Privacy Policy

1. Data controller & contact

The data controller is Aether Solutions Ltd, registered in the United Kingdom, with its principal trading address at 45 Oxford Street, London, W1D 2DZ. For privacy enquiries contact [email protected] or call +44 20 7946 0958.

2. Personal data we collect

Depending on your interaction, we may collect identity and contact data (name, billing and delivery addresses, phone number, email), transaction data (order history, payment references—handled by regulated payment processors), technical data (IP address, browser type, device identifiers), usage data (pages viewed, navigation paths, referral sources), marketing preferences, and records of communications with our concierge team.

3. How we use personal data

• To fulfil orders, manage deliveries, process returns, and provide aftercare for fragrance purchases.
• To authenticate users, prevent fraud, secure our infrastructure, and comply with legal obligations.
• To improve our website experience, analyse aggregated traffic, and debug technical issues.
• To send service communications (order updates, policy changes) and—where permitted—marketing about new releases or events.
• To maintain corporate gifting records, invoicing, and contractual performance for business clients.

4. Lawful bases (UK GDPR)

We rely on contract performance for purchases, legitimate interests for security and analytics (balanced against your rights), consent where required (e.g., certain marketing cookies or newsletters), and legal obligation where statutes mandate retention or disclosure.

5. Cookies & similar technologies

We deploy strictly necessary cookies for security and session continuity. Optional analytics and marketing cookies are activated only when you provide consent via our cookie banner or settings panel. You may withdraw consent at any time by clearing site data or adjusting browser controls.

6. Sharing & international transfers

We share data with logistics partners, payment providers, IT hosting vendors, and professional advisers bound by confidentiality. Where data leaves the UK/EEA, we implement appropriate safeguards such as the UK International Data Transfer Agreement or EU Standard Contractual Clauses, supplemented by risk assessments.

7. Retention

We retain transactional records for seven years to satisfy tax and company law. Marketing consents and associated profiles are refreshed periodically. Technical logs are rotated on a defined schedule unless investigation requires longer retention.

8. Your rights

Subject to applicable law, you may request access, rectification, erasure, restriction, portability, or object to certain processing. You may lodge a complaint with the UK Information Commissioner’s Office (ICO). We will respond within statutory timelines unless complexity warrants an extension—we will notify you if that arises.

9. Security

We implement organisational and technical controls including TLS encryption in transit, access segmentation, MFA for administrative accounts, and routine backups. No system is invulnerable; please use strong passwords and protect your credentials.

10. Children

Our commercial services target adults aged 18+. We do not knowingly collect data about children without verifiable parental authority.

11. Changes

We may update this Privacy Policy when regulations, offerings, or technology evolve. Material changes will be highlighted on our site and, where appropriate, communicated directly.