✦Free Shipping Worldwide✦Made to Order✦Special Designs✦Wholesale Available✦Personalization Options✦Handcrafted Products✦Free Shipping Worldwide✦Made to Order✦Special Designs✦Wholesale Available✦Personalization Options✦Handcrafted Products✦
NomadCraft Atelier
ShopCollections
JournalTrack Order

Legal

Privacy Policy

We are committed to protecting your personal data and your right to privacy.

Last updated: March 2026

This Privacy Policy applies to Stellum LLC (d/b/a NomadCraft Atelier) and the website nomadcraftatelier.com. It explains what personal data we collect, why we collect it, and your rights regarding that data. If you have questions at any time, contact us at hello@nomadcraftatelier.com.

1. Introduction & Data Controller

Stellum LLC (d/b/a NomadCraft Atelier) is the data controller responsible for your personal data. We are registered in the State of New Jersey, United States of America, and operate the e-commerce platform at nomadcraftatelier.com, where we sell handcrafted mythological jewelry worldwide.

We take your privacy seriously. This policy is designed to comply with the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) as amended by the CPRA, and other applicable privacy laws.

By using our website, creating an account, or placing an order, you acknowledge that you have read and understood this Privacy Policy.

2. Information We Collect

Information You Provide Directly

  • –Full name and email address when creating an account or placing an order
  • –Shipping and billing address
  • –Phone number (optional, for delivery coordination)
  • –Order details including product selections, customization requests, and engraving text
  • –Communications you send us via email or contact forms
  • –Marketing preferences and consent

Payment Information

We do not store your payment card details on our servers. Payments are processed entirely by Shopify Payments, which uses Stripe as its payment infrastructure. Only a tokenized reference and the last four digits of your card are retained for order records. Stripe's data handling is governed by Stripe's own Privacy Policy and their PCI DSS compliance program.

Information Collected Automatically

  • –IP address and approximate geographic location (country/city level)
  • –Browser type, device type, and operating system
  • –Pages visited, time spent on pages, and navigation paths
  • –Referring URLs and search terms
  • –Cart activity and wishlist interactions
  • –Cookies and similar tracking technologies (see Section 9)

3. How We Use Your Information

–

Order Fulfillment: Processing your purchase, manufacturing your piece, coordinating shipping with carriers, and providing order status updates.

–

Account Management: Creating and managing your customer account, enabling order history access, and supporting saved addresses.

–

Customer Support: Responding to inquiries, handling returns or disputes, and resolving any issues with your order.

–

Marketing Communications: Sending promotional emails, new collection announcements, and personalized recommendations — only with your explicit consent, which you may withdraw at any time.

–

Analytics & Improvement: Understanding how visitors use our website so we can improve the shopping experience, product presentation, and site performance.

–

Fraud Prevention & Security: Detecting and preventing fraudulent transactions, chargebacks, and unauthorized access to accounts.

–

Legal Compliance: Meeting our obligations under applicable tax, consumer protection, and financial regulations.

4. Legal Basis for Processing (GDPR)

For customers in the European Economic Area (EEA) and United Kingdom, we process your personal data on the following legal bases under Article 6 of the GDPR:

Contract Performance (Art. 6(1)(b))

Processing your order, fulfilling delivery, managing your account, and handling returns. This is necessary to execute the purchase contract between you and Stellum LLC (d/b/a NomadCraft Atelier).

Legitimate Interests (Art. 6(1)(f))

Fraud prevention, site security, improving our products and services, and analyzing aggregate usage patterns. We balance these interests against your rights and freedoms.

Consent (Art. 6(1)(a))

Marketing emails, personalized recommendations, and non-essential cookies. You may withdraw consent at any time without affecting the lawfulness of prior processing.

Legal Obligation (Art. 6(1)(c))

Retaining financial and tax records as required by US federal and New Jersey state law.

5. Data Sharing

We do not sell, rent, or trade your personal data to third parties for their own marketing purposes. We share data only with the service providers that help us operate our business:

Shopify Inc.

E-commerce platform & order management

Data: Name, address, email, order details, payment tokens·Location: USA / global CDN

Stripe Inc. (via Shopify Payments)

Payment processing

Data: Payment card data (processed directly by Stripe, not stored by us)·Location: USA

Supabase Inc.

Customer accounts, order history, and database

Data: Account credentials, order records, saved addresses·Location: USA (AWS us-east-1)

Vercel Inc.

Website hosting and edge delivery

Data: Request logs, IP addresses (ephemeral)·Location: USA / global edge

DHL / UPS / Partner Carriers

Shipping and delivery

Data: Recipient name, address, phone number·Location: Varies by region

Analytics Providers (Google Analytics / Vercel Analytics)

Website usage analytics

Data: Anonymized/aggregated browsing behavior, device info·Location: USA

We may also disclose your data if required by law, court order, or government authority, or to protect the rights, property, or safety of NomadCraft Atelier, our customers, or the public.

6. International Data Transfers

Stellum LLC (d/b/a NomadCraft Atelier) is headquartered in the United States. When you place an order from the European Economic Area (EEA), United Kingdom, or another jurisdiction with data protection laws, your personal data will be transferred to and processed in the United States.

We ensure that such transfers are lawful and adequately protected through the following mechanisms:

  • –Standard Contractual Clauses (SCCs) approved by the European Commission, incorporated into our data processing agreements with sub-processors
  • –Reliance on service providers that participate in recognized compliance frameworks (e.g., Shopify, Stripe, and Supabase maintain EU data processing addenda)
  • –Where applicable, the UK International Data Transfer Agreement (IDTA) for UK residents

You may request a copy of the relevant transfer safeguards by contacting us at hello@nomadcraftatelier.com.

