Privacy policy
Last updated: January 28, 2026
1. General
The Dark Rose Emporium operates this online store and associated services ("the Services"). We are committed to protecting your privacy and process your personal data in accordance with the General Data Protection Regulation (EU 2016/679, GDPR), supplementary Swedish legislation, and applicable practices.
This privacy policy describes how we collect, use, store, and protect your personal data when you use our services or otherwise communicate with us. If there is a conflict between our terms of use and this privacy policy, this policy shall prevail in matters relating to the processing of personal data.
2. Data Controller
The Dark Rose Emporium
Organization number: 861121-2021
Address: Storgatan 1, 615 33 Valdemarsvik, Sweden
Email: info@darkroseemporium.com
The Dark Rose Emporium is the data controller for the processing of personal data described in this policy.
3. What Data We Collect
We collect personal data directly from you, automatically through our services, and from our partners (e.g., payment and delivery providers). Depending on how you use our services, the following categories of personal data may be processed:
Contact information: name, address, email address, phone number.
Payment information: card number, payment method, transaction history.
Account information: username, password, preferences.
Order and purchase history: products you have viewed, purchased, returned, or canceled.
Communication: content of messages you send to us (e.g., customer service).
Technical information: IP address, browser, device information, cookies.
Usage data: how you interact with our website, e.g., pages you visit.
4. Purpose and Legal Basis for Processing
We process your personal data for the following purposes and based on the following legal grounds:
| Purpose | Legal Basis | Examples |
|---|---|---|
| Manage orders, payments, and deliveries | Contract (GDPR art. 6.1 b) | Complete purchases, manage customer account |
| Fulfill legal requirements (accounting, complaints) | Legal obligation (art. 6.1 c) | Swedish Accounting Act (1999:1078) |
| Marketing and newsletters | Consent (art. 6.1 a) | Email, SMS campaigns |
| Improve and customize services | Legitimate interest (art. 6.1 f) | Traffic analysis, customer behavior |
| Prevent fraud and protect our business | Legitimate interest / Legal obligation | Security monitoring |
5. How We Use and Share Personal Data
We use your personal data only for the purposes stated above. Your data may be shared with the following recipients:
- Shopify, which provides our e-commerce platform.
- Payment providers (e.g., Shopify Payments, Klarna, PayPal).
- Shipping companies (e.g., PostNord, DHL) to deliver your goods.
- IT and cloud service providers that provide operational and security solutions.
- Marketing partners, Facebook/Meta, Instagram, TikTok, and Google, to the extent you have consented to this.
All our suppliers process data in accordance with data processing agreements and only for our purposes.
6. Cookies and Tracking
We use cookies and similar technologies to improve your experience, analyze traffic, and customize marketing.
In accordance with the Electronic Communications Act (2003:389), we ask for your consent to use non-essential cookies. You can change or withdraw your consent at any time via our cookie banner or browser settings.
More information is available in our Cookie Policy.
7. Retention Period
We store personal data only as long as necessary for the purposes for which they were collected:
- Customer and order data: up to 24 months after completed order.
- Accounting data: 7 years according to the Accounting Act.
- Marketing consents: until you withdraw consent.
- Technical logs and security data: normally 12 months.
When data is no longer needed, it is anonymized or securely deleted.
8. Your Rights
As a data subject under GDPR, you have the right to:
- request access to the personal data we have about you,
- request correction of incorrect data,
- request deletion ("right to be forgotten"),
- request restriction of processing,
- object to processing based on legitimate interest,
- request data portability (transfer of your data to another party),
- withdraw your consent at any time.
To exercise these rights, contact us at info@darkroseemporium.com
We will respond within 30 days in accordance with GDPR.
9. International Transfers
Shopify and some of our suppliers are based outside the EU/EEA. If personal data is transferred to a country outside the EU/EEA, it is done according to EU Standard Contractual Clauses (SCC) or other approved safeguards, which guarantee an adequate level of protection.
10. Children's Data
Our services are not intended for children under 16 years of age. If you suspect that a child has provided personal data to us without parental consent, contact us and we will delete the data.
11. Security
We use technical and organizational security measures to protect your data against unauthorized access, loss, misuse, or alteration. However, no transmission over the internet is completely risk-free, so we cannot guarantee complete security.
12. Complaints
If you have comments or complaints regarding our processing of personal data, please contact us. You also have the right to file a complaint with:
Swedish Authority for Privacy Protection (IMY) Box 8114, 104 20 Stockholm Website: www.imy.se
13. Changes to This Policy
We may update this privacy policy as needed to reflect changes in our practices or applicable legislation. The latest version is always published on this page with an updated date.
Contact: Questions about this privacy policy should be sent to: info@darkroseemporium.com
Cookie Policy
Last updated: January 28, 2026
1. What Are Cookies?
Cookies are small text files stored on your computer, tablet, or mobile phone when you visit a website. They are used to make the website function properly, improve your user experience, measure traffic, and – if you consent – customize ads and marketing.
Cookies can be:
- Necessary – required for the website to function (e.g., shopping cart, login).
- Functional – improve features such as language selection and saved settings.
- Analytical/performance – used to measure visits, user behavior, and improve the site.
- Marketing cookies – used to display relevant ads based on your activity.
2. Who Sets Cookies?
Cookies are set both by us (first-party cookies) and by our partners (third-party cookies), e.g.:
- Shopify, which operates our e-commerce platform and uses cookies to enable login, cart, payment, and analytics.
- Google Analytics (if activated), for statistics and website analysis.
- Meta (Facebook/Instagram) or other advertising networks, for targeted marketing – only with your consent.
3. Consent to Cookies
When you visit our website, a cookie banner is displayed where you can choose to:
- Accept all cookies,
- Only allow necessary cookies, or
- Customize your choices.
You can change or withdraw your consent at any time via the banner or by clearing cookies in your browser. We store your consent for 12 months or until you change it.
4. How to Control Cookies
Most browsers allow you to block or delete cookies. Instructions can usually be found under the browser's "Settings" or "Privacy" section. Please note that the website may not function fully if you block necessary cookies.
5. Which Cookies We Use
Examples of common cookies used in Shopify stores:
| Cookie | Purpose | Retention Period |
|---|---|---|
| _shopify_y | Used for customer behavior analysis | 1 year |
| _shopify_s | Session identifier | Session |
| cart | Stores shopping cart contents | 14 days |
| _secure_session_id | Identifies logged-in user | Session |
| _tracking_consent | Stores user's cookie settings | 1 year |
| _ga, _gid (Google Analytics) | Visit statistics | 2 years / 1 day |
| fbp (Facebook Pixel) | Marketing / advertising | 3 months |
6. More Information
For more information about how we process personal data collected via cookies, see our Privacy Policy.
Contact: Questions about this cookie policy can be sent to: info@darkroseemporium.com
