Privacy Policy
Last updated: 26/06/2026
At Glimora, we take your privacy seriously. This Privacy Policy explains what personal data we collect, how we use it, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Data controller
The data controller responsible for your personal information is:
TRITT LAB LLC
4845 Pearl East Cir Ste 101, Boulder, CO 80301, United States
Contact: contact@getglimora.com
2. What personal data we collect
We collect the following categories of personal data:
Data you provide directly: first name, last name, email address, delivery address, phone number (optional), billing address, order history, customer service messages and reviews.
Data collected automatically: IP address, browser type, device type, operating system, pages visited, time on site, referral source and cookie data.
Card details are handled directly by Shopify Payments and are never stored on our servers.
3. How we use your data
Under UK GDPR, we process your personal data on the following legal bases:
- To process and deliver your orders — legal basis: contract performance
- To send transactional emails (order confirmation, shipping notice) — contract performance
- To provide customer service — contract performance / legitimate interest
- To send marketing emails (if you opted in) — consent
- To personalise your experience on our website — legitimate interest
- To detect fraud and secure our website — legitimate interest / legal obligation
- To comply with legal and tax obligations — legal obligation
- To analyse website performance — legitimate interest / consent for analytics cookies
4. Marketing communications
We only send marketing emails to customers who have explicitly opted in. You can unsubscribe at any time by clicking the "unsubscribe" link at the bottom of any marketing email, or by emailing us at contact@getglimora.com.
Even if you unsubscribe, we may still send you transactional emails (order confirmations, shipping updates, replies to enquiries) as these are necessary for the performance of our contract with you.
5. Third-party service providers
We share your personal data with the following trusted third parties, who process data on our behalf under strict contractual data protection agreements:
- Shopify Inc. (Canada / USA) — website hosting, order processing, payment
- Shopify Payments (Canada / USA) — payment processing
- Klaviyo (USA) — email marketing (if consented)
- Meta / Facebook / Instagram (USA) — advertising and analytics (if consented)
- Delivery partners (UK) — order delivery
We only share the data necessary for each provider to perform its function. We do not sell your personal data to third parties.
6. International data transfers
Some of our service providers are based outside the UK, in particular in the USA and Canada. Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the UK Information Commissioner's Office (ICO), adequacy decisions where applicable, and additional technical safeguards such as encryption and access controls.
7. How long we keep your data
- Order and payment data: 7 years (UK tax and accounting law requirement)
- Customer account data: until deletion or 3 years of inactivity
- Marketing consent data: until you withdraw consent
- Website analytics data: 26 months maximum
- Customer service correspondence: 3 years after last contact
8. Your rights under UK GDPR
You have the right to access, rectify, delete, restrict or port your personal data, to object to processing based on legitimate interest, to withdraw consent at any time, and to lodge a complaint with the UK Information Commissioner's Office (ICO).
To exercise any of these rights, email us at contact@getglimora.com. We will respond within 30 days.
9. Cookies
We use cookies to make our website work and to improve your experience. Strictly necessary and functional cookies do not require consent. Analytics and marketing cookies require your consent, which you can manage at any time via our cookie banner or your browser settings.
10. Data security
We implement appropriate technical and organisational measures to protect your personal data, including SSL/TLS encryption for all data transmitted between your device and our website, secure payment processing via PCI-DSS certified providers (Shopify Payments), access controls limiting who can view your data, and regular security reviews of our systems and third-party providers.
However, no method of transmission over the internet is 100% secure. While we do our best to protect your data, we cannot guarantee absolute security.
11. Children's privacy
Our website and products are not intended for use by anyone under 16 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it immediately.
12. Complaints
If you have concerns about how we handle your personal data, please contact us first at contact@getglimora.com.
13. Changes to this policy
We may update this Privacy Policy from time to time. The current version is always available at getglimora.com/pages/privacy-policy with a revised "Last updated" date. We will notify you of significant changes by email.



