Privacy policy

Orizia — Privacy Policy

Last updated: June 4, 2026

This Privacy Policy explains how Orizia (operated by Antoine Le Brun, "we", "us", "our") collects, uses, discloses and protects your personal information when you visit store.ori-zia.com (the "Site"), make a purchase, or interact with our marketing communications.

1. Personal information we collect

  • Account & order data: first name, email address, billing & shipping address, payment method (last 4 digits only — full card data is handled by Shopify Payments / Stripe and never touches our servers).
  • Reading-specific data: date of birth, name of person of interest, free-form questions you submit (used solely to prepare your personal reading).
  • Device & usage data: IP address, browser type, pages visited, time on site, referring URL, device identifiers (advertising ID), interaction events (page view, add-to-cart, checkout, purchase).
  • Marketing preferences: email subscription status, popup interactions.

2. How we collect it

  • Directly from you when you sign up, fill the popup, or make a purchase.
  • Automatically through cookies, pixels and similar tracking technologies (see Section 4).
  • From third-party services we integrate (Shopify, Brevo, TikTok, Microsoft Clarity).

3. How we use it

  • To process your order and deliver your reading by email.
  • To send transactional and marketing emails (welcome, follow-up, abandoned-cart, post-purchase).
  • To measure, attribute and optimize our advertising on TikTok and other platforms.
  • To improve site performance, fix bugs, and analyze conversion funnels.
  • To detect fraud and comply with legal obligations.

4. Third-party tracking technologies and ad platforms

We use the following third-party services that may collect or process your personal information:

TikTok Pixel & TikTok Events API

We use the TikTok Pixel (client-side JavaScript) and the TikTok Events API (server-side) to measure the performance of our TikTok advertising and to optimize ad delivery. The following data may be transmitted to TikTok Inc. (and TikTok Ireland Ltd. for EU/EEA visitors):

  • Hashed email address (SHA-256)
  • Hashed IP address and device identifiers
  • Browser user-agent
  • Event data: page view, view content, add-to-cart, initiate checkout, complete purchase, value and currency
  • The TTCLID (TikTok click identifier) when you arrive from a TikTok ad

TikTok uses this data for ad measurement, attribution, audience matching, retargeting and optimization. You can read TikTok's privacy practices at tiktok.com/legal/privacy-policy and opt out of personalized advertising from TikTok inside the TikTok app under Settings → Ads.

Other partners

  • Shopify Inc. — e-commerce platform, payment processing, order fulfillment.
  • Brevo (formerly Sendinblue) — email marketing automation and transactional email delivery.
  • PushOwl — push notification and abandoned-cart re-engagement.
  • Microsoft Clarity — anonymized session recording and heatmap analytics.
  • Stripe / Shopify Payments — secure payment processing.

5. Legal bases (GDPR — for visitors in the European Economic Area, United Kingdom and Switzerland)

We process your personal information on the following legal bases:

  • Performance of a contract — to process and deliver your order.
  • Consent — for marketing emails, the TikTok pixel and other non-essential cookies. You may withdraw consent at any time by clicking the unsubscribe link in any marketing email or by emailing solene@ori-zia.com.
  • Legitimate interests — to secure our Site, prevent fraud, and improve our services, where these interests are not overridden by your rights.
  • Legal obligation — for tax records and regulatory compliance.

Your GDPR rights: You have the right to access, rectify, erase, restrict processing, port your data, and object to processing. You also have the right to lodge a complaint with your local supervisory authority. To exercise any right, email solene@ori-zia.com.

International transfers: Some of our processors (notably TikTok, Shopify and Microsoft) are located outside the EEA. When personal data is transferred outside the EEA, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, or equivalent safeguards.

6. California Consumer Privacy Act (CCPA / CPRA) — for California residents

If you are a California resident, you have the following rights under the California Consumer Privacy Act (as amended by the CPRA):

  • Right to know what personal information we collect, use, disclose and sell or share.
  • Right to delete personal information we have collected from you, subject to legal exceptions.
  • Right to correct inaccurate personal information.
  • Right to opt out of "sale" or "sharing" of personal information for cross-context behavioral advertising.
  • Right to limit use of sensitive personal information.
  • Right to non-discrimination for exercising any of the above rights.

Although we do not sell personal information for money, the sharing of identifiers (such as hashed email or device ID) with TikTok and similar advertising partners for cross-context behavioral advertising may qualify as "sharing" under California law. To opt out of this sharing, email solene@ori-zia.com with subject "Do Not Sell or Share My Personal Information", or use your browser's Global Privacy Control (GPC) signal, which we honor automatically.

7. Cookies and similar technologies

We use the following categories of cookies:

  • Strictly necessary — required for the Site to function (session, cart, checkout). Always active.
  • Analytics — Microsoft Clarity, Shopify analytics. Used to understand how visitors use the Site.
  • Marketing / advertising — TikTok Pixel, Brevo email tracking. Used to measure and optimize advertising.

You can manage cookies in your browser settings. Disabling marketing cookies will not affect your access to the Site but may reduce ad relevance.

8. Data retention

We retain personal data for as long as necessary to provide the services and comply with legal obligations:

  • Order and reading records: 7 years (tax and accounting).
  • Marketing data: until you unsubscribe or request deletion.
  • Analytics data: 13 months (Microsoft Clarity default).
  • TikTok event data: TikTok's retention policy applies (see TikTok privacy policy).

9. Security

We use industry-standard security measures: HTTPS/TLS encryption, secure password hashing, restricted internal access, PCI-DSS-compliant payment processing via Shopify Payments / Stripe. No method of transmission is 100% secure, but we work to protect your data.

10. Children

The Site is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, contact us and we will delete it.

11. Changes to this Policy

We may update this Policy from time to time. Changes will be posted on this page with a new "Last updated" date. Material changes will be notified by email to subscribed users.

12. Contact

For any privacy question, data request, or to exercise your rights:

Orizia — Privacy Inquiries
Email: solene@ori-zia.com
Website: store.ori-zia.com