At Oakline Boutique, we are committed to protecting your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable Irish data protection laws.

This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website or make a purchase.

By using our website, you agree to the practices described below.

1. Data Controller

Oakline Boutique is the data controller responsible for your personal data.

If you have questions regarding this policy or your personal data, you may contact us at:

📧 support@oaklineboutique.com

2. Information We Collect

a) Personal Information You Provide

When you visit our website or place an order, we may collect:

• 
  First and last name
  
• 
  Billing and shipping address
  
• 
  Email address
  
• 
  Phone number
  
• 
  Payment details (processed securely by third-party providers)
  

We do not store full credit card numbers on our servers.

b) Automatically Collected Information

When you browse our website, we may collect:

• 
  IP address
  
• 
  Browser type and version
  
• 
  Device type
  
• 
  Time zone
  
• 
  Pages viewed and interaction behavior
  
• 
  Search terms
  
• 
  Cookie data
  

This information is collected through cookies, log files, pixels, and similar technologies.

3. Legal Basis for Processing (GDPR)

We process your personal data based on one or more of the following legal grounds:

• 
  Contractual necessity – to process and fulfill your order
  
• 
  Legal obligation – to comply with tax and accounting requirements
  
• 
  Legitimate interests – to improve our services, prevent fraud, and maintain website security
  
• 
  Consent – for marketing communications and non-essential cookies
  

You may withdraw your consent at any time.

4. How We Use Your Information

We use your personal data to:

• 
  Process and deliver orders
  
• 
  Manage payments and prevent fraud
  
• 
  Provide customer support
  
• 
  Communicate about orders, returns, or inquiries
  
• 
  Improve website performance and user experience
  
• 
  Send promotional emails (only if you have given consent)
  

5. Sharing of Personal Data

We do not sell your personal data.

We may share your information with trusted third parties where necessary, including:

• 
  Payment providers (e.g., PayPal, credit card processors)
  
• 
  Shipping and logistics partners
  
• 
  E-commerce platform providers (e.g., Shopify)
  
• 
  Analytics and marketing service providers
  

These third parties process data only on our instructions and in compliance with applicable data protection laws.

6. International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA).

Where personal data is transferred outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

7. Cookies

We use cookies to:

• 
  Ensure website functionality
  
• 
  Remember preferences
  
• 
  Analyze traffic and usage
  
• 
  Improve performance and marketing effectiveness
  

Where required, we obtain your consent before placing non-essential cookies.

You may manage or withdraw cookie consent at any time through your browser settings or cookie preferences.

8. Data Retention

We retain personal data only for as long as necessary to:

• 
  Fulfill contractual obligations
  
• 
  Comply with legal requirements
  
• 
  Resolve disputes
  
• 
  Enforce agreements
  

When no longer required, personal data is securely deleted or anonymized.

9. Your Rights Under GDPR

As an EU customer, you have the right to:

• 
  Access your personal data
  
• 
  Request correction of inaccurate data
  
• 
  Request deletion (“right to be forgotten”)
  
• 
  Restrict processing
  
• 
  Object to processing
  
• 
  Request data portability
  
• 
  Withdraw consent at any time
  
• 
  Lodge a complaint with a supervisory authority
  

In Ireland, the supervisory authority is:

Data Protection Commission (Ireland)
Website: www.dataprotection.ie

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against:

• 
  Unauthorized access
  
• 
  Loss or misuse
  
• 
  Alteration or disclosure
  

These include secure hosting, encrypted payment processing, and restricted internal access.

11. Third-Party Links

Our website may contain links to external websites.
We are not responsible for the privacy practices of third-party sites.

12. Updates to This Policy

We may update this Privacy Policy to reflect changes in legal requirements or business practices.

The latest version will always be available on this page with an updated effective date.