Privacy Policy

This Privacy Policy outlines how personal information is obtained, processed, disclosed, and protected when you access https://valanoria.com/ (the “Site”), complete a purchase, or otherwise use our services (the “Services”).

1. Personal Information We Collect
When you submit an order through the Site, we collect the personal information you provide, which may include your full name, billing and delivery address, email address, and telephone number. While you navigate the Site, certain technical data is collected automatically, such as your IP address, browser details, and operating system. Where permitted and with your consent, we may also collect your email address to send communications relating to products, updates, or promotional content.

2. Consent
By supplying personal information to complete a transaction such as placing an order, validating payment information, coordinating shipment, or requesting a return you authorize us to collect and use that information strictly for that purpose. If your information is requested for an additional purpose, including marketing communications, your explicit consent will be obtained or a clear opt-out option will be provided.

Withdrawing Consent:
You can revoke your consent at any time by contacting us via the Contact Us page.

3. Disclosure of Information
Personal information may be disclosed where required to comply with applicable laws or regulations, or if you violate our Terms of Service.

4. E-Commerce Platform (Shopify)
Our online store operates on Shopify’s e-commerce platform, which enables us to offer products and services. Your data may be stored within Shopify’s systems, databases, and applications, which are protected by security measures such as firewalls.

Payments:
When you choose a direct payment option, Shopify processes payment information in accordance with PCI-DSS requirements. Transaction-related data is stored only for the time necessary to complete the transaction and is subsequently removed.

Further information is available in Shopify’s official documentation:

• Shopify Privacy Policy
• Shopify Terms of Service
• Shopify Cookie Policy

5. Third-Party Providers
We may provide personal information to third-party service providers, including payment processors, fraud detection services, and shipping partners, solely as required for them to carry out services on our behalf. These third parties are subject to their own privacy policies, which we recommend reviewing.

Some providers may operate outside your country of residence. As a result, personal information involved in such transactions may be governed by the laws of other jurisdictions. This Privacy Policy does not apply once you leave the Site or are redirected to a third-party service.

6. Cookies and Usage Data
Cookies and similar technologies are used to maintain Site functionality, store user preferences, and evaluate traffic and usage trends. Certain cookies may be deployed by third parties to support analytics or advertising activities.

Managing Cookies:
Most browsers accept cookies by default; however, you may adjust your browser settings to block or delete them. Disabling cookies may limit certain Site features. Cookie preferences may also be managed through the cookie banner presented upon visiting the Site.

7. Data Security
We employ appropriate technical and organizational safeguards to protect personal data from unauthorized access, alteration, loss, or misuse. Payment data is encrypted during transmission using secure protocols such as SSL/TLS. While no security system is infallible, we adhere to PCI-DSS standards and recognized industry practices.

8. Legal Basis for Processing (UK GDPR)
Personal data is processed under one or more lawful bases, including contractual necessity, legitimate business interests, your consent, and compliance with applicable legal obligations.

9. Your Data Protection Rights (UK)
Subject to applicable law, you may have the right to request access to your personal data, request corrections or deletion, restrict or object to processing, and request data portability. Where processing is based on consent, that consent may be withdrawn at any time. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO).

10. Data Retention
Personal information is retained only for as long as necessary to deliver the Services, comply with legal and financial obligations, resolve disputes, and enforce contractual rights. Retention periods vary depending on the nature and purpose of the information.

11. International Transfers
Where personal data is transferred outside the United Kingdom, appropriate safeguards—such as standard contractual clauses or equivalent protections are implemented in accordance with UK GDPR requirements.

12. Children’s Data
The Services are not directed to individuals under the age of 16, and we do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us so corrective action can be taken.

13. Policy Updates
This Privacy Policy may be amended from time to time to reflect operational, legal, or regulatory changes. Revisions become effective upon publication on the Site, and significant changes will be clearly indicated.