Privacy Policy

This privacy policy describes how The Crimson Leviathan Limited (hereinafter "Sorelise", "we", "us", "our") collects, uses, and protects the personal data of visitors and customers of the sorelise.com website (hereinafter the "Site").

By accessing the Site, placing an order, or submitting your information to us, you accept the practices described in this policy.

1. Data Controller

The Crimson Leviathan Limited
RM 1911A, UNIT F, 19/F, Golden Bear Centre
66 Chai Wan Kok Street, Tsuen Wan, Hong Kong
Certificate of Incorporation Number: 77993894
Email: contact@sorelise.com

2. Data Collected

We collect the following categories of data:

Identification data: first name, last name, postal address, email address, phone number.
Order data: purchase history, viewed products, shopping cart, delivery and billing information.
Payment data: bank information is processed directly by our payment service providers and is never stored on our servers.
Navigation data: IP address, browser type, operating system, pages visited, duration of visit, source of origin, cookie identifiers.
Communication data: content of exchanges with our customer service.

3. Purposes of Processing

Your data is used to:

Process and ship your orders;
Manage your customer relationship (questions, complaints, returns, refunds);
Send you transactional communications (order confirmation, delivery tracking);
Send you commercial communications if you have consented to them;
Improve our Site, our products, and our user experience;
Measure the effectiveness of our advertising campaigns;
Prevent fraud and secure transactions;
Comply with our legal and accounting obligations.

4. Legal Bases

Processing is based on:

Contract performance for order processing and customer relationship;
Consent for marketing communications and non-essential cookies;
Legitimate interest for fraud prevention and Site improvement;
Legal obligation for the retention of accounting and tax data.

5. Recipients of the Data

Your data may be shared with:

Our technical service providers (hosting, e-commerce platform, analytical tools);
Our payment service providers;
Our carriers and logistics service providers;
Our advertising partners (Meta, Taboola, Outbrain, Google, MediaGo) for measurement and personalization purposes;
Competent authorities in case of legal obligation.

We never sell your data to third parties.

6. Transfers Outside the European Union

Some of our service providers (particularly our e-commerce platform, our analytical tools, and our advertising partners) may be located outside the European Union. In such cases, we ensure that these transfers are governed by appropriate safeguards (standard contractual clauses of the European Commission, adequacy decisions).

7. Retention Period

Order data: 10 years from the order date (accounting obligations);
Customer data (account): until account deletion or 3 years of inactivity;
Prospect data: 3 years from the last contact;
Cookies: 13 months maximum;
Navigation data: 25 months maximum.

8. Cookies and Trackers

The Site uses cookies and similar technologies to ensure its operation, measure its audience, and personalize advertisements. Upon your first visit, a banner allows you to accept, refuse, or set preferences for non-essential cookies.

Categories of cookies used:

Essential cookies: necessary for the Site's operation (shopping cart, session, security). They do not require your consent.
Analytics cookies: Google Analytics, internal audience measurement.
Advertising cookies: Meta Pixel (Facebook/Instagram), Taboola, Outbrain, MediaGo, Google Ads, RedTrack. They allow us to measure the effectiveness of our campaigns and display personalized advertisements.
Personalization cookies: memorization of your preferences (language, currency).

You can change your preferences at any time via the cookie management module accessible at the bottom of the page.

9. Your Rights

In accordance with the General Data Protection Regulation (GDPR) and applicable legislation, you have the following rights:

Right of access: obtain confirmation that your data is being processed and receive a copy of it;
Right to rectification: correct inaccurate or incomplete data;
Right to erasure: request the deletion of your data within the limits provided by law;
Right to restriction of processing: request the temporary suspension of processing;
Right to data portability: receive your data in a structured format;
Right to object: object to the processing of your data for legitimate reasons or for prospecting purposes;
Right to withdraw your consent at any time when processing is based on it;
Right to define directives regarding the fate of your data after your death.

To exercise your rights, contact us at contact@sorelise.com. A response will be provided within a maximum of one month. Proof of identity may be requested in case of reasonable doubt.

If you believe that your rights are not being respected, you can lodge a complaint with the competent supervisory authority (CNIL in France: www.cnil.fr).

10. Data Security

We implement appropriate technical and organizational measures to protect your data against loss, unauthorized access, disclosure, alteration, or destruction. Transactions are encrypted via the SSL/TLS protocol.

11. Changes to This Policy

We reserve the right to modify this policy at any time. Any changes will be published on this page with an update date. We invite you to consult it regularly.