Datenschutzerklärung

Privacy Policy

Last updated: 24 March 2026

In plain language: This policy explains what personal information we collect when you visit or shop at OURYE, why we collect it, who we share it with, and what rights you have over your data. We never sell your personal information.

1. Who We Are

OURYE is a trading name of Risaro GROUP ("we", "us", "our"). We are the data controller responsible for your personal data.

  • Address: 7175 Shelton Street, Covent Garden, London WC2H 9JQ, United Kingdom
  • Email: Contact@ourye.com
  • Phone: +44 7888 396115

2. Information We Collect

We collect information in the following ways:

2.1 Information you provide

  • Account & identity: name, email address, phone number when you create an account or contact us.
  • Order information: billing and shipping address, payment method details (processed by our payment provider — we do not store full card numbers), order history.
  • Communications: messages you send us via email, contact forms, or live chat.

2.2 Information collected automatically

  • Device & browsing data: IP address, browser type and version, operating system, referring URL, pages visited, time on site, and click behaviour.
  • Cookies and similar technologies: see our Cookie Policy for details.
  • Location data: approximate location inferred from your IP address.

3. How We Use Your Information

We use personal data for the following purposes and legal bases:

Purpose Legal basis (GDPR / UK GDPR)
Fulfil and deliver your orders Performance of a contract (Art. 6(1)(b))
Process payments Performance of a contract
Send order confirmations and shipping updates Performance of a contract
Respond to your enquiries and support requests Legitimate interest (Art. 6(1)(f))
Improve our website, products, and services Legitimate interest
Send marketing emails (only with your consent) Consent (Art. 6(1)(a))
Prevent fraud and secure our store Legitimate interest
Comply with legal and tax obligations Legal obligation (Art. 6(1)(c))

4. How We Share Your Information

In plain language: We only share data with companies that help us run our store and deliver your orders. We never sell your personal information.

Category Examples Purpose
E-commerce platform Shopify Inc. Hosting, checkout, order management
Payment processors Shopify Payments, PayPal Secure payment processing
Logistics partners Our European distribution network, postal carriers Order fulfilment and delivery
Analytics Google Analytics (GA4) Website usage analysis
Marketing Meta Pixel (Facebook/Instagram) Advertising performance measurement (with consent)
Email service Shopify Email / Klaviyo Transactional and marketing emails

We require all third parties to respect the security of your personal data and to treat it in accordance with applicable law. We do not allow them to use your data for their own purposes.

5. International Data Transfers

Some of our service providers (e.g., Shopify Inc.) are based outside the European Economic Area (EEA) and the United Kingdom. Where data is transferred internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission;
  • UK International Data Transfer Agreement or Addendum, where applicable;
  • Adequacy decisions by relevant authorities.

6. Data Retention

In plain language: We keep your data only as long as we need it. When it's no longer needed, we delete or anonymise it.

Data type Retention period
Order and transaction records 7 years (tax and accounting obligations)
Customer account data Until you request deletion or close your account
Marketing consent records Until you withdraw consent, plus 1 year for audit
Website analytics (cookies) See Cookie Policy
Support correspondence 2 years from last contact

7. Your Rights Under GDPR and UK GDPR

If you are located in the EEA or United Kingdom, you have the following rights:

  • Access: request a copy of the personal data we hold about you.
  • Rectification: ask us to correct inaccurate or incomplete data.
  • Erasure ("right to be forgotten"): ask us to delete your personal data where there is no compelling reason to continue processing.
  • Restriction: ask us to suspend processing of your personal data in certain circumstances.
  • Data portability: receive your personal data in a structured, commonly used, machine-readable format.
  • Objection: object to processing based on legitimate interest or for direct marketing.
  • Withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at Contact@ourye.com. We will respond within one month (30 calendar days). You also have the right to lodge a complaint with your local supervisory authority — for the UK, this is the Information Commissioner's Office (ICO).

8. Your Rights Under the California Consumer Privacy Act (CCPA / CPRA)

If you are a California resident, you have additional rights:

  • Right to know: what personal information we collect, use, disclose, and sell.
  • Right to delete: request deletion of personal information we have collected.
  • Right to opt-out of sale or sharing: we do not sell or share your personal information as defined by the CCPA/CPRA.
  • Right to non-discrimination: we will not discriminate against you for exercising your CCPA rights.

To make a CCPA request, email Contact@ourye.com with the subject line "CCPA Request".

9. Canada (PIPEDA) and CASL

If you are a Canadian resident, you have the right to access and correct the personal information we hold about you under PIPEDA. We will only send you commercial electronic messages if you have provided consent, or where we have an existing business relationship, in compliance with CASL. You may unsubscribe from marketing emails at any time using the link provided in each email.

10. Children's Privacy

Our store is not directed at individuals under the age of 16 (or such lower age as applicable in the relevant jurisdiction). We do not knowingly collect personal data from children. If we learn we have collected data from a child, we will delete it promptly.

11. Security

We implement appropriate technical and organisational measures to protect your personal data, including encryption in transit (TLS/SSL), secure payment processing, and access controls. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

12. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date above will be revised. If changes are material, we will notify you by email or a prominent notice on our website. Continued use of our store after changes constitutes acceptance of the revised policy where permitted by law.

13. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights:

  • Email: Contact@ourye.com
  • Phone: +44 7888 396115
  • Post: Risaro GROUP (trading as OURYE), 7175 Shelton Street, Covent Garden, London WC2H 9JQ, United Kingdom

This Privacy Policy is designed to address the requirements of the General Data Protection Regulation (EU) 2016/679, the UK GDPR and Data Protection Act 2018, the California Consumer Privacy Act (CCPA/CPRA), Canada's PIPEDA and CASL, and the ePrivacy Directive. It is not a substitute for professional legal advice. We recommend consulting a qualified legal professional to ensure full compliance with applicable laws.