GDPR

1. Data Controller

The data controller responsible for your personal data is:

Business Name (Legal Entity): florélian
Trading Name: Skin Theory
Registered Trade Name: florélian

Physical Address Blankvoornstraat 70
3192 BZ Hoogvliet Rotterdam

Email: infohelp@skintheory.com.mx
Phone: +31 6 2300 8253

VAT Number: NL004804151B76
Chamber of Commerce (KVK) Number: 90271351

2. Personal Data We Collect

We collect the following types of personal information:

a. Information You Provide

Name
Billing address
Shipping address
Email address
Phone number
Payment information (handled securely by third-party processors)
Order details
Messages you send to customer support

b. Information Collected Automatically

When you browse our website, we automatically collect:

IP address
Device information
Browser type
Cookies and tracking technologies
Pages visited
Time spent on pages
Website interaction data

3. How We Use Your Personal Data

We use your data for the following purposes:

Processing and shipping your orders
Managing your customer account
Providing customer support
Fraud prevention and security
Payment verification
Sending important service updates
Improving website performance
Complying with legal obligations (tax, accounting, etc.)

We do not sell your data to third parties.

4. Legal Basis for Processing (GDPR)

Under GDPR, we process your data based on:

Contract necessity: to process and deliver your order
Legal obligations: tax, accounting, fraud prevention
Legitimate interest: website improvement, fraud prevention
Consent: marketing emails, cookies, analytics

5. Sharing Your Data

We may share your data with:

Payment processors (Shopify Payments, PayPal, etc.)
Shipping carriers
Customer support providers
Fraud prevention tools
IT and hosting services
Analytics platforms (e.g., Google Analytics)

All third-party partners comply with GDPR and only process data as necessary.

6. Cookies & Tracking Technologies

We use cookies for:

Website functionality
Shopping cart operation
Analytics
Personalization
Advertising (Google, Meta, etc.)

You can manage or disable cookies through your browser settings.

7. Data Retention

We retain your data only as long as needed for:

Fulfilling your orders
Legal and tax requirements
Resolving disputes
Maintaining business records (typically 5–7 years in the EU)

8. Your GDPR Rights

You have the right to:

Access your personal data
Correct inaccurate data
Delete your data ("right to be forgotten")
Restrict processing
Object to data processing
Withdraw consent at any time
Request a copy of your data (data portability)

To exercise your rights, contact us at: infohelp@skintheory.com.mx

9. Data Security

We take all reasonable measures to protect your data:

Encrypted SSL connections
Secure payment gateways
Access restrictions
Regular security monitoring

However, no system is 100% secure.

10. Children’s Privacy

We do not knowingly collect data from individuals under 16.
If you believe a child has provided personal information, contact us immediately.

11. International Transfers

Your data may be processed outside the EU (e.g., Shopify servers).
All transfers follow GDPR-approved safeguards such as Standard Contractual Clauses (SCCs).

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.
Updates take effect once posted on this page.

For questions about this Privacy Policy or GDPR requests, contact us at:

13. Contact Us