Venroys Privacy Policy
Last updated: February 25, 2026
Welcome to Venroys ("we", "us", "our"). We value your privacy and handle personal data with care. This Privacy Policy explains what personal data we collect, how we use it, on which legal grounds we process it, how long we keep it, with whom we share it, and what rights you have.
1. Who is responsible for processing?
Venroys OÜ (Estonian private limited company)
Registered on: 2 February 2026 (Estonia)
Registry code: 17427636
Address: Tornimäe tn 5, 10145 Tallinn, Estonia
Website: venroys.com
Management board: Constantino Aemilius Darshan Changoe
Main activity (EMTAK): 47711 - Retail sale of clothing in specialised stores
Email: privacy@venroys.nl
For privacy questions, requests, or complaints, please contact us at the email address above. If we appoint a Data Protection Officer (DPO) where required, the contact details will be published here.
2. Personal Data We Process
Depending on how you use Venroys (shopping, creating an account, contacting us, or selling on the platform), we may process the following categories of personal data:
| Category | Examples |
|---|---|
| Identification and Contact Data | Name, billing/shipping address, email address, phone number, account ID |
| Payment and Billing Data | Payment provider token, transaction ID, invoice details, payout details (for sellers) |
| Order and Fulfillment Data | Ordered items, quantities, shipping method, delivery status, return/refund information |
| Account and Login Data | Username/email, hashed password, account preferences, login timestamps |
| Communication and Consent Data | Support messages, newsletter opt-in status, cookie consent choices |
| Technical and Device Data | IP address, browser type, device information, session logs, security events |
| Usage and Behavioral Data | Pages viewed, search queries, clicks, scroll behavior, products viewed |
We do not intentionally collect special categories of personal data (for example, health data). Please do not include sensitive personal information in order notes, support messages, or other free-text fields unless it is strictly necessary.
3. Purposes and Legal Bases
| Purpose | Legal Basis (GDPR) | Details |
|---|---|---|
| Account creation and authentication | Performance of a contract (Art. 6(1)(b)) | To create your account, let you log in securely, and keep your account available. |
| Order processing, payment, and delivery | Performance of a contract (Art. 6(1)(b)) | To process purchases, confirm orders, arrange shipping, and manage returns or refunds. |
| Customer support and service communication | Legitimate interests (Art. 6(1)(f)) | To answer questions, investigate issues, and improve support quality. |
| Marketing communications and promotional offers | Consent (Art. 6(1)(a)) | Only where required by law and after you opt in. You can unsubscribe or withdraw consent at any time. |
| Security, fraud prevention, and platform integrity | Legitimate interests (Art. 6(1)(f)) and legal obligations (Art. 6(1)(c)) | To detect abuse, secure accounts, prevent fraud, and comply with security-related obligations. |
| Legal, tax, and accounting compliance | Legal obligation (Art. 6(1)(c)) | To meet bookkeeping, tax, reporting, and other statutory requirements. |
4. Cookies and Similar Technologies
We use cookies and similar technologies to operate the website, remember your preferences, improve performance, and measure usage. We request consent for non-essential cookies where required by law. For more information, see our Cookie Policy.
5. Sharing With Third Parties
We share personal data only when necessary, for example with:
- Payment service providers to process payments, refunds, and related transaction checks.
- Shipping and logistics partners to deliver orders and handle returns.
- Hosting, infrastructure, email, and technical service providers that support the platform.
- Analytics and marketing partners (only where permitted and, where required, with your consent).
- Public authorities, regulators, or law enforcement where we are legally required to disclose information.
Where third parties process data on our behalf, we use data processing agreements where required and instruct them to process personal data only for the agreed purposes.
6. Data Retention
| Data Category | Retention Period |
|---|---|
| Invoices and transaction records | Up to 7 years (or longer if required by law) |
| Customer account data | For the duration of the account and a limited period after inactivity or closure |
| Marketing preferences and consent records | Until consent is withdrawn or no longer needed to demonstrate consent |
| Security, log, and analytics data | For a limited period appropriate to security and analytics purposes |
7. Security
We implement appropriate technical and organizational measures to protect personal data, including:
- Encryption in transit (HTTPS / TLS)
- Password hashing and secure authentication controls
- Access controls and role-based permissions
- Monitoring, backups, and security maintenance processes
8. Your Rights
Depending on your location and applicable law, you may have the right to:
- Request access to the personal data we hold about you.
- Request correction of inaccurate or incomplete personal data.
- Request deletion of your personal data, where applicable.
- Request restriction of processing or object to certain processing activities.
- Withdraw consent at any time where processing is based on consent.
- Lodge a complaint with your local supervisory authority (for example, in the Netherlands: Autoriteit Persoonsgegevens).
To exercise your rights, please contact privacy@venroys.nl. We may ask for additional information to verify your identity before processing your request.
9. Minors
Venroys is not intended for children under the age required by applicable law to consent to data processing on their own (for example, 16 in some jurisdictions). We do not knowingly collect personal data from children without the required consent.
10. Automated Decision-Making
We do not use solely automated decision-making or profiling that produces legal effects or similarly significant effects on you.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top shows when this page was last changed. If we make material changes, we may notify you through the website, email, or account notifications where appropriate.
12. Contact
If you have questions, concerns, or requests about this Privacy Policy or our data practices, contact us at:
Venroys OÜ
Tornimäe tn 5
10145 Tallinn
Estonia
Registry code: 17427636
Management board: Constantino Aemilius Darshan Changoe
Email: privacy@venroys.nl
Website: venroys.com
Thank you for trusting Venroys. We take privacy and data protection seriously.