Política de privacidad

Privacy Policy

Last updated: April 15, 2026

This Privacy Policy explains how your personal information is collected, used, stored, and shared when you visit or make a purchase from Shadow Velora. Please read it carefully before using our website.

This website is operated by:

Ruby Rise Ltd
Dept 5394, 196 High Road
Wood Green, London
United Kingdom, N22 8HH
Email: shadowvelora@gmail.com

Ruby Rise Ltd is the data controller responsible for your personal data. We are subject to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Information We Collect

1.1 Device & Navigation Information

When you visit our website, we automatically collect technical information about your device and browsing behaviour, including:

  • IP address and approximate location (country/region level)
  • browser type and version
  • operating system and device type
  • time zone setting
  • pages viewed, time spent on pages, and navigation path
  • referring website or search terms used to find our website
  • cookies and similar tracking technologies

This data is collected automatically using cookies, pixels, and similar tracking technologies.

1.2 Order & Account Information

When you place an order, we collect the following personal data:

  • full name
  • billing and shipping address
  • email address
  • phone number
  • payment information (processed securely by our payment provider — we do not store full card details)
  • order history and purchase details

1.3 Communications

If you contact us by email or through our contact form, we collect the content of your message and any personal data you voluntarily provide.

2. Legal Basis for Processing (UK GDPR)

Under UK GDPR, we are required to identify a lawful basis for processing your personal data. We rely on the following:

  • Contract performance — to process and fulfil your order, arrange delivery, and handle any related communications.
  • Legal obligation — to comply with applicable laws, including tax, accounting, and fraud prevention requirements.
  • Legitimate interests — to improve our website, analyse traffic, prevent fraud, and conduct marketing activities, where these interests are not overridden by your rights.
  • Consent — where we have obtained your explicit consent, such as for marketing emails. You may withdraw consent at any time.

3. How We Use Your Information

We use your personal data for the following purposes:

  • to process, fulfil, and ship your orders
  • to send order confirmations, shipping updates, and invoices
  • to respond to customer service enquiries
  • to detect, investigate, and prevent fraudulent transactions
  • to comply with legal and regulatory obligations
  • to analyse website performance and improve the customer experience
  • to deliver targeted advertising on platforms such as Pinterest (see Section 4)

4. Advertising & Tracking Technologies

We use third-party advertising and analytics tools to understand how visitors interact with our website and to display relevant advertisements. These tools may include:

  • Pinterest Tag — we use the Pinterest conversion tag to measure the effectiveness of our advertising campaigns and to show our ads to users who have previously visited our website. Pinterest may use this data in accordance with its own privacy policy.
  • Google Analytics — for website traffic analysis and performance reporting.
  • Shopify Analytics — for store performance and sales data.

These technologies use cookies and pixel tracking. You can opt out of interest-based advertising by visiting your Pinterest ad settings or using the Network Advertising Initiative opt-out tool.

5. Cookies

Our website uses cookies to improve functionality and personalise your experience. Cookies may be:

  • Essential cookies — required for the website to function (e.g. shopping cart, checkout).
  • Analytics cookies — help us understand how visitors use our website.
  • Marketing cookies — used to deliver relevant advertisements.

You may manage or disable cookies through your browser settings. Please note that disabling certain cookies may affect website functionality. A cookie consent banner is displayed on your first visit in accordance with UK law.

6. Sharing Your Personal Data

We share your personal data only with third parties where strictly necessary to operate our business. These parties are bound by data processing agreements and are not permitted to use your data for their own purposes.

Recipients may include:

  • Shopify Inc. — our e-commerce platform provider (data may be processed in the United States under Standard Contractual Clauses)
  • Payment processors — including Shopify Payments and Stripe, for secure transaction processing
  • Shipping carriers and logistics partners — to deliver your order (including international partners where applicable)
  • Supply and fulfilment partners — who may be located in China or other countries, solely for order fulfilment purposes
  • Fraud prevention services — to protect customers and our business
  • Advertising platforms — including Pinterest, for targeted marketing (see Section 4)

We do not sell your personal data to any third party.

We may disclose your information if required by law, regulation, court order, or to protect the rights, property, or safety of Ruby Rise Ltd, its customers, or others.

7. International Data Transfers

As a UK-based company with an international supply chain, your personal data may be transferred to and processed in countries outside the United Kingdom, including the United States, the European Economic Area, and China.

Where data is transferred outside the UK, we ensure appropriate safeguards are in place, including Standard Contractual Clauses or adequacy decisions recognised under UK GDPR.

8. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes set out in this policy, or as required by law:

  • Order records are retained for a minimum of 6 years in accordance with UK tax and accounting obligations.
  • Customer support communications are retained for 2 years from the date of last contact.
  • Marketing data is retained until you withdraw your consent or unsubscribe.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. These include encrypted data transmission (SSL/TLS), secure hosting environments, and restricted access to personal data.

However, no method of electronic transmission or storage is entirely secure. We cannot guarantee absolute security, and you provide your personal data at your own risk.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office (ICO) and, where required, affected individuals, in accordance with our legal obligations.

10. Your Rights Under UK GDPR

As a UK resident, you have the following rights regarding your personal data:

  • Right of access — to request a copy of the personal data we hold about you.
  • Right to rectification — to request correction of inaccurate or incomplete data.
  • Right to erasure — to request deletion of your personal data, subject to legal obligations.
  • Right to restriction — to request that we limit how we use your data in certain circumstances.
  • Right to data portability — to receive your data in a structured, machine-readable format.
  • Right to object — to object to processing based on legitimate interests, including direct marketing.
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting prior processing.

To exercise any of these rights, please contact us at shadowvelora@gmail.com. We will respond within 30 days of receiving your request.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Website: ico.org.uk
Helpline: 0303 123 1113

11. EEA Residents

If you are located in the European Economic Area, you are also protected under the EU General Data Protection Regulation (EU GDPR). The rights described in Section 10 apply to you equally. You may also lodge a complaint with your local supervisory authority.

12. Children's Privacy

Our website is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately at shadowvelora@gmail.com and we will delete it promptly.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. The updated version will be published on this page with a revised "Last updated" date. Continued use of our website following any update constitutes acceptance of the revised policy.

14. Contact & Data Controller

For any questions, requests, or concerns regarding this Privacy Policy or our data practices, please contact:

Ruby Rise Ltd — Data Controller
Dept 5394, 196 High Road, Wood Green
London, United Kingdom, N22 8HH
Email: contact@shadowvelora.com
Response time: within 30 days (as required by UK GDPR)