Privacy Policy

Privacy Policy for Velmor

Effective Date: [Insert Date]

Velmor, accessible via www.velmor-store.com (referred to as “Website”), is committed to protecting your privacy and ensuring that your personal data is handled in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679. This Privacy Policy outlines how we collect, use, share, and secure your personal data, as well as your rights under GDPR.

1. Who We Are

Velmor specializes in the sale of decanters, glasses, and cigar accessories. This Privacy Policy applies to all personal data collected via the Website and related services.

2. Definitions

  • Personal Data: Any information that relates to an identified or identifiable individual.
  • Processing: Any operation or set of operations performed on personal data (e.g., collection, storage, use, sharing).
  • Data Controller: The entity (Velmor) responsible for determining the purposes and means of processing your personal data.

3. Personal Data We Collect

We may collect the following categories of personal data:

  • Identity Information: First and last name, email address, contact details, billing and shipping addresses.
  • Transaction Information: Details of purchases made, including payment details (e.g., credit card number), order history, and invoices.
  • Technical Information: IP address, browser type, device type, operating system, browsing behavior, and other similar data collected through cookies (see section on Cookies).
  • Communication Data: Any correspondence or inquiries made through our contact forms, email, or support services.

4. How We Collect Your Data

We collect personal data directly from you through:

  • Account Creation: When you register or create an account on the Website.
  • Purchases: When you place orders for products or services.
  • Communications: When you contact us via email or through the Website.
  • Cookies: When you browse our Website (see section on Cookies for more details).

5. Legal Basis for Data Processing

Under the GDPR, we must have a lawful basis for processing your personal data. We rely on the following legal grounds:

  • Consent: Where you have explicitly given us permission (e.g., signing up for our newsletter).
  • Contractual Necessity: Processing necessary to fulfill your order or provide a service (e.g., shipping a product).
  • Legal Obligations: Compliance with legal or regulatory requirements (e.g., tax and accounting laws).
  • Legitimate Interests: Processing based on our legitimate business interests, provided these interests do not override your privacy rights (e.g., improving our website and marketing our products).

6. How We Use Your Data

We use your personal data for the following purposes:

  • To Provide Services and Fulfill Orders: Including order processing, payment handling, shipping, and delivery of products.
  • Customer Support: To manage customer queries, complaints, and returns.
  • Marketing and Communications: To send newsletters and promotional offers, where you have consented to receive such communications. You can opt out at any time.
  • Website Optimization: To analyze website performance and user experience through cookies and tracking technologies.
  • Legal and Regulatory Compliance: To comply with applicable laws, regulations, and court orders.

7. Data Sharing and Disclosure

We do not sell or rent your personal data to third parties. However, we may share your data in the following circumstances:

  • Service Providers: We use trusted third-party service providers to perform various business functions, such as payment processing, shipping, website hosting, and customer support. These providers are contractually obligated to protect your data and only process it as instructed by us.
  • Compliance with Laws: We may disclose your personal data to comply with legal obligations, such as responding to lawful requests from authorities or enforcing our legal rights.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the business transaction. We will notify you before your personal data becomes subject to a different privacy policy.

8. International Data Transfers

If your personal data is transferred to service providers or partners located outside of the European Economic Area (EEA), we will ensure that appropriate safeguards, such as standard contractual clauses, are in place to protect your data.

9. How We Secure Your Data

We take the security of your personal data seriously and have implemented appropriate technical and organizational measures to protect it from unauthorized access, disclosure, alteration, or destruction. These measures include:

  • Encryption: Sensitive data (such as payment information) is encrypted using Secure Socket Layer (SSL) technology.
  • Access Control: Only authorized personnel have access to your personal data.
  • Data Minimization: We only collect data that is necessary for the purposes outlined in this Privacy Policy.
  • Data Retention: We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations.

10. Data Retention Periods

We will retain your personal data for the following durations:

  • Order Information: Retained for 7 years to comply with legal obligations, such as tax reporting.
  • Marketing Data: Retained until you withdraw your consent (opt-out) or the data is no longer needed for marketing purposes.
  • Technical Data: Retained for a period consistent with the lifespan of cookies (see section on Cookies).

11. Your Data Protection Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request that we correct any inaccuracies in your personal data.
  • Right to Erasure: You can request that we delete your personal data, subject to legal or contractual obligations.
  • Right to Restrict Processing: You can ask us to limit how we process your personal data in certain circumstances.
  • Right to Data Portability: You can request that your personal data be transferred to another data controller in a structured, commonly used format.
  • Right to Object: You can object to the processing of your personal data based on our legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: If we rely on your consent to process your personal data, you can withdraw your consent at any time.

To exercise any of these rights, please contact us at velmorcorp@gmail.com. We may need to verify your identity before processing your request.

12. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our Website. Cookies are small data files that are placed on your device when you visit our Website. We use the following types of cookies:

  • Essential Cookies: Necessary for the functioning of the Website (e.g., shopping cart functionality).
  • Analytics Cookies: To understand how visitors interact with the Website (e.g., Google Analytics).
  • Marketing Cookies: To provide targeted advertising and promotions based on your browsing behavior.

You can manage or disable cookies through your browser settings. However, some essential features of the Website may not function properly without cookies.

13. Complaints

If you believe that your rights under GDPR have been violated, you have the right to lodge a complaint with a supervisory authority in your country of residence.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or by posting a notice on our Website. Please review this page periodically to stay informed about how we are protecting your personal data.

15. Contact Us

If you have any questions or concerns about this Privacy Policy, or if you would like to exercise your rights, please contact us at:

This Privacy Policy is designed to maintain transparency, protect user privacy, and ensure compliance with GDPR. It covers data collection, storage, usage, sharing, security measures, and users’ rights.