Privacy policy

Sorelll | Last updated: April 5, 2026

Sorelll manages this store and website, including all related information, content, features, tools, products and services, to provide you, the customer, with a personalized shopping experience (the 'Services'). Sorelll is Powered by Shopify, enabling us to deliver the Services to you. This privacy policy describes how we collect, use and disclose your personal information when you visit, use or make a purchase or other transaction through the Services, or otherwise communicate with us. If there is a conflict between our terms of service and this privacy policy, this privacy policy will prevail with respect to the collection, processing and disclosure of your personal information.

Please read this privacy policy carefully. By using and accessing the Services, you indicate that you have read this privacy policy and that you understand the collection, use and disclosure of your data as described in this privacy policy.

1. Personal information we collect or process

When we use the term 'personal information', we mean information that identifies you or another person, or can reasonably be linked to you or another person. We may collect or process the following categories of personal information:

  • Contact details: name, address, billing address, delivery address, phone number and email address.
  • Financial information: credit card, debit card and financial account numbers, payment card information, transaction data and other payment details.
  • Account data: username, password, security questions, preferences and settings.
  • Transaction data: items you view, add to your cart, purchase, return, exchange or cancel, and your previous transactions.
  • Communications with us: information you include in your messages to us, such as in customer support.
  • Device data: information about your device, browser or network connection, your IP address and other unique identifiers.
  • Usage information: information about your interaction with the Services, including how and when you navigate through the Services.

2. Sources of personal information

We collect personal information from the following sources:

  • Directly from you: when you create an account, visit or use the Services, communicate with us or otherwise provide us with your personal information.
  • Automatically through the Services: from your device when you use our products or Services or visit our websites, and through cookies and similar technologies.
  • From our service providers: when we engage them to enable certain technology and when they collect or process your personal information on our behalf.
  • From our partners or other third parties.

3. Legal basis for processing (GDPR)

In accordance with the General Data Protection Regulation (GDPR), we process your personal information on the following legal bases:

  • Performance of a contract (Art. 6.1.b GDPR): processing necessary to handle your order, arrange delivery and provide customer support.
  • Legitimate interest (Art. 6.1.f GDPR): processing for fraud prevention, security of our Services and improvement of our services.
  • Consent (Art. 6.1.a GDPR): processing for marketing purposes by email or SMS, for which you have given explicit consent. You may withdraw this consent at any time.
  • Legal obligation (Art. 6.1.c GDPR): processing necessary to comply with our legal obligations, such as accounting retention requirements.

4. How we use your personal information

We may use personal information for the following purposes:

  • Providing, customizing and improving the Services: processing payments, fulfilling orders, remembering your preferences, sending notifications, arranging shipping, processing returns and providing a personalized shopping experience.
  • Marketing and advertising: sending marketing, advertising and promotional messages by email or SMS, and displaying online advertisements based on your activities, exclusively with your consent.
  • Security and fraud prevention: verifying your account, providing a secure payment and shopping experience, and detecting potentially fraudulent or malicious activity.
  • Communicating with you: providing customer support and maintaining our business relationship with you.
  • Legal reasons: complying with applicable law, responding to valid legal proceedings and investigating potential violations of our terms.

5. Retention periods

We do not retain your personal information longer than necessary for the purposes for which it was collected, taking into account our legal obligations. The following specific retention periods apply:

  • Order data and invoicing: 7 years, in accordance with the Belgian accounting retention obligation (Code of Economic Law).
  • Account data: retained for as long as your account is active. After deletion of your account, your data will be erased within 30 days, unless a legal obligation requires longer retention.
  • Marketing data: retained until you unsubscribe from our marketing communications or withdraw your consent.
  • Customer support communications: maximum 2 years after closure of the support request.
  • Fraud prevention and security data: maximum 1 year, unless an ongoing investigation requires a longer retention period.

6. Cookies and similar technologies

We use cookies and similar technologies to improve the Services and personalize your experience. A cookie is a small text file stored on your device when you visit our website. We use the following categories of cookies:

Necessary cookies These cookies are essential for the functioning of the website. They enable you to navigate and use the basic features of our Services, such as managing your shopping cart and processing payments. These cookies cannot be disabled.

Analytical cookies We use analytical cookies, such as Google Analytics, to understand how visitors use our website. The information collected by these cookies is anonymous and helps us improve the website. You can opt out of Google Analytics via https://tools.google.com/dlpage/gaoptout.

