Privacy Notice
Last updated: 21.04.2026
DILIU (“we”, “us”, “our”) respects your privacy as a fundamental right.
This Privacy Notice explains how we collect, use, and protect your personal data when you use our platform.
We process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable European data protection laws.
1. Data Controller
The data controller responsible for your personal data is:
DILIU
Email: support@diliu.eu
2. Personal Data We Collect
We collect only data that is necessary to operate the Platform.
a) Account Information
- Name
- Email address
- Password (securely hashed)
b) Order and Transaction Data
- Billing and shipping addresses
- Order details
- Payment status
c) Payment Data
Payments are processed by third-party providers.
We do not store full payment details (such as card numbers).
d) Technical Data
- IP address
- Browser type and device information
- Usage data (pages visited, actions taken)
e) Communication Data
- Messages sent via customer support or contact forms
3. How We Use Your Data (Legal Bases)
We process your data only when we have a lawful basis under GDPR:
a) Contractual Necessity
To:
- Create and manage your account
- Process orders and payments
- Facilitate transactions between Users and Vendors
b) Legal Obligations
To:
- Comply with tax, accounting, and regulatory requirements
c) Legitimate Interests
To:
- Improve the Platform
- Prevent fraud and abuse
- Ensure security and reliability
d) Consent (where applicable)
For:
- Marketing communications
- Non-essential cookies
You may withdraw consent at any time.
4. Data Sharing
We only share data when necessary.
Your data may be shared with:
Vendors
To fulfill your orders (name, address, order details)
Payment Providers
To process transactions securely
Logistics Partners
To deliver products
Service Providers
Hosting, analytics, email delivery (e.g., infrastructure providers)
Authorities
Where required by law or to protect legal rights
We do not sell your personal data.
5. International Transfers
Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards, such as:
- Standard Contractual Clauses (SCCs)
- Adequacy decisions by the European Commission
6. Data Retention
We retain personal data only as long as necessary:
- Account data: until account deletion
- Transaction data: as required by tax and legal obligations
- Support communications: for a reasonable period
After this, data is deleted or anonymized.
7. Your Rights
Under GDPR, you have the right to:
- Access your personal data
- Rectify inaccurate data
- Request erasure (“right to be forgotten”)
- Restrict processing
- Object to processing
- Request data portability
You also have the right to lodge a complaint with a supervisory authority.
8. Security
We implement appropriate technical and organizational measures to protect your data, including:
- Encryption in transit (HTTPS)
- Secure authentication systems
- Access controls
However, no system is completely secure.
9. Cookies and Tracking
We use cookies to:
- Enable core platform functionality
- Improve user experience
- Analyze usage
Non-essential cookies are used only with your consent.
For more information, see our Cookie Policy.
10. Third-Party Services
The Platform may rely on third-party services (e.g., payment providers, analytics tools).
These providers process data under their own privacy policies and in compliance with applicable laws.
11. Children’s Data
The Platform is not intended for individuals under 18.
We do not knowingly collect data from children.
12. Changes to This Notice
We may update this Privacy Notice from time to time.
Where required, we will notify users of significant changes.
13. Contact
For any questions or to exercise your rights: