Privacy policy

🔐 PRIVACY POLICY (GDPR – Firework Boutique)

1. Data Controller

Firework Boutique is responsible for processing your personal data.


2. Data We Collect

We may collect:

  • Name
  • Email address
  • Shipping and billing address
  • Phone number (if provided)
  • Payment information (processed securely by third-party providers)
  • Order history
  • Website usage data (cookies, analytics)

3. Legal Basis for Processing (GDPR)

We process your data based on:

  • Contract necessity (order fulfillment)
  • Legal obligations (tax and accounting laws)
  • Legitimate interest (fraud prevention, service improvement)
  • Consent (marketing emails, cookies where required)

4. How We Use Your Data

Your data is used to:

  • Process and deliver orders
  • Provide customer support
  • Manage returns and refunds
  • Prevent fraud and abuse
  • Improve website performance
  • Send marketing communications (if consented)

5. Data Sharing

We only share your data with necessary third parties:

  • Payment processors (e.g. Shopify Payments, Stripe, PayPal)
  • Shipping carriers and logistics providers (including suppliers like Dreamlove for fulfillment)
  • IT and analytics providers

We never sell personal data.


6. International Transfers

Some data may be processed outside the EU.

In such cases, we ensure appropriate safeguards (e.g. Standard Contractual Clauses).


7. Data Retention

We retain personal data only as long as necessary:

  • Order data: up to 7 years (tax/legal requirements)
  • Customer support data: up to 24 months
  • Marketing data: until consent is withdrawn

8. Your Rights (GDPR)

You have the right to:

  • Access your data
  • Correct inaccurate data
  • Request deletion (“right to be forgotten”)
  • Restrict processing
  • Object to processing
  • Data portability

To exercise these rights, contact us via support email.


9. Cookies

We use cookies to:

  • Enable website functionality
  • Analyze traffic
  • Improve user experience
  • Support marketing campaigns

You can manage cookie preferences through your browser settings.


10. Data Security

We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, or loss.


11. Contact

For privacy-related questions, contact our support team via the email listed on our website.