Privacy Policy
1. Data Protection, Controller and Data Privacy Officer
We would like to inform you about how we collect and process personal data when you use our online store. Personal data is any data which relates to you personally, such as your name, address, email addresses, phone number, and user behavior. This policy applies to all interactions with our website and related services, including the mobile version and application.
You can contact our data privacy officer using the email address privacy@ecom.local or our postal address, with the addition of 'The Data Privacy Officer'.
2. Purposes of Data Processing
We process personal data to fulfill and track orders, provide customer support and handle inquiries, send notifications about order status and delivery, improve website functionality and personalize the user experience, conduct traffic and behavior analytics, ensure security and prevent fraudulent activity, as well as to fulfill our legal obligations in accordance with applicable legislation.
3. Data We Collect
When you use our website and place orders, we may collect the following categories of data: first and last name, email address, phone number, delivery and billing address, order and payment history, website usage data (pages viewed, visit duration, referral source), IP address and device data, size preferences and wishlisted products, and any information you voluntarily provide when contacting our support team.
4. Legal Basis
Data processing is carried out on the basis of your explicit consent (in accordance with applicable personal data protection legislation), for the purpose of fulfilling a purchase agreement or taking steps at your request prior to entering into an agreement, and to comply with our legal obligations. Where processing is based on consent, you have the right to withdraw it at any time, which does not affect the lawfulness of processing carried out prior to withdrawal.
5. Storage and Security
Personal data is stored on secure servers located in compliance with data localization requirements. We implement a comprehensive set of technical and organizational security measures: data encryption during transmission (TLS/SSL) and at rest, multi-level access control with employee authentication, regular backups and recovery system testing, and monitoring for suspicious activity and intrusion detection systems. Data is retained only for the period necessary to achieve the stated processing purposes, after which it is permanently deleted.
6. Third-Party Transfers
We may transfer your data to third parties solely in the following cases: to delivery services — for order fulfillment and tracking (name, address, phone), to payment processors — for processing and confirming payments (payment data is transmitted directly to the processor; we do not store bank card details), and to analytics services — for website improvement (anonymized data). We do not sell, rent, or transfer your personal data to third parties for marketing purposes without your explicit consent. All our partners are required to maintain a level of data protection no lower than that established by this policy.
7. Cookies
Our website uses cookies and similar technologies to ensure proper functionality, analyze traffic, and personalize content. We use the following types of cookies: strictly necessary — ensuring basic site functionality (authentication, cart, language settings), analytics — helping us understand how visitors use the site to improve its performance, and marketing — used to display relevant advertising and evaluate ad campaign effectiveness. You can manage cookie settings through your browser preferences or via the consent management banner on our site. Disabling strictly necessary cookies may affect the functionality of certain site features.
8. Your Rights
In accordance with applicable data protection legislation, you have the following rights: the right of access — to obtain information about what data we process and for what purposes; the right to rectification — to request the update or correction of inaccurate data; the right to erasure — to request the deletion of your personal data when there are no lawful grounds for continued processing; the right to restriction of processing — to request the suspension of data processing in certain circumstances; and the right to withdraw consent — to withdraw previously given consent to data processing at any time. To exercise any of these rights, please send a request to privacy@ecom.local. We will review your inquiry within 30 calendar days.
9. Contact Information
For all matters related to the processing and protection of personal data, you may contact the Data Privacy Officer at privacy@ecom.local or at our postal address marked 'Data Privacy Officer'. We strive to respond to all inquiries as promptly as possible, but no later than 30 calendar days from the date of receipt. If you believe your rights have been violated, you are entitled to file a complaint with the relevant supervisory authority for the protection of personal data.