Privacy policy
PRIVACY POLICY
Last Updated: December 7, 2025
Kotos operates this store and website, including the information, content, functionality, tools, products, and services, in order to provide you, as our customer, with an appropriate shopping experience (the "Services"). Kotos is powered by Shopify, which enables us to provide you with the Services. This Privacy Policy describes how we collect, use, and disclose your personal data when you visit, use, make a purchase, or conduct any other transaction through the Services, or when you communicate with us. In the event of any conflict between our Terms of Service and this Privacy Policy, this Privacy Policy shall prevail with respect to the collection, processing, and disclosure of your personal data.
Please read this Privacy Policy carefully. By using and accessing the Services, you confirm that you have read this Privacy Policy and understand what is described regarding the collection, use, and disclosure of your information.
PERSONAL DATA WE COLLECT OR PROCESS
When we use the term "personal data," we refer to information that identifies you or is reasonably linked to you or another person. Personal data does not include information collected in anonymous or anonymized form such that it cannot identify or be linked to you. We may collect or process the following categories of personal data, including inferences derived from such personal data, based on your interaction with the Services, where you live, and as permitted or required by applicable laws:
Contact Information including name, address, billing address, shipping address, telephone number, and email address.
Financial Data including credit card numbers, debit card numbers and financial account numbers, card payment data, financial account data, transaction details, payment method, payment confirmation, and other payment details.
Account Data including username, password, security questions, preferences, and settings.
Transaction Data including items you view, add to cart, add to wishlist, or purchase, return, exchange, or delete, and past transactions.
Communications with Us including information you include in communications with us, such as when you submit a dispute to customer support.
Device Information including information about your device, browser or connection network, IP address, and other unique identifiers.
Usage Information including information regarding your interaction with the Services, as well as how and when you interact with or explore the Services.
SOURCES OF PERSONAL DATA
We may collect personal data from the following sources:
Directly from You including when you create an account, visit or use the Services, communicate with us, or provide us with your personal data.
Automatically through the Services including through your device when you use our products or services or visit our websites, and through the use of cookies and similar technologies.
From Our Service Providers including when we engage them to implement a particular technology and when they collect or process your personal data on your behalf.
From Our Partners or Third Parties.
HOW WE USE YOUR PERSONAL DATA
Depending on how you interact with us or which Services you use, we may collect your personal data for the following purposes:
Provide, Personalize, and Improve the Services
We use your personal data to provide you with the Services, as well as to enforce our contract with you; process your payments; fulfill your orders; remember your preferences and items of interest to you; send you account-related notifications; process purchases, returns, exchanges, or other transactions; create, maintain, and manage your account; arrange shipping; facilitate returns and exchanges; enable you to post reviews; and create a personalized shopping experience, such as product recommendations related to your purchases. This may include using your personal data to personalize and improve the Services.
Marketing and Advertising
We use your personal data for marketing and advertising purposes, such as sending you marketing, advertising, and promotional communications via email, text message, or mail, and displaying online advertisements for products and services within our Services or on other websites, including based on items you have previously purchased or added to your cart and other activities within the Services.
Security and Fraud Prevention
We use your personal data to authenticate your account; provide a secure payment and shopping experience; detect, investigate, or take action against any fraudulent, illegal, unsafe, or harmful activity; protect public safety and our services. By choosing to use the Services and register an account, you assume responsibility for protecting your credentials. We recommend that you do not share your username, password, and other login credentials with anyone.
Communications with You
We use your personal data to provide you with customer support; provide you with responses; offer you effective services and maintain our business relationships with you.
Legal Reasons
We use your personal data in compliance with applicable laws or in response to valid legal process, including requests from law enforcement or government agencies; to investigate or participate in testimony, potential or ongoing litigation, or other legal proceedings; to enforce or investigate potential violations of our terms or policies.
HOW WE DISCLOSE PERSONAL DATA
Under certain circumstances, we may disclose your personal data to third parties for legitimate purposes subject to this Privacy Policy. Such circumstances may include:
With Shopify, vendors, and other third parties that perform services on our behalf (such as IT management, payment processing, data analytics, customer support, storage, fulfillment, and shipping).
With Business and Marketing Partners to provide you with services and marketing advertisements. Our business and marketing partners will use your data in accordance with their privacy policies. Depending on where you reside, you may have the right to ask us not to share your data to show you personalized advertisements and marketing based on your online activity with different merchants and websites. You may exercise the right to explicitly opt out of such uses here: [insert opt-out link].
When You Request or Authorize Us to disclose certain information to third parties, such as to ship your products, or when you use social media widgets or integrations for access.
With Our Affiliates or Within Our Corporate Group.
In Connection with a Business Transaction such as a merger or bankruptcy; in compliance with any legal obligations (including responding to subpoenas, search warrants, and similar requests); to enforce terms of service or policies; and to protect or defend the Services, our rights, and those of our users or other persons.
