COVRD Privacy Policy

Privacy

Privacy

This Privacy Policy explains how COVRD Limited (“COVRD”, “we”, “us”, or “our”) collects, uses, and shares your personal data when you visit, use, or make a purchase from www.covrd.shop (the “Site”), contact us, or otherwise interact with us.

We are committed to protecting your personal data and handling it in accordance with applicable data protection law, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and any applicable Irish data protection legislation.

1. WHO WE ARE

COVRD Limited is the data controller responsible for your personal data collected through this Site. Our business is based in Ireland.

If you have any questions about this Privacy Policy or wish to exercise your rights, you can contact us at:

Email: support@covrd.shop
Website: www.covrd.shop

2. Personal data we collect

We may collect and process the following categories of personal data:

Information you provide to us

When you place an order, create an account, sign up to our newsletter, request a restock notification, contact us, or otherwise communicate with us, we may collect:

  • your name
  • billing address
  • shipping address
  • email address
  • phone number
  • payment-related details
  • account login details, where applicable
  • any information you include in messages sent to us
  • your marketing preferences

Order and transaction information

When you make or attempt to make a purchase through the Site, we may collect:

  • details of the products you purchase
  • order value
  • payment status
  • shipping and delivery details
  • refunds, returns, and related customer service information

Automatically collected information

When you visit the Site, we may automatically collect certain technical and usage information, including:

  • IP address
  • browser type and version
  • device type
  • operating system
  • time zone
  • referral source
  • pages viewed
  • products viewed
  • dates and times of visits
  • interactions with the Site

This information may be collected through cookies, server logs, pixels, tags, and similar technologies.

3. How we collect personal data

We collect personal data:

  • directly from you
  • automatically through your use of the Site
  • from service providers that support our website, payments, fulfilment, delivery, analytics, and marketing
  • from ecommerce and advertising platforms where relevant

4. How we use your personal data

We use your personal data for the following purposes:

To process and fulfil orders

We use your personal data to:

  • process payments
  • fulfil and deliver orders
  • send order confirmations and shipping updates
  • manage returns, refunds, and customer service
  • maintain internal records relating to transactions

To manage your account or enquiries

We may use your personal data to:

  • respond to messages or support requests
  • provide customer service
  • manage your account where applicable
  • notify you about stock availability or product updates you request`

To improve our website and operations

We may use technical and usage data to:

  • analyse how visitors use the Site
  • improve Site performance, design, and functionality
  • troubleshoot issues
  • help prevent fraud and abuse
  • measure the effectiveness of campaigns and promotions

For marketing

Where permitted by law, or where you have consented, we may use your personal data to:

  • send you newsletters
  • send marketing emails about products, launches, promotions, restocks, and updates
  • personalise marketing content
  • measure email engagement such as opens and clicks
  • create and measure advertising audiences and remarketing campaigns

You can unsubscribe from marketing communications at any time by clicking the unsubscribe link in our emails or by contacting us directly at support@covrd.shop

For legal and compliance purposes

We may process personal data where necessary to:

  • comply with legal obligations
  • keep financial and tax records
  • prevent fraud
  • enforce our terms
  • protect our rights, property, and business

5. Legal bases for processing under GDPR

Where GDPR applies, we rely on one or more of the following legal bases for processing your personal data:

  • Performance of a contract - where processing is necessary to fulfil your order, provide customer support, or take steps at your request before entering into a contract
  • Legal obligation - where processing is necessary for compliance with legal or regulatory obligations, including tax, accounting, and consumer law requirements
  • Legitimate interests - where processing is necessary for our legitimate business interests, including running and improving our business, preventing fraud, securing our Site, and understanding customer behaviour, provided those interests are not overridden by your rights
  • Consent - where required by law, including for certain cookies, direct marketing communications, and certain advertising technologies

6. Cookies and similar technologies

We use cookies and similar technologies on our Site.

