Privacy Policy

1. Information We Collect

We collect the following types of information:

a. Personal Information

When you make a purchase, sign up for our newsletter, or contact us, we may collect:

• Full name

• Shipping and billing address

• Email address

• Phone number

• Payment details (processed securely via Stripe)

b. Automatically Collected Information

Through cookies and tracking technologies, we may collect:

• IP address

• Browser and device type

• Referring URL

• Time spent on pages

• Location (city-level)

c. Third-Party Data

We may collect data from services you connect with us, such as:

• Mailchimp (email marketing opt-ins)

• Google Analytics (site usage behavior)

2. How We Use Your Information

We use your data to:

• Process and fulfill orders

• Manage your account and customer support

• Send order and shipping updates

• Respond to inquiries

• Improve site performance and personalization

• Provide relevant marketing content (if opted in)

• Comply with legal obligations

3. Legal Basis for Processing (GDPR)

We rely on the following legal bases under the General Data Protection Regulation:

• Your consent (for newsletters, cookies, etc.)

• Contractual necessity (to fulfill orders)

• Legal obligation (tax and accounting)

• Legitimate interest (security, fraud prevention, site performance)

4. Cookies and Tracking Technologies

We use cookies for:

• Remembering your shopping cart

• Analyzing traffic via Google Analytics

• Marketing via platforms like Facebook Ads or Google Ads

You can manage your cookie preferences or opt out via your browser settings.

5. Payment Information

All payments are securely processed by Stripe.
We do not store or have access to your full payment information. Stripe is PCI-DSS compliant and uses secure encryption technologies.

6. Sharing Your Information

We share data only when necessary, with:

• Service providers: Stripe, WooCommerce, Mailchimp, Google

• Logistics partners: shipping and fulfillment

• Legal bodies: when required by law or court order

We do not sell or rent your personal information to third parties.

7. International Data Transfers

As a U.S.-based business, your data may be processed in the United States and other jurisdictions outside your home country. We ensure appropriate safeguards such as Standard Contractual Clauses where required by law.

8. Data Retention

We retain your data for:

• Orders: 7 years (for tax and legal obligations)

• Marketing consent: until you unsubscribe

• Inactive accounts: typically 2 years unless deleted

You may request deletion at any time.

9. Your Rights

If you are an EU/UK/EEA resident (GDPR):

• Right to access your data

• Right to correct inaccurate information

• Right to be forgotten (data deletion)

• Right to object to marketing

• Right to data portability

If you are a California resident (CCPA):

• Right to know what personal info we collect

• Right to delete your data

• Right to opt-out of data sales (we do not sell data)

To exercise any of these rights, email us at support@onehorus.com

10. Children’s Privacy

Our website is not intended for children under 16. We do not knowingly collect personal information from minors.

11. Data Security

We implement best-practice security measures:

• SSL encryption on all pages

• Secure servers

• Limited access to personal data

• Regular audits and backups

12. Changes to This Policy

We may update this policy to reflect changes in legal, technical, or business operations. When we do, we’ll revise the “Last Updated” date and notify users if required.

13. Contact Us

If you have questions about this Privacy Policy or how your data is handled, contact us:

📧 Email: support@onehorus.com
🌐 Website: https://onehorus.com