• Nationwide and international shipping
Change language:
Esencia Lencería
Esencia Lencería
0

Cart

Privacy Policy

Privacy Policy

Last updated: April 15, 2026

1. Data Controller

Esencia Lencería
Tax ID (NIT): 1039464591-5
Address: Calle 9 #72-50, Medellín, Antioquia, Colombia
Privacy contact: privacy@esencialenceria.com

This Privacy Policy is governed by Colombian Law 1581 of 2012 (Personal Data Protection Law) and applies to all users of esencialenceria.com. We are also committed to the standards established by the California Online Privacy Protection Act (CalOPPA) for our users in the United States, and acknowledge the CAN-SPAM Act for email communications.

2. Personal Data We Collect

When you place an order, create an account, or contact us, we collect the following information:

  • First and last name
  • Government-issued ID number
  • Shipping address (street, neighborhood, city, state/region, country)
  • Phone number
  • Email address
  • Order and purchase history
  • IP address and browsing data (cookies — see Section 9)

Payment data: Credit and debit card information is processed directly by PayU Latam, our payment processor. Esencia Lencería does not store, process, or have access to your payment card details. All transactions are handled in a PCI-DSS certified environment.

3. How We Use Your Data and Legal Basis

PurposeLegal Basis
Processing and fulfilling your order (shipping, invoicing)Contract performance
Issuing invoices and meeting tax/legal obligationsLegal obligation
Providing customer support and handling complaintsContract performance / Legitimate interest
Preventing fraud and ensuring website securityLegitimate interest
Sending order-related communications (confirmation, shipping updates)Contract performance
Sending marketing emails and promotionsYour explicit prior consent
Statistical analysis and service improvementLegitimate interest (anonymized data)

Transaction data is retained for 5 years as required by Colombian tax law. Marketing data is retained until you withdraw your consent. Other data is deleted within 6 months of the end of the commercial relationship, unless a legal retention obligation applies.

4. Sharing Your Data with Third Parties

Esencia Lencería does not sell, rent, or trade your personal data to third parties for their own commercial purposes. We share your data only with the following data processors as necessary to provide our service:

  • PayU Latam (Colombia) — online payment processing
  • Hetzner Online GmbH (Germany) — web server hosting
  • Courier/shipping company (Colombia) — order delivery

All processors are contractually bound to handle your data solely for the contracted purpose and in compliance with applicable data protection law.

5. International Data Transfers

This website is hosted on servers operated by Hetzner Online GmbH, located in Falkenstein, Germany. Your data is transmitted to and stored in Germany as part of normal website operation. This transmission is made under a data processing agreement that requires Hetzner to maintain security standards equivalent to those required by Colombian law.

By using this website and completing a purchase, you expressly authorize this international data transfer.

6. Your Rights

Depending on your location, you have the following rights regarding your personal data:

All users (Colombian Law 1581/2012)

  • Right to access — know what data we hold and how we use it (response within 10 business days)
  • Right to rectify — correct inaccurate or incomplete data (15 business days)
  • Right to erasure — delete your data when no longer necessary (15 business days)
  • Right to revoke consent — withdraw consent for marketing at any time
  • Right to complain — lodge a complaint with the Colombian SIC (Superintendencia de Industria y Comercio)

California residents (CalOPPA)

Although Esencia Lencería is a small Colombian business and is not legally subject to the CCPA (California Consumer Privacy Act), we voluntarily commit to the following for California users:

  • We do not sell your personal information to third parties
  • You may request access to or deletion of your personal data by emailing privacy@esencialenceria.com
  • We will not discriminate against you for exercising your privacy rights

To exercise any of these rights, email us at privacy@esencialenceria.com with your full name and specific request.

7. Security Measures

We implement the following technical and administrative measures to protect your personal data:

  • Full HTTPS/TLS encryption throughout the website
  • Restricted database access with authentication controls
  • Payment data processed by PayU in a PCI-DSS certified environment — we never see or store card numbers
  • User passwords stored using one-way cryptographic hashing
  • Regular server backups

8. Children’s Privacy

This website is intended exclusively for users 18 years of age and older. We do not knowingly collect personal information from children under the age of 13. If we become aware that a child under 13 has provided personal data or completed a purchase, we will delete that information immediately and cancel the associated transaction. If you believe we may have inadvertently collected data from a minor, please contact us at privacy@esencialenceria.com.

9. Cookies

Our website uses cookies to function properly and improve your experience:

  • Strictly necessary cookies: Required for the shopping cart, user session, and security. These cannot be disabled without breaking site functionality and do not require consent.
  • Analytics cookies: Help us understand how visitors use our site so we can improve it. Activated only with your explicit consent.
  • Marketing cookies: Allow us to show you relevant advertising. Activated only with your explicit consent.

You can manage cookie preferences through your browser settings or our cookie consent tool. Disabling essential cookies may prevent the shopping cart and checkout from working correctly.

10. Do Not Track

Some browsers include a “Do Not Track” (DNT) feature. This website does not currently alter its data collection or use practices in response to Do Not Track signals, as there is no universally accepted standard for how websites should respond to DNT. If a standard is established in the future, we will update this policy accordingly.

11. Email Communications (CAN-SPAM Compliance)

The email address you provide for order processing will be used only for order-related communications (confirmation, shipping, invoices). To receive promotional emails and newsletters from Esencia Lencería, we require your separate and explicit consent.

All marketing emails we send will:

  • Clearly identify Esencia Lencería as the sender
  • Include our physical address: Calle 9 #72-50, Medellín, Antioquia, Colombia
  • Include a clear and functional unsubscribe link
  • Honor unsubscribe requests within 10 business days

12. Policy Updates

We may update this Privacy Policy from time to time. Material changes will be communicated via a notice on our website and, where possible, by email before the changes take effect. The current version will always be available on this page with the date of last update.

13. Supervisory Authority

The authority responsible for enforcing data protection law in Colombia is the Superintendencia de Industria y Comercio (SIC). You may file a complaint at www.sic.gov.co.

14. Contact

For any privacy-related inquiries, data requests, or to exercise your rights:
Data Controller: Esencia Lencería
Email: privacy@esencialenceria.com
Address: Calle 9 #72-50, Medellín, Antioquia, Colombia