These may include technologies that are:

  • strictly necessary for the operation of the Site
  • used for analytics and performance
  • used for functionality and preferences
  • used for advertising, audience building, and remarketing where applicable

These technologies may include cookies, pixels, tags, and scripts provided by us and by third-party services.

You can control cookies through your browser settings and, where applicable, through our cookie banner or preferences tool.

If you choose to block certain cookies, some parts of the Site may not function properly.

7. Analytics, email marketing, and advertising tools

We may use third-party tools to help us understand how visitors use the Site, communicate with customers, and assess the performance of our marketing.

For example, we may use:

  • Shopify to power our ecommerce store
  • Google Analytics to understand website traffic and user behaviour
  • Klaviyo to send marketing emails and analyse engagement
  • Meta Pixel, Google advertising tools, and TikTok Pixel to help measure advertising performance, build relevant audiences, and show more relevant ads to users who have visited our Site or interacted with our content

These providers may collect or process personal data such as online identifiers, device information, browser information, usage data, and purchase or conversion events, subject to their own privacy policies and applicable data protection law.

Where required by law, non-essential analytics and advertising technologies will only be used with your consent.

8. Sharing your personal data

We do not sell your personal data.

We may share your personal data with trusted third parties where necessary to operate our business, including:

  • ecommerce platform providers
  • payment processors
  • fulfilment, warehousing, and delivery providers
  • IT, hosting, and website service providers
  • analytics providers
  • marketing and email service providers
  • advertising and social media platforms
  • professional advisers such as accountants, auditors, legal advisers, and insurers
  • regulatory authorities, law enforcement, courts, or other bodies where required by law

These third parties are only given access to the personal data they need to perform their services, subject to appropriate contractual and legal safeguards where required.

9. International transfers

Some of our service providers may process personal data outside the European Economic Area ("EEA"), including in countries that may not provide the same level of data protection as your home country.

Where personal data is transferred outside the EEA, we will take steps to ensure appropriate safeguards are in place, such as:

  • transferring to countries subject to an adequacy decision by the European Commission
  • using the European Commission’s Standard Contractual Clauses
  • relying on other lawful transfer mechanisms where applicable

10. Data retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, tax, regulatory, and reporting requirements.

For example:

  • order and transaction records may be kept for as long as required for tax, accounting, and legal purposes
  • customer service correspondence may be retained for a reasonable period to manage issues and maintain records
  • marketing data may be retained until you unsubscribe or withdraw your consent, unless longer retention is justified
  • analytics and technical data may be retained according to the settings and retention periods of the relevant tools used

When personal data is no longer required, we will securely delete or anonymise it where appropriate.

11. Your rights under GDPR

If you are located in the EEA, UK, or another jurisdiction granting similar rights, you may have the right to:

  • access the personal data we hold about you
  • request correction of inaccurate or incomplete personal data
  • request deletion of your personal data
  • request restriction of processing
  • object to processing based on legitimate interests
  • withdraw consent where processing is based on consent
  • request portability of your personal data
  • lodge a complaint with a supervisory authority

We may need to verify your identity before responding to certain requests.

To exercise your rights, please contact us at support@covrd.shop

12. Complaints

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with your local data protection authority.

COVRD is based in Ireland, so the relevant supervisory authority is the Data Protection Commission.

13. Children

Our Site is not intended for children, and we do not knowingly collect personal data from anyone under the age at which they can lawfully consent under applicable law.

If you believe a child has provided us with personal data, please contact us and we will take appropriate steps.

14. Security

We take reasonable technical and organisational measures to help protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.

However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

15. Third-party links

Our Site may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties, and we encourage you to review their privacy policies separately.

16. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our practices, legal requirements, or operational reasons.

Any changes will be posted on this page with the updated effective date.

17. Contact us

If you have questions, would like more information about our privacy practices, or would like to exercise your rights, please contact us at:

Email: support@covrd.shop
Website: www.covrd.shop
Effective date: 20 April 2026