This Privacy Policy explains how The Linen Valley (MB Linen Valley, V. Macernio g. 3H, LT-08336, Vilnius, Lithuania; "we", "us" or "our") collects, uses, and protects your personal data when you visit or make a purchase through www.thelinenvalley.com (the "Site"). We care about your personal data protection and privacy and consider your privacy a very serious matter. We collect, store, and process all data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the Law on the Protection of Personal Data, and other applicable legal acts.

By using our Site or placing an order, you agree to the practices described in this Policy. We may update this Policy in the future — we encourage you to review it periodically. If you have any questions, please contact us using the details provided at the end of this Policy.

Some services on our Site are provided by third parties. When you use these services, their data protection policies may also apply.

We collect personal data in the following situations:

When you visit the Site: IP address, browser type, device type, and location data — used for website analytics, security, and improving user experience. We will not use your IP address without explicit permission unless necessary to provide our services or for security purposes, including prevention of cyber-attacks.

When you add items to your cart: Name, surname, phone number, email address, and shipping address — used to facilitate the checkout process and provide personalized services.

When you complete a purchase: Name, surname, phone number, email address, shipping address, item information, price, transaction time, and payment method — used to process your order, arrange delivery, provide customer support, and maintain transaction records.

When you subscribe to our newsletter: Email address — used to send you updates, offers, and news about our products.

Please note: The Linen Valley does not store any customer financial details such as debit or credit card numbers. All payment data is processed securely by our payment providers.

Important: If you provide us with details of other people related to your order (for example, if items are to be delivered to another person), you should obtain their consent and make them familiar with this Policy.

We use the personal data that you provide directly when using our services, as well as data we automatically record when you visit and use the Site.

We collect and process your personal data for the following purposes:

• Order processing and fulfillment — to process your purchase, arrange delivery, and provide customer support
• Communication — to respond to your questions, feedback, and service requests, and to send important notices regarding changes to our Terms or this Policy
• Marketing — to send you relevant offers and newsletters (only with your consent)
• Website improvement — to analyze usage patterns, monitor trends, and improve our products and services
• Legal compliance — to meet our obligations under applicable laws and regulations
• Fraud prevention and security — to protect against unauthorized access, fraud, cyber-attacks, and other threats

We process your personal data on the following legal grounds:

• Contract performance — when processing is necessary to fulfill your order
• Consent — when you have explicitly agreed, e.g. for marketing communications
• Legal obligation — when required by applicable law
• Legitimate interests — when necessary to improve our services and protect our business, balanced against your privacy rights

We undertake to process your personal data only for the purposes specified in this Policy and not for any other purposes, except as required by law.

Cookies are small text files stored on your device when you visit our Site. We use the following types of cookies:

• Technical cookies — essential for the Site to function correctly (e.g. shopping cart functionality)
• Functional cookies — improve performance and personalize your experience
• Analytical cookies — used for anonymous statistical analysis of how visitors use the Site
• Marketing cookies — used to display relevant offers and advertisements
• Social network cookies — enable integration with social media platforms

When you first visit the Site, we will ask for your consent to use non-essential cookies. You may withdraw your consent at any time by adjusting your browser settings. Please note that disabling certain cookies may affect the functionality of the Site.

We may share your personal data with the following third parties:

• Payment providers — Stripe, PayPal, and card processors (Visa, MasterCard)
• Delivery and logistics providers — to fulfill your order
• IT and cloud service providers — including Shopify, which hosts our online store
• Marketing and analytics platforms — to help us understand and improve our services
• Legal and regulatory authorities — when required by law or to protect our legal rights
• Business transaction parties — in connection with any sale, merger, or reorganization of our business

All third-party processors are carefully selected and bound by written agreements to process your data only as instructed and in compliance with GDPR. Some providers may be located outside the EU/EEA — in such cases, we ensure appropriate safeguards are in place to protect your data.

If you have any questions regarding our service providers or data security arrangements, please contact us at home@thelinenvalley.com. We will provide additional information upon request.

• Order and transaction data — retained for 10 years in accordance with accounting regulations
• Cookie data — retained for the duration of your session or up to 2 years
• Newsletter subscription data — retained for 1 month after cancellation of the subscription

Once data is no longer needed for the specified purpose, it is securely deleted.

We take the security of your personal data seriously and implement appropriate technical and organizational measures, including:

• Secure server infrastructure and encryption technologies
• Restricted access to personal data — only authorized personnel may access it
• Careful selection and supervision of third-party service providers

Please note that data transmitted over the internet or via email cannot be guaranteed to be completely secure. We encourage you to exercise caution when sharing personal information online, especially on public computers.

Under GDPR, you have the following rights regarding your personal data:

• Right to be informed — to know how your data is collected and used
• Right of access — to request a copy of the personal data we hold about you
• Right to correction — to request correction of inaccurate or incomplete data
• Right to erasure — to request deletion of your data under certain circumstances
• Right to restrict processing — to request that we limit how we use your data
• Right to data portability — to receive your data in a structured, machine-readable format
• Right to object — to object to processing based on legitimate interests or for direct marketing purposes
• Right to withdraw consent — to withdraw consent at any time without affecting prior processing
• Right to complain — to file a complaint with the State Data Protection Inspectorate of Lithuania (www.ada.lt) if you believe your rights are being violated

You may cancel your newsletter subscription at any time by unchecking the relevant option in your account or by contacting us directly.

To exercise any of the rights listed above, please contact us at home@thelinenvalley.com. We will respond to your inquiry within 30 days of receipt. In exceptional cases requiring additional time, we will notify you and may extend the response period to 60 days from the date of your inquiry.

If we are unable to fulfill your request, we will provide a reasoned written response explaining why, in accordance with applicable law.

If you are an EU resident and have a complaint that cannot be resolved directly with us, you may contact the State Data Protection Inspectorate of Lithuania (www.ada.lt) or use the European Commission's Online Dispute Resolution platform: https://ec.europa.eu/consumers/odr

When collecting and using your personal data, we follow these principles:

• Lawfulness, fairness, and transparency — your data is processed in a lawful, fair, and transparent manner
• Purpose limitation — your data is collected for specified, clearly defined, and legitimate purposes and will not be processed in an incompatible way
• Data minimization — we collect only the data that is adequate and necessary for the specified purposes
• Accuracy — we ensure that processed data is accurate and, where necessary, kept up to date
• Storage limitation — your data is stored no longer than necessary for the purposes for which it was collected
• Integrity and confidentiality — your data is protected against unauthorized access, accidental loss, destruction, or damage

Our obligations:

• To process your personal data only for clearly defined and legitimate purposes
• Not to process your data for purposes other than those specified in this Policy, except as required by law
• To ensure that no excessive personal data is processed
• To be accountable for complying with the principles established in this Policy and to be able to demonstrate compliance

We reserve the right to update this Privacy Policy at any time. Changes will take effect immediately upon posting to the Site. We encourage you to review this Policy periodically. Your continued use of the Site following any changes constitutes your acceptance of the updated Policy.

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:

The Linen Valley
Email: home@thelinenvalley.com ,
Phone: +370 682 11413
Address: MB Linen Valley, V. Macernio 3H, Vilnius, LT-08336