Privacy policy
Privacy Policy
1. General Provisions
1.1. This Privacy Policy describes how IK ALL:U:R, reg. no.: 50002205881, address: Eizenijas street 17-45, Riga, Latvia, (hereinafter also referred to as the “Data Controller”) obtains, processes and stores personal data that allur.lv obtains from its customers and persons visiting the online store (hereinafter referred to as the “Data Subject” or “Buyer”).
1.2. Personal data is any information relating to an identified or identifiable natural person, i.e. the Data Subject. Processing is any operation related to personal data, such as obtaining, recording, modification, use, consultation, deletion or destruction.
1.3. The Data Controller complies with the data processing principles set in legislation and is able to confirm that personal data are processed in accordance with applicable legislation.
2. Acquisition, processing and storage of personal data
2.1. The Data Controller acquires, processes and stores personally identifiable information, mainly using the online store website and e-mail.
2.2. By visiting and using the services provided in the online store, the Buyer agrees that any information provided is used and managed in accordance with the purposes set out in the Privacy Policy.
2.3. The Data Subject is responsible for ensuring that the submitted personal data is correct, accurate and complete. Deliberate provision of false information is considered a violation of the Privacy Policy. The Data Subject is obliged to immediately notify the Data Controller of any changes to the submitted personal data.
2.4. The Data Controller is not liable for losses caused to the Data Subject or third parties if they arise due to falsely submitted personal data.
3. Processing of Customer Personal Data
3.1. The Data Controller may process the following personal data:
3.1.1. Name, surname
3.1.2. Date of birth
3.1.3. Contact information (email address and/or telephone number)
3.1.4. Transaction data (purchased goods, delivery address, price, payment information, etc.)
3.1.5. Any other information submitted during the purchase of services and goods offered by the website or when contacting the Data Controller
3.2. In addition to the above, the Data Controller has the right to verify the accuracy of the submitted data using publicly available registers.
3.3. The legal basis for the processing of personal data is Article 6(1)(a), (b), (c) and (f) of the General Data Protection Regulation:
a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
b) the processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract;
c) processing is necessary for compliance with a legal obligation where the controller is considered as a subject;
f) processing is necessary for the legitimate interests of the controller or of a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
3.4. The Data Controller shall store and process the personal data of the Data Subject for as long as at least one of the following criteria applies:
3.4.1. The personal data are necessary for the purposes for which they were collected;
3.4.2. As long as the Data Controller and/or the Data Subject can exercise their legitimate interests, such as to lodge objections or to bring or bring legal proceedings, in accordance with the procedure laid down in external legal acts;
3.4.3. As long as there is a legal obligation to store the data, such as in accordance with the Accounting Law;
3.4.4. As long as the Data Subject's consent to the relevant processing of personal data is valid, unless there is another lawful basis for the processing of personal data.
Upon the expiry of the circumstances referred to in this paragraph, the storage period for the Data Subject's personal data shall also expire and all relevant personal data shall be irreversibly deleted from computer systems and electronic and/or paper documents containing the relevant personal data or these documents shall be anonymised.
3.5. In order to fulfil its obligations towards the Buyer, the Data Controller has the right to transfer the Buyer's personal data to cooperation partners, data processors who carry out the necessary data processing on behalf of IK ALL:U:R, for example, accountants, courier services, etc. The Data Processor is the personal data controller. Payment processing is provided by the MakeCommerce payment platform, therefore IK ALL:U:R transfers the personal data necessary for the execution of payments to the platform owner Maksekeskus AS.
Upon request, the Buyer's personal data may be transferred to state and law enforcement authorities in order to defend their legal interests, if necessary, by drawing up, submitting and defending legal claims.
3.6. When processing and storing personal data, the Data Controller implements organizational and technical measures to ensure the protection of personal data against accidental or unlawful destruction, alteration, disclosure and any other unlawful processing.
