Styxreonphit.world

Privacy Policy

Last updated:

Styxreonphit.world ("we", "us", "our") is committed to protecting your privacy with the utmost care. This comprehensive policy explains how we collect, use, store, and safeguard your personal data in full compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and applicable international data protection standards.

Data Controller

Styxreonphit.world
43A Wimpole St
London, W1G 8AQ
United Kingdom

Email: admin@styxreonphit.world

Personal Data We Collect

We may collect the following categories of personal data to provide and improve our services:

  • Identity data: your name, when you submit an order, contact form, or create an account with us
  • Contact data: email address, postal address, telephone number, and other contact details necessary for order fulfilment and communication
  • Technical data: IP address, browser type and version, time zone, operating system, device information, and unique identifiers collected automatically when you visit our website
  • Usage data: information about how you interact with our website, including pages visited, time spent on pages, navigation paths, click patterns, and referral sources
  • Cookie data: as described in full detail within our Cookie Policy
  • Communication data: records of correspondence when you contact us via email, phone, or our contact forms

Legal Basis and Purposes

We process your data lawfully and transparently for the following purposes and lawful bases:

  • Contract performance: to process orders, fulfil purchases, manage deliveries, respond to enquiries, and provide customer support as required under our agreement with you
  • Consent: where you have given explicit consent for specific processing activities, such as marketing communications, non-essential cookies, or promotional emails
  • Legitimate interests: to improve our services, prevent fraud, ensure website security, conduct analytics, and maintain the integrity of our business operations, provided such interests do not override your rights
  • Legal obligation: where we are required to process data to comply with applicable laws, regulations, or court orders

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law:

  • Order and transactional data: 6 years (legal, accounting, and tax requirements in the United Kingdom)
  • Contact form and enquiry data: 2 years from last contact, or until you request deletion, whichever is sooner
  • Marketing consent records: retained until you withdraw consent, after which we cease processing for marketing purposes
  • Technical and log data: up to 12 months for security and analytics purposes
  • Cookie data: retention periods vary by cookie type as specified in our Cookie Policy

Your Rights Under GDPR

Under UK GDPR, you have the following rights:

  • Right of access: request a copy of the personal data we hold about you
  • Right to rectification: request correction of inaccurate or incomplete data
  • Right to erasure: request deletion of your data where it is no longer necessary or where you have withdrawn consent ("right to be forgotten")
  • Right to restriction: request that we limit how we process your data in certain circumstances
  • Right to data portability: receive your data in a structured, commonly used, machine-readable format
  • Right to object: object to processing based on legitimate interests, or to direct marketing
  • Right to withdraw consent: withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at the address or email above. We will respond within one month. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Data Security

We implement rigorous technical and organisational measures to protect your data, including industry-standard encryption (HTTPS/TLS), access controls, secure storage systems, regular security assessments, and staff training. We do not sell, rent, or trade your personal data to third parties for marketing purposes.

International Transfers

Where we transfer data outside the United Kingdom or European Economic Area, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by relevant authorities, adequacy decisions, orBinding Corporate Rules where applicable.

Third-Party Sharing

We may share your data with trusted third parties only when necessary for order fulfilment (e.g. payment processors, delivery partners), technical services (e.g. hosting providers), or legal compliance. All such parties are bound by confidentiality and data processing agreements.

Updates

We may update this policy periodically to reflect changes in our practices or legal requirements. Any significant changes will be communicated via our website with an updated effective date. We encourage you to review this policy regularly.