Effective Date: October 1st, 2024

At Tiamat Studio, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website shop.tiamat.studio or make a purchase from our online store. This policy is compliant with the General Data Protection Regulation (GDPR) and relevant Spanish laws.

1. Information We Collect

When you visit our website or make a purchase, we may collect the following types of personal data:

• Personal Data: Your name, email address, shipping address, billing address, phone number, and payment details (e.g., credit card or PayPal information).

• Order Information: Details of products purchased, order history, and transaction information.

• Device Information: IP address, browser type, operating system, and device identifiers through cookies or similar technologies.

• Usage Information: How you interact with our website, including pages viewed, time spent on our website, and the referring site.

2. How We Use Your Information

We use your personal data for the following purposes:

• To process and fulfill your orders: Including shipping, handling returns, and providing customer support.

• To communicate with you: Regarding your orders, inquiries, or updates about our services.

• To personalize your shopping experience: Customizing your experience based on your preferences and usage data.

• For marketing purposes (with your consent): Sending promotional offers, newsletters, and updates that may be of interest to you.

• To ensure security and fraud prevention: Identifying and preventing unauthorized or fraudulent transactions.

3. Legal Basis for Processing Your Data

We process your personal data under the following lawful bases in compliance with the GDPR:

• Contractual necessity: Processing is required to fulfill our contract with you (e.g., to process orders).

• Legal obligation: To comply with applicable legal obligations (e.g., tax or accounting laws).

• Legitimate interests: For the purposes of our legitimate business interests (e.g., fraud prevention and improving our services), provided they are not overridden by your rights and interests.

• Consent: For marketing communications, we rely on your explicit consent, which you can withdraw at any time.

4. Sharing Your Information

We may share your personal data with third parties in the following circumstances:

• Service Providers: Third parties who help us operate our website, process payments, ship orders, and provide marketing or analytics services.

• Legal Compliance: If required by law, we may disclose your information to comply with legal obligations or governmental authorities.

• Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new owner.

5. International Data Transfers

As our business operates in Spain, your data is processed and stored within the European Economic Area (EEA). If any data is transferred outside the EEA, we will ensure that it is protected under appropriate safeguards, in line with GDPR requirements.

6. Cookies and Similar Technologies

We use cookies and similar technologies to enhance your experience on our website. These technologies help us remember your preferences, improve website functionality, and provide analytics.

You can manage your cookie preferences through your browser settings, although disabling cookies may affect your ability to use certain features of our website.

7. Data Retention

We will retain your personal data for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required by law. For example, we are legally required to keep some information for tax and accounting purposes.

8. Your Rights Under the GDPR

As a user from the European Union, you have the following rights regarding your personal data:

• Right of access: You can request access to the personal data we hold about you.

• Right to rectification: You can ask us to correct any inaccurate or incomplete data.

• Right to erasure (“right to be forgotten”): You can request the deletion of your personal data, subject to legal requirements.

• Right to restrict processing: You can ask us to limit how your personal data is used in certain circumstances.

• Right to data portability: You can request a copy of your data in a structured, machine-readable format.

• Right to object: You can object to the processing of your personal data for certain purposes, such as direct marketing.

• Right to withdraw consent: If we are processing your data based on your consent, you can withdraw this consent at any time.

To exercise any of these rights, please contact us at shop@tiamat.studio.

9. Data Security

We use appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, alteration, or disclosure. While we strive to safeguard your information, no system can be 100% secure, and we cannot guarantee absolute security.

10. Third-Party Websites

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices of these external sites. We encourage you to read the privacy policies of any website you visit.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes by posting the updated policy on our website.

12. Contact Information

If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us at:

Tiamat Studio Shop
Email: shop@tiamat.studio
Phone: +34 623 56 09 35