4. Rights of the Data Subject
4.1. In accordance with the General Data Protection Regulation and legislation of the Republic of Latvia, the Buyer has rights to:
4.1.1. Access their personal data, receive information about their processing, as well as request a copy of your personal data in electronic format and the right to transfer this data to another controller (data portability);
4.1.2. Request correction of incorrect, inaccurate or incomplete personal data;
4.1.3. Delete their personal data (“be forgotten”), except in cases where the law requires the retention of data;
4.1.4. Withdraw their previously given consent to the processing of personal data;
4.1.5. Restrict the processing of their data – the right to request that IK ALL:U:R temporarily and completely stop processing all of the Buyer’s personal data;
4.1.6. Contact the State Data Inspectorate.
You can submit a request for the exercise of your rights by sending a request electronically to the e-mail address info@allur.lv.
5. Final provisions
5.1. This Privacy Policy has been developed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), as well as the applicable laws of the Republic of Latvia and the European Union.
5.2. The Data Controller has the right to make changes or additions to the Privacy Policy at any time and without prior notice. Amendments shall enter into force upon their publication on the website allur.lv.
Cookie Policy
1. A cookie is a small amount of information that is downloaded to your computer or device when you visit the website allur.lv.
We use various types of cookies, including performance, advertising and social media or content cookies. Cookies improve your browsing experience, for example by allowing the website to remember your actions and preferences on the website (such as logging in and choosing a region).
This means that you do not have to re-enter this information every time you return to the website or move from one page to another. Cookies also provide information about how often the website is used. For more information about cookies and how the data is collected with the help of these technologies, please read our Privacy Policy.
Some cookies are necessary to ensure ability to browse the website and use its features. The use of these cookies is essential for the website to function. For example, user input cookies are used to track the user's actions on the website across its different pages during a session.
Functional cookies are used to remember choices you have made or information you have provided, such as your username, language or the region you are in.
This allows us to tailor your website experience to your preferences. For example, authentication cookies are functional cookies that are used during a session (or permanently if you agree to the “remember me” feature) to allow users to authenticate themselves during future visits or to access authorized content on different pages. The functional cookies we use include:
- user-oriented security cookies to detect authentication violations for a limited and permanent period of time, such as repeated failed login attempts. These cookies are set for a specific service for the purpose of increasing security;
- multimedia content player session cookies (flash cookies) are used during a session to store technical data necessary for the playback of video or audio content (such as image quality, network link speed, and buffering parameters);
- load balancing session cookies are used during a session to identify the same server within a set of servers so that the load balancer can route requests appropriately;
- persistent user interface customization cookies are used to store user preferences for the service on web pages. To optimize the user experience, we also use other tools that help improve the website and trading platform. For this purpose, reporting and analytics cookies are used to collect information about how and how often you use our website.
Information generated by third-party cookies may be sent and stored outside the European Union.
They are beyond our control, so if necessary, please visit the third-party websites to find out more information.
Advertising cookies are used on our website to tailor marketing to your interests and to provide more personalized services in the future. These cookies are able to track your device's visits to our website and other websites, without personal identification of yours.
Without these cookies, the ads you see may be less relevant to your preferences.
Social media and content cookies are placed by many social media plugins and other tools designed to provide or improve the content of the site (for example, services that allow you to play video files, or that create comment sections). These modules are integrated into the platform to improve the browsing and interaction experience of the site. Some of these third-party services place cookies that are also used, for example, for behavioral advertising, analysis and/or market research.
2. The following cookies are used on the site:
Cookies necessary for the operation of the site:
Without these cookies, the ads you see may be less relevant to your preferences.
Social media and content cookies are placed by many social media plugins and other tools designed to provide or improve the content of the site (for example, services that allow you to play video files, or that create comment sections). These modules are integrated into the platform to improve the browsing and interaction experience of the site. Some of these third-party services place cookies that are also used, for example, for behavioral advertising, analysis and/or market research.
2. The following cookies are used on the site:
Cookies necessary for the operation of the site:
| Name | Description | Duration |
|---|---|---|
| _ab | Used to control when the admin bar is shown on the storefront. | 1y |
| _abv | Persist the collapsed state of the admin bar. | 1y |
| _checkout_queue_token | Used when there is a queue during the checkout process. | 1y |
| _cmp_a | Used for managing customer privacy settings. | 1d |
| _identity_session | Contains the identity session identifier of the user. | 2y |
| _master_udr | Permanent device identifier. | session |
| _pay_session | The Rails session cookie for Shopify Pay | session |
| _secure_account_session_id | Used to track a customer's session for new customer accounts. | 30d |
| _session_id | Used for providing reporting and analytics. | 2y |
| _shopify_country | Used for Plus shops where pricing currency/country is set from GeoIP by helping avoid GeoIP lookups after the first request. | 30min |
| _shopify_essential | Contains essential information for the correct functionality of a store such as session and checkout information and anti-tampering data. | 1y |
| _storefront_u | Used to facilitate updating customer account information. | 1min |
| _tracking_consent | Used to store a user's preferences if a merchant has set up privacy rules in the visitor's region. | 1y |
| auth_state_<<id>> | Stores authentication state before redirecting customers to third party for authentication. | 25min |
| card_update_verification_id | Used to support verification when a buyer is redirected back to Shopify after completing 3D Secure during checkout. | 20min |
| cart | Contains information related to the user's cart. | 2w |
| cart_currency | Used after a checkout is completed to initialize a new empty cart with the same currency as the one just used. | 2w |
| cart_sig | A hash of the contents of a cart. This is used to verify the integrity of the cart and to ensure performance of some cart operations. | 2w |
| cart_ts | Used in connection with checkout. | 2w |
| checkout | Used in connection with checkout. | 21d |
| checkout_prefill | Encrypts and stores URL parameters containing PII which are used in cart permalink URLs. | 5min |
| checkout_session_lookup | Used in connection with checkout. | 3w |
| checkout_session_token_<<id>> | Used when a checkout session is established on the server. | 3w |
| checkout_token | Captures the landing page of the visitor when they come from other sites. | session |
| customer_account_locale | Used to keep track of a customer account locale when a redirection occurs from checkout or the storefront to customer accounts. | 1y |
| customer_payment_method | Stores what payment method is being updated for subscriptions. | 1h |
| customer_shop_pay_agreement | Used to help verify a new Shop Pay payment instrument. | 20min |
| device_fp_id | Device fingerprint identifier to help prevent fraud. | session |
| device_id | Session device identifier to help prevent fraud. | session |
| discount_code | Stores a discount code (received from an online store visit with a URL parameter) in order to the next checkout. | session |
| dynamic_checkout_shown_on_cart | Adjusts checkout experience for buyers that proceed with regular checkout versus dynamic checkout. | 30min |
| hide_shopify_pay_for_checkout | Set when a buyer dismisses the Shop Pay login modal during checkout, informing display to buyer. | session |
| identity-state | Stores state before redirecting customers to identity authentication. | 1d |
| identity-state-<<id>> | Stores state before redirecting customers to identity authentication. | 1d |
| identity_customer_account_number | Stores an identifier used to facilitate login across the customer's account and storefront domains. | 12w |
| keep_alive | Used when international domain redirection is enabled to determine if a request is the first one of a session. | session |
| locale_bar_accepted | Preserves if the modal from the geolocation app was accepted. | session |
| locale_bar_dismissed | Preserves if the modal from the geolocation app was dismissed. | 1d |
| localization | Used to localize the cart to the correct country. | 2w |
| logged_in | Identity logged-in hint. | 12w |
| login_with_shop_finalize | Used to facilitate login with Shop. | 5min |
| master_device_id | Permanent device identifier. | 1y |
| order | Used to allow access to the data of the order details page of the buyer. | 3w |
| pay_update_intent_id | Stores an ID of a Shop Pay billing agreement update intent, required for a callback after verifying a new Shop Pay payment instrument. | 20min |
| preview_theme | Used to indicate whether the theme is being previewed. | session |
| previous_checkout_token | Used to prefill checkout with the details from the previous checkout. | 1y |
| previous_step | Used in connection with checkout. | 1y |
| profile_preview_token | Used for previewing checkout extensibility. | 5min |
| receive-cookie-deprecation | A cookie specified by Google to identify certain Chrome browsers affected by the third-party cookie deprecation. More information about this cookie can be found here. | session |
| remember_me | Used to prefill checkout with the details from the previous checkout. | 1y |
| secure_customer_sig | Used to identify a user after they sign into a shop as a customer so they do not need to log in again. | 1y |
| shop_pay_accelerated | Indicates if a buyer is eligible for Shop Pay accelerated checkout. | 1y |
| shopify-editor-unconfirmed-settings | Stores changes merchant does in the editor to update the preview. | 16h |
| shopify_pay | Used to log in a buyer into Shop Pay when they come back to checkout on the same store. | 1y |
| shopify_pay_redirect | Used to accelerate the checkout process when the buyer has a Shop Pay account. | 1y |
| storefront_digest | Stores a digest of the storefront password, allowing merchants to preview their storefront while it's password protected. | 1y |
| tracked_start_checkout | Used in connection with checkout. | 1y |
| user | Used in connection with Shop login. | 1y |
| user_cross_site | Used in connection with Shop login. | 1y |
| wpm-domain-test | Used to test Shopify's Web Pixel Manager with the domain to make sure everything is working correctly. | session |
Reporting and analytics cookies:
| Name | Description | Duration |
|---|---|---|
| _landing_page | Capture the landing page of visitor when they come from other sites. | 2w |
| _orig_referrer | Allows merchant to identify where people are visiting them from. | 2w |
| _shopify_ga | Contains Google Analytics parameters that enable cross-domain analytics measurement to work. | session |
| _shopify_s | Used to identify a given browser session/shop combination. Duration is 30 minute rolling expiry of last use. | 30min |
| _shopify_sa_p | Capture the landing page of visitor when they come from other sites to support marketing analytics. | 30min |
| _shopify_sa_t | Capture the landing page of visitor when they come from other sites to support marketing analytics. | 30min |
| _shopify_y | Shopify analytics. | 1y |
| checkout_one_experiment | Used when a checkout is eligible to Checkout One and has been assigned to an experiment (control group or test group). | session |
| shop_analytics | Contains the required buyer information for analytics in Shop. | 1y |
| unique_interaction_id | Used for checkout metrics. | 10min |
The length of time a cookie stays on your computer or mobile device depends on whether it is a "persistent" or a "session" cookie. Session cookies last until you stop browsing, while persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and last between 30 minutes and two years from the date they were created they were downloaded to your device. For more information on how to remove them before they expire, see the section below on how to control cookies.
You can control and manage cookies in a number of ways. Please note that removing or blocking cookies may have a negative impact on user experience and parts of our website may no longer be fully available.
Most browsers automatically accept cookies, but you can choose whether to accept cookies through your browser settings, often located in your browser's "Tools" or "Preferences" menu. You can find more information about how to change your browser settings or block, manage or filter cookies in your browser's help file or on websites such as: www.allaboutcookies.org.
You can control and manage cookies in a number of ways. Please note that removing or blocking cookies may have a negative impact on user experience and parts of our website may no longer be fully available.
Most browsers automatically accept cookies, but you can choose whether to accept cookies through your browser settings, often located in your browser's "Tools" or "Preferences" menu. You can find more information about how to change your browser settings or block, manage or filter cookies in your browser's help file or on websites such as: www.allaboutcookies.org.