Privacy Policy

Last Updated: October 7th 2025

Leveza ("we", "us", or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website levezaequestrian.eu and purchase our products.

1. DATA CONTROLLER

Leveza
3272 rue des Monarques
Saint-Hubert, J3Y 0G8
Québec, Canada
Email: info@leveza.ca

2. WHAT PERSONAL DATA WE COLLECT

When you interact with our website or make a purchase, we collect the following types of personal data:

Information you provide to us:

  • Name and contact details (email address, phone number, billing and shipping address)
  • Payment information (processed securely by our payment processor)
  • Order history and purchase details
  • Account credentials (if you create an account)
  • Communication preferences
  • Any information you provide when contacting customer service

Information collected automatically:

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and time spent on our website
  • Referral source
  • Cookie data (see Section 8 below)

3. LEGAL BASIS FOR PROCESSING YOUR DATA

We process your personal data based on the following legal grounds under the General Data Protection Regulation (GDPR):

  • Contract Performance: To process and fulfill your orders, provide customer service, and manage returns or exchanges
  • Legitimate Interest: To improve our website, prevent fraud, and maintain security
  • Legal Obligation: To comply with tax, accounting, and other legal requirements
  • Consent: For marketing communications and non-essential cookies (you can withdraw consent at any time)

4. HOW WE USE YOUR PERSONAL DATA

We use your personal information for the following purposes:

Order Processing and Fulfillment:

  • Processing your purchases and payments
  • Arranging delivery and shipping
  • Sending order confirmations and updates
  • Managing returns, refunds, and exchanges
  • Providing customer support

Legal and Security:

  • Complying with legal obligations (tax, accounting records)
  • Preventing fraud and unauthorized transactions
  • Protecting our website security

Marketing (with your consent):

  • Sending promotional emails about new products, offers, and updates
  • You can unsubscribe at any time using the link in our emails

Website Improvement:

  • Analyzing website usage to improve user experience
  • Understanding customer preferences and shopping behavior

5. DATA SHARING AND THIRD PARTIES

We do not sell your personal data. We share your information only with trusted third-party service providers who help us operate our business:

Shopify Inc. - Our e-commerce platform provider

Payment Processors (Stripe, PayPal, etc.)

  • Process credit card and payment transactions securely
  • Comply with PCI-DSS standards for secure handling of payment data
  • Have their own privacy policies governing payment data

Shipping Carriers (Canada Post, UPS, DHL, etc.)

  • Receive your name and delivery address to fulfill shipments
  • Track and deliver your orders

Email Service Providers

  • Send transactional emails (order confirmations, shipping updates)
  • Send marketing emails (only with your consent)

Analytics Providers (Google Analytics, etc.)

  • Help us understand website usage and improve user experience

International Data Transfers

Our servers and some service providers are located in Canada and the United States. When you make a purchase from the EU, your data may be transferred outside the European Economic Area (EEA). We ensure appropriate safeguards are in place through:

  • Standard Contractual Clauses approved by the European Commission
  • Service providers' compliance with GDPR requirements
  • Adequate data protection measures

6. DATA RETENTION

We retain your personal data for as long as necessary to fulfill the purposes outlined in this policy:

  • Order and transaction data: 7 years (for legal, tax, and accounting requirements)
  • Account information: Until you request deletion or close your account
  • Marketing consent: Until you withdraw consent or unsubscribe
  • Website analytics: Typically 26 months (in accordance with GDPR recommendations)

After these periods, we will securely delete or anonymize your data unless we are legally required to retain it longer.

7. YOUR RIGHTS UNDER GDPR

As an individual in the European Union, you have the following rights regarding your personal data:

Right of Access: Request a copy of the personal data we hold about you

Right to Rectification: Request correction of inaccurate or incomplete data

Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data when it's no longer necessary or if you withdraw consent

Right to Restriction: Request that we limit how we use your data in certain circumstances

Right to Data Portability: Receive your data in a structured, machine-readable format to transfer to another service

Right to Object: Object to processing based on legitimate interests or for direct marketing purposes

Right to Withdraw Consent: Withdraw your consent for marketing or cookies at any time (this does not affect prior processing)

Right to Lodge a Complaint: File a complaint with your local data protection supervisory authority if you believe your rights have been violated

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

  • Email: info@leveza.ca
  • Mail: Leveza, 3272 rue des Monarques, Saint-Hubert, J3Y 0G8, Québec, Canada

We will respond to your request within 30 days. We may ask you to verify your identity before processing your request.

Supervisory Authority

If you are not satisfied with how we handle your data, you have the right to lodge a complaint with:

8. COOKIES

We use cookies and similar tracking technologies to improve your browsing experience and analyze website traffic.

What are Cookies?

Cookies are small text files stored on your device when you visit our website. They help us remember your preferences and understand how you use our site.

Types of Cookies We Use

Essential Cookies (Required)

  • _session_id: Allows Shopify to store information about your session (referrer, landing page, etc.)
  • _secure_session_id: Maintains secure session information
  • cart: Stores information about items in your shopping cart (persistent for 2 weeks)
  • storefront_digest: Manages access if our store has password protection

Analytics Cookies (Optional - require consent)

  • _shopify_visit: Tracks number of visits (persistent for 30 minutes from last visit)
  • _shopify_uniq: Counts visits by a single customer (expires midnight of next day)
  • Google Analytics cookies: Help us understand website usage

Marketing Cookies (Optional - require consent)

  • Used to show relevant advertisements and measure campaign effectiveness

Managing Cookies

You can control and delete cookies through your browser settings. However, disabling essential cookies may affect website functionality, such as keeping items in your shopping cart.

To manage cookies:

  • Chrome: Settings > Privacy and Security > Cookies
  • Firefox: Options > Privacy & Security
  • Safari: Preferences > Privacy
  • Edge: Settings > Privacy, search, and services

Learn more about cookies: www.allaboutcookies.org

9. SECURITY

We take the security of your personal data seriously and implement industry-standard security measures:

  • SSL/TLS Encryption: All data transmitted between your browser and our website is encrypted using secure socket layer (SSL) technology
  • PCI-DSS Compliance: Payment card data is processed through PCI-DSS compliant payment gateways with AES-256 encryption
  • Secure Servers: Data is stored on secure servers behind firewalls
  • Access Controls: Limited access to personal data by authorized personnel only
  • Regular Security Updates: We maintain and update our security measures

While we follow industry best practices, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but take all reasonable precautions to protect your data.

10. THIRD-PARTY LINKS

Our website may contain links to third-party websites not operated by us. We are not responsible for the privacy practices of these external sites. When you leave our website, we encourage you to read the privacy policy of every website you visit.

11. AGE RESTRICTIONS

Our website and services are intended for individuals who are at least 16 years old (the age of digital consent in most EU countries) or the age of majority in their jurisdiction. If you are a minor under 16, you must have permission from a parent or guardian to use our site.

We do not knowingly collect personal data from children under 16 without parental consent. If we discover we have collected data from a child under 16 without proper consent, we will delete it promptly.

12. CHANGES TO THIS PRIVACY POLICY

We reserve the right to update this Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you by email (if you have an account with us)
  • Display a notice on our website

We encourage you to review this policy periodically. Your continued use of our website after changes are posted constitutes acceptance of the updated policy.

13. CONTACT US

If you have questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us:

General Inquiries:
Email: info@leveza.ca

Privacy-Specific Requests:
Email: info@leveza.ca
Subject Line: "Privacy Request" or "GDPR Request"

Postal Address:
Leveza
[Attention: Privacy Compliance Officer]
3272 rue des Monarques
Saint-Hubert, J3Y 0G8
Québec, Canada

We will respond to all requests within 30 days.

For EU Customers: You have enhanced rights under the GDPR. If you have concerns about how we process your data, you may contact your local data protection supervisory authority.