sign up for the Messaging Service, we collect the phone number and/or email address you provide, along with any information you include in messages sent to us. We may also collect information about your interactions with our Site (such as shopping cart activity) to send you relevant or personalized text messages, including cart reminders and promotional offers.

By enrolling, you consent to receive recurring marketing messages from Cosabella. Message frequency may vary. Msg & data rates may apply. You can opt out at any time by replying STOP to a message, or reply HELP for assistance.

We comply with all applicable federal and state laws governing SMS marketing, including the Telephone Consumer Protection Act (TCPA) and the Texas Business & Commerce Code as amended by SB 140. In particular, we honor restrictions on “quiet hours” for marketing text messages and, where required, maintain registration with the Texas Secretary of State.

Data collected through the Messaging Service will be used in accordance with this Privacy Policy, and may also be subject to our separate SMS Terms & Conditions, available [here]. We encourage you to review those SMS Terms for more details about how we operate our Messaging Service, including quiet hours, registration, and carrier requirements.

Third party websites

Users may find advertising or other content on our Site that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website's own terms and policies.

California residents

If you are a resident of California, you are entitled to certain rights under the California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act of 2020 (“CPRA”). In the last twelve months, we may have collected categories of personal information that include:

- Identifiers: such as your name, postal address, email address, phone number, account name, or IP address.

- Customer records and commercial information: such as billing and payment details, shipping information, and records of products or services purchased or considered.

- Internet or network activity and geolocation data: such as browsing history, search history, and interactions with our Site or advertisements.

- Other information: such as customer service communications, and inferences drawn from your information to create a profile of your preferences.

We collect this information to provide and fulfill orders, communicate with you about our products and services, personalize your experience, conduct analytics and research, detect and prevent fraud, and comply with applicable laws. We may disclose this information to service providers and contractors such as payment processors, shipping providers, marketing vendors, and IT/security partners. While we do not sell your information in exchange for money, we may “share” certain categories (such as identifiers, commercial information, or browsing activity) with advertising and analytics partners for cross-context behavioral advertising.

As a California resident, you have the right to request access to the personal information we hold about you, to request deletion of that information (subject to certain exceptions), to request correction of inaccurate information, to opt out of the sale or sharing of your personal information, and to limit the use and disclosure of sensitive personal information where applicable. You also have the right not to be discriminated against for exercising these rights.

You may exercise your rights by contacting us by email at eshop@cosabella.com, by phone at (888) 675-0828, or by mail at Cosabella Privacy Office, 12186 SW 128th Street, Miami, FL 33186. We may request information such as your name, email, or order history to verify your identity. You may also appoint an authorized agent to act on your behalf.

From time to time, we may provide financial incentives such as discounts, rewards, or special offers in exchange for the collection or use of your personal information (for example, joining our SMS marketing program). Participation is optional, and you may opt out at any time. The value of any incentive is reasonably related to the value of the personal information you provide.

Our Site does not respond to browser-based “Do Not Track” signals, but we do honor Global Privacy Control (GPC) signals as opt-out requests under California law.

 

Changes to this privacy policy

Cosabella has the discretion to update this privacy policy at any time. When we do, we will revise the updated date at the bottom of this page. We encourage Users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.

Legal Basis for Processing

When we process personal information, we do so in accordance with applicable data protection laws. Depending on the context, our legal bases for processing may include the following:

- Consent: We rely on your consent where you have voluntarily provided personal information (for example, when you subscribe to our marketing emails or SMS program, participate in promotions, or allow us to use cookies and similar technologies for advertising or analytics purposes). You may withdraw your consent at any time, although this will not affect the lawfulness of processing prior to withdrawal.

- Contractual necessity: We process personal information as necessary to perform our contractual obligations to you, such as to complete your orders, process payments, provide customer service, or deliver products and services you have requested.

- Legal obligations: In some cases we are required to process your personal information to comply with laws, regulations, court orders, or requests from law enforcement or regulators. Examples include maintaining transaction records for tax or accounting purposes and complying with consumer protection obligations.

