Legal

Privacy Policy

Last updated: [PLACEHOLDER – insert publication date]

This Privacy Policy explains how Vioroni collects, uses, shares and protects your personal data when you visit our website, place an order, or contact us. We are committed to handling your data lawfully, fairly and transparently in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are (data controller)

Vioroni is the "data controller" responsible for your personal data.

  • Legal entity: [PLACEHOLDER – registered company legal name]
  • Registered address: [PLACEHOLDER – registered UK office address]
  • Company registration number: [PLACEHOLDER]
  • ICO registration number: [PLACEHOLDER]
  • Privacy contact: help@vioroni.com

2. The data we collect

Depending on how you interact with us, we may collect:

  • Order & account data: your name, billing and delivery address, email address, phone number, and order history.
  • Payment data: we do not store full card numbers. Payments are processed by our payment providers, who share limited confirmation data and tokens with us so we can fulfil and manage your order.
  • Contact data: information you provide when you email us or use a contact form.
  • Marketing data: your preferences for receiving marketing and your consent status.
  • Technical & usage data: IP address, device and browser type, pages viewed, and how you use the site, collected via cookies and similar technologies (see our Cookie Policy).

3. How and why we use your data (and our lawful bases)

Purpose Lawful basis under UK GDPR
Processing and delivering your orders, taking payment, and providing customer service Performance of a contract with you
Handling returns, refunds and warranty/consumer-rights claims Contract; and compliance with a legal obligation
Keeping records for tax, accounting and legal compliance Legal obligation
Preventing fraud, securing our site, and improving our products and service Our legitimate interests (running a safe, effective business), balanced against your rights
Sending marketing emails about products and offers Consent (which you can withdraw at any time), or legitimate interests where permitted for existing customers
Using non-essential cookies and analytics Consent

4. Cookies

We use cookies and similar technologies to run the site, remember your basket, understand usage, and (with your consent) support marketing. For full details and how to manage your choices, see our Cookie Policy.

5. Who we share your data with

We share personal data only with trusted service providers ("processors") who help us run our business, and only as far as needed. These include:

  • Shopify — our e-commerce and hosting platform;
  • Payment providers — e.g. Shop Pay, Apple Pay, Google Pay, card processors, and Klarna [PLACEHOLDER – confirm exact list];
  • Delivery carriers — to deliver your order [PLACEHOLDER – name carrier(s)];
  • Email & marketing tools — to send order and (where consented) marketing communications [PLACEHOLDER – name provider(s)];
  • Analytics providers — to understand site usage [PLACEHOLDER – name provider(s)].

We may also disclose data where required by law, to enforce our terms, or to protect our rights, property or safety. We do not sell your personal data.

6. International transfers

Some of our providers may process data outside the UK. Where they do, we ensure appropriate safeguards are in place — such as the UK's adequacy regulations, the International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses — so your data receives an equivalent level of protection. [PLACEHOLDER – confirm specific transfer mechanisms once providers are finalised.]

7. How long we keep your data

We keep personal data only for as long as necessary for the purposes above. Order and transaction records are typically retained for at least 6 years to meet UK tax and accounting requirements. Marketing data is kept until you unsubscribe or withdraw consent. [PLACEHOLDER – confirm full retention schedule.]

8. Your rights under UK GDPR

You have the right to:

  • Access — request a copy of the personal data we hold about you;
  • Rectification — have inaccurate or incomplete data corrected;
  • Erasure — ask us to delete your data where there's no ongoing lawful reason to keep it;
  • Restriction — ask us to limit how we use your data;
  • Portability — receive certain data in a portable format, or have it transferred to another controller;
  • Object — object to processing based on legitimate interests, and to direct marketing at any time;
  • Withdraw consent — where we rely on consent, withdraw it at any time (this doesn't affect processing already carried out).

To exercise any of these rights, email help@vioroni.com. We'll respond within one month. We won't charge a fee in most cases, and we may need to verify your identity first.

9. Marketing choices

You can opt out of marketing at any time by clicking "unsubscribe" in any marketing email or by emailing help@vioroni.com. You'll still receive essential service messages about your orders.

10. Complaints

If you have a concern about how we handle your data, please contact us first at help@vioroni.com so we can put it right. You also have the right to complain to the UK regulator, the Information Commissioner's Office (ICO), at ico.org.uk or on 0303 123 1113.

11. Security

We use appropriate technical and organisational measures to protect your data, including encryption in transit (HTTPS), access controls, and working with providers (such as Shopify) who maintain strong security and PCI-DSS-compliant payment handling. No method of transmission over the internet is completely secure, but we take reasonable steps to keep your data safe.

12. Children

Our site and products are intended for adults. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with data, contact us and we'll delete it.

13. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date shows when it last changed. Significant changes will be highlighted on this page.

14. Contact us