Privacy Policy
Last updated: July 16, 2026
1. Information We Collect
When you browse, place an order, or interact with GECOMO, we may collect the following categories of information:
- Personal Identifiers: name, email address, shipping and billing address, phone number.
- Payment Information: credit card details or other payment method data (processed securely via Shopify Payments — we do not store full card numbers).
- Order History: products purchased, order dates, return/exchange records.
- Device & Usage Data: IP address, browser type, operating system, referring URLs, pages viewed, and how you interact with our site.
- Communications: email correspondence with our support team and newsletter subscription preferences.
2. How We Use Your Information
We use the information we collect to:
- Process and fulfill your orders, including shipping and returns.
- Communicate with you about your order, account, or inquiries.
- Send marketing emails and promotional offers (with your consent where required by law).
- Improve our website, products, and customer experience.
- Detect and prevent fraud, unauthorized transactions, and other liabilities.
- Comply with applicable legal obligations.
3. Cookies & Tracking Technologies
GECOMO uses cookies, pixels, and similar technologies to enhance your browsing experience, analyze site traffic, and serve relevant advertising. The types of cookies we use include:
- Essential Cookies: required for the website to function (e.g., shopping cart, checkout).
- Analytics Cookies: help us understand how visitors use our site (e.g., Shopify Analytics, Google Analytics).
- Advertising Cookies: used to deliver relevant ads and measure campaign performance.
- Functional Cookies: remember your preferences and settings.
You can manage cookie preferences through your browser settings. Disabling certain cookies may affect site functionality.
4. Shopify & Third-Party Sharing
GECOMO is powered by Shopify Inc. As part of our service, certain data is shared with Shopify for order processing, payment handling, and fraud analysis. Shopify's privacy practices are governed by their own Privacy Policy.
We may also share limited data with:
- Payment processors (e.g., Stripe, PayPal) solely for transaction processing.
- Shipping carriers (e.g., USPS, UPS, FedEx) for order delivery.
- Marketing platforms (e.g., Klaviyo, Google Ads, Meta) for email campaigns and targeted advertising, with appropriate data processing agreements in place.
We do not sell your personal information to third parties for their own marketing purposes.
5. CCPA — Your California Privacy Rights
If you are a resident of California, the California Consumer Privacy Act (CCPA) grants you the following rights:
- Right to Know: request disclosure of the categories and specific pieces of personal information we have collected about you.
- Right to Delete: request deletion of personal information we have collected, subject to certain exceptions.
- Right to Opt Out: direct us not to sell your personal information (we do not sell data as defined by the CCPA).
- Right to Non-Discrimination: we will not deny services or charge different prices for exercising your CCPA rights.
To exercise your rights, please contact us at [email protected] or write to the address below. We will verify your request before processing.
6. GDPR — Your European Privacy Rights
If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR):
- Right of Access: request a copy of the personal data we hold about you.
- Right to Rectification: correct inaccurate or incomplete data.
- Right to Erasure: request deletion of your data ("right to be forgotten").
- Right to Restrict Processing: limit how we use your data.
- Right to Data Portability: receive your data in a structured, machine-readable format.
- Right to Object: object to processing based on legitimate interests or direct marketing.
Our lawful bases for processing include: consent (for marketing), contract fulfillment (for order processing), and legitimate interests (for analytics and fraud prevention). To exercise your GDPR rights, contact [email protected].
7. Data Retention & Security
We retain your personal information only as long as necessary to fulfill the purposes described in this policy, or as required by law. We implement industry-standard security measures — including SSL/TLS encryption, firewalls, and access controls — to protect your data from unauthorized access, alteration, or destruction.
8. Children's Privacy
GECOMO does not knowingly collect personal information from individuals under the age of 13 (or 16 in the EEA). If we become aware that a child has provided us with personal data, we will take steps to delete it promptly.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically.
10. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us:
GECOMOAttn: Privacy
123 Commerce Drive, Suite 100
Houston, TX 77002
Email: [email protected]