Privacy policy

Privacy Policy

Last updated: March 23, 2026

1. Who We Are

This website is operated by OrthoMats LTD ("we", "us", "our").
We are the data controller responsible for your personal data.

Contact details:
Email: team@orthomats.store
Address: First Floor, 20 Swan Buildings, Swan Street, Manchester, M4 5JW, United Kingdom

2. Personal Data We Collect

We may collect and process the following personal data:

  • Identity & Contact Data: name, email address, phone number, billing and shipping address

  • Order Data: products purchased, returns, exchanges, and transaction history

  • Payment Data: processed securely via third-party providers (we do not store full card details)

  • Account Data: login credentials and preferences

  • Device & Usage Data: IP address, browser type, device identifiers, pages visited, and interactions

  • Marketing Data: email preferences, subscription status, and engagement with emails and advertisements

3. How We Collect Your Data

We collect your data in the following ways:

  • Directly from you (e.g., when placing an order, creating an account, or subscribing to emails)

  • Automatically through cookies and similar tracking technologies

  • From third parties such as Shopify, payment providers, and marketing platforms

4. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

  • Contractual necessity: to process orders, payments, and deliveries

  • Legal obligation: to comply with tax, accounting, and regulatory requirements

  • Legitimate interests: to improve our services, prevent fraud, and analyze website performance

  • Consent: for marketing communications and advertising tracking technologies

5. Marketing & Email Communications

We use Klaviyo to manage email marketing.

  • You may receive transactional emails (e.g., order confirmations, shipping updates) without opting in

  • Marketing emails are sent based on your consent, which is collected in compliance with applicable laws

Regional approach to consent:

  • Users in the UK/EEA and similar jurisdictions must actively opt in to receive marketing emails

  • Users in the United States may be presented with pre-selected consent options where permitted by law

You can unsubscribe at any time by clicking the unsubscribe link in any email.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Ensure the website functions properly

  • Analyze user behavior and improve performance

  • Deliver personalized advertisements

We use tools including:

  • Meta (Facebook) Pixel

  • TikTok Pixel

For users in the UK and EEA, non-essential cookies should only be used with your consent via a cookie banner.

7. Sharing Your Data

We may share your personal data with:

  • Shopify (ecommerce platform and hosting)

  • Payment providers (e.g., Stripe, PayPal)

  • Klaviyo (email marketing)

  • Advertising partners (Meta, TikTok)

  • Service providers and apps (reviews platforms, cart tools like UpCart, currency converters, and other operational tools)

These providers process data on our behalf and are required to safeguard it.

8. International Data Transfers

As we operate globally, your data may be transferred outside the UK/EEA.

Where this occurs, we implement safeguards such as:

  • Standard Contractual Clauses (SCCs)

  • Transfers to countries deemed to provide adequate protection

9. Data Retention

We retain your personal data only as long as necessary:

  • Order data: retained for up to 6 years (legal/tax requirements)

  • Marketing data: retained until you unsubscribe or withdraw consent

  • Account data: retained until account deletion or prolonged inactivity

10. Your Rights

If you are located in the UK or EEA, you have the right to:

  • Access your personal data

  • Correct inaccurate data

  • Request deletion of your data

  • Restrict or object to processing

  • Withdraw consent at any time

  • Request transfer of your data (data portability)

To exercise your rights, contact: team@orthomats.store

We may need to verify your identity before processing your request.

11. Data Deletion Requests

If you request deletion of your personal data:

  • We will remove you from marketing communications

  • We will delete or anonymize your personal data where possible

  • We may retain certain information where required for legal obligations (e.g., tax and accounting records)

12. Data Security

We implement appropriate technical and organizational measures to protect your data.
However, no system is completely secure.

13. Children’s Data

Our website is not intended for individuals under the age of 16.
We do not knowingly collect personal data from children.

14. Changes to This Policy

We may update this Privacy Policy from time to time.
Any updates will be posted on this page with a revised "Last updated" date.

15. Complaints

If you have concerns about how we handle your data, please contact us first.
You also have the right to lodge a complaint with your local data protection authority, such as the UK Information Commissioner’s Office (ICO).