Privacy Policy

How we protect your personal information

Your Privacy Matters: Morivin is committed to protecting your personal data. This policy explains how we collect, use, and safeguard your information in compliance with UK GDPR and Data Protection Act 2018.

Key Points

• We only collect information necessary for your order
• Your data is protected with SSL encryption
• We never sell your data to third parties
• You have rights under UK GDPR
• Payments processed securely by Stripe

1. Data Controller

The data controller responsible for your personal information is:

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide when you:

• Place an order (name, email, phone, addresses, payment details)
• Create an account (name, email, password)
• Subscribe to our newsletter (email address)
• Contact us (name, email, message)
• Leave a product review (name, email, review content)

2.2 Information Collected Automatically

When you visit our website, we automatically collect:

• Device information (browser type, operating system)
• IP address and approximate location
• Pages visited and navigation patterns
• Referring website or source
• Cookies and similar tracking technologies

2.3 Payment Information

Payment transactions are processed securely through Stripe. We do not store your full credit or debit card details on our servers. Stripe's privacy policy governs their handling of your payment information.

3. How We Use Your Information

• Process Orders: Fulfilling purchases, processing payments, arranging delivery
• Communicate: Responding to enquiries, providing customer support
• Improve Services: Analysing usage, understanding preferences, enhancing functionality
• Marketing: With your consent, sending newsletters and promotional offers
• Legal Compliance: Meeting tax and regulatory requirements
• Fraud Prevention: Detecting and preventing fraudulent transactions

4. Legal Basis for Processing

Under UK GDPR, we process your information based on:

• Contract: Processing necessary to perform our contract with you
• Legal Obligation: Processing required by law (tax, fraud prevention)
• Legitimate Interests: Processing for our business interests (improving services)
• Consent: Processing based on your explicit consent (marketing). You may withdraw consent at any time.

5. Sharing Your Information

We may share your information with:

• Service Providers: Shopify, Stripe, delivery partners, email marketing services, analytics providers
• Legal Requirements: When required by law or court order
• Business Transfers: In connection with mergers or acquisitions

Important: We do not sell, rent, or trade your personal information to third parties for marketing purposes.

6. International Transfers

Your information may be transferred to countries outside the UK where our service providers are located. We ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK Information Commissioner's Office (ICO).

7. Data Retention

We retain your information for as long as necessary:

• Order records: 7 years (for tax purposes)
• Customer accounts: Until you request deletion
• Marketing preferences: Until you unsubscribe
• Website analytics: 26 months

8. Your Rights Under UK GDPR

You have the following rights regarding your personal information:

• Right of Access: Request a copy of your data
• Right to Rectification: Correct inaccurate information
• Right to Erasure: Request deletion in certain circumstances
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing for marketing or legitimate interests
• Right to Withdraw Consent: Withdraw consent for processing at any time

To exercise these rights, contact us at support@morivin.com. We will respond within one month.

9. Data Security

We implement appropriate technical and organisational measures to protect your information:

• Secure Socket Layer (SSL) encryption for data transmission
• Secure payment processing through Stripe
• Regular security assessments and updates
• Access controls limiting data access

Note: No method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

10. Children's Privacy

Our website is not intended for children under 16 years of age. We do not knowingly collect information from children. If you believe we have collected information from a child, please contact us immediately.

11. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for their privacy practices. We encourage you to read their privacy policies.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this policy periodically.

13. Complaints

If you have concerns about how we handle your information, please contact us first at support@morivin.com. We will do our best to resolve your concerns.

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):

14. Contact Us

If you have questions about this Privacy Policy or our data practices:

Last updated: January 2025 | This policy complies with UK GDPR and Data Protection Act 2018