top of page

Terms and Conditions

Privacy & Safety

Respecting Your privacy and trust is our priority. This Privacy Policy explains how Shibari Croatia (hereinafter referred to as "We" or "Controller"), as the owner of the "Shibari Croatia" webshop (hereinafter: "Webshop"), collects, uses, processes, and protects Your personal data, in accordance with the European Union's General Data Protection Regulation (GDPR) and relevant Croatian laws.

 

1. 📝 What Personal Data Do We Collect and Why?

 

We collect only the data that is necessary to achieve the stated purposes.

Order Data

  • Data collected: Name and Surname, Shipping Address, E-mail, Phone Number, Billing Information (if different).

  • Purpose: Delivery of ordered products, fulfillment of the sales contract, and compliance with the legal obligation to issue invoices and retain business documentation.

  • Legal Basis: Performance of a contract (GDPR Art. 6(1)(b)) and Compliance with a legal obligation (GDPR Art. 6(1)(c)).

Payment Data

  • Data collected: Transaction details, IBAN/SWIFT (for refunds). Note: Credit card details are not stored by Us, but by an authorized payment processor.

  • Purpose: Processing payments for orders.

  • Legal Basis: Performance of a contract (GDPR Art. 6(1)(b)).

User Account Data

  • Data collected: Username, Hashed Password, Order History.

  • Purpose: Administration of Your user account and faster ordering process.

  • Legal Basis: Consent (GDPR Art. 6(1)(a)) and Performance of a contract (GDPR Art. 6(1)(b)).

Newsletter Data (Marketing)

  • Data collected: E-mail Address.

  • Purpose: Sending marketing communications, offers, and news.

  • Legal Basis: Consent (GDPR Art. 6(1)(a)).

Technical/Analytical Data

  • Data collected: IP address, Browser details, Time and date of access, Cookie data.

  • Purpose: Maintaining Webshop security, analyzing visits, and improving the service.

  • Legal Basis: Legitimate interest (GDPR Art. 6(1)(f)).

 

2. 🍪 Cookies and Tracking Technologies

 

Our Webshop uses cookies to enhance Your user experience, analyze traffic, and enable purchasing functionality.

  • Necessary Cookies: Essential for the operation of the Webshop (e.g., shopping cart, login). They do not require Your prior consent.

  • Analytical/Marketing Cookies: Used to collect statistical data on Webshop usage and for targeted advertising. They are used only with Your prior and explicit consent.

You have the right to accept or decline the use of cookies. More details can be found in our [Link to Cookie Policy - if separate].

 

3. 🔗 Sharing Your Personal Data with Third Parties

 

We do not sell Your personal data. Your data is only shared with trusted third parties necessary for the functioning of the Webshop and the fulfillment of Your order. All third parties treat Your data in accordance with the GDPR.

  • Delivery Services: HP

  • Payment Systems: Paypal

  • Marketing Services: Wix Marketing

 

4. ⏳ Data Retention Period

 

We retain Your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law.

  • Order Data: Retained for a minimum of 11 years from the year the invoice was issued, in accordance with the Accounting Act.

  • User Account Data: Retained until You request the deletion of Your account.

  • Newsletter Data: Retained until You withdraw Your consent (by clicking "Unsubscribe" in the email).

  • Technical Data (Logs): Retained for up to 1 year, unless required for the investigation of a security incident.

 

5. 🔐 How Do We Protect Your Data?

 

We implement appropriate technical and organizational measures to protect Your personal data from unauthorized access, loss, or destruction. This includes:

  • Using SSL encryption across the entire Webshop.

  • Restricting data access to authorized employees on a "need-to-know" basis.

  • Regularly updating security systems.

  • Anonymization or pseudonymization of data wherever possible.

 

6. ⚖️ Your Rights Under GDPR

 

You have the right to exercise the following rights regarding the processing of Your personal data at any time:

  • Right of Access: The right to obtain confirmation as to whether or not Your personal data is being processed, and, if so, access to that data and information about the processing.

  • Right to Rectification: The right to request the correction of inaccurate or completion of incomplete personal data.

  • Right to Erasure ("Right to be Forgotten"): The right to request the deletion of Your personal data if it is no longer necessary for the purpose, or if consent has been withdrawn.

  • Right to Restriction of Processing: The right to request the restriction of the processing of Your data under certain conditions.

  • Right to Data Portability: The right to receive Your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.

  • Right to Object: The right to object to the processing of Your personal data which is based on our legitimate interest.

  • Right to Withdraw Consent: If processing is based on Your consent, You have the right to withdraw Your consent at any time (e.g., unsubscribing from the newsletter), without affecting the lawfulness of processing before the withdrawal.

To exercise any of the above rights, please contact us via the email address listed in Section 1.

 

9. 🔄 Changes to the Privacy Policy

 

We reserve the right to amend this Privacy Policy at any time. All changes will be published on the Webshop with an indication of the effective date. We recommend that You periodically review this page to stay informed about the current policy.

bottom of page