Dievelia

Legal

Privacy policy

Dievelia takes your privacy seriously and complies with the EU General Data Protection Regulation (GDPR) and Cyprus data-protection law.

Who is the controller?

Dievelia Trading LTD, Cyprus VAT 60050543N (registration HE456859), 87 Axiou Street, 3111 Limassol, Cyprus. Privacy questions: info@dievelia.com.cy.

What we collect

  • Order data: name, shipping and billing address, email, phone number, items ordered.
  • Account data (if you register): email, hashed password, preferences, order history.
  • Payment data: handled by Stripe; we never see your card number. We store a tokenised reference to the transaction.
  • Technical data: IP address, device, browser, pages visited — used for analytics and fraud prevention.

Why we use it

  • To process and deliver your order (contractual necessity).
  • To meet accounting and tax obligations (legal obligation).
  • To prevent fraud and secure the site (legitimate interest).
  • To send marketing emails — only with your consent, which you can withdraw at any time.

Who we share with

We only share data with the partners we need to deliver your order:

  • Our fulfilment partner — a logistics and warehousing company based in Italy. They receive the shipping address and order details so they can dispatch your parcel directly. Bound by a written data-processing agreement and EU standard contractual clauses.
  • Stripe Payments Europe Ltd (Ireland) — for payment and fraud screening.
  • Supabase Inc. — database and authentication (hosted in Ireland, EU).
  • Vercel Inc. — hosting and CDN (EU region).
  • Resend — transactional email delivery.
  • Couriers such as DHL or UPS — to physically deliver your parcel.

International transfers

Where processors are located outside the EU, they act under Standard Contractual Clauses approved by the European Commission.

How long we keep it

  • Order records: 10 years (EU tax retention).
  • Account data: until you ask us to delete it.
  • Analytics data: anonymised after 26 months.

Your rights

Under GDPR you can:

  • Ask for a copy of your data.
  • Correct or delete your data.
  • Object to or restrict processing.
  • Withdraw consent at any time.
  • Lodge a complaint with the Cyprus Data Protection Commissioner.

To exercise any of these rights, email info@dievelia.com.cy.

Cookies

We use essential cookies to run the site and optional analytics cookies for which we ask your consent via a banner. You can change your choice at any time from the footer. See the Cookie policy for the full list.

Last updated: 2026-06-06.