Carolina Sella

Carolina Sella

Privacy Policy

Privacy Policy – Carolina Sella

Effective Date: January 18, 2026

Last Updated: January 31, 2026

1. Introduction

Carolina Sella (“we,” “us,” “our”) is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website carolinasella.com (the “Website”) or use our services.

This Privacy Policy complies with the General Data Protection Regulation (GDPR) (EU) 2016/679 and the ePrivacy Directive 2002/58/EC.

2. Data Controller Information

Data Controller: Carolina Sella

Website: carolinasella.com

Contact Email: hello@carolinasella.com

Location: Copenhagen, Denmark

For any questions about this Privacy Policy or your personal data, please contact us at hello@carolinasella.com.

3. What Personal Data We Collect

We collect and process the following types of personal data:

3.1 Information You Provide Directly

When you make a purchase:

  • Name
  • Email address
  • Shipping address
  • Billing address
  • Phone number (optional)

When you subscribe to our newsletter:

  • Email address
  • Name (optional)

When you contact us:

  • Name
  • Email address
  • Message content
  • Any information you choose to provide

When you create an account:

  • Email address
  • Password (encrypted)
  • Order history

3.2 Information Collected Automatically

Technical Data:

  • IP address
  • Browser type and version
  • Device information
  • Operating system
  • Referring website
  • Pages visited and time spent
  • Date and time of access

Cookies and Similar Technologies:

We use cookies and similar tracking technologies. See Section 8 for details.

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

4.1 Contractual Necessity (Article 6(1)(b) GDPR)

Processing is necessary to:

  • Fulfill orders and deliver products
  • Process payments
  • Provide customer service
  • Manage your account

4.2 Legitimate Interests (Article 6(1)(f) GDPR)

We have a legitimate interest in:

  • Improving our Website and services
  • Preventing fraud and security threats
  • Analyzing Website usage and performance
  • Marketing our products (where you have not objected)

4.3 Consent (Article 6(1)(a) GDPR)

We obtain your explicit consent for:

  • Newsletter subscriptions
  • Non-essential cookies
  • Marketing communications

4.4 Legal Obligation (Article 6(1)(c) GDPR)

Processing required to comply with:

  • Tax and accounting regulations
  • Consumer protection laws
  • Other legal requirements

5. How We Use Your Personal Data

We use your personal data for the following purposes:

5.1 Order Processing and Fulfillment

  • Processing and completing your orders
  • Communicating about your order status
  • Arranging shipping and delivery
  • Processing payments and refunds
  • Providing customer support

5.2 Communication

  • Sending order confirmations and updates
  • Responding to your inquiries
  • Sending newsletter updates (with your consent)
  • Notifying you of important changes to our services

5.3 Website Improvement

  • Analyzing Website usage and performance
  • Improving user experience
  • Developing new features and services
  • Troubleshooting technical issues

5.4 Legal and Security

  • Preventing fraud and abuse
  • Complying with legal obligations
  • Protecting our rights and property
  • Enforcing our Terms and Conditions

6. How We Share Your Personal Data

We do not sell your personal data to third parties. We may share your information with:

6.1 Service Providers

Google Analytics (Google Ireland Ltd.):

Data collected: Technical data, IP addresses (anonymized), and usage patterns.

Purpose: Analyzing website traffic and user behavior to improve our services.

Location: EU and USA.

Privacy Policy: https://policies.google.com/privacy

Print-on-Demand Partner (Printful):

Production Partner (Contrado):

  • Role: Production and fulfillment of specific merchandise and apparel.
  • Data shared: Name, shipping address, and order details.
  • Location: United Kingdom (Non-EU, but compliant with UK-GDPR).
  • Privacy Policy: https://www.contrado.co.uk/privacy-policy

Payment Processors (Stripe, PayPal):

Email Service Provider:

  • Email address, name
  • Purpose: Sending newsletters and transactional emails
  • We ensure GDPR-compliant providers

Hosting Provider:

  • Technical data, IP addresses
  • Purpose: Website hosting and operation
  • Location: EU-based servers where possible

6.2 Legal Requirements

We may disclose your data if required by law, court order, or to:

  • Comply with legal processes
  • Protect our rights and property
  • Prevent fraud or illegal activities
  • Protect the safety of users

6.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new owner, subject to the same privacy protections.

7. International Data Transfers

Some of our service providers are located outside the European Economic Area (EEA). When we transfer your data internationally, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions for countries with equivalent data protection
  • Privacy Shield (where applicable)

You have the right to request information about the safeguards we use for international transfers.

8. Cookies and Tracking Technologies

8.1 What Are Cookies?

Cookies are small text files stored on your device when you visit our Website.

