Legal

Privacy Policy

Current as of

1. Introduction and scope

This Privacy Policy describes how Shiphrelaovulax.world (“we,” “us,” “our”), operating the Lerixa brand, collects, uses, discloses, stores, and protects personal data when you visit https://shiphrelaovulax.world, communicate with us, or otherwise interact with our services. We are committed to handling personal data with discretion, lawful purpose, and technical care consistent with the expectations of a premium consumer wellness brand.

The policy applies whether you browse anonymously, create or attempt to create a commercial relationship with us, subscribe to optional communications, or exercise your privacy rights. It should be read together with our Cookie Policy, which explains how cookies and similar technologies operate on our digital properties.

If you do not agree with this Privacy Policy, please discontinue use of our website and services. Continued use after we post updates constitutes acceptance of the revised policy for subsequent interactions, subject to any stronger rights you may have under mandatory local law.

2. Data controller and contact

The data controller responsible for personal data processing is Shiphrelaovulax.world, with its principal contact address at 305 Branmar Plaza, Wilmington, DE 19810, United States. For privacy-related correspondence, including requests to exercise rights under the GDPR or similar frameworks, email chat@shiphrelaovulax.world.

We will respond to verifiable requests without undue delay and within the statutory timeframe applicable in your jurisdiction (for example, within one month under the GDPR, subject to permitted extensions where requests are complex). We may request reasonable information to confirm your identity before disclosing or modifying personal data.

If we appoint a data protection officer or EU/UK representative in the future, we will publish updated contact coordinates in this section and, where required, with relevant supervisory authorities.

3. Categories of personal data we process

Depending on how you engage with us, we may process some or all of the following categories of personal data:

  • Identity and contact data: full name, title, email address, telephone number, postal address, and similar identifiers you voluntarily provide.
  • Transaction data: order references, product selections, payment confirmation metadata (card data is handled by payment processors where applicable), delivery preferences, and correspondence about fulfilment.
  • Communication content: free-text messages, feedback, complaints, and attachments you send through forms or email.
  • Technical and device data: IP address, browser type and version, operating system, device identifiers, language settings, referring URLs, approximate geographic indication derived from IP, and timestamps.
  • Usage data: pages viewed, click paths, scroll depth where measured, error logs, and performance diagnostics collected in aggregated or pseudonymous form.
  • Marketing preferences: opt-in records, unsubscribe timestamps, campaign identifiers associated with consented communications.
  • Cookie and advertising identifiers: as described in our Cookie Policy when non-essential cookies are activated.

We do not intentionally collect special categories of personal data (such as health diagnoses) through our website forms. If you voluntarily disclose health-related information, we will treat it with additional care and only retain it where there is a clear lawful basis and legitimate need.

4. How we collect personal data

We collect personal data directly from you when you submit forms, place or attempt to place orders, subscribe to updates, or email us. We also collect technical and usage data automatically through server logs, essential security tools, and—if you consent—analytics or marketing technologies.

We may receive limited personal data from payment service providers (for example, confirmation of successful charges), logistics partners (delivery status tied to your name and address), and professional advisers where necessary for compliance or dispute resolution.

We do not purchase marketing lists that contain personal data unrelated to individuals who have expressed interest in wellness products aligned with our brand positioning.

5. Purposes and legal bases (including GDPR)

Where the General Data Protection Regulation (EU) 2016/679 applies, we rely on the following legal bases:

  • Performance of a contract or pre-contractual steps: processing necessary to respond to your order inquiries, deliver products, process payments, and provide customer support.
  • Legitimate interests: securing our infrastructure, preventing fraud and abuse, improving website reliability, conducting internal analytics in pseudonymous form where compatible with your rights, maintaining business records, and asserting or defending legal claims.
  • Consent: sending promotional emails, deploying non-essential cookies, or any other processing we expressly describe as consent-based at the point of collection.
  • Legal obligation: tax, accounting, consumer protection, court orders, and regulatory inquiries.

For residents of jurisdictions that recognise other bases (such as implied consent for certain business contact in specific contexts), we will map our processing to the closest equivalent category and honour opt-out rights where required.

6. Detailed processing activities

Website operation and security. We process technical data to authenticate sessions, enforce rate limits, detect malicious traffic, and maintain audit trails. This processing supports our legitimate interest in protecting our clients and infrastructure.

Customer care. We use contact details and message content to answer questions, resolve complaints, coordinate returns under our Refund Policy, and document outcomes for quality assurance.

Order fulfilment. We share necessary identity and delivery data with warehouses, carriers, and customs brokers as required to ship goods lawfully.

