Privacy policy

PRIVACY POLICY

Effective date: June 28, 2026

This Privacy Policy explains how Somava 01 SL ("we," "our," or "us"), operating under the brand Nuralee, collects, uses, and protects your personal data when you visit nuralee.com or purchase our products.

We are committed to complying with the EU General Data Protection Regulation (GDPR) and applicable Spanish data protection law.

1. Data Controller

Somava 01 SL Pl. de Correus, S/N, Ciutat Vella, 08002 Barcelona, Spain VAT: ES04559791H Email: hello@reguli.io

2. Data We Collect

Information you provide directly:

  • Name, email address, shipping and billing address, phone number
  • Payment information (processed securely by Shopify Payments — we do not store card data)
  • Order history and subscription preferences
  • Communications you send us

Information collected automatically:

  • IP address, browser type, operating system
  • Pages visited, time on site, referral source
  • Device identifiers

3. How We Use Your Data

Purpose Legal Basis
Processing and fulfilling your orders Performance of a contract
Managing subscriptions (via Recharge) Performance of a contract
Sending transactional emails (order confirmations, shipping updates) Performance of a contract
Sending marketing emails (where you have opted in) Consent
Improving our website and products Legitimate interests
Fraud prevention and security Legitimate interests
Complying with legal obligations Legal obligation

4. Third-Party Service Providers

We share data with the following processors, only to the extent necessary to provide our services:

Provider Purpose
Shopify E-commerce platform and order management
Recharge Subscription billing and management
Klaviyo Email marketing and customer communications
Meta (Facebook/Instagram) Advertising and conversion tracking
Google Analytics Website analytics

All processors are contractually bound to handle your data securely and in accordance with applicable law. Some providers may transfer data outside the European Economic Area; where this occurs, appropriate safeguards (such as Standard Contractual Clauses) are in place.

5. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes described in this policy, or as required by law. Order data is typically retained for a minimum of 5 years for accounting and legal compliance purposes.

6. Your Rights

Under GDPR, you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — request correction of inaccurate data
  • Erasure — request deletion of your data ("right to be forgotten"), subject to legal obligations
  • Restriction — request that we limit how we process your data
  • Portability — receive your data in a structured, machine-readable format
  • Object — object to processing based on legitimate interests or for direct marketing
  • Withdraw consent — where processing is based on consent, withdraw it at any time

To exercise any of these rights, contact us at hello@reguli.io. We will respond within 30 days.

You also have the right to lodge a complaint with the Spanish Data Protection Authority (Agencia Española de Protección de Datos — www.aepd.es).

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. All transactions are encrypted using SSL/TLS.

8. Links to Third-Party Sites

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their policies independently.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the revised policy on this page with an updated effective date.

10. Contact

For any privacy-related questions or requests: hello@reguli.io Somava 01 SL · Pl. de Correus, S/N, Ciutat Vella, 08002 Barcelona, Spain