Last update: August 20, 2025.

Shop Akumayê respects your privacy and is committed to protecting your personal data, in accordance with the Brazilian General Data Protection Law (LGPD – Law nº 13.709/2018) and, where applicable, the European General Data Protection Regulation (GDPR – Regulation (EU) 2016/679). This Privacy Policy explains how we collect, use, and protect your information when accessing our e-commerce website https://shop.akumaye.org/.

If you have any questions or concerns about this Policy, please contact us at [email protected].

1. Data We Collect

Personal Information

We collect the following personal data necessary to provide our services and comply with legal obligations:

  • Full name;
  • Email;
  • Phone number;
  • CPF (Brazilian ID);
  • Full address (for shipping and billing);
  • Login details (username and password);
  • Information filled out in contact forms (name, email, phone, city/state, and message sent).

Preference Information

  • Product wishlist;
  • Shopping cart items.

Automatically Collected Data

Our website uses WordPress and WooCommerce, which automatically collect data to improve your browsing experience. This includes:

  • IP address and browser type;
  • Information about the device used to access the site;
  • Cookies, which track:
    • Shopping cart content while you browse;
    • Login details to facilitate access;
    • Pages visited, language preferences, and interactions.
  • We may collect approximate geolocation data, such as city or state, to automatically calculate shipping and taxes during the purchase process.

User-Submitted Content and Images

If you upload images or other content to our website, we recommend avoiding files that contain location data (EXIF GPS). Visitors may download these images and extract embedded location information.

2. How We Collect Data

We collect your data through the following methods:

  • User registration (including login with Google and Facebook accounts);
  • Checkout forms;
  • Contact form on the “Contact” page;
  • Cookies and tracking tools, to improve your browsing experience and analyze site usage;
  • Comments on our pages.

3. Legal Bases and Purpose of Processing

Under GDPR and LGPD, we process your data only when there is a valid legal basis, such as:

  • Consent: when you accept cookies or opt-in to receive marketing communications;
  • Contract performance: when processing your orders, payments, and deliveries;
  • Legal obligation: to comply with tax, accounting, and consumer laws;
  • Legitimate interest: to improve site usability, prevent fraud, and ensure security.

We use your data to:

  1. Process and deliver orders;
  2. Send purchase confirmations and shipping updates by email or WhatsApp;
  3. Offer customer support via email or WhatsApp;
  4. Send promotions and news (only with consent);
  5. Analyze user behavior to improve our services;
  6. Enhance website usability and security.

Automated Decisions and Profiling
We may use automated processes for product recommendations and targeted advertising. These do not produce legal or similarly significant effects. You have the right to object to such processing and request human intervention.

4. Use of Cookies

We use cookies to improve your browsing experience, analyze site usage, and provide personalized content. Cookies are small text files stored on your device when visiting our site.

Types of Cookies Used

  • Essential: Required for basic site functionality, such as keeping your cart active and allowing login.
    Examples:
    • woocommerce_cart_hash: Helps identify the customer’s cart;
    • wp_woocommerce_session_{hash}: Links the customer to the cart in the database.
  • Functional: Improve usability, such as remembering language preferences or enabling comments.
    Examples:
    • wp-settings-{user}: Sets admin panel view preferences.
  • Analytics: Used to collect data on how visitors use the site, helping us improve the experience.
    Examples:
    • Google Analytics cookies: Track visited pages and site interactions.
  • Marketing: Used to show relevant ads and track campaign effectiveness.
    Examples:
    • Facebook Pixel: Allows measurement and optimization of Facebook ads.

How to Manage or Disable Cookies

You can manage or disable cookies directly in your browser settings. Note that disabling essential cookies may affect site functionality.

Third-party cookies can be managed directly in your browser settings or through their respective Privacy Policies.

5. Sharing with Third Parties

Your data may be shared with third-party service providers (payment processors, analytics tools, shipping providers, and communication platforms) strictly for the purposes mentioned. These third parties process data under contractual obligations ensuring confidentiality and security.

International Data Transfers

If your data is transferred outside the European Economic Area (EEA), such transfers will comply with GDPR requirements. This may include the use of Standard Contractual Clauses (SCCs) adopted by the European Commission or other appropriate safeguards recognized under GDPR to ensure an adequate level of protection.

6. Security Measures

We adopt technical and organizational measures to protect your personal data, including encryption (SSL), restricted access, and continuous monitoring. However, no method of transmission over the Internet is 100% secure. We encourage you to keep your login credentials safe.

Data Breach Procedures
In case of a personal data breach, we will promptly notify affected users, inform the competent supervisory authority (when required), and take corrective measures.

7. Consent

The use of your personal data occurs based on valid legal grounds (see Section 3). When consent is required, it is obtained via checkboxes, cookie banners, or other affirmative actions. You may withdraw your consent at any time without affecting the lawfulness of processing prior to withdrawal.

8. Your Rights

Under GDPR and LGPD, you have the following rights:

  • Confirm whether we process your personal data;
  • Access your personal data;
  • Rectify inaccurate or outdated data;
  • Request deletion of personal data (subject to legal obligations);
  • Withdraw consent;
  • Right to portability: receive your data in a structured, commonly used, and machine-readable format, and transmit it to another controller;
  • Right to restriction of processing: request limited processing in certain cases;
  • Right to object: object to processing based on legitimate interests or direct marketing;
  • Right not to be subject to fully automated decisions: request human review of decisions that may significantly affect you.

To exercise your rights, send an email to [email protected]. We will respond within the deadlines established by GDPR (generally one month).

9. Data Retention

We retain your data only as long as necessary for the purposes described or as required by law. Criteria include:

  • Orders and invoices: retained for at least 5 years for tax and legal obligations;
  • Cookies: expire according to browser or cookie banner settings;
  • General rule: data is deleted or anonymized when no longer needed, unless legal retention applies.

10. Updates to this Policy

This Privacy Policy may be updated periodically. Significant changes will be communicated via email or highlighted on the website. We recommend reviewing it regularly.

11. Contact

If you have questions or wish to exercise your rights, please contact us:

Email: [email protected]