Skip to contentGo to Accessibility Statement
FREE SHIPPING ON ORDERS OVER $199CAD*
FREE SHIPPING ON ORDERS OVER $199CAD*
Store Locator Leather Classes Customer Service

Privacy policy

Welcome to tandyleather.com ("the Website"), operated by Tandy Leather, Inc. ("we," "us," or "our"). At Tandy Leather, Inc., we value your trust and are committed to protecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information when you use our Website or interact with us through other means. By using the Website, you agree to the practices described in this Privacy Policy.

Index

Our Commitment to Your Privacy

At tandyleather.com, we deeply value your privacy and are dedicated to protecting it. This includes adhering to:

  • The United States Federal Electronic Communications Privacy Act.
  • The United States Federal Computer Fraud and Abuse Act.
  • The European Union's General Data Protection Regulation (GDPR).
  • The Canadian privacy laws like PIPEDA.
  • US State privacy laws like CCPA, VCDPA, CPA, TDPSA et al.

↑ Back to top

What We Do with Your Information

We gather certain information about our customers as part of our service. We only share this information with parties not associated with us when absolutely necessary and in accordance with the law. Your trust is important to us, and we're committed to maintaining the confidentiality and integrity of your personal data.

↑ Back to top

Information We Collect

Personal Details

We may collect personal information, including but not limited to your name, email address, and phone number, primarily when you make purchases on our Website. Please note that if you purchase our products through third-party platforms, we may not have access to this information.

Types of Information We Collect

In the past year, we have collected the following types of information:

  • Basic details, such as names, addresses, phone numbers, and email addresses.
  • Information about your online activities, including websites visited, search history, and interaction with advertisements.
  • Geolocation data based on your device.
  • Sensitive information in limited circumstances, we may collect information that is considered sensitive under applicable law. This includes:
    • Financial information (e.g., payment card details): Collected solely to process transactions and handled exclusively by our third-party payment processors (Shopify, PayPal, Amazon Pay, Apple Pay, Google Pay). We do not store full payment card numbers on our systems.
    • Government-issued ID or identity verification data: Collected only where required for fraud prevention or legal compliance, and retained only as long as necessary for that purpose.
  • User detail sharing with affiliates or partners.
  • Text Marketing and Notifications

How We Collect Your Information

When you use our Messaging Service, we gather various details from you. This includes:

  • Your phone number and email address when you sign up.
  • Your messaging history and the content of your messages.
  • Information is collected through cookies or similar technologies, which help personalize your experience (like sending you reminders about your shopping cart).
  • If you join any contests, sweepstakes, studies, or surveys through the Messaging Service, we collect your contact information and any other details you provide.
  • If you contact us with questions or for customer service, we'll also collect your contact information.

Chatbot Interaction

If you use our chatbot, we may collect information related to your interactions with the chatbot and any information you provide during those interactions.

Contacting Us

When you contact us for inquiries or other purposes, we may collect the information you provide during these interactions.

Users can email tlfhelp@tandyleather.com or use the Data Subject Request link at the footer of the website.

Payment Details

For online purchases, your payment details are processed by third-party payment processors like Shopify. You can review their privacy policy at https://www.shopify.com/legal/privacy.

↑ Back to top

Your Security

At tandyleather.com, we prioritize keeping your financial details private and secure. Here's how we do it:

  1. Secure Online Shopping: We use QualitySSL, a top-notch security technology, to encrypt your order information. This means your data is turned into a code that's extremely hard to read, ensuring your transaction is safe and processed immediately.
  2. Safe Credit Card Transactions: When you buy something, the credit card details are handled in a secure part of our website. This prevents any misuse or unauthorized access to your information.
  3. Trusted Partnerships: We work with third-party companies for credit card processing, shipping, and website hosting. These partners only get the information they need to do their jobs. We make sure they follow strict rules to keep your information safe and private, in line with federal standards.
  4. Staff Training and Policies: Our team is trained to protect your personal information. They're instructed to use this information only for business reasons, ensuring your privacy is respected.
  5. Legal Compliance: If the law requires it, we may have to share certain personal details about you. This would only happen if ordered by a court or if we believe it's necessary to follow legal requirements.

