Privacy Policy

What we collect

• Identity & contact data (name, email, phone, address)

• Order & payment data (via Stripe; we do not store full card numbers)

• Device & usage data (cookies/analytics)

• Communications (support messages, reviews)

Why we use it (lawful bases)

• Perform a contract (process & deliver your orders)

• Legitimate interests (improve our site, prevent fraud, marketing to customers)

• Consent (optional marketing emails, non-essential cookies)

• Legal obligations (tax, accounting)

Sharing
We share data with service providers (e.g., Shopify, Stripe, carriers, email service). They process data on our behalf under contracts.

International transfers
If data is transferred outside the EEA, we use appropriate safeguards (e.g., Standard Contractual Clauses).

Retention
Order records: up to 10 years (tax). Marketing data: until you unsubscribe or request deletion.

Your rights (EU/EEA)
Access, rectification, erasure, restriction, portability, objection. To exercise, email [privacy@yourdomain.com]. You can also complain to your local supervisory authority.

Marketing
You can opt-out anytime via the unsubscribe link or by contacting us.

Cookies
See our Cookie Policy for details and choices.

Security
We use HTTPS, access controls, encryption in transit, and monitor for fraud. Payment data is processed by Stripe (PCI DSS).