Privacy Policy
A Legal Disclaimer
Privacy Policy for Romy House
Effective date: 22 November 2025
1. Introduction
Romy House (“we”, “our”, “us”) operates the lingerie e-commerce website hosted at www.romyhouse.shop (the “Site”). We respect your privacy and are committed to protecting any personal information you share with us. This policy explains what we collect, how we use it, and the choices you have.
2. Information we collect
a. Order information: name, billing/shipping address, e-mail, phone number, payment method details (processed securely by Wix Payments, PayPal, Stripe or Klarna— we do not store full card numbers).
b. Account information: password (hashed), wish-list items, size preferences.
c. Automatic data: IP address, browser type, pages visited, time zone, referral URLs, cookies (see §7).
d. Optional data: product reviews, survey answers, marketing preferences, body-measurement notes you voluntarily add to your profile.
3. Legal bases (GDPR)
We process data under:
- Contract – to ship and fulfil your order.
- Legitimate interest – to prevent fraud and improve products.
- Consent – to send newsletters or SMS marketing.
- Legal obligation – to keep accounting records.
4. How we use your information
- Process, ship and track orders.
- Handle returns, exchanges and warranty claims.
- Send transactional e-mails (order confirmation, shipping updates).
- Personalise size recommendations and product suggestions.
- Detect and prevent fraud.
- Comply with tax, accounting and consumer-protection laws.
- Send marketing e-mails/SMS only if you opt-in (you can unsubscribe any time).
5. Sharing & disclosure
We never sell your data. We share only with:
- Service providers: Wix.com (hosting), shipping couriers (Royal Mail, DHL, Evri), payment processors, e-mail provider (Wix Ascend or Mailchimp), review platform (Judge.me).
- Legal or regulatory authorities when required.
- Business transfer: if Romy House is sold, data passes to the new owner under this same policy.
6. International transfers
Our website platform (Wix) may store data on servers in the United States. Wix is certified under the EU-U.S. Data Privacy Framework and UK adequacy regulations, ensuring GDPR-level protection.
7. Cookies & tracking
We use essential, analytics and marketing cookies. Essential cookies keep items in your cart; analytics cookies help us understand traffic; marketing cookies power Romy House ads on Meta or Google. You can manage cookies via the bottom-banner or browser settings.
8. Data retention
- Orders & invoices: 7 years (UK tax law).
- Marketing consent records: until you unsubscribe.
- Inactive accounts: deletion after 3 years of no log-in, unless an open order or claim exists.
- Cookies: 30 days to 24 months depending on type.
9. Your rights (GDPR & UK GDPR)
You may access, correct, delete, restrict, or port your personal data, and object to processing. Exercise rights by e-mailing noelleurope@gmaill.com. We respond within 30 days.
10. California residents (CCPA/CPRA)
You may request a list of personal information we hold, ask us to delete it, and opt-out of any “sharing” for cross-context behavioural advertising. We do not sell personal information as defined by the CCPA.
11. Security
We use HTTPS (TLS 1.3), PCI-compliant payment pages, limited-access admin accounts, and two-factor authentication. Credit-card data is tokenised—our staff never see full card numbers.
12. Children
Our Site is intended for adults 18+. We do not knowingly collect data from anyone under 16. If you believe a child has provided us data, contact us and we will delete it.
13. Third-party links
Occasional links to size-guide videos on YouTube or Instagram may place cookies; those sites have their own policies.
14. Changes to this policy
We may update this policy from time to time. Revisions are posted on this page with a new “Effective date”. Continued use of the Site after changes constitutes acceptance.
15. Contact
Data Controller: Romy House
E-mail: noelleurope@gmail.com
Last updated: 22 November 2025