Welcome to our page!
Walk By

Privacy Policy

This Privacy Policy explains how Walk By collects, uses, and protects your personal data when you use walkbystore.com. It is drafted in line with the Georgian Law on Personal Data Protection and the principles of the EU General Data Protection Regulation (GDPR). Effective date: 14 May 2026. 1. Data controller. The site is operated by Individual Entrepreneur "Walk By" (natural person Archil Bolkvadze, ID 61001081671), based in Tbilisi, Georgia. For any privacy-related question, contact us at info@walkby.ge. 2. Data we collect. • Account information: name, email, phone number. • Shipping information: recipient name, phone, address, city, postal code, country. • Order data: order number, items, size, colour, quantity, price, payment and shipping status, tracking number, notes. • Guest checkout: email and shipping details (without creating an account). • User content: product reviews and ratings. • Marketing: newsletter email and back-in-stock notification email. • Technical data: IP address, browser type, device information, visit timestamps — used for security and rate limiting. 3. Payment information. We do not collect or store card details. Payment is processed entirely on the secure payment page of Bank of Georgia (BOG) or Flitt, who act as independent data controllers under PCI DSS standards. We only receive the payment status and transaction ID. 4. Why we use your data. • To process, deliver, and support your orders. • To manage your account and order history. • To send transactional emails (order confirmation, shipping, returns). • To send newsletters or stock alerts — only if you have opted in. • To prevent fraud, ensure security, and comply with legal obligations (e.g. tax and accounting). 5. Legal basis. We process your data on the following grounds: performance of a contract (your order), consent (newsletter, stock alerts), legal obligation (tax, accounting), and legitimate interest (security, fraud prevention). 6. Who we share data with. We do not sell personal data. We share it only with the following processors, under contract and only to the extent necessary: • Bank of Georgia (BOG) and Flitt — payment processing. • Courier companies — for order delivery. We pass: recipient name, phone, delivery address, city, postal code, order number, parcel weight/size, address notes (if any), and, where applicable, settlement information (for cash-on-delivery). The courier acts as an independent data controller for the delivery itself. • Resend — transactional email delivery. • Supabase (database and authentication hosting) and Vercel (website hosting) — infrastructure. • Upstash — rate limiting and abuse protection. We may also disclose data to competent authorities when required by law. 7. Delivery, acceptance, returns, and exchange. • Delivery: to fulfil an order, the data listed in section 6 is shared with the courier. Estimated delivery time within Georgia is 1–5 business days. • Acceptance: parcels are handed over at the address provided or to the designated recipient. Photo ID may be requested to verify the recipient. • Returns: items may be returned within 14 calendar days of acceptance, provided they are unused and in their original condition with tags intact. To start a return, email info@walkby.ge and we will send instructions. Return shipping is normally at the customer's expense, except where the product is defective or shipped in error. • Exchange: items may be exchanged for a different size or colour within the same 14-day window, subject to stock availability. To request an exchange, email info@walkby.ge. • Refunds: confirmed returns are refunded to the original payment method within 14 business days. 8. International transfers. Our infrastructure providers (Supabase, Vercel, Resend, Upstash) may process data in the EU or the United States. Where applicable, we rely on Standard Contractual Clauses or equivalent safeguards. 9. Cookies and local storage. The site uses: • Authentication cookies (Supabase) — to keep you signed in. • Browser local storage — to save your cart ("walkby-cart") and recently viewed products ("walkby-recently-viewed"). This data stays on your device. We do not use third-party analytics or advertising tracking cookies. 10. Retention. Account data is kept until you delete your account. Order and payment records are kept for at least 6 years to comply with tax and accounting law. Newsletter subscriptions remain active until you unsubscribe. 11. Your rights. You have the right to: • Request a copy of your data or its deletion. • Correct inaccurate data. • Opt out of marketing communications at any time. • Receive your data in a portable format. • File a complaint with the Personal Data Protection Service of Georgia (personaldata.ge). To exercise any right, write to info@walkby.ge. 12. Unsubscribing. To stop receiving newsletters, email info@walkby.ge. 13. Children. The site is not directed at users under 16. Purchases require legal age or parental consent. 14. Security. We use HTTPS encryption, hashed passwords, and access controls. No system is 100% secure, but we apply industry-standard practices to protect your data. 15. Personal data breach. If we detect a personal data security incident (leak, unauthorised access, alteration, or loss), we take the following steps: • Immediately assess the scope and impact and act to contain the incident. • Notify the Personal Data Protection Service of Georgia within 72 hours if the incident is likely to result in a risk to data subjects. • Notify affected users without undue delay when the incident is likely to result in a high risk to their rights and freedoms. • Keep an incident record and put measures in place to prevent recurrence. If you suspect a data security incident, contact info@walkby.ge. 16. Changes. We may update this policy. Material changes will be announced on the site or by email. 17. Contact. info@walkby.ge — for any privacy-related question.