Marketing cookies With your consent, we place marketing cookies to show you relevant advertisements on our website and other websites. Shopify and our marketing partners may use cookies to track your online activities and personalize advertisements.

You can manage your cookie preferences through the cookie settings on our website or through your browser settings. Please note that disabling certain cookies may affect the functionality of our Services.

7. How we disclose personal information

In certain circumstances, we may share your personal information with third parties for legitimate purposes:

  • With Shopify, vendors and other third parties that perform Services on our behalf (e.g. IT management, payment processing, data analytics, customer support, cloud storage, fulfillment and shipping).
  • With business and marketing partners to deliver marketing services and advertise to you, exclusively with your consent.
  • When you instruct us or otherwise authorize us to provide certain information to third parties, such as to ship your products.
  • With our affiliates or otherwise within our group of companies.
  • In connection with a business transaction such as a merger or bankruptcy, or to comply with applicable legal obligations.

8. Relationship with Shopify

The Services are hosted by Shopify, which collects and processes personal information about your access to and use of the Services in order to deliver and improve the Services for you. Information you submit to the Services will be sent to and shared with Shopify, as well as third parties that may be located in countries other than where you reside.

For more information about how Shopify uses your personal information and about any rights you may have, please visit the Shopify privacy policy for customers at https://www.shopify.com/legal/privacy/customers.

9. Third-party websites and links

The Services may contain links to websites or other online platforms operated by third parties. If you follow links to sites that are not affiliated with or controlled by us, you should review their privacy and security policies and other terms and conditions. We are not responsible for the privacy or security of such sites.

10. Children's data

The Services are not intended for use by children under the age of 16 and we do not knowingly collect personal information about children. If you are the parent or guardian of a child who has provided us with their personal information, you may contact us using the contact details below to request that it be deleted.

11. Security of your information

We take appropriate technical and organizational measures to protect your personal information against unauthorized access, loss or misuse. Please be aware, however, that no security measure is perfect or impenetrable. We recommend that you do not use unsecured channels to communicate sensitive or confidential data to us.

12. Your rights and choices

As a resident of Belgium and the European Economic Area (EEA), you have the following rights under the GDPR with respect to your personal information:

  • Right of access (Art. 15 GDPR): you may request a copy of the personal information we hold about you.
  • Right to rectification (Art. 16 GDPR): you may ask us to correct inaccurate or incomplete personal information.
  • Right to erasure (Art. 17 GDPR): you may ask us to delete your personal information, unless we have a legal obligation to retain it.
  • Right to restriction of processing (Art. 18 GDPR): you may ask us to temporarily restrict the processing of your personal information.
  • Right to data portability (Art. 20 GDPR): you may receive a copy of your personal information in a structured, machine-readable format.
  • Right to object (Art. 21 GDPR): you may object to the processing of your personal information based on our legitimate interest, or for marketing purposes.
  • Right to withdraw consent: where we rely on consent to process your personal information, you have the right to withdraw that consent at any time.
  • Right to lodge a complaint: you have the right to lodge a complaint with the competent supervisory authority (see below).

To exercise any of these rights, please contact us using the contact details at the bottom of this policy. We will respond to your request in a timely manner, in accordance with applicable law.

13. Supervisory authority – Data Protection Authority (DPA)

If you believe that we are not processing your personal information correctly, you have the right to lodge a complaint with the competent Belgian supervisory authority:

Data Protection Authority (DPA) Drukpersstraat 35, 1000 Brussels Tel.: +32 (0)2 274 48 00 Email: contact@apd-gba.be Website: www.dataprotectionauthority.be

We do recommend, however, that you contact us first before lodging a complaint, so that we have the opportunity to address your concerns.

14. International transfers

Please note that we may transfer, store and process your personal information outside Belgium or the European Economic Area. Where we transfer your personal information outside the EEA, we rely on recognized transfer mechanisms such as the European Commission's standard contractual clauses, to ensure an adequate level of protection.

15. Changes to this privacy policy

We may update this privacy policy from time to time, including to reflect changes in our practices or for other operational, legal or regulatory reasons. We will post the revised privacy policy on this website and update the 'Last updated' date. We will notify you of material changes in accordance with applicable law.

16. Contact

If you have any questions about our privacy practices or this privacy policy, or if you wish to exercise any of the rights available to you, please contact us:

Sorelll

Email: hello@sorelll.com

For the purposes of applicable data protection law, we are the data controller of your personal information.