PRIVACY POLICY

At Delirio Studio, we are committed to protecting your privacy and ensuring that your personal information is handled responsibly and securely.

This policy explains how we collect, use, and safeguard your personal data when you visit our website, in accordance with the General Data Protection Regulation (GDPR 2016/679).

PURPOSE OF DATA COLLECTION
We process your data for the following purposes:

  • Order Management: To process and manage orders placed through our website.

  • Billing: To issue invoices for purchased products.

  • Internal Administration: To ensure the website displays correctly, perform analytics, and to improve your experience.

  • Marketing Communications: To send promotional information about our products and services, with your prior consent.

HOW WE COLLECT PERSONAL DATA
We collect personal data through the following methods:

  • Newsletter Subscription Form: To add you to our mailing list, providing updates on offers, promotions, and product news. A confirmation email will be sent upon subscription.

  • User Account Form: To manage and process purchases. Registered users can also view their order history. During registration, you may opt-in to receive marketing communications.

  • Email Contact: If you contact us via email, we will process your data solely to respond to your inquiry.

CATEGORIES OF DATA COLLECTED
We may collect the following types of personal data:

Identifying Information: Name, surname, address, phone number, email address, and company details (if applicable).

Technical Information: IP address, browser data and device details for website optimization and analytics.

DATA RETENTION
Purchase Data: Personal data related to purchases will be retained for the duration of the contractual relationship and as long as necessary to comply with legal obligations. Once legal obligations expire, the data will be securely deleted.

Marketing Data: Data provided for marketing purposes will be retained until you withdraw your consent.

NOTE: No automated decisions or profiling are conducted with the collected data.

LEGAL BASIS FOR DATA PROCESSING
We process your personal data based on the following legal grounds:

  • Contractual Obligation: For processing purchases and issuing invoices.

  • Legal Compliance: For administrative and tax-related and legal obligations.

  • Consent: For sending newsletters and promotional communications. You can revoke your consent at any time.

  • Legitimate Interest: To respond to inquiries sent via email.

DATA SHARING
Your data may be shared with trusted third parties strictly for order fulfillment, such as:

  • Shipping Providers (e.g., UPS, DHL) to deliver your purchases.

We do not share your data with other third parties unless legally required or necessary for legal compliance.

THIRD-PARTY SERVICES
Our website may use third-party providers for services such as hosting, analytics, and payment processing. All service providers comply with GDPR regulations and implement secure data protection protocols.

We use Squarespace to host our website and process transactions. You can read more about how Squarespace uses your personal information here: Squarespace Privacy Policy.

USER RIGHTS
You have the right to:

  • Access your personal data.

  • Correct inaccurate or incomplete data.

  • Request Deletion when the data is no longer necessary for its original purpose.

  • Restrict Processing under certain circumstances.

  • Data Portability to request your data in a structured format.

  • Object to data processing for specific purposes.

To exercise these rights, please contact us at delirio.studio0@gmail.com, including:

  • A clear description of the request.

  • A copy of your valid identification document (for verification purposes).

If you believe your rights have been violated, you may lodge a complaint with the Spanish Data Protection Agency (Agencia Española de Protección de Datos).

DATA SECURITY
We have implemented appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or loss. These measures comply with Article 32 of the GDPR and include encryption, access control, and secure data storage.

COMMUNITY GUIDELINES
We reserve the right to remove inappropriate content and block users who violate our community guidelines.

CHANGES TO THIS POLICY
We reserve the right to update this privacy policy at any time to reflect changes in our practices or for legal reasons. Any significant changes will be communicated via our website.