Privacy policy

Skull Hearts Privacy Policy
Last Updated: December 14, 2024

At Skull Hearts (hereinafter referred to as the "Site," "we," or "our"), we value and respect your privacy. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information when you visit our website, use our services, make purchases, communicate with us, or interact with our content (collectively referred to as the “Services”). By using the Services, you agree to the practices described in this Policy.

1. Changes to the Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or regulations. We will post the revised version on the Site, indicating the date of the latest update. We recommend reviewing it frequently.

2. Personal Information We Collect

Personal information is any data that can directly or indirectly identify you. The types of information we collect depend on your interaction with the Site:

Information you provide directly:

• Contact details: Name, address, phone number, email.
• Order information: Billing and shipping address, payment data (securely managed by external processors), and purchase history.
• Account information (if created): Username, password, security questions, and other necessary account data.
• Customer service interactions: Inquiries, suggestions, complaints, or other information you choose to provide.
• User-generated content: Product reviews, comments, or other public contributions on the Site.

Information we collect automatically (Usage Data):
We may use cookies, pixels, or other tracking technologies to gather information about how you access and use the Site. This may include your IP address, browser type, language, time zones, pages visited, links clicked, and other browsing data. These details help us enhance performance, security, personalization, and usage analysis of the Site.

Information obtained from third parties:
We may receive data from third parties assisting us in providing services, such as Shopify (for e-commerce management), payment processors, or analytics providers. Any data obtained from third parties will be treated in accordance with this Policy.

3. Legal Bases for Processing

In accordance with Regulation (EU) 2016/679 (GDPR), we process your personal information based on:

• Contractual necessity: To process your orders, handle payments, manage shipping, or handle returns.
• Legal obligations: To comply with applicable billing, accounting, consumer protection, or other legal requirements.
• Legitimate interests: To improve our services, ensure Site security, prevent fraud, respond to inquiries, and send you commercial communications when appropriate.
• Consent: Where required by law, we will obtain your explicit consent before processing your information for direct marketing purposes or using non-essential cookies. You may withdraw your consent at any time.

4. Use of Your Personal Information

We use your personal information to:

• Provide the Services and fulfill your purchase contract (manage orders, payments, shipping, returns, or exchanges).
• Communicate with you about your order status, customer support, and account-related matters.
• Improve the Site, user experience, functionality, and quality of our products and services.
• Conduct internal analysis, marketing, and show personalized advertising (when legally permitted and aligned with your preferences).
• Ensure security, detect, and prevent fraud or illegal activities.

5. Cookies and Similar Technologies

We use cookies and tracking tools to enhance Site functionality, personalization, and analysis. For more information about Shopify cookies and others used, visit Shopify Cookies. You can configure your browser to reject or delete cookies, but this may affect your experience on the Site.

6. Disclosure of Your Personal Information

We may share your personal information with:

• External service providers: Payment processors, logistics, hosting, customer support, and data analytics, always under contract and with confidentiality obligations.
• Business and marketing partners: To display relevant ads on other websites or send commercial communications, where appropriate.
• Affiliates or within a business group: For internal administrative and management purposes.
• Legal compliance: When required by law, to respond to authorities, exercise or defend our rights, or prevent illegal activities.
• Corporate transactions: In the event of a merger, acquisition, or asset sale, your personal information may be transferred to a third party.

We do not knowingly sell or share personal information of minors under 16 years of age or process sensitive personal information without your consent.

7. Third-Party Websites and Links

Our Site may contain links to third-party websites. By clicking on them, you leave our domain. We recommend reviewing the privacy policies of those websites, as we are not responsible for their content or practices.

8. Protection of Minors’ Data

We do not direct our Services to children or knowingly collect personal data from minors. If you believe we have received personal data from a minor without proper consent, contact us to request its deletion.

9. Data Security and Retention

We apply appropriate technical and organizational measures to protect your information from unauthorized access, alteration, disclosure, or destruction. However, no Internet transmission is completely secure. We will retain your data only as long as necessary to fulfill the purposes described or as required by law.

10. Your Rights

Depending on your location and applicable regulations, you may have the right to:

• Access your personal data.
• Request its rectification or deletion.
• Object to processing or request its restriction.
• Request data portability.
• Withdraw consent at any time, when processing is based on consent.
• Opt-out of receiving commercial communications.
• File a complaint with the relevant data protection authority, such as Spain's Data Protection Agency (AEPD).

To exercise these rights, write to us at skullheartsclothes@gmail.com. We may request additional information to verify your identity.

11. International Data Transfers

If we transfer your personal information outside the European Economic Area, we will ensure adequate safeguards, such as European Commission-approved Standard Contractual Clauses or equivalent legal protections.

12. Contact

If you have questions about this Privacy Policy or wish to exercise your rights, you can contact us at:

• Email: skullheartsclothes@gmail.com
• Postal Address: Calle Cuenca 19, Portal 5, Piso 4 A, 28914, Leganés, Madrid, Spain.

For GDPR and other applicable data protection laws, Skull Hearts is the data controller of your personal information.

By using our Services, you confirm that you have read and understood this Privacy Policy and consent to the processing of your personal data as described.