Your security is our top concern, and we're committed to ensuring a safe and trustworthy shopping experience at tandyleather.com.

↑ Back to top

Data Breach Notification

Despite our best efforts, no security measures are completely impenetrable. In the event of a data breach that affects your personal information, we are committed to the following:

  • Regulatory notification: Where required by law — including within 72 hours under GDPR — we will notify the relevant supervisory authority of any breach that poses a risk to individuals' rights and freedoms.
  • Individual notification: If a breach is likely to result in a high risk to your rights and freedoms, we will notify you directly without undue delay, using the contact information we hold for you. Our notification will describe the nature of the breach, the data involved, the likely consequences, and the steps we are taking to address it.
  • US state requirements: Where applicable (including under Texas, California, and other state breach notification laws), we will notify affected residents within the timeframes required by those laws.
  • Remediation: We will take prompt steps to contain the breach, assess its scope, and implement measures to prevent recurrence.

If you believe your account or personal information has been compromised, please contact us immediately at tlfhelp@tandyleather.com.

↑ Back to top

IP Address and Other Automatically Collected Information

We collect general information about your visits to our Website, including the date and time of your visit, your geographic location, and your browsing activities. This information helps us enhance your experience on our Website.

↑ Back to top

Third-Party Partners

We work with third-party companies to operate our Website and gather data. These partners may use cookies to collect anonymous data about how users interact with our Website. They have committed to using this information solely to improve our services and not for their own purposes.

↑ Back to top

Overview of Data Collection

Type of Data Examples Purpose Categories of Sources Categories of Third Parties Data Retention
Identifiers and Personal Information Name, email etc. Order processing, communication and personalization Direct input by users Shopify, Klaviyo, PayPal, Amazon Pay, Apple Pay, Google Pay, Swym Wishlist Plus 5 years as long as the account is active
Internet or Network Activity Browsing history, search history Website improvement and monitoring analysis Automatic collection when users browse the website Google Tag Manager, Google Analytics, Pinterest Conversion Tag, Klaviyo 2 years
Geolocation Data Physical location Localized content, shipping estimates and targeted marketing Automatic collection or manual input Google Tag Manager, Google Analytics, Klaviyo 2 years
Sensitive Personal Information Personal data, financial information, and identity data Secure transactions, identity verification, and personalized experiences Direct input by users Shopify, PayPal, Amazon Pay, Apple Pay, Google Pay, Visa, Mastercard, American Express 5 years or as long as the account is active

↑ Back to top

Use of Cookies and Tracking Tools

Our Website employs various tools to enhance your experience:

Cookies

Cookies are small files sent to your computer that remember your preferences and visits to our Website. You can manage or delete cookies through our cookie banner, browser settings, or mobile device settings. However, disabling cookies may affect the functionality of our Website.

Web Beacons

Tiny images known as web beacons help us track which parts of our Website you visit.

Pixel Tags

Pixel tags track your activity on our Website, including the links you click.

We also utilize Google Analytics to understand user interactions without revealing personal identities. To learn more about Google Analytics or opt-out, visit here and here. We may incorporate additional tools in the future to enhance our website analytics.

Chatting on Our Website

Our Website features a chat tool that allows you to interact with automated helpers or real representatives. We may retain chat conversations for record-keeping purposes. Your usage of the chat implies consent to recording.

"Do Not Track" Browser Setting

Where available, you may choose to enable an online tool that automatically communicates your opt-out preferences, such as the Global Privacy Control. When detected, we will process such signals as a valid request to opt out.

Upon receipt of your request, we will endeavor to honor it based on the information that we collect and maintain.

Exercising your rights does not require you to create an account with us.

↑ Back to top

Giving Us Permission to Use Your Info

By providing us with your personal information, you grant us permission to use and share it as outlined in this Privacy Policy.

↑ Back to top

Age Limit and International Use

Our Website is intended for users aged 18 and older. We do not knowingly collect information from individuals under 18. Using our Website from outside the U.S. implies consent for data transfer across borders.

↑ Back to top

How We Use Your Info

We process your personal data only where we have a valid legal basis to do so. Depending on the purpose, we rely on one or more of the following bases:

  • Contract performance: When processing is necessary to fulfill your order or provide services you've requested (e.g., order processing, shipping, payment).
  • Legitimate interests: Where we have a legitimate business interest that is not overridden by your rights (e.g., fraud prevention, website security, improving our services, and direct marketing to existing customers).
  • Legal obligation: Where processing is required to comply with applicable law (e.g., tax records, responding to lawful government requests).
  • Consent: Where you have freely given, specific, and informed consent (e.g., signing up for marketing emails or SMS, accepting non-essential cookies). You may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.

Where consent is the legal basis, we will obtain it through a clear affirmative action (such as checking a box or clicking an opt-in button) — not through pre-ticked boxes or inferred agreement.

We use your personal information, with your consent for various purposes, including:

  • Communication
  • Order fulfillment
  • Issue resolution
  • Payment processing (handled by Shopify)
  • Understanding user preferences
  • Website improvement
  • Ensuring website functionality
  • Compliance with legal requirements
  • Maintaining website security
  • Other purposes detailed in our Privacy Policy and Terms and Conditions

We may contact you for essential updates, security, or account-related matters. If you wish to unsubscribe from emails or messages, please let us know.

↑ Back to top

Choosing Your Communication Preferences

We respect your communication preferences. You can:

  • Opt-in to receive emails or messages from us
  • Opt-out at any time (unsubscribe link in emails, reply with "STOP" for certain texts)
    • To cancel, text "STOP," "END," "CANCEL," "UNSUBSCRIBE," or "QUIT" to our shortcode. You'll get one more message confirming your request. Please note that our system might not recognize other formats of unsubscribe requests. If you're subscribed to multiple programs from tandyleather.com, you'll need to unsubscribe from each one separately.
  • Exercise control over your communication preferences through our Privacy Choices page or by reaching out to us at tlfhelp@tandyleather.com
  • Users can update their consent preferences through their account settings on our website.
  • Remember, other ways of opting out won't be recognized. Standard message and data rates may apply. For help, text "HELP" to the number from which you received the messages, or contact us directly for more information. To unsubscribe, please follow these steps.

Users can unsubscribe from marketing emails by clicking the unsubscribe link in any marketing email.

↑ Back to top

Getting Texts from Us

When you opt-in for marketing texts, you agree to receive promotional messages. The frequency of these messages varies, and you can opt-out anytime. Standard messaging rates may apply; check with your phone provider.

↑ Back to top

Your Rights and Choices

You have rights concerning your personal information:

  • Access: You can request access to your data.
  • Deletion: You can request the deletion of your data.
  • Correction: You can update or correct your data.
  • Objection: You can object to specific data uses.
  • Portability: You can request data portability.

To exercise these rights or learn more, go to this link for our Data Subject Request form or contact us at tlfhelp@tandyleather.com.

↑ Back to top

Non-Discrimination

We will not discriminate against you for exercising your privacy rights.

↑ Back to top

This Privacy Policy is governed by and construed in accordance with the laws of the State of Texas, without regard to its conflict of law provisions.

For users located in the United States, any disputes arising from this Privacy Policy that cannot be resolved informally will be subject to the exclusive jurisdiction of the state and federal courts located in Tarrant County, Texas.

Important notice for international users: Choosing Texas law as the governing law for this policy does not limit or waive any statutory privacy rights you hold under the laws of your country or region. In particular:

  • EU/EEA residents retain all rights granted under the General Data Protection Regulation (GDPR), including the right to lodge complaints with your national Data Protection Authority, regardless of this jurisdiction clause.
  • UK residents retain all rights under the UK GDPR and the Data Protection Act 2018, including the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk.
  • California residents retain all rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).
  • Residents of other US states with applicable privacy laws (including Colorado, Virginia, Texas, Connecticut, and others) retain all statutory rights under those laws.

Nothing in this Privacy Policy is intended to restrict your ability to exercise rights granted to you by mandatory applicable law in your jurisdiction.

↑ Back to top

Contact Us

If you have any questions, comments, or concerns about this Privacy Policy or our data practices, please contact us at:

Tandy Leather, Inc.
Tandy Leather Factory, Inc., 7602 SW Loop 820, Ste 101, Benbrook, TX 76126, United States
privacy@tandyleather.com

↑ Back to top