Introduction

OmegaReplica.to is committed to protecting the privacy and personal data of everyone who visits our website and purchases our timepieces. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with GDPR, UK GDPR, CCPA/CPRA, PIPEDA, LGPD, Australia’s Privacy Act 1988, and PCI DSS standards.

Data Controller & Contact Information

Information We Collect

Direct submissions: Name, shipping address, telephone number, email address, payment details, account credentials, and correspondence with our support team.

Automatically collected: IP address, browser type, device information, operating system, and browsing behavior via cookies and tracking technologies.

Third-party sources: Payment processors and analytics services such as Google Analytics.

Legal Basis for Processing

  • Contractual Necessity: Processing required to fulfill your orders and deliver products.
  • Consent: Marketing communications and non-essential cookies (withdrawable at any time).
  • Legal Obligation: Compliance with tax, accounting, and regulatory requirements.
  • Legitimate Interests: Site security, fraud prevention, and service improvement.

Use of Your Information

We use your information for order management and transaction processing, customer support services, marketing communications (consent-based only), site analytics and functionality improvement, and legal compliance and fraud prevention.

Payment Processing & PCI DSS Compliance

All payment transactions are processed through established, PCI DSS-compliant third-party providers. We do not store sensitive payment data such as full card numbers or CVV codes on our servers.

Sharing and Disclosure

We never sell or rent your personal data. Information is shared only with payment processors required to complete your transaction, service providers operating under strict confidentiality agreements, and authorities when required by law.

Data Security & Retention

We protect your data using SSL/TLS encryption, routine security audits, and PCI DSS compliance measures. Personal data is retained only as long as necessary to fulfill the purposes outlined in this policy, after which it is securely deleted or anonymised.

Cookies & Tracking Technologies

We use cookies for site functionality, usage monitoring, and content personalisation. You can manage cookie preferences through your browser settings. Disabling certain cookies may affect site functionality.

International Data Transfers

Your data may be transferred to and processed in countries outside your jurisdiction. We apply Standard Contractual Clauses (SCCs) and other appropriate safeguards to protect your data during international transfers.

Children’s Privacy

Our services are not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. Any inadvertently collected data will be deleted immediately upon discovery.

Your Rights

Depending on your jurisdiction, you may have the right to access, rectification, erasure, restriction of processing, data portability, objection, consent withdrawal, opt-out of data sales (California residents), and non-discrimination for exercising your rights.

Policy Updates

We reserve the right to update this Privacy Policy at any time. Significant changes will be indicated by an updated revision date at the top of this page.

Contact

For any privacy-related inquiries, contact us: