Policy on Confidentiality

The data controller is Luxexia, reachable at contact@luxexia.com

We collect the following data:

• First name, last name, email address
• Shipping and billing address
• Payment information (processed securely, not stored)
• Browsing data (IP, pages visited, duration)

Your data is used for:

• Order Management: processing, shipping, delivery.
• Customer Service: answering your questions.
• Marketing (with consent): newsletters and offers.
• Security: fraud prevention.
• Legal Obligations: accounting, taxation.

We process your data on the following bases:

• Contractual performance: order processing.
• Consent: marketing and non-essential cookies.
• Legitimate interest: security and service improvement.
• Legal obligation: tax and accounting obligations.

We never sell your data. We only share it with:

• Shopify: hosting and transactions.
• Carriers: order delivery.
• Payment providers: secure processing.
• Analytical tools: Google Analytics (with consent).

We only keep your data for as long as necessary:

• Order data: 10 years (tax obligations).
• Customer service: 3 years after closure.
• Marketing: until consent is withdrawn.

In accordance with the GDPR, you have the right to:

• Access your personal data.
• Rectify inaccurate data.
• Erase your data.
• Withdraw your consent at any time.
• File a complaint with the CNIL.

To exercise your rights, please contact us at contact@luxexia.com

We implement appropriate security measures: SSL/TLS encryption, payment processing via PCI-DSS certified providers, limited access to data for authorized personnel.

We may amend this policy at any time. Any changes will be posted on this page with the updated date. We recommend that you check it regularly.