Privacy Policy
This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use https://thyraclub.com (the “Site”) and when you purchase our products or interact with our services (the “Services”).
1. Information We Collect
When you purchase from our store, we collect the personal information you provide as part of the buying and selling process, such as your name, billing and delivery address, email address, and phone number. When you browse the Site, your device’s Internet Protocol (IP) address and basic technical data (browser, operating system) are automatically received. With your permission, we may also collect your email address for store updates, new product information, and other communications.
2. Consent
By providing personal information to complete a transaction (e.g., verifying your card, placing an order, arranging delivery, or processing a return), you consent to our collection and use of that information for that specific purpose. If we request personal information for a secondary purpose (such as marketing), we will either ask you directly for your express consent or provide a clear opportunity to opt out.
Withdrawing consent: If you change your mind after opting in, you may withdraw your consent to the continued collection, use, or disclosure of your information at any time by contacting us using the details in the “Contact Us” section below.
3. Disclosure
We may disclose your personal information if required by law or if you violate our Terms of Service.
4. Platform Hosting (Shopify)
Our store is hosted on Shopify. Shopify provides the e-commerce platform that enables us to sell our products and services. Your data may be stored through Shopify’s data storage, databases, and the general Shopify application on secure servers behind a firewall.
Payments: If you choose a direct payment gateway, your payment card data may be stored by Shopify in accordance with PCI-DSS standards. Transaction information is retained only as long as necessary to complete your purchase and is deleted once the transaction is complete.
For more information, please review the following official Shopify policies:
5. Third-Party Service Providers
We may share information with third-party providers (e.g., payment gateways, fraud prevention, logistics) who will collect, use, and disclose information only to the extent necessary to perform services for us. These providers have their own privacy policies regarding the information we must supply for purchase-related transactions. We recommend you read their policies to understand how your data is handled by them.
Please note that certain providers may be located in or have facilities in a different country than you or us. If you proceed with a transaction involving a third-party service provider, your information may become subject to the laws of the jurisdiction(s) where that provider or its facilities are located.
When you leave our Site or are redirected to a third-party website or application, this Privacy Policy no longer applies. We are not responsible for the privacy practices of other sites and encourage you to read their policies.
6. Analytics and Cookies
We use cookies and similar technologies to operate and improve the Site, remember preferences, and run analytics (for example, to understand page views and traffic). Some cookies are placed by third-party service providers to tailor services, products, or advertising on this and other sites.
Managing cookies: Most browsers accept cookies by default. You can set your browser to remove or reject cookies; doing so may affect site functionality or certain features. You can also adjust preferences through our cookie banner when first visiting the Site.
For more details on how Shopify uses cookies, please see the Shopify Cookie Policy.
7. Security
We take reasonable precautions and follow industry-standard practices to protect personal information against loss, misuse, unauthorised access, disclosure, alteration, or destruction. When payment card information is provided, it is encrypted in transit (e.g., SSL/TLS). While no method of transmission or electronic storage is 100% secure, we follow PCI-DSS and other generally accepted standards.
8. Lawful Bases (UK GDPR)
We process personal data under one or more of the following lawful bases: (a) to perform a contract with you (e.g., to fulfil an order); (b) our legitimate interests (e.g., to operate and improve the Site and Services, prevent fraud); (c) your consent (e.g., marketing emails); and/or (d) compliance with legal obligations.
9. Your Rights (UK)
Subject to applicable law, you may have rights to: access, rectification, erasure, restriction, portability, and objection to certain processing. Where processing is based on consent, you may withdraw consent at any time. To exercise rights, contact us via the details below. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO).
10. Data Retention
We retain personal data only for as long as necessary to provide the Services, comply with legal and accounting obligations, resolve disputes, and enforce agreements. Retention periods vary by data category and purpose.
11. International Transfers
Where personal data is transferred outside the UK (for example, to service providers), we will ensure appropriate safeguards are in place (such as standard contractual clauses or equivalent measures) to protect your data in accordance with UK GDPR requirements.
12. Children’s Data
Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided personal data, please contact us so we can take appropriate steps.
13. Changes to This Policy
We may update this Privacy Policy from time to time. Changes take effect upon posting on the Site. If we make material changes, we will note them on this page so you remain informed about what we collect, how we use it, and under what circumstances we disclose it.