Privacy policy

Privacy Policy – Tosore

Last updated: February 27, 2026

This Privacy Policy outlines how Tosore (“the Site”, “we”, “us”, or “our”) manages your personal data when you browse our collection, utilise our services, or complete a purchase at tosore.com.

In this document, “you” and “your” refer to the individual accessing our Services. We are committed to processing your information in full alignment with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Data (Use and Access) Act 2025.

1. Sources of Personal Information

To provide our services, we gather data through three primary channels:

  • Direct Submission: Information you share with us, such as contact info (name, email, telephone), shipping/billing addresses, and communication history with our support team.
  • Automated Technology: As you navigate the Site, we automatically collect usage data via cookies and tracking pixels. dit omvat uw IP-adres, browsertype, apparaatgegevens en interactiegegevens.
  • External Partners: We receive necessary data from third-party professionals like Shopify (our host platform), secure payment gateways, and UK logistics partners to ensure your order is delivered.

2. Our Legal Framework for Processing

Under United Kingdom legislation, we process data based on:

  • Contractual Necessity: To manage your account, process payments, and ship your lighting products.
  • Legitimate Business Interests: To optimise our website, enhance security, and prevent fraudulent activity.
  • Regulatory Compliance: To meet our obligations regarding UK taxation, auditing, and consumer rights.
  • Explicit Consent: For any optional marketing updates, which you can opt out of at any time.

3. Cookie Policy

Tosore utilises cookies to enhance functionality and analyse site performance. In accordance with ICO guidelines, you have full control over non-essential cookies through our preference banner. Please be aware that restricting cookies may impact certain features of the shopping experience.

4. Data Disclosure & Sharing

Tosore does not sell your personal information. Disclosure is limited to trusted entities that assist in our operations:

  • Essential Providers: Including Shopify, payment processors (e.g., Stripe), and UK-based couriers.
  • Statutory Requirements: When mandated by UK law or to defend our legal protections.

5. Data Location & Global Transfers

As a UK-registered entity, your data is primarily held within the UK. For any data processed internationally (e.g., via Shopify’s global infrastructure), we guarantee protection through established safeguards like the International Data Transfer Agreement (IDTA) or Standard Contractual Clauses (SCCs).

6. Protection & Archiving

We safeguard your data using SSL encryption and maintain PCI-DSS compliance for all transactions. Personal records are archived only for the duration required by law; for example, we retain transaction data for 6 years to comply with HMRC requirements.

7. Your Statutory Rights

UK residents hold the following rights over their personal data:

  • Access & Rectification: The right to view and correct your information.
  • Erasure: The right to request data deletion (where legal obligations allow).
  • Restriction: The right to limit how your data is processed.
  • Portability: The right to obtain your data in a digital, transferable format.

8. Contact & Resolutions

If you have concerns about your privacy, please reach out to us at info@tosore.com. Should we be unable to resolve your query, you maintain the right to contact the Information Commissioner’s Office (ICO), the UK’s supervisory body for data protection (www.ico.org.uk).

Contact information

Any questions or just like to talk to us? Please don't hesitate to contact us via:

Customer Service (Opening Hours):

  • Monday - Friday:  09:00 - 18:00 (GMT)
  • Saturday and Sunday:  10:00 – 16:00 (GMT)