Privacy Policy

Last updated: March 5, 2025

This Privacy Policy describes how Reviora ("we," "us," or "our") collects, uses, stores, and protects your personal data when you use our website https://thivareldrxunau.world/ (the "Site") and related services. We are committed to transparency and compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) where applicable, and United States federal and state privacy laws.

1. Data Controller

The data controller responsible for your personal data is:

Reviora
122 W 146th St
New York, NY 10039
United States

For questions about this Privacy Policy or your personal data, you may contact us using the details provided in the "Contact" section below.

2. Personal Data We Collect

We may collect the following categories of personal data:

• Identity and contact data: name, email address, telephone number, and shipping or billing address when you place an order or contact us.
• Transaction data: details of orders, payments, and communications related to your purchases.
• Technical and usage data: IP address, browser type and version, time zone, device information, pages visited, and how you use the Site. This may include data collected via cookies and similar technologies as described in our Cookie Policy.
• Marketing and communications data: your preferences regarding marketing communications, if you have opted in.

We do not collect special categories of personal data (e.g., health, race, religion) unless you voluntarily provide such information and we have a lawful basis to process it.

3. Legal Basis and Purposes of Processing

We process your personal data only where we have a lawful basis:

• Contract performance: to process and fulfill your orders, manage your account, and provide customer support.
• Legitimate interests: to operate and improve the Site, prevent fraud, ensure security, and analyze usage (e.g., analytics) where such interests are not overridden by your rights.
• Consent: where you have given clear consent (e.g., for non-essential cookies, marketing communications). You may withdraw consent at any time.
• Legal obligation: to comply with applicable laws, including tax and regulatory requirements.

Purposes include: order processing and delivery; customer service; website operation and improvement; security and fraud prevention; analytics (where consented); marketing (where consented); and compliance with legal obligations.

4. How We Collect Your Data

We collect data:

• Directly from you when you fill in forms (e.g., order form, contact form), create an account, or communicate with us.
• Automatically when you use the Site (e.g., cookies, log data). See our Cookie Policy for details.
• From third parties such as payment processors or delivery services, only to the extent necessary to fulfill your orders.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

• Order and transaction data: typically 7 years from the end of the financial year in which the transaction occurred, for legal, tax, and accounting requirements.
• Customer communications: for the duration of the relationship and a reasonable period thereafter (e.g., 3 years) unless a longer period is required by law.
• Marketing data: until you withdraw consent or object, and then only as needed to record your preference.
• Technical and analytics data: as specified in our Cookie Policy, generally up to 26 months for analytics where consent applies; shorter periods for essential and security-related data.

After the retention period, we securely delete or anonymize your data so it can no longer identify you.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. Measures include: use of HTTPS and encryption where appropriate; access controls and staff training; secure storage and limited retention; and regular review of our security practices. Despite our efforts, no method of transmission or storage is completely secure; we encourage you to use strong passwords and protect your account details.

7. Sharing and Disclosure

We may share your personal data with:

• Service providers: payment processors, shipping and logistics partners, hosting and analytics providers, who process data on our instructions and are bound by confidentiality and data protection obligations.
• Legal and regulatory bodies: when required by law, court order, or to protect our rights, safety, or property.
• Professional advisers: lawyers, accountants, or auditors where necessary for compliance or legal purposes.

We do not sell your personal data. We do not share your data with third parties for their own marketing purposes without your consent.

If we transfer data outside the European Economic Area (EEA) or the United Kingdom, we ensure appropriate safeguards (e.g., standard contractual clauses, adequacy decisions) in line with applicable law.

8. Your Rights

Depending on your location, you may have the following rights:

• Access: to receive a copy of the personal data we hold about you.
• Rectification: to have inaccurate or incomplete data corrected.
• Erasure: to request deletion of your data in certain circumstances (e.g., where it is no longer necessary or you withdraw consent).
• Restriction: to request that we limit processing in certain situations.
• Data portability: to receive your data in a structured, commonly used format where processing is based on consent or contract.
• Objection: to object to processing based on legitimate interests or for direct marketing.
• Withdraw consent: where processing is based on consent, without affecting the lawfulness of processing before withdrawal.
• Complaint: to lodge a complaint with a supervisory authority (e.g., in the EU/EEA or UK, your local data protection authority; in the US, relevant state or federal bodies).

To exercise any of these rights, contact us using the details below. We will respond within the timeframes required by applicable law (e.g., one month under GDPR). We may need to verify your identity before processing your request.

9. Children

Our Site and services are not directed at individuals under 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will take steps to delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and indicate the "Last updated" date. For material changes, we may notify you by email or a notice on the Site where appropriate. We encourage you to review this policy periodically.

11. Contact

For any questions about this Privacy Policy or your personal data, please contact us:

Reviora
122 W 146th St
New York, NY 10039
United States

contact@thivareldrxunau.world

+1 (212) 675-3900