Privacy policy

Effective Date: October 31, 2025

Company: Mirophoria LLC (doing business as Mirrimage)
Registered Address: 4601 E Douglas Avenue, Ste 152, Wichita, KS 67218, United States
Customer support / privacy contact: support@mirrimage.com
Data Protection Officer (DPO): None — No DPO appointed. For privacy questions or to exercise your rights contact support@mirrimage.com.
Website: https://mirrimage.com
Sales Platform: Shopify

1. Introduction

Mirrimage respects your privacy and is committed to protecting your personal data. This Privacy Policy explains what personal data we collect, why we collect it, how we use and share it, your rights, and how to contact us.

2. Scope & Applicability

This Policy applies to personal data collected through our website and related services operated by Mirophoria LLC, including orders placed via our Shopify store, customer support interactions, marketing sign-ups, product reviews, and any mobile apps if applicable. It is intended to meet requirements under major data protection laws, including the EU General Data Protection Regulation (GDPR), UK data protection law, the California Consumer Privacy Act (CCPA/CPRA), Australian Privacy Principles (APPs), and Canada’s PIPEDA where applicable.

Service Regions: United States, United Kingdom, European Union, Australia, Canada (and other countries where we operate or ship).

3. Personal Data We Collect

We collect the following categories of personal data when necessary and with an appropriate legal basis:

Account & Contact Data — Full name, email address, phone number, billing and shipping address — for order processing, delivery, and support.

Transaction Data — Order details (items purchased, order number), payment method/token (note: full card numbers are processed and stored by third-party payment processors such as Stripe or PayPal, not by us), transaction dates and amounts — for order fulfilment, refunds, and bookkeeping.

Device & Usage Data — IP address, device identifiers, browser type, operating system, pages viewed, referral URL, click data, and other analytics — for site operation, fraud detection, and optimization.

Communications — Customer support messages, email correspondence, product reviews, and other content you submit.

Marketing & Preferences — Newsletter preferences and marketing opt-in status.

Other — Any information you choose to provide (e.g., photos for warranty claims, product review content).
We do not collect biometric data or sensitive personal data (e.g., racial or health data) unless you explicitly provide it and we have a lawful basis; we do not intend to collect information from children.

4. How We Use Your Personal Data (Purposes & Legal Basis)

We use personal data for the following purposes; for GDPR users the typical legal basis is indicated:

  1. Order fulfilment & transaction processing — Process and deliver orders, manage returns & refunds, provide invoices. (GDPR basis: performance of a contract.)
  2. Payment processing & fraud prevention — Charge payment providers, detect and prevent fraud. (Performance of a contract; legitimate interests.)
  3. Customer service & support — Respond to inquiries, handle complaints, warranty claims. (Performance of a contract; legitimate interests.)
  4. Shipping & logistics — Share name/address/phone with carriers to deliver goods. (Performance of a contract.)
  5. Marketing & newsletters (where consented) — Send promotional emails, product updates (only if you opt in). (Consent for GDPR; opt-out for CCPA/CPRA as described below.)
  6. Analytics & site improvement — Understand site usage, improve UX, perform A/B testing. (Legitimate interests; consent where required.)
  7. Legal obligations & recordkeeping — Tax, accounting, compliance with legal requests. (Compliance with legal obligations.)
  8. Reviews & user content — Publish product reviews and testimonials (per the license you grant when posting). (Your consent by submitting; legitimate interest to promote products.)

5. Cookies & Tracking Technologies

We use cookies, web beacons, and similar technologies to operate the website and provide features. Cookies are categorized as:

  • Essential cookies: required for cart, checkout, security, and site functionality. These are set by default.
  • Performance & analytics cookies: e.g., Google Analytics — used to analyze traffic and improve the site (consent required in the EEA/UK for non-essential cookies).
  • Advertising & targeting cookies: e.g., Facebook Pixel, Google Ads — used for ad personalization and remarketing. Placed only after consent where required.

You may manage cookie preferences via our cookie banner or in your browser settings. Disabling certain cookies may affect site functionality.

6. Third-Party Services & Data Sharing

We share personal data with third parties when necessary to provide our services. Typical categories and purposes include:

  • E-commerce platform & hosting: Shopify — store data, orders, and content storage.
  • Payment processors: Stripe, PayPal, Apple Pay, Google Pay — payment authorization and fraud checks (we do not store full card details).
  • Logistics & carriers: USPS, FedEx, DHL, YunExpress, local carriers, and 3PL partners (e.g., return centers) — for shipping/returns.
  • Analytics & advertising: Google Analytics, Google Ads, Facebook/Meta Ads — analytics and ad targeting (consent applies).
  • Customer support & email: Email service providers (e.g., Klaviyo, SendGrid) and helpdesk tools — transactional emails and support.
  • Tracking & order tracking: 17TRACK or other tracking providers to present shipment status.

