Privacy Policy

Last updated: 16 March 2025

1. Controller and contact details

The data controller responsible for your personal data in connection with this website is:

Wyxranoroidhunul
33 Curzon St, London W1J 7TR, United Kingdom
Email: touch@wyxranoroidhunul.world
Phone: +44 20 7629 7999
Website: https://wyxranoroidhunul.world

If you have questions about this Privacy Policy or about how we process your personal data, you may contact us using the details above.

2. Scope and legal basis

This Privacy Policy describes how we collect, use, store and protect your personal data when you use our website https://wyxranoroidhunul.world (the "Website") and related services. It applies to visitors, customers and anyone who contacts us via the Website.

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018), as well as other applicable UK and, where relevant, international data protection laws. Where we refer to "personal data", we mean any information relating to an identified or identifiable natural person.

3. Personal data we collect

We may collect and process the following categories of personal data:

3.1 Data you provide to us

• Contact and identification data: name, email address, telephone number (if you provide it), and postal address when you place an order or contact us.
• Communication data: content of messages, enquiries or correspondence you send to us via the contact form, email or other channels.
• Order and transaction data: details of orders, delivery address, payment-related information (we do not store full card numbers; payment processing may be handled by third-party payment providers who have their own privacy policies).
• Consent and preferences: your consent to our Terms of Service, Privacy Policy, marketing communications (if applicable) and cookie preferences.

3.2 Data collected automatically

• Technical and usage data: IP address, browser type and version, device type, operating system, referring URLs, pages visited, date and time of access, and similar technical data. This may be collected via cookies and similar technologies as described in our Cookie Policy.

We do not collect special category data (e.g. health, race, religion) unless you voluntarily provide it in a message and we have a lawful basis to process it.

4. Purposes and legal bases for processing

We process your personal data only where we have a lawful basis. The main purposes and corresponding legal bases are:

• Performance of a contract: to process and fulfil your orders, deliver products, manage returns and provide customer support. Legal basis: contract performance (Article 6(1)(b) UK GDPR).
• Legitimate interests: to operate and improve our Website, prevent fraud, ensure security, analyse usage and troubleshoot technical issues. Legal basis: legitimate interests (Article 6(1)(f) UK GDPR), where our interests are not overridden by your rights.
• Consent: where we rely on consent (e.g. for non-essential cookies, marketing communications), you may withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. Legal basis: consent (Article 6(1)(a) UK GDPR).
• Legal obligation: to comply with applicable laws (e.g. tax, consumer, regulatory). Legal basis: legal obligation (Article 6(1)(c) UK GDPR).

5. How we use your data

We use the personal data we collect to:

• Process orders, arrange delivery and communicate with you about your order.
• Respond to your enquiries and provide customer support.
• Send order confirmations, shipping updates and, where you have agreed, marketing communications.
• Improve our Website, products and services, and understand how visitors use our site (including via analytics, where permitted by cookie consent).
• Detect and prevent fraud, abuse and security incidents.
• Comply with legal and regulatory requirements and defend our legal rights.

6. Data retention

We keep your personal data only for as long as necessary for the purposes for which it was collected and to comply with legal obligations.

• Order and customer data: typically retained for up to 6 years after the last transaction or contact for accounting, tax and legal purposes, unless a longer period is required by law.
• Contact form and correspondence: retained for the time needed to resolve your enquiry and for a reasonable period thereafter (e.g. up to 3 years) for follow-up and legal purposes.
• Marketing and consent records: retained until you withdraw consent or object, and for a short period thereafter to record your preference.
• Technical and access logs: typically retained for a limited period (e.g. up to 12 months) unless needed for security or legal purposes.
• Cookie-related data: as set out in our Cookie Policy.

After the retention period, we securely delete or anonymise your data so it can no longer identify you.

7. Data sharing and recipients

We may share your personal data with:

• Service providers: e.g. hosting, payment processing, delivery and logistics, email delivery, analytics (where consent is given), and IT support. Such providers act as processors on our instructions and are contractually bound to protect your data and use it only for the agreed purposes.
• Professional advisers: lawyers, accountants or auditors where necessary for legal or regulatory purposes.
• Public authorities: where required by law (e.g. tax authorities, law enforcement, courts).

We do not sell your personal data. If we transfer data outside the United Kingdom, we ensure appropriate safeguards (e.g. UK adequacy decisions, standard contractual clauses) in line with UK data protection law.

8. Security measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, loss or destruction. These include:

• Use of HTTPS and encryption for data in transit where applicable.
• Access controls and restrictions so that only authorised personnel can access personal data where necessary.
• Secure storage and handling of data, with regular review of our security practices.
• Contractual and procedural safeguards with any third-party processors.

While we strive to protect your data, no method of transmission or storage over the internet is completely secure. We encourage you to use strong passwords and to contact us immediately if you suspect any unauthorised use of your data.

9. Your rights under UK GDPR

Under the UK GDPR and DPA 2018, you have the following rights in relation to your personal data:

• Right of access (Article 15): you may request a copy of the personal data we hold about you.
• Right to rectification (Article 16): you may request correction of inaccurate or incomplete data.
• Right to erasure (Article 17): you may request deletion of your data in certain circumstances (e.g. where it is no longer necessary, or you withdraw consent where consent was the basis).
• Right to restrict processing (Article 18): you may request that we limit how we use your data in certain situations.
• Right to data portability (Article 20): where processing is based on contract or consent and is carried out by automated means, you may request to receive your data in a structured, commonly used format or to have it transmitted to another controller.
• Right to object (Article 21): you may object to processing based on legitimate interests or to processing for direct marketing at any time.
• Rights related to automated decision-making: we do not currently make decisions based solely on automated processing that significantly affect you; if we did, you would have the right to obtain human intervention and to contest the decision.

To exercise any of these rights, please contact us using the details in section 1. We will respond within one month. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) in the United Kingdom: https://ico.org.uk.

10. Children

Our Website and services are not directed at individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will take steps to delete it.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the law or the Website. The "Last updated" date at the top will be revised when changes are made. We encourage you to review this page periodically. Where changes are material, we may notify you by email or by a notice on the Website.

12. Further information

For more information about cookies and similar technologies, please see our Cookie Policy. For the terms governing use of our Website and services, see our Terms of Service.