- Legitimate interests: We may process personal information where it is necessary for our legitimate business interests and not overridden by your rights and freedoms. These interests may include improving and personalizing our Site and services, conducting analytics and market research, preventing fraud and misuse of our systems, maintaining the security of our operations, and communicating with you about products or services that may be of interest to you.

- Vital interests: On rare occasions, we may process personal information to protect your vital interests or those of another person, such as in the case of an emergency involving the safety of our customers or staff.

Where we rely on legitimate interests as the basis for processing, we carefully balance those interests against your privacy rights to ensure they are not infringed. Where consent is required, we will present you with a clear choice and explanation of how your data will be used.

 

Data Retention

We retain personal information only for as long as it is reasonably necessary to fulfill the purposes described in this Privacy Policy. The length of time we keep your information depends on the type of data and the context in which it is collected, as well as our legal, regulatory, and contractual obligations.

Transactional records, such as order details, payment history, and invoices, are typically kept for the duration of our relationship with you and for a period thereafter as required by tax, accounting, or consumer protection laws. Marketing information, such as email or SMS subscription details, is maintained until you withdraw your consent or opt out, after which it is removed within a reasonable administrative period. Customer service communications are kept long enough to allow us to respond to inquiries, resolve disputes, and improve our services. Technical information, including cookies, logs, and analytics data, is stored only for as long as necessary to achieve the purposes outlined in this Privacy Policy or our Cookie Policy.

When personal information is no longer needed, we will delete it or render it anonymous or de-identified in a secure manner consistent with applicable laws and industry standards. In certain cases, we may continue to retain anonymized or aggregated data that does not identify an individual, which we may use for research, analytics, and business continuity purposes.

If you exercise your right to request deletion of your personal information, we will honor that request subject to any legal or regulatory requirements that require us to keep certain information, such as to comply with bookkeeping rules, defend against potential legal claims, or protect the security and integrity of our systems.

 

User Rights

We respect your privacy and provide you with certain rights regarding your personal information. These rights may vary depending on where you live, but we strive to make them available as broadly as possible. You always have the right to know what personal information we collect about you, how we use it, and with whom we share it.

You may request access to the personal information we hold about you and ask that we correct any inaccuracies. In certain circumstances, you may also request that we delete your personal information or restrict the way in which we use it. Where we rely on your consent to process personal information, you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out prior to your withdrawal.

In addition, you may have the right to:

- object to the processing of your personal information where we rely on legitimate interests as the legal basis, and

- request that we provide you with a copy of your personal information in a portable format so that you can transfer it to another service provider.

We will respond to all valid requests in accordance with applicable data protection laws. Please note that we may need to verify your identity before granting access to or making changes to your personal information, and in some cases we may decline your request where the law allows us to do so.

To exercise your rights, please contact us using the details provided in the “Contacting Us” section of this Privacy Policy. Depending on your jurisdiction, you may also have the right to lodge a complaint with a supervisory authority or regulatory agency if you believe that your rights have been violated.

 

GDPR

If you are located in the European Union or the United Kingdom, we process your personal data in accordance with the General Data Protection Regulation (“GDPR”) and the UK GDPR. This means that, in addition to the rights described in the “Your Rights” section of this Privacy Policy, you are entitled to certain protections and choices regarding your personal data.

Our legal bases for processing are described in the “Legal Basis for Processing” section above and include your consent, the necessity of processing to perform a contract with you, compliance with legal obligations, and our legitimate business interests that are not overridden by your rights and freedoms.

Because we are based in the United States, personal data that we collect will be transferred outside the EU/UK. Where we do so, we rely on appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission or UK Addendum, to ensure that your data is protected.

As an EU/UK resident, you have the right to access the personal data we hold about you, to request correction or deletion, to object to or restrict processing, and to request portability of your personal data in a structured, commonly used, and machine-readable format. Where we rely on your consent, you have the right to withdraw that consent at any time. You also have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.

 

Data Transfers

Because we are based in the United States, the personal information we collect may be transferred to, stored, or processed in countries other than your country of residence. This means that your information may be subject to the laws of jurisdictions that may not provide the same level of data protection as those in your home country.

When we transfer personal data from the European Union, the United Kingdom, or other jurisdictions with similar requirements, we implement appropriate safeguards to ensure that your information remains protected. These safeguards may include relying on adequacy decisions where available, entering into Standard Contractual Clauses approved by the European Commission or the UK Addendum, and taking supplementary measures as necessary to protect your data.

We also require our service providers and business partners who receive personal information on our behalf to maintain appropriate security measures and to process personal information only in accordance with our instructions and applicable law. In limited cases, we may transfer information where it is necessary to perform a contract with you or with your consent.

By using our Site or providing us with personal information, you acknowledge that your information may be transferred to and processed in the United States or other jurisdictions outside your country of residence. Where required by law, we will provide you with additional information or obtain your consent before such transfers occur.

 

Children’s Privacy

Our Site and services are not directed to, and we do not knowingly collect personal information from, children under the age of 18. If you are under 18 years old, please do not provide any personal information on this Site or through our services. Parents and guardians should supervise their children’s online activities to help protect their privacy.

If we learn that we have collected personal information from a child under 18 without verified parental consent, we will take steps to delete that information promptly. If you believe that we may have inadvertently collected information from a child, please contact us using the details provided in the “Contacting Us” section of this Privacy Policy so that we can investigate and address the matter.

For residents of the European Union, United Kingdom, and certain other jurisdictions where the age threshold is higher (generally between 13 and 16 depending on local law), we do not knowingly collect personal information from children below the relevant minimum age without parental consent. Where parental consent is required, we will take reasonable steps to verify that consent before collecting or using the child’s personal information.

 

Cookies

Our Site uses cookies and similar technologies to enhance your browsing experience, analyze site traffic, and deliver personalized content and advertising. Cookies are small data files that are placed on your device when you visit a website. They allow us to recognize your device, store your preferences, and understand how you interact with our Site.

We use different types of cookies for different purposes, including:

- Strictly necessary cookies, which are essential to operate the Site and enable you to use core features such as secure log-in, shopping cart functionality, and payment processing.

-  Performance and analytics cookies, which help us understand how visitors use our Site by collecting information about page views, traffic sources, and site performance. This data is aggregated and does not directly identify individuals.

- Functional cookies, which remember your preferences and choices (such as language or location settings) to provide a more personalized experience.

- Advertising and targeting cookies, which track your browsing activity across websites and are used by us and third parties to deliver relevant advertising and measure the effectiveness of our campaigns.

In addition to cookies, we may use pixels, tags, scripts, and other tracking technologies to collect information about your interactions with our Site, our marketing emails, and third-party websites. These technologies may allow us or our partners to deliver tailored advertisements to you across the internet.

You can manage or disable cookies through your browser settings. Most browsers allow you to refuse cookies or to alert you when a cookie is being placed on your device. If you choose to disable certain cookies, some parts of the Site may not function properly. For targeted advertising, you may also opt out through industry programs such as the Digital Advertising Alliance (DAA) or the Network Advertising Initiative (NAI), or through your mobile device settings.

For users in the European Union, United Kingdom, and jurisdictions with similar requirements, we will request your consent before placing non-essential cookies on your device. You may withdraw your consent at any time by adjusting your cookie preferences in our cookie banner or settings tool.

 

Your acceptance of these terms

By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.

Removing your data

If you would like to request deletion of your data held by us you may do so by contacting eshop@cosabella.com.

Contacting us

If you have any questions about this Privacy Policy, the practices of this site, or your dealings with this site, please contact us at:

Luemme LLC DBA Cosabella

cosabella.com

12186 SW 128th Street

+1 (888) 675-0828

eshop@cosabella.com

This document was last updated on October 20, 2025.

This is the web site of Cosabella.com.

We can be reached via e-mail at eshop@cosabella.com

With respect to security: and All confidential information, including your credit card and personal information, is handled and sent in a secure, 128 bit encrypted, environment.