Marketing. Where permitted, we may send curated product news or educational content. You may withdraw consent or object, as applicable, through unsubscribe links or by emailing us directly.

Analytics. If you enable optional analytics cookies, we process pseudonymous usage statistics to understand aggregate navigation patterns. We do not use such data to make solely automated decisions with legal or similarly significant effects.

7. Retention periods

We retain personal data only as long as necessary for the purposes described, unless a longer period is required or permitted by law:

  • Marketing consents and mailing lists: until you withdraw consent or we retire the list, subject to a short technical buffer for propagation across systems.
  • Order and accounting records: up to seven years where tax or commercial law mandates retention, unless a shorter period applies in your jurisdiction.
  • General correspondence: typically twenty-four months after the last substantive message, unless linked to an active dispute or order.
  • Security logs: rolling windows of up to twelve months unless extended for incident investigation.
  • Cookie-derived identifiers: as stated in the Cookie Policy for each category.

After retention periods expire, we delete or irreversibly anonymise personal data where feasible.

8. Sharing and subprocessors

We disclose personal data to categories of recipients including hosting providers, email delivery services, payment processors, logistics partners, IT support firms, and professional advisers. Each processor is bound by contractual clauses requiring confidentiality, security measures, and processing instructions consistent with this Privacy Policy.

We may disclose personal data to public authorities when required by law, court order, or legitimate regulatory demand, or when necessary to protect vital interests.

We do not sell personal data in the conventional sense of exchanging lists for monetary consideration. If future US state laws define “sale” or “sharing” broadly to include certain advertising cookies, we will provide a clear opt-out mechanism and update this Policy accordingly.

9. International transfers

We are established in the United States. If you access our services from the European Economic Area, United Kingdom, or Switzerland, your personal data may be transferred to the United States or other countries that may not be deemed to provide an adequate level of protection.

Where required, we implement appropriate safeguards such as the European Commission’s Standard Contractual Clauses, the UK International Data Transfer Agreement or Addendum, and supplementary measures including encryption in transit, access minimisation, and periodic risk assessments.

You may request a summary of the safeguards we rely upon by contacting us at the email address above.

10. Security measures

We implement administrative, technical, and organisational measures designed to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include HTTPS encryption for website traffic, role-based access controls, secure credential management, vendor due diligence, and staff awareness of confidentiality obligations.

No system is perfectly secure. If we become aware of a breach likely to affect your rights, we will notify you and regulators as required by applicable law and provide guidance on protective steps you may take.

11. Your rights

Subject to applicable law, you may have the right to access, rectify, erase, restrict processing, object to certain processing, port data to another controller, and withdraw consent where processing is consent-based. You may also lodge a complaint with a supervisory authority in your country of residence or workplace.

To exercise rights, email chat@shiphrelaovulax.world with a clear description of your request. We may need to verify your identity before fulfilling certain requests. We will not discriminate against you for exercising privacy rights, except where differential treatment is permitted because a request is manifestly unfounded or excessive.

Some rights may be limited where processing is necessary for legal claims, freedom of expression, or overriding public interests.

12. Children

Our services are directed to adults. We do not knowingly collect personal data from children under sixteen. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly unless we are legally required to retain evidence.

13. Third-party websites

Our website may contain links to third-party resources. This Privacy Policy does not govern those sites. We encourage you to read their privacy notices before providing personal data.

14. Automated decision-making

We do not use automated decision-making that produces legal or similarly significant effects based solely on automated processing of your personal data.

15. California residents

If the California Consumer Privacy Act or California Privacy Rights Act applies, you may have additional rights to know, delete, and correct personal information, and to opt out of certain sales or sharing. Because our practices evolve with regulation, please contact us for the most current description of categories disclosed for business purposes in the preceding twelve months.

16. Changes to this Privacy Policy

We may revise this Privacy Policy to reflect changes in law, technology, or our business practices. The “current as of” date at the top of this page will be updated when revisions are material. Where required, we will provide additional notice such as a banner on our website or a direct email to affected users.

17. Contact

For any questions regarding this Privacy Policy or our data practices, contact Shiphrelaovulax.world, 305 Branmar Plaza, Wilmington, DE 19810, USA, or email chat@shiphrelaovulax.world.

Privacy, like formulation, is a discipline of restraint: we collect only what serves a clear purpose and retain it only as long as integrity and law require.

We use strictly necessary cookies to operate the site and optional cookies for analytics and marketing. You can change your choices at any time in the cookie settings.