We enter into Data Processing Agreements with processors where required. We do not sell personal information for monetary consideration. (See CCPA section for the “sale” definition & opt-out.)

7. International / Cross-Border Transfers

Your personal data may be transferred to and stored on servers located outside your country (for example, to the United States) because our service providers operate internationally. Where transfers are from the EEA/UK to countries without an adequacy decision, we use appropriate safeguards such as Standard Contractual Clauses (SCCs) and require our processors to implement appropriate technical and organizational measures (e.g., encryption, access controls).

By using our services you consent to such transfers as described above.

8. Data Retention Periods

We retain personal data only for as long as necessary for the purposes described and to comply with legal obligations:

  • Order & transaction records: retained for 7 years for tax and accounting purposes (or as required by local law).
  • Account information: retained while your account is active and for up to 3 years after account closure for legitimate business purposes (fraud prevention, legal claims).
  • Support & warranty records: retained for 3–7 years depending on the nature of the claim.
  • Marketing & consent records: retained until you withdraw consent or request deletion.
  • Analytics data: aggregated or pseudonymized analytics retained for up to 24 months (unless otherwise required).

When retention is no longer necessary we will securely delete or anonymize your data.

9. Your Privacy Rights

Rights vary by jurisdiction. Below are typical rights under major laws.

EU / EEA / UK (GDPR) — Right to access, rectify, erase (subject to exceptions), restrict/object to processing, data portability, withdraw consent, and lodge complaints with a supervisory authority. We will respond to requests within one (1) month (may be extended by two months for complex requests).

California (CCPA/CPRA) — Right to request disclosure of categories and specific personal data collected and disclosed for business purposes in the prior 12 months; request deletion (subject to exceptions); request correction; opt-out of “sales” (we do not sell personal information; if practices change we will provide an opt-out mechanism).

Australia (APPs) — Rights to access and correct personal information and to complain to the Office of the Australian Information Commissioner (OAIC).

Canada (PIPEDA / provincial law) — Rights of access and correction; complaints may be made to the applicable privacy commissioner.

10. How to Exercise Your Rights / Submit a Request

To exercise any rights (access, deletion, correction, portability, opt-out, etc.), contact us at:

Email: support@mirrimage.com

Please include: your full name, email used on the account, description of the request, and any supporting proof of identity (we will only request the minimal information necessary to verify identity). We aim to respond within the timeframes required by applicable law.

California residents: To submit a consumer request under CCPA/CPRA, you may contact support@mirrimage.com with “CCPA Request” in the subject line. We may require identity verification to process your request.

If you are a resident of the EEA/UK and wish to lodge a complaint with a supervisory authority, we encourage you to contact us first so we may attempt to resolve your concern.

11. Security Measures

We implement reasonable organizational and technical measures to protect personal information, including but not limited to:

  • HTTPS / TLS encryption in transit.
  • Access controls and least-privilege principles.
  • Encryption of sensitive data at rest where applicable.
  • Regular security assessments and vulnerability scans.
  • Contracts and DPAs with third-party processors to require appropriate security.

No system is completely secure. If we discover a data breach that creates a risk to your rights and freedoms, we will notify affected individuals and supervisory authorities in accordance with applicable law.

12. Children’s Privacy

Our services are not intended for individuals under the age of 16 (or higher age in certain jurisdictions). We do not knowingly collect personal data from children. If you believe we have collected personal data from a child without parental consent, contact us at support@mirrimage.com and we will take steps to delete such data.

13. Links to Other Sites

Our site may contain links to third-party websites. We are not responsible for the privacy practices of third parties. Please review third-party privacy policies before providing personal data.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will publish the revised policy on this page with an updated Effective Date. For material changes that affect your rights, we will provide a more prominent notice (e.g., banner or email).

15. Contact Information

If you have questions about this Privacy Policy or wish to exercise your rights, contact:

Mirophoria LLC (Mirrimage)
4601 E Douglas Avenue, Ste 152, Wichita, KS 67218, United States
Phone: +1 (316) 854-9528
Email: support@mirrimage.com