8.2 Types of Cookies We Use

Essential Cookies (No consent required):

  • Session management
  • Shopping cart functionality
  • Security and authentication
  • Load balancing

Analytics Cookies (Consent required):

  • Google Analytics: We use Google Analytics to understand how visitors interact with our website. This helps us measure performance and improve your experience. These cookies are only activated if you click “Accept All” or enable “Analytics” in our cookie banner.
  • Website performance monitoring
  • User behavior analysis

Marketing Cookies (Consent required):

  • Social media integration
  • Advertising and retargeting (if implemented)

8.3 Cookie Duration

  • Session cookies: Deleted when you close your browser
  • Persistent cookies: Remain for a specified period (typically 1-12 months)

8.4 Managing Cookies

You can control cookies through:

  • Our cookie consent banner (when implemented)
  • Your browser settings
  • Opt-out tools provided by third parties

Note: Disabling essential cookies may affect Website functionality.

8.5 Do Not Track

We currently do not respond to “Do Not Track” browser signals, as there is no industry standard for compliance.

How to opt-out: You can prevent Google Analytics from using your data by installing the Google Analytics Opt-out Browser Add-on available here: https://tools.google.com/dlpage/gaoptout.

9. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this Privacy Policy:

Order Data: 7 years (for tax and accounting purposes)

Newsletter Subscriptions: Until you unsubscribe

Contact Form Submissions: 2 years

Account Data: Until you request deletion or account closure

Analytics Data: 26 months (Google Analytics default)

Cookies: As specified in cookie settings (typically 1-12 months)

After the retention period, we will securely delete or anonymize your data.

10. Your Rights Under GDPR

As a data subject in the EU, you have the following rights:

10.1 Right of Access (Article 15)

You can request a copy of the personal data we hold about you.

10.2 Right to Rectification (Article 16)

You can request correction of inaccurate or incomplete data.

10.3 Right to Erasure / “Right to be Forgotten” (Article 17)

You can request deletion of your data in certain circumstances.

10.4 Right to Restriction of Processing (Article 18)

You can request that we limit how we use your data.

10.5 Right to Data Portability (Article 20)

You can request your data in a structured, machine-readable format.

10.6 Right to Object (Article 21)

You can object to processing based on legitimate interests or for marketing purposes.

10.7 Rights Related to Automated Decision-Making (Article 22)

We do not currently use automated decision-making or profiling.

10.8 Right to Withdraw Consent

You can withdraw consent at any time where processing is based on consent.

10.9 Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority:

  • Denmark: Datatilsynet (https://www.datatilsynet.dk)
  • EU-wide list: https://edpb.europa.eu/about-edpb/board/members_en

11. How to Exercise Your Rights

To exercise any of your rights, please contact us at:

Email: hello@carolinasella.com

Subject Line: “Data Privacy Request”

Please include:

  • Your full name
  • Email address associated with your account/order
  • Specific request (access, deletion, etc.)
  • Proof of identity (if required)

We will respond to your request within 30 days as required by GDPR.

12. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

12.1 Technical Measures

  • SSL/TLS encryption for data transmission
  • Secure hosting infrastructure
  • Regular security updates and patches
  • Encrypted password storage
  • Firewall protection

12.2 Organizational Measures

  • Access controls and authentication
  • Employee training on data protection
  • Regular security audits
  • Data breach response procedures

12.3 Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours
  • Notify affected individuals without undue delay
  • Take immediate steps to mitigate the breach

13. Children’s Privacy

Our Website is not intended for children under 16 years of age. We do not knowingly collect personal data from children.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us at hello@carolinasella.com, and we will delete the information.

14. Third-Party Websites

Our Website may contain links to third-party websites, including:

  • Instagram (https://instagram.com/nebula.ttt)
  • Payment processors
  • Print-on-demand services

We are not responsible for the privacy practices of these third-party websites. We encourage you to review their privacy policies.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

  • Changes in our practices
  • Legal or regulatory requirements
  • New features or services

When we make material changes, we will:

  • Update the “Last Updated” date
  • Notify you via email (for registered users)
  • Display a prominent notice on the Website

Your continued use of the Website after changes constitutes acceptance of the updated Privacy Policy.

16. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Data Controller: Carolina Sella

Email: hello@carolinasella.com

Website: carolinasella.com

For data protection inquiries specifically, please use the subject line: “Data Privacy Request”

17. Legal Framework

This Privacy Policy is designed to comply with:

  • GDPR (General Data Protection Regulation) (EU) 2016/679
  • ePrivacy Directive 2002/58/EC (as amended)
  • Danish Data Protection Act (Databeskyttelsesloven)
  • EU Consumer Rights Directive 2011/83/EU
  • E-Commerce Directive 2000/31/EC

Last Updated: January 28, 2026

© 2026 Carolina Sella. All rights reserved.

Cookie Policy

This section explains how Carolina Sella (“we”, “us”, and “our”) uses cookies and similar technologies.

Types of Cookies We Use

We use first-party and third-party cookies for several reasons.

  • Essential Cookies: strictly necessary for the website to work (e.g. login, shopping cart).
  • Functional Cookies: store your preferences.
  • Analytics & Marketing: help us improve our site and show relevant ads (only if you consent).

Manage your Preferences

You can update your cookie settings at any time using the button below: