Privacy Policy | Happy Santa Global

Privacy Policy Happy Santa Global Last Updated: November 24, 2025

INTRODUCTION

This Privacy Policy explains how Elfware LLC ("Company," "we," "us," or "our"), operating Happy Santa Global (happysantaglobal.com), collects, uses, protects, and shares your personal information.

We are committed to protecting your privacy and ensuring the security of your personal data. This policy complies with the EU General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Children's Online Privacy Protection Act (COPPA), and other applicable data protection laws.

By using our website and services, you consent to the data practices described in this policy. If you do not agree with this Privacy Policy, please do not use our services.

DATA CONTROLLER

Elfware LLC
1111B S Governors Ave STE 29596
Dover, DE 19904, USA

Data Protection Contact: privacy@happysantaglobal.com
General Inquiries: hello@happysantaglobal.com
Phone: +1 (302) 487-0940

NOTICE AT COLLECTION (California Residents)

At or before the point of collection, California residents have the right to know:

Categories of Personal Information Collected:

Identifiers (name, email, phone number, IP address)
Commercial information (purchase history, order details)
Internet or network activity (browsing history, interactions with our website)
Geolocation data (country, region based on IP address)
Audio, electronic, visual information (photos uploaded for video personalization)

Purposes for Collection:

To provide personalized video greeting services
To process payments and fulfill orders
To communicate with you about your orders
To improve our services and website functionality
To comply with legal obligations

We do NOT sell your personal information.

WHAT DATA WE COLLECT

We collect the following categories of personal data:

1. Information You Provide:

Category	Examples
Account Data	Email address, name, password, phone number
Order Data	Child's name, age, gender, interests, gift preferences
Media	Photos you upload for video personalization
Communication Data	Messages, support requests, feedback

2. Automatically Collected Data:

Category	Examples
Device Information	IP address, browser type, operating system, device type
Usage Data	Pages visited, time spent, clicks, referral source
Location Data	Country and region based on IP address
Cookies	Session data, preferences, analytics identifiers

3. Third-Party Data:

Source	Data Type
Payment Processors	Transaction data from Stripe, PayPal (we do NOT store card numbers)
Social Login	Data if you sign in via Google, Facebook, or Apple
Analytics	Data from Google Analytics, Meta Pixel, TikTok Pixel

HOW WE USE YOUR DATA

Purpose	Legal Basis (GDPR)
Creating personalized videos	Contract performance
Processing payments	Contract performance
Sending order confirmations & video links	Contract performance
Customer support	Contract performance / Legitimate interest
Personalized discounts & promotions	Consent / Legitimate interest
Website analytics & improvement	Legitimate interest
Fraud prevention & security	Legitimate interest / Legal obligation
Marketing communications	Consent
Advertising & retargeting	Consent
Legal compliance	Legal obligation

COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar technologies for:

Essential Cookies: Required for website functionality, security, and order processing. These cannot be disabled.

Analytics Cookies: Help us understand how visitors use our website (Google Analytics).

Marketing Cookies: Enable personalized advertising and retargeting (Meta Pixel, TikTok Pixel, Google Ads).

Preference Cookies: Remember your settings, language, and personalized offers.

Your Consent:

No marketing cookies are placed until you give explicit consent via our cookie consent banner
When you first visit our website, only essential cookies are activated
You can choose to accept or decline analytics and marketing cookies
Your choice is saved and respected on subsequent visits
You can withdraw or change your consent at any time

How Our Cookie Banner Works:

Our website uses a technically implemented cookie consent mechanism that:

Displays on your first visit before any non-essential cookies are set
Allows you to accept all, reject all, or customize your preferences
Blocks marketing and analytics scripts until you provide consent
Stores your preferences for future visits
Provides an easy way to change your preferences at any time

Google Consent Mode: We implement Google Consent Mode v2 to respect your cookie preferences. When you decline cookies, we still collect anonymized, aggregated data that cannot identify you personally.

Managing Cookies: You can control cookies through:

Our cookie consent banner (click "Cookie Settings" in the footer)
Your browser settings
Opt-out links: Google Analytics Opt-out

Withdrawing Consent: To withdraw your consent or change your cookie preferences, click on "Cookie Settings" link in the website footer or clear your browser cookies and revisit our site.

DATA SHARING

We may share your data with:

Recipient	Purpose
Payment Processors	Stripe, PayPal, Apple Pay, Google Pay (for transaction processing)
Cloud Providers	Secure hosting and storage services
Analytics Services	Google Analytics, for website improvement
Advertising Partners	Meta (Facebook/Instagram), Google Ads, TikTok (with your consent)
Email Services	For order notifications and marketing (with your consent)
Legal Authorities	When required by law or to protect our rights

We NEVER sell your personal data to third parties.

INTERNATIONAL DATA TRANSFERS

Your data may be transferred to and processed in:

United States (our primary location)
European Union (for EU customers and certain services)

For transfers outside the EEA, we use:

Standard Contractual Clauses (SCCs) approved by the European Commission
Data Processing Agreements with all service providers
Adequacy decisions where applicable

DATA RETENTION

We retain your data for the following periods:

Data Type	Retention Period
Account Data	Until you delete your account + 30 days
Order Data	7 years (for legal/tax compliance)
Photos	Deleted within 90 days after video creation
Video Content	Available for 12 months, then archived
Analytics Data	26 months (anonymized after)
Marketing Preferences	Until you unsubscribe

After the retention period expires, data will be securely deleted or anonymized.

DATA SECURITY

We implement robust security measures:

Measure	Description
Encryption	TLS/SSL encryption for all data transmission
Access Control	Role-based access, limited to authorized personnel
Secure Storage	Data encrypted at rest on secure cloud servers
Payment Security	PCI-DSS compliant payment processing (via Stripe/PayPal)
Regular Audits	Security assessments and vulnerability testing
Incident Response	Procedures for data breach notification

Photo Security: Photos you upload are processed securely and used only for creating your personalized video. They are not shared, sold, or used for any other purpose.

YOUR PRIVACY RIGHTS

Under GDPR (EU/EEA Residents):

You have the right to:

Access: Request a copy of your personal data
Rectification: Correct inaccurate data
Erasure: Request deletion of your data ("right to be forgotten")
Restriction: Limit how we process your data
Portability: Receive your data in a machine-readable format
Objection: Object to processing based on legitimate interests
Withdraw Consent: Revoke consent at any time
Lodge Complaint: File a complaint with your local data protection authority

Under CCPA (California Residents):

You have the right to:

Know: What personal information we collect and how it's used
Access: Request disclosure of specific pieces of personal information
Delete: Request deletion of your personal information
Opt-Out: Opt out of the sale of personal information (we do not sell data)
Non-Discrimination: Equal service regardless of privacy choices

How to Exercise Your Rights:

Email: privacy@happysantaglobal.com

Include in your request:

Your full name and email address associated with your account
Specific right you wish to exercise
Any relevant details to help us process your request

RESPONSE TIMEFRAMES

Request Type	Confirmation	Response
GDPR Requests	Within 7 business days	Within 30 days
CCPA Requests	Within 10 business days	Within 45 days
Complex Requests	Within 7 business days	Up to 90 days (with notification)

We may need to verify your identity before processing your request to protect your privacy.

NON-DISCRIMINATION

We will not discriminate against you for exercising any of your privacy rights under CCPA or other applicable laws. Specifically, we will not:

Deny you goods or services
Charge you different prices or rates for goods or services
Provide you a different level or quality of goods or services
Suggest that you may receive a different price, rate, or quality level

CHILDREN'S PRIVACY

Important: Our services create videos FOR children, not to be used BY children.

We do not knowingly collect personal information directly from children under 13 (or 16 in certain EU countries)
Parents/guardians provide child information when ordering videos
Parents have full control over their child's data and can request deletion at any time
If you believe a child has provided data without parental consent, contact us immediately at privacy@happysantaglobal.com

Parental Rights:

Parents and legal guardians may:

Review personal information collected about their child
Request deletion of their child's personal information
Refuse further collection or use of their child's information

To exercise these rights, contact us at privacy@happysantaglobal.com with the subject line "Parental Data Request."

THIRD-PARTY LINKS

Our website may contain links to third-party sites (payment processors, social media, etc.). We are not responsible for their privacy practices. Please review their privacy policies before providing any information.

Examples of third-party services:

Stripe, PayPal (payment processing)
Google, Facebook, Apple (social login)
Google Analytics, Meta, TikTok (analytics and advertising)

CHANGES TO THIS POLICY

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated "Last Updated" date.

For significant changes, we will notify you via:

Email to your registered address
Prominent notice on our website

Continued use of our services after changes constitutes acceptance of the updated policy.

CONTACT US

For privacy-related questions or to exercise your rights:

Data Protection Contact:
Email: privacy@happysantaglobal.com

General Contact:
Elfware LLC
1111B S Governors Ave STE 29596
Dover, DE 19904, USA
Phone: +1 (302) 487-0940
Email: hello@happysantaglobal.com

EU Representative: For GDPR inquiries from EU residents, contact privacy@happysantaglobal.com

This Privacy Policy is effective as of November 24, 2025.