TERRA&SOL
Legal

Privacy Policy

What data we collect, how we use it, and your rights under the GDPR.

This is placeholder copy. Replace with a policy reviewed by counsel before going live.

1. What we collect

When you place an order, we collect the information you provide at checkout: name, email, shipping address, billing address, and payment details. Payment card numbers are handled by our payment provider — we never see or store them.

When you visit our site, our servers log standard request data: your IP address, browser type, referring URL, and pages viewed. We use this for security, analytics, and debugging.

If you create an account, we additionally store your hashed password and any preferences you save (saved addresses, favorites, order history).

2. How we use it

We use your data to:

  • Fulfill your order, including sharing your shipping address with the relevant artisan workshop.
  • Communicate with you about your order.
  • Send marketing emails — only if you've explicitly opted in. You can unsubscribe at any time from the link in any email.
  • Improve our site and detect abuse.

We do not sell your personal data to anyone, ever.

3. Who we share it with

  • Payment processor — to process your payment.
  • Shipping carriers — to deliver your parcel.
  • The artisan workshop — to fulfill your order (name and shipping address only).
  • Analytics provider — anonymized usage data for site improvement.

We require any third party that handles your data to use it only for the purpose we've specified.

4. Your rights

Under the GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Delete your account and personal data (subject to our legal obligations to retain transaction records).
  • Object to processing for marketing purposes.
  • Export your data in a portable format.

To exercise any of these rights, email privacy@terraandsol.example.

5. Cookies

We use a small number of cookies for essential site functionality (cart, login session, CSRF protection). We don't use third-party advertising cookies. Analytics is configured to respect Do Not Track and to anonymize IP addresses.

6. Retention

We keep your account data for as long as your account is active. Order records are retained for 10 years to comply with tax and consumer-protection laws. Log files are retained for 90 days.

7. Contact

Questions about this policy, or wish to exercise your rights? Email privacy@terraandsol.example.

Last updated 2026-05-23