RELATIONSHIP WITH SHOPIFY
The Services are powered by Shopify, which collects and processes personal data relating to your access to and use of the Services to provide and improve the Services for you. In order to provide and improve the Services for you, data you submit to the Services will be transmitted to and shared with Shopify and third parties who may reside in countries other than your own. For more information about how Shopify uses your personal data and what rights you may have, you can review Shopify's Consumer Privacy Policy. Depending on where you reside, you may exercise certain rights relating to your personal data here: [Shopify Privacy Portal Link].
THIRD-PARTY WEBSITES AND LINKS
The Services may contain links to websites or other online platforms operated by third parties. If you click on links to sites not affiliated with or controlled by us, you may need to accept their privacy and security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy and security of such sites, or the accuracy, truthfulness, and reliability of the information contained therein. Information you provide in public or semi-public contexts, including information you share on third-party social platforms, may also be viewed by other users of the Services and/or users of such third-party platforms, without restrictions on their use by us or third parties. Our inclusion of such links does not imply any endorsement of the content of such platforms or their owners or operators, except as disclosed in the Services.
DATA OF MINORS
The Services are not intended for use by minors and we do not intentionally collect personal data from children below the age of majority in your jurisdiction. If you are a parent or guardian of a minor who has provided us with their personal data, you may contact us using the contact details below to request its deletion. As of the effective date of this Privacy Policy, we are not aware of any "sharing" or "selling" (as such terms are defined under applicable laws) of personal data of individuals under 16 years of age.
SECURITY AND DATA RETENTION
Please note that no security measure is perfect or impenetrable, and we cannot guarantee "absolute security." Furthermore, data you send to us may not be secure during transmission. We recommend that you use only secure channels to communicate sensitive or confidential information to us.
The retention period for personal data depends on various factors, such as whether we need such data to maintain your account, to provide you with the Services, fulfill legal obligations, resolve disputes, or enforce other contracts and policies.
YOUR RIGHTS AND CHOICES
Depending on where you reside, you may have one or more of the following rights relating to personal data. However, these rights are not absolute and may only apply under certain circumstances, and we may refuse your request to the extent permitted by law.
Right of Access/Knowledge. You may have the right to request access to your personal data in our possession.
Right to Deletion. You may have the right to request deletion of your personal data in our possession.
Right to Correction. You may have the right to request correction of your personal data in our possession.
Right to Portability. You may have the right to receive a copy of your personal data in our possession and to request that we transfer it to a third party, under certain circumstances and with certain exceptions.
Managing Communication Preferences. We may send you promotional emails and you may opt out of receiving them at any time by using the unsubscribe option in our emails. If you opt out, we may still send you non-promotional emails, such as those relating to your account or orders you have placed.
If you reside in the United Kingdom or the European Economic Area, and subject to restrictions and limitations imposed by local laws, you may exercise the following rights in addition to those mentioned above:
Objection to Processing and Limitation of Processing: You may have the right to ask us to stop or limit the processing of personal data for certain purposes.
Withdrawal of Consent: Where your consent is required to process your personal data, you have the right to withdraw it. If you withdraw such consent, this will not affect the lawfulness of processing based on your consent prior to its withdrawal.
You may exercise any of these rights as indicated in the Services or by contacting us using the contact details below. For more information about how Shopify uses your personal data and your rights, including those relating to data processed by Shopify itself, you can visit https://privacy.shopify.com/en.
You will not be discriminated against for exercising these rights. Before processing your requests, we may need to verify your identity to the extent permitted by applicable laws. In accordance with applicable laws, you may designate an authorized agent to make requests on your behalf to exercise your rights. Before accepting a request from an agent, we will ask them to provide us with proof that they have been authorized by you, and we may ask you to verify your identity directly. We will respond to your request within the reasonable timeframes provided by applicable laws.
COMPLAINTS
If you have complaints about how we process your personal data, please contact us using the contact details below. Depending on where you reside, you may have the right to appeal our decision by contacting us using the contact details below, or to report your complaint to your local data protection authority. For the EEA, you can find a list of the responsible data protection supervisory authorities here: https://digital-strategy.ec.europa.eu/en/library/list-personal-data-protection-competent-authorities
Please note that we may transfer, store, and process your personal data outside the country in which you reside.
In the event of transfer of your personal data outside the European Economic Area or the United Kingdom, we will rely on reliable transfer mechanisms, such as the European Commission's Standard Contractual Clauses, or equivalent contracts issued by the competent authorities of the United Kingdom, unless the data transfer is to a country deemed to provide an adequate level of protection.
CHANGES TO THIS PRIVACY POLICY
We will update this Privacy Policy from time to time, including to reflect changes to our practices or for other operational, legal, or regulatory purposes. We will post the updated Privacy Policy on the website, modify the "Last Updated" date, and issue a notice as required by applicable law.
CONTACT
If you have questions about our privacy practices or this Privacy Policy, or if you wish to exercise any rights available to you send an email to hello@hellokotos.com. For the purposes of applicable data protection laws, we are the data controller of your personal data.
© 2026 Kotos. All rights reserved.