7. Data Retention

Order & Transaction Records

7 years

Required by US federal and New Jersey state tax and financial reporting obligations.

Customer Account Data

Duration of account + 2 years

Maintained while your account is active. Deleted 2 years after account closure unless a legal hold applies.

Marketing Preferences & Consent Records

Until withdrawal of consent + 3 years

Consent records are retained to demonstrate compliance with applicable law.

Customer Support Communications

3 years

Retained to support dispute resolution and quality improvement.

Analytics & Log Data

Up to 26 months

Standard retention for analytics platforms; data is anonymized or aggregated after 14 months.

When data is no longer needed, it is securely deleted or anonymized. You may request early deletion of your personal data subject to our legal retention obligations (see Section 8).

8. Your Rights

Rights Under GDPR (EEA & UK Residents)

Right of Access

Request a copy of all personal data we hold about you.

Right to Rectification

Request correction of inaccurate or incomplete personal data.

Right to Erasure

Request deletion of your personal data (subject to legal retention obligations).

Right to Restriction

Request that we restrict processing of your data in certain circumstances.

Right to Data Portability

Receive your data in a structured, machine-readable format.

Right to Object

Object to processing based on legitimate interests or for direct marketing.

Right to Withdraw Consent

Withdraw consent at any time where processing is consent-based.

Right to Lodge a Complaint

File a complaint with your national data protection authority.

Rights Under CCPA/CPRA (California Residents)

Right to Know

Request disclosure of the categories and specific pieces of personal information we collect, use, and share.

Right to Delete

Request deletion of personal information we have collected from you, subject to exceptions.

Right to Opt-Out

We do not sell personal information. You have the right to opt out of any future sale.

Right to Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights.

Right to Correct

Request correction of inaccurate personal information we maintain about you.

Right to Limit Use of Sensitive PI

Limit our use and disclosure of sensitive personal information to necessary purposes.

California residents may submit a verifiable consumer request by emailing hello@nomadcraftatelier.com. We will respond within 45 days as required by the CCPA.

To exercise any of the rights above, email us at hello@nomadcraftatelier.com with the subject line “Privacy Rights Request”. We will acknowledge your request within 72 hours and aim to fulfill it within 30 days (extendable by a further 60 days for complex requests, with notice).

9. Cookies

Our website uses cookies and similar tracking technologies to provide core functionality, analyze traffic, and (with your consent) deliver personalized experiences. The categories we use include:

–

Strictly Necessary: Essential for shopping cart functionality, account sessions, and security. These cannot be disabled.

–

Functional: Remember your preferences such as currency, theme, and language settings.

–

Analytics: Aggregate and anonymized data to help us understand how the site is used (e.g., Google Analytics, Vercel Analytics). Enabled only with your consent.

–

Marketing: Used to deliver relevant advertising. We use these sparingly and only with your explicit consent.

You can manage your cookie preferences through your browser settings or by contacting us. Most browsers allow you to refuse cookies or be alerted when cookies are being sent. Note that disabling certain cookies may affect site functionality.

10. Children's Privacy

Our website and services are not directed to individuals under the age of 16 years. We do not knowingly collect personal data from children under 16. This threshold aligns with GDPR Article 8 requirements for digital services.

If you are a parent or guardian and believe your child has provided us with personal data without your consent, please contact us immediately at hello@nomadcraftatelier.com. We will take prompt steps to delete such information from our records.

11. Security Measures

We implement industry-standard technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These include:

  • –TLS encryption for all data in transit between your browser and our servers
  • –Encryption at rest for sensitive data stored in our database (Supabase/PostgreSQL)
  • –Shopify and Stripe PCI DSS Level 1 compliance for all payment processing
  • –Row-Level Security (RLS) policies ensuring customers can only access their own data
  • –Access controls limiting staff access to personal data on a need-to-know basis
  • –Regular security reviews and dependency updates
  • –Vercel edge infrastructure with DDoS protection and automatic HTTPS

No method of transmission over the internet is completely secure. While we strive to protect your personal data, we cannot guarantee its absolute security. In the event of a data breach affecting your rights and freedoms, we will notify affected individuals and relevant supervisory authorities within the legally required timeframes.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we do, we will:

  • –Update the "Last updated" date at the top of this page
  • –Post a notice on our website for material changes
  • –Send an email notification to registered account holders for significant changes that affect their rights

Your continued use of our website after any changes constitutes your acceptance of the updated policy. We encourage you to review this page periodically.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact us:

CompanyStellum LLC (d/b/a NomadCraft Atelier)
Jurisdiction311 60th St Suite #292, West New York, NJ 07093
Emailhello@nomadcraftatelier.com
Subject LinePrivacy Rights Request
Response TimeWithin 72 hours

If you are located in the EEA and are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority. A list of EU data protection authorities is available at edpb.europa.eu. For UK residents, the relevant authority is the Information Commissioner's Office (ICO).

Stellum LLC (d/b/a NomadCraft Atelier) — New Jersey, USA — Last updated March 2026

Shop

  • All Jewelry
  • Greek Mythology
  • Egyptian Mythology
  • Norse Mythology
  • Pendants
  • Rings

About

  • The Journal
  • Our Story
  • Our Process
  • Our Values
  • Our Journey

Customer Care

  • Track Order
  • FAQ
  • Shipping & Returns
  • Contact Us
  • Jewelry Care

    • Newsletter

    Subscribe for new collections, behind-the-scenes stories, and exclusive offers.

    NomadCraft Atelier

    Handcrafted in Ankara

    etsy
    Secure payments
    VISA
    AMEX
    Pay
    GPay
    Shop Pay

    All transactions are secure and encrypted

    Terms of Service·Privacy Policy·Cookie Policy

    © 2026 NomadCraft Atelier. All rights reserved.