Privacy policy

Last updated: May 27, 2026

This Privacy Policy explains how Sabiedrība ar ierobežotu atbildību "SmartBuy", registration number 40203098869, legal address Rīga, Duntes iela 7A, LV-1013, Latvia, trading as THE JERKY (“THE JERKY”, “we”, “us”, “our”), collects, uses, stores and discloses personal data when you visit our website, use our online store, place an order, create a customer account, contact us, or otherwise interact with us.

Our website is available at https://thejerky.world.

For the purposes of the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable Latvian data protection laws, we are the data controller of the personal data described in this Privacy Policy, unless stated otherwise.

Our online store is powered by Shopify, which provides the e-commerce platform, checkout, hosting, payment-related functionality, security, analytics and related services that allow us to operate our online store.

Please read this Privacy Policy carefully. By using our website or placing an order, you acknowledge that you have read and understood how we process personal data as described in this Privacy Policy.

1. Controller and Contact Details

Controller:
Sabiedrība ar ierobežotu atbildību "SmartBuy"

Trading name:
THE JERKY

Registration number:
40203098869

Legal address:
Rīga, Duntes iela 7A, LV-1013, Latvia

Website:
https://thejerky.world

Email:
info@beefjerky.world

Phone:
+371 20225222

Data Protection Officer:
We have not appointed a Data Protection Officer because we are not required to do so under applicable law. If this changes, we will update this Privacy Policy.

2. Personal Data We Collect

Depending on how you interact with our website and online store, we may collect and process the following categories of personal data:

a) Contact and identification data

This may include your name, surname, email address, telephone number, billing address, shipping address, country, and other contact details you provide to us.

b) Order and transaction data

This may include the products you order, order number, order date, order status, delivery method, delivery destination, payment status, refunds, returns, exchanges, discount codes, invoices, and related transaction information.

c) Payment data

Payments are processed through payment services available in our Shopify checkout and by our payment service providers, including Shopify payment services, Google Pay and PayPal.

We do not store full payment card numbers, CVV codes, or full bank account credentials. We may receive limited payment-related information, such as payment confirmation, payment status, transaction ID, payment method, billing information, card type, last four digits of the card where applicable, and fraud-prevention signals.

d) Customer account data

If you create a customer account, we may process your login details, account preferences, saved addresses, order history, and account settings.

e) Communications data

This includes the content of messages you send to us, such as customer support requests, complaints, product questions, return requests, emails, social media messages, and other communications.

f) Marketing and preference data

If you subscribe to marketing communications or otherwise agree to receive promotional messages from us, we may process your name, email address, marketing consent status, communication preferences, unsubscribe records, and information about your interaction with our marketing emails, where permitted by law.

We do not use SMS marketing.

g) Device, technical and usage data

This may include your IP address, browser type, device type, operating system, language settings, time zone, pages visited, referring URLs, session data, cookie identifiers, approximate location derived from IP address, and information about how you interact with our website.

h) Fraud prevention and security data

This may include IP address, order patterns, risk indicators, device data, payment risk signals, login activity, technical logs, and other information used to protect our store, customers, payment processes and business.

We do not intentionally collect special categories of personal data, such as health data, biometric data, political opinions, religious beliefs, or trade union membership. Please do not provide such data to us unless specifically requested and legally justified.

3. Sources of Personal Data

We collect personal data from the following sources:

a) Directly from you

For example, when you place an order, create a customer account, contact us, subscribe to marketing communications, submit a form, or otherwise provide information to us.

b) Automatically through our website

For example, through cookies, server logs, analytics tools, security tools and similar technologies when you visit or use our website.

c) From Shopify and service providers

For example, Shopify, payment providers, delivery companies, email service providers, fraud-prevention providers, customer support tools, hosting providers and other service providers may provide us with information needed to operate the store.

d) From third parties where legally permitted

For example, payment providers, delivery providers or fraud-prevention providers may provide us with information necessary to process payments, deliver orders, prevent fraud or resolve disputes