My Cart

  • Your shopping cart is empty!

Privacy Policy

Effective Date: 13 June 2025

Welcome to Tacray Limited (“we,” “our,” or “us”). We design, manufacture, and sell premium accessories—including sunglasses, belts, gloves, hats, scarves, and socks & tights—through our websites, mobile applications, and authorized retail partners. Protecting your privacy is fundamental to our commitment to customer trust. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information and the choices you have.

1. Scope

This Policy applies to personal information collected when you:

  • visit or make a purchase on any Tacray Limited website, app, or social‐media storefront;

  • interact with our customer-service teams or visit our offices or trade-show booths;

  • take part in R&D testing programs (e.g., wearer trials for ThermoFlow™ gloves).

It does not cover third-party sites we link to (except for PayPal as noted below).

2. Information We Collect

CategoryExamplesSource
Identifiersname, postal address, email, phone, account usernameyou
Commercial dataproducts viewed, cart contents, order history, warranty claimsyou / automatic
Payment datacard PAN (tokenized), PayPal ID, billing addressyou / PayPal
Device & network dataIP address, browser type, OS, referral URL, session logs, approximate geolocationautomatic via cookies & pixels
Profile & preference datasize charts, wish lists, product reviews, R&D feedbackyou
Photos & biometricsoptional images you upload for virtual try-on or fit calibrationyou (explicit consent)

We do not intentionally collect special-category data (e.g., health, race, religion).

3. How We Use Your Information

  1. Fulfil Orders & Provide Services – process payments, ship goods, handle returns.

  2. R&D and Product Improvement – refine OptiShield™ lens coatings, optimize FlexWeave™ knit ergonomics.

  3. Customer Support – troubleshoot issues, respond to inquiries, honor warranties.

  4. Marketing & Personalisation – send style guides, back-in-stock alerts, or event invitations (opt-out anytime).

  5. Security & Fraud Prevention – flag suspicious transactions, secure our platforms.

  6. Legal & Compliance – meet tax, accounting, customs, and regulatory obligations.

Legal bases under the EU GDPR include contract performance, legitimate interests, consent, and legal duty.

4. Cookies & Similar Technologies

We use first- and third-party cookies, pixel tags, and local storage to:

  • remember cart items;

  • measure site performance;

  • run A/B tests on our optical-fit widgets;

  • deliver relevant ads through partners such as Google Ads and Meta.

You can manage cookies in your browser or withdraw consent where required.

5. Payment Processing (PayPal ACDC Compliance)

Card and wallet transactions are handled by PayPal, our secure payment gateway. Your payment details are entered on encrypted forms hosted or served by PayPal and processed according to the PayPal Privacy Statement. By paying with your card or PayPal account you acknowledge that your data will be processed by PayPal in accordance with that statement.

6. How We Share Information

We never sell personal information. We may disclose it only:

  • Service Providers – fulfilment centers, cloud hosting, analytics, marketing platforms, payment processors.

  • Business Transfers – mergers, acquisitions, or financing due-diligence (with protective NDAs).

  • Legal & Safety – comply with court orders, enforce Terms, protect rights or safety of users/public.

  • Aggregated/De-identified Data – R&D trend reports that cannot identify you.

All vendors are bound by confidentiality and data-processing agreements.

7. International Transfers

Our primary servers are in the United States and Singapore. When we transfer EEA or UK data outside those regions, we rely on Standard Contractual Clauses or an adequacy decision.

8. Retention

Order records are kept for 7 years (statutory accounting). Marketing consents are stored until you withdraw or for 24 months of inactivity, whichever is sooner. Prototype-trial footage is deleted within 180 days after study completion unless you agree to further use.

9. Security

  • ISO 27001-aligned controls

  • TLS 1.3 encryption in transit

  • AES-256 at rest with role-based access

  • Quarterly penetration tests
    No method is 100 % secure, but we continually improve our safeguards.

10. Your Rights

Depending on your jurisdiction, you may:

  • Request access, correction, or deletion of personal data;

  • Object to or restrict certain processing;

  • Receive a portable copy (data portability);

  • Withdraw consent at any time.

To exercise rights, email [email protected]. We respond within 30 days (10 days for California “Do Not Sell/Share” requests).

11. Children’s Privacy

Our products and sites are not directed to children under 13 (or equivalent age of digital consent). We do not knowingly collect data from them. Parents may contact us to delete such data.

12. Changes to This Policy

We may update this Policy from time to time. Material changes will be posted here and indicated by a new “Effective Date.” Continued use after change indicates acceptance.

13. Contact Us

Tacray Limited Privacy Office
ROOM 3, 3/F, RUBY COMMERCIAL BUILDING, 480 NATHAN ROAD, KOWLOON, HONG KONG
Email: [email protected]
Tel: +852-59761582

If you believe we have not adequately addressed your concerns, you may lodge a complaint with your local supervisory authority or the Hong Kong Privacy Commissioner for Personal Data.

By continuing to interact with Tacray Limited, you acknowledge that you have read and understood this Privacy Policy.