Privacy Policy

Privacy Policy — United Kingdom & European Union

This Privacy Policy explains how Aptelior (“we”, “us”, “our”) collects, uses and protects your personal data when you visit our website, make a purchase or interact with us. It applies to customers and visitors in the United Kingdom and the European Union, in accordance with the UK GDPR, the EU GDPR and the Data Protection Act 2018.

Summary: we collect only what is necessary, use it for clear and legitimate purposes (for example, to process your order), never sell your data, and provide transparent ways to control your choices.

1) Who We Are (Data Controller)

Controller: Aptelior
Contact: support@aptelior.com
For privacy questions or to exercise your rights, email us with the subject “Data Request”.

2) Data We Collect

  • Identity & contact: name, email, phone, billing and delivery addresses.
  • Order & support: products purchased, order notes, messages, returns and warranty data.
  • Payment: details processed securely by payment providers (e.g., Shopify Payments / Stripe). We do not store full card numbers.
  • Device & usage: IP address, browser type, pages visited, time on site, cookies or similar technologies.
  • Marketing preferences: newsletter sign-up status and communication settings.
  • User-generated content: reviews, questions, or images you voluntarily provide.

3) Why We Use Your Data (Lawful Bases)

  • Order processing & deliveryperformance of a contract.
  • Customer supportperformance of a contract / legitimate interests.
  • Fraud prevention & securitylegitimate interests / legal obligation.
  • Site improvement & analyticslegitimate interests.
  • Marketing communicationsconsent (you can withdraw at any time).
  • Tax, accounting & compliancelegal obligation.

4) Cookies & Similar Technologies

We use cookies to operate the site (essential), to understand performance (analytics) and — with your consent — to deliver personalised marketing. You can manage or withdraw consent anytime in Cookie Preferences. If you disable non-essential cookies, core store functions will remain available but some features may not work as intended.

5) Sharing Your Data

We share personal data only with trusted service providers who help us operate the store and who process it on our behalf under contractual safeguards:

  • Shopify — store platform & checkout
  • Payment processors (Shopify Payments / Stripe) — to authorise and settle payments
  • Fulfilment & shipping partners — logistics, warehousing, carriers (e.g., Royal Mail, DPD, CTT, DHL)
  • Customer communication tools — email, helpdesk and chat services
  • Analytics & anti-fraud tools

We never sell your personal data.

6) International Transfers

Some providers may store or process data outside the UK / EEA. When transfers occur, we rely on recognised safeguards such as the EU Standard Contractual Clauses, the UK International Data Transfer Agreement (IDTA), or adequacy decisions ensuring equivalent protection.

7) Data Retention

  • Orders & invoices: retained up to 6 years for tax and accounting purposes.
  • Support records: kept as long as necessary to resolve your enquiry.
  • Marketing data: kept until you unsubscribe or after a defined inactivity period.
  • When no longer needed, data is securely deleted or anonymised.

8) Your Rights

Under the UK and EU GDPR you can:

  • Access your data and obtain a copy;
  • Rectify inaccurate or incomplete data;
  • Erase data (“right to be forgotten”);
  • Restrict or object to processing, including marketing;
  • Data portability — receive data in a structured, commonly used format;
  • Withdraw consent at any time (e.g., marketing emails or non-essential cookies).

To exercise your rights, email support@aptelior.com. We aim to respond within one month as required by law.

9) Children

Our website is not directed at children, and we do not knowingly collect data from anyone under 16 years old. If you believe a minor has provided data, please contact us so we can remove it.

10) Security

We use appropriate technical and organisational measures — encryption in transit, access controls and staff training — to protect your data. No system is 100 % secure, but we continually monitor and improve our safeguards.

11) Marketing Communications

You will receive marketing emails only if you have opted in or if permitted under existing-customer rules. You can unsubscribe at any time via the link in our emails or by contacting us.

12) Complaints

If you have concerns about how we handle your data, please contact us first so we can resolve the issue. You also have the right to lodge a complaint with:

  • United Kingdom: Information Commissioner’s Office (ICO) — ico.org.uk
  • European Union: Your local Data Protection Authority — see list of authorities

13) Changes to This Policy

We may update this Privacy Policy to reflect legal or operational changes. Updates will appear on this page with a revised “Last updated” date.

Last updated: 01 Oct 2025