Privacy policy

📄 Privacy Policy — Aurora by Roos 

Last Updated: 23 november 2025

This Privacy Policy describes how Aurora by Roos (“we”, “us”, “our”, or the “Site”) collects, uses, and discloses your personal information when you visit our website, use our services, or make a purchase. By using the Services, you agree to the practices described in this Privacy Policy.

1. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our processes, legal obligations, or business operations. The updated version will always include a revised “Last Updated” date.

2. Personal Information We Collect

A. Information You Provide Directly

This includes:

  • Name

  • Address (billing and shipping)

  • Phone number

  • Email address

  • Payment information (processed by our payment providers)

  • Account details (username, password, security information)

  • Customer support communications

B. Information Collected Automatically

Using cookies and similar technologies, we collect:

  • IP address

  • Browser and device information

  • Interaction data (pages viewed, clicks, time on site)

  • Network information

C. Information from Third Parties

We may receive data from:

  • Shopify (our platform provider)

  • Payment processors

  • Analytics and advertising partners

  • Fraud prevention services

3. How and Why We Use Personal Information (With Legal Bases)

A. Providing Products and Services

To process orders, manage your account, arrange shipping, and handle returns.
Legal basis (GDPR):

  • Performance of a contract

  • Legal obligation (e.g., tax compliance)

B. Customer Support & Communications

To respond to your inquiries and provide support.
Legal basis:

  • Legitimate interests (customer service and communication)

C. Marketing & Personalized Advertising

To send marketing emails, promotions, and show tailored ads.
Legal basis:

  • Consent (email marketing & non-essential cookies)

  • Legitimate interests (non-personalized marketing)

You may opt out at any time.

D. Security, Fraud Prevention & Misuse Monitoring

To detect and prevent fraud or illegal activity.
Legal basis:

  • Legitimate interests

  • Legal obligations

E. Improving Our Website & Services

Using analytics to optimize performance and user experience.
Legal basis:

  • Legitimate interests

  • Consent (when required for analytics cookies)

4. Cookies & Tracking Technologies

We use cookies to:

  • Enable website functionality

  • Remember your preferences

  • Analyze interactions

  • Show personalized or non-personalized advertising

Non-essential cookies (e.g., marketing, remarketing and certain analytics cookies) are only used with your consent, in accordance with GDPR requirements.

Your browser’s Global Privacy Control (GPC) signal is honored as a valid request to opt out of the sale or sharing of personal information for advertising purposes.

5. How We Disclose Personal Information

We may share your information with:

  • Service providers (Shopify, payment processors, shipping partners, IT support)

  • Marketing and advertising partners (only if you have consented, where required)

  • Affiliates or business entities within our group

  • Government authorities, when legally required

  • Parties involved in corporate transactions, such as mergers or acquisitions

We may “sell” or “share” information as defined under certain U.S. privacy laws—but never without giving you the choice to opt out.

6. Data Retention

We keep personal information only as long as necessary for the purposes for which it was collected:

  • Order and payment data: 7 years (required for tax and accounting laws)

  • Account data: as long as the account remains active

  • Marketing data: up to 24 months after your last interaction

  • Cookies: according to their set expiration date

After these periods, information is deleted or anonymized.

7. Your Rights

Depending on your location, you may have the right to:

  • Access your personal information

  • Request correction of inaccurate data

  • Request deletion

  • Request data portability

  • Restrict or object to processing

  • Withdraw consent

  • Appeal a decision

  • File a complaint with a data protection authority

We may require identity verification before processing a request.

8. International Data Transfers

Your information may be transferred outside your home country.
For data originating from the EU/EEA, we use approved mechanisms such as:

  • Standard Contractual Clauses (SCCs)

  • Decisions recognizing adequate protection levels

9. Complaints

If you have concerns about how we process your data, you may contact us using the details below. You may also file a complaint with your local data protection authority.

10. Contact Us

For questions, requests, or complaints regarding this Privacy Policy, contact us at:

📧 store@aurorabyroos.info