Privacy Policy

Last updated: March 2026

This privacy policy describes how Zorenza (“we,” “us,” “our”) collects, uses, and shares personal data when you visit our website, make a purchase, or otherwise communicate with us (collectively the “Services”).

Scope: This privacy policy applies to all customers in Germany, Austria, Switzerland, United Kingdom, Ireland, United States, Canada, Mexico, Singapore, Norway, New Zealand, Australia, Spain, Italy, and France.

Please read this privacy policy carefully.

Changes to this privacy policy

We may update this privacy policy occasionally to reflect changes in our practices or legal requirements. The current version will be published on this page.

What personal data we collect

1. Information you provide to us directly

  • Contact details: name, billing and shipping address, e-mail address, phone number
  • Order data: purchased products, payment confirmation, shipping information
  • Account information: username, password (encrypted)
  • Communication: Inquiries to our customer service

2. Automatically collected information

  • Device and browser information
  • IP address
  • Usage and interaction data
  • Cookies and similar technologies

3. Information from third parties

  • Payment and shipping service providers
  • Marketing and analytics partners
  • Shopify as a technical platform

How we use your personal data

We use your personal data for, among other things, the following purposes:

  • Processing orders and payments
  • Shipping, returns, and refunds
  • Providing customer service
  • Improving our website and services
  • Marketing and advertising (only within the legally permitted scope)
  • Security and fraud prevention
  • Compliance with legal obligations

Cookies and tracking technologies

We use cookies and similar technologies to:

  • To ensure the functionality of our website
  • To analyze usage statistics
  • To personalize content and advertising

You can manage or disable cookies through your browser settings or via our cookie banner. Please note that this may limit the functionality of the website.

Disclosure of personal data

We only share personal data when necessary, including with:

  • Service providers (e.g., payment processing, shipping, IT, analytics)
  • Shopify, as hosting and e-commerce platform
  • Marketing and advertising partners
  • Authorities, if legally required
  • Companies within our corporate group

We do not sell personal data.

Shopify

Our shop is operated by Shopify Inc. Shopify processes personal data to provide and improve the services. For more information, see Shopify's privacy policy: https://privacy.shopify.com

International data transfers

Your personal data may be processed outside your country of residence, especially in countries outside the European Economic Area (EEA).

In such cases, we ensure that appropriate safeguards are in place, for example by:

  • EU Standard Contractual Clauses (for data transfers from the EU/EEA)
  • UK GDPR International Data Transfer Agreement (for transfers from the UK)
  • Adequacy decisions of the EU Commission
  • EU-US Data Privacy Framework (for transfers from the EU to the USA)
  • Swiss-US Data Privacy Framework (for transfers from Switzerland to the USA)

Data from children

Our services are not directed at children. We do not knowingly collect personal data from persons under 16 years old (or under 13 years old in the USA and Australia).

Data security & retention

  • We use technical and organizational security measures to protect your data
  • Personal data is only stored as long as necessary for the stated purposes or legal obligations

Your Rights

Depending on your residence, you have different data protection rights:

EU/EEA countries (GDPR – Germany, Austria, Spain, Italy, France, Ireland)

  • To obtain information about your stored data
  • To request correction or deletion
  • To restrict or object to processing
  • To request data portability
  • To withdraw consent given at any time
  • To file a complaint with a data protection supervisory authority

Switzerland (Swiss Data Protection Act – revDSG)

  • Comparable rights as under the GDPR
  • Complaint to the Federal Data Protection and Information Commissioner (FDPIC)

United Kingdom (UK GDPR)

  • Same rights as under the EU GDPR
  • Complaint to the Information Commissioner's Office (ICO)

United States

  • California (CCPA/CPRA): Right to access, deletion, opt-out of sale/sharing, restriction of sensitive data
  • Other states: Similar rights may apply depending on the state

Canada (PIPEDA / Provincial Data Protection Laws)

  • Right to access and correct your personal data
  • Right to complain to the Office of the Privacy Commissioner of Canada (OPC)

Mexico (Federal Law on the Protection of Personal Data Held by Private Parties)

  • Rights to access, correction, deletion, and objection (Derechos ARCO)
  • Right to complain to the National Institute for Transparency, Access to Information and Personal Data Protection (INAI)

Singapore (Personal Data Protection Act – PDPA)

  • Right to access and correct your personal data
  • Right to complain to the Personal Data Protection Commission (PDPC)

Norway (GDPR applies via EEA membership)

  • Same rights as under the EU GDPR
  • Complaint to the Datatilsynet

New Zealand (Privacy Act 2020)

  • Right to access and correct your personal data
  • Right to complain to the Office of the Privacy Commissioner (OPC)

Australia (Privacy Act 1988)

  • Right to access and correct your personal data
  • Right to complain to the Office of the Australian Information Commissioner (OAIC)

To exercise your rights, please contact us using the contact details below. We may request additional information to verify your identity.

Marketing communication

  • You can unsubscribe from marketing emails at any time via the unsubscribe link in our emails or by contacting us
  • Transactional emails (e.g., order confirmations) are not affected by this

Third-party websites

Our website may contain links to external websites. We assume no responsibility for their content or data protection practices.

Contact

Controller within the meaning of data protection laws:

Zorenza – G. Dimmendaal Payment Collector B.V.
Segment 3
6921 RC Duiven
Netherlands

Email: info@zorenzo-store.shop

If you have any questions about this privacy policy or the processing of your personal data, please contact us at any time.

Competent supervisory authorities

EU/EEA:

  • Germany: Federal Commissioner for Data Protection and Freedom of Information (BfDI)
  • Austria: Austrian Data Protection Authority
  • Spain: Spanish Data Protection Agency (AEPD)
  • Italy: Data Protection Authority
  • France: National Commission on Informatics and Liberty (CNIL)
  • Ireland: Data Protection Commission (DPC)
  • Norway: Datatilsynet

Other countries:

  • Switzerland: Federal Data Protection and Information Commissioner (FDPIC)
  • United Kingdom: Information Commissioner's Office (ICO)
  • USA: Different authorities depending on the state
  • Australia: Office of the Australian Information Commissioner (OAIC)
  • Canada: Office of the Privacy Commissioner of Canada (OPC)
  • Mexico: National Institute for Transparency, Access to Information and Personal Data Protection (INAI)
  • Singapore: Personal Data Protection Commission (PDPC)
  • New Zealand: Office of the Privacy Commissioner (OPC)

This privacy policy complies with the requirements of the GDPR (EU), UK GDPR, Swiss Data Protection Act (revDSG), the Australian Privacy Act 1988, the Canadian PIPEDA, the Mexican LFPDPPP, the Singapore PDPA, the New Zealand Privacy Act 2020, as well as relevant US data protection laws.