Magic Coils — Privacy Policy

Effective Date: May 13, 2026 Last Updated: May 13, 2026 Operated by: Hair For You LLC, doing business as Magic Coils Contact: info@magiccoils.net · (843) 344-7131

1. About this Policy

This Privacy Policy explains how Hair For You LLC ("Magic Coils," "we," "us," or "our") collects, uses, shares, and protects information about you when you visit magiccoils.net (the "Site"), purchase our products, subscribe to our emails, or otherwise interact with us. It applies to all visitors and customers in the United States. If you live outside the U.S., additional rights may apply under your local law — see Section 9.

By using the Site, you agree to the practices described in this Policy. If you do not agree, please do not use the Site.

2. Information We Collect

We collect three categories of information.

2.1 Information you give us directly.

• Email address when you subscribe to our newsletter, take the hair quiz, request the welcome discount code (MAGICTEN), submit our contact form, or place an order.
• Name, shipping and billing addresses, phone number when you place an order.
• Payment information is collected directly by our payment processor (Shopify) at checkout. We do not receive or store your full credit card number, CVV, or bank account details — only the last four digits and card type for order receipts and customer service purposes.
• Hair quiz responses (texture type, hair goals, current routine) if you choose to take our quiz.
• User-generated content (UGC) if you tag us on social media with #crownedinmagic, #magiccoils, or related hashtags, or submit photos via our /share-your-crown page. By submitting UGC, you grant us the rights described in our Terms of Service.

2.2 Information collected automatically when you visit the Site.

We use cookies, pixels, web beacons, and similar tracking technologies to collect:

• Device and browser information — IP address, device type, operating system, browser type and version, language preference, time zone, screen resolution.
• Usage information — pages visited, links clicked, time spent on each page, referring website, search terms that brought you to the Site, products viewed, items added to cart.
• Session replay data — anonymized recordings of mouse movements, clicks, scrolling, and form interactions on the Site, captured by Microsoft Clarity. Replays do not capture text you type into password fields or payment forms.
• Approximate location based on IP address (typically city or region level).

2.3 Information from third parties.

• Order and payment confirmation from Shopify after you complete checkout.
• Email engagement from MailerLite (whether you opened a campaign, clicked a link, unsubscribed).
• Ad performance from advertising partners (see Section 6) — e.g., whether you saw or clicked a Magic Coils ad before visiting our Site.
• Social media activity if you interact with our Instagram (@magiccoilsofficial), TikTok (@magiccoilsofficial), or Pinterest accounts.

3. How We Use Your Information

We use the information described above for the following purposes:

• Fulfilling your orders — processing payments, shipping products, sending order confirmations, handling returns.
• Sending you marketing emails and offers — including the welcome offer (MAGICTEN), product launches, sales, and educational content (Curl Talk). You can unsubscribe from marketing emails at any time using the link at the bottom of every email or by emailing info@magiccoils.net.
• Personalizing your experience — recommending products based on your hair type, showing relevant content, remembering your cart.
• Improving the Site and our products — analyzing how visitors use the Site, identifying technical issues, testing new features.
• Measuring advertising performance — understanding which ads drove visits and purchases, building retargeting audiences so we can show relevant ads to people who have visited the Site.
• Preventing fraud and securing the Site — detecting suspicious activity, blocking abuse, complying with anti-fraud laws.
• Responding to your inquiries — emails, phone calls, customer service requests submitted via the contact form.
• Complying with legal obligations — tax reporting, responding to lawful government requests, enforcing our Terms of Service.

4. Cookies and Similar Tracking Technologies

We and our service providers use cookies and similar technologies to operate the Site, remember your preferences, measure performance, and deliver relevant advertising. Cookie categories we use:

• Strictly necessary cookies — required to run the Site (cart, checkout, login). These cannot be disabled.
• Performance and analytics cookies — Google Analytics 4, Microsoft Clarity. Help us understand how visitors use the Site.
• Advertising and targeting cookies — Meta Pixel, TikTok Pixel, Pinterest tag, Google Ads. Used to deliver relevant ads on those platforms and measure their performance.

You can control cookies through your browser settings (most browsers let you block all cookies or selectively block third-party cookies). Blocking cookies may break parts of the Site, especially the cart and checkout. We do not currently honor Global Privacy Control (GPC) signals automatically, but California residents can opt out using the rights in Section 9.

5. Email Marketing (MailerLite)

When you subscribe to our newsletter, take the quiz, claim the MAGICTEN welcome offer, or check the "subscribe me" box at checkout, we send your email address (and optionally your name and other quiz responses) to MailerLite, the email service provider that powers our marketing emails. MailerLite stores this information on your behalf and uses it only to deliver our campaigns. You can read MailerLite's privacy policy at https://www.mailerlite.com/legal/privacy-policy.

You can unsubscribe from marketing emails at any time by clicking "Unsubscribe" at the bottom of any email, or by emailing info@magiccoils.net. We will still send you transactional emails related to your orders (shipping confirmations, return updates) even after you unsubscribe from marketing, because those are required to fulfill your purchase.

6. Sharing Your Information with Service Providers

We share your information with the following categories of third parties, only as needed to operate our business:

• Shopify — payment processing and hosted checkout. Privacy policy: https://www.shopify.com/legal/privacy
• MailerLite — email marketing. Privacy policy: https://www.mailerlite.com/legal/privacy-policy
• Netlify — site hosting infrastructure. Privacy policy: https://www.netlify.com/privacy/
• Google — Google Analytics 4 (analytics), Google Tag Manager (tag delivery), Google Search Console (search visibility), Google Ads (advertising). Privacy policy: https://policies.google.com/privacy
• Microsoft — Microsoft Clarity (session replay and heatmaps), Bing Webmaster Tools (search visibility). Privacy policy: https://privacy.microsoft.com/en-us/privacystatement
• Meta — Meta Pixel for Facebook and Instagram advertising and audience-building. With Automatic Advanced Matching enabled, we share hashed (one-way encrypted) versions of your email address with Meta to improve attribution of our ads. Privacy policy: https://www.facebook.com/privacy/policy/
• TikTok — TikTok Pixel for TikTok advertising and audience-building. With Automatic Advanced Matching enabled, we share hashed versions of your email address with TikTok. Privacy policy: https://www.tiktok.com/legal/page/global/privacy-policy/en
• Pinterest — Pinterest tag for Pinterest advertising. Privacy policy: https://policy.pinterest.com/en/privacy-policy
• Shipping carriers (USPS, UPS, FedEx, etc.) — to deliver your orders.

We do not sell your personal information to third parties for their independent marketing use. Some categories of "sharing" with our advertising partners may qualify as "sale" or "sharing" under California law — see Section 9 for opt-out rights.

We may also disclose your information to comply with a lawful subpoena, court order, or other legal process; to enforce our Terms of Service; to protect our rights, property, or safety, or that of our customers or the public; or in connection with a merger, acquisition, or sale of business assets.

7. Data Retention

We keep your information for as long as we need it to provide our products and services and as required by law:

• Order records: retained for at least 7 years for tax and regulatory compliance.
• Marketing email subscribers: retained until you unsubscribe, then retained on a suppression list to ensure we don't email you again.
• Site analytics: retained for up to 14 months in Google Analytics 4 by default.
• Session replays (Microsoft Clarity): retained for up to 3 months.
• Customer service correspondence: retained for up to 2 years after the issue is resolved.

You can request deletion of your information at any time — see Section 9.

8. Security

We use industry-standard security measures to protect your information, including encryption in transit (HTTPS / TLS 1.2+), encrypted storage for sensitive data, payment processing by PCI-DSS-compliant Shopify, and access controls that limit which employees and contractors can view customer data.

That said, no system is 100% secure. We can't promise absolute security, and any transmission of information to or from the Site is at your own risk. If we ever discover a data breach affecting your personal information, we will notify you as required by applicable law.

9. Your Privacy Rights

9.1 All U.S. residents.

You can request to:

• See what personal information we have about you
• Correct inaccurate information
• Delete your information (subject to legal retention requirements — see Section 7)
• Receive a copy of your information in a portable format
• Opt out of marketing emails

To exercise any of these rights, email info@magiccoils.net with the subject line "Privacy Request" and tell us which right you want to exercise. We will respond within 45 days. We may need to verify your identity before fulfilling the request.

9.2 California residents — your additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

• Right to know the categories and specific pieces of personal information we have collected about you in the past 12 months.
• Right to delete the personal information we have collected from you.
• Right to correct inaccurate personal information.
• Right to opt out of "sale" or "sharing" of personal information. Some of the data sharing with our advertising partners (Meta, TikTok, Pinterest, Google) may qualify as "sharing" under the CPRA. To opt out, email info@magiccoils.net with the subject line "Do Not Sell or Share My Personal Information." We will honor your request within 15 business days.
• Right to limit use of sensitive personal information. We do not currently use sensitive personal information for purposes that require this opt-out.
• Right to non-discrimination — we won't deny you service, charge different prices, or provide worse quality if you exercise these rights.

To exercise any of these rights, email info@magiccoils.net with the relevant subject line. You can also designate an authorized agent to act on your behalf.

9.3 EU and UK residents (limited GDPR rights for incidental traffic).

Magic Coils is a U.S.-based business and we do not actively target customers in the EU or UK. If you happen to visit the Site from those regions, you may have additional rights under the EU General Data Protection Regulation (GDPR) or UK GDPR, including the right to object to processing, the right to data portability, the right to lodge a complaint with a supervisory authority, and the right to withdraw consent. Email info@magiccoils.net to exercise these rights.

10. Children's Privacy (COPPA)

The Site and our products are intended for adults. We do not knowingly collect personal information from children under the age of 13. If you are under 13, please do not use the Site or submit any personal information. If you are a parent or guardian who believes your child has provided us with personal information, email info@magiccoils.net and we will delete it promptly.

11. Third-Party Links

The Site may contain links to other websites (for example, our Instagram, TikTok, Pinterest, stylist directory listings, blog posts that link to external sources). We are not responsible for the privacy practices or content of those websites. We encourage you to read their privacy policies before sharing any information with them.

12. Changes to this Policy

We may update this Privacy Policy from time to time as our practices, technologies, and laws evolve. The "Last Updated" date at the top of this page will reflect when changes were made. If we make material changes, we will notify you by email (if we have your email address) or by a prominent notice on the Site at least 14 days before the changes take effect.

13. Contact Us

Questions about this Privacy Policy or about how we handle your information?

Email: info@magiccoils.net Phone: (843) 344-7131 (Monday–Friday, 9 AM – 5 PM Eastern) Mail: Hair For You LLC, Privacy Inquiry, [add mailing address before publishing]

For Privacy Requests (Section 9), please use the subject line "Privacy Request" so we route your inquiry correctly.

"Crowned in Magic." A luxurious professional haircare brand. Hair For You LLC dba Magic Coils.