1) Who We Are (Data Controller)

Controller: Aptelior

Contact: support@aptelior.com

For privacy-related questions or to exercise your rights, please email us with the subject “Data Request”.

2) Data We Collect

• Identity & contact: name, email, phone number, billing and delivery addresses.
• Orders & support: products purchased, order notes, messages, returns and warranty data.
• Payments: details processed securely by payment providers (e.g., Shopify Payments / Stripe). We do not store full card numbers.
• Device & usage: IP address, browser type, pages visited, session duration, and technical data collected via cookies or similar technologies.
• Marketing preferences: newsletter opt-in status and communication choices.
• User-generated content: product reviews, comments, photos, or other content you choose to share.

3) Why We Use Your Data (Lawful Bases)

• To process and deliver your orders — performance of a contract.
• To provide customer service — performance of a contract / legitimate interests.
• To ensure security and prevent fraud — legitimate interests / legal obligation.
• To improve our website and experience — legitimate interests.
• To send marketing communications — consent (you can withdraw anytime).
• For tax, accounting and compliance purposes — legal obligation.

4) Cookies & Similar Technologies

We use cookies to make our website work properly (essential), to analyse performance (analytics), and — with your consent — to personalise content and offers. You can adjust or withdraw consent anytime in Cookie Preferences. Disabling non-essential cookies will not affect checkout, but some features may be limited.

5) Sharing Your Data

We share personal data only with trusted service providers who help us operate the store securely and efficiently. They process data on our behalf and under strict confidentiality agreements:

• Shopify — store platform and checkout system.
• Payment processors (e.g., Shopify Payments / Stripe) — to authorise and process payments.
• Fulfilment & shipping partners — logistics, storage and delivery (e.g., Royal Mail, DPD, DHL, CTT, Correos).
• Customer communication tools — for email, support tickets and live chat.
• Analytics & anti-fraud services — to maintain performance and security.

We never sell, rent, or trade your personal data — ever.

6) International Transfers

Some partners may store or process data outside your country of residence. When transfers occur, we rely on recognised safeguards such as the EU Standard Contractual Clauses, the UK International Data Transfer Agreement (IDTA), or adequacy decisions ensuring equivalent levels of protection.

7) Data Retention

• Orders & invoices: retained for up to 6 years for legal and tax compliance.
• Customer support: retained as long as needed to resolve your request.
• Marketing data: retained until you unsubscribe or after a defined period of inactivity.

When no longer needed, your data is securely deleted or anonymised.

8) Your Rights

Depending on your location, you may have the right to:

• Access and receive a copy of your personal data.
• Rectify inaccurate or incomplete information.
• Erase your data (“right to be forgotten”).
• Restrict or object to certain processing, including direct marketing.
• Data portability — request your data in a portable format.
• Withdraw consent at any time (for example, for marketing emails or analytics cookies).

To exercise any of these rights, contact us at support@aptelior.com. We aim to respond within one month, in line with applicable laws.

9) Children

Our website is not intended for children, and we do not knowingly collect personal data from anyone under 16 years old. If you believe a child has provided us with data, please contact us so we can remove it promptly.

10) Security

We apply appropriate technical and organisational measures — including encryption, access controls and employee training — to keep your data secure. No method of transmission or storage is completely risk-free, but we continuously improve our safeguards.

11) Marketing Communications

We send marketing emails only if you have opted in, or if you are an existing customer where permitted by law. You can unsubscribe anytime via the link in our emails or by contacting us directly.

12) Complaints

If you have concerns about how your data is handled, please contact us first so we can resolve the matter. Depending on your location, you may also contact your local data protection authority, such as:

• United Kingdom: Information Commissioner’s Office (ICO) — ico.org.uk
• European Union: your National Data Protection Authority.
• Other regions: your country’s relevant data protection authority or consumer agency.

13) Changes to This Policy

We may update this Privacy Policy to reflect changes in technology, law, or our internal practices. Updates will be published on this page with a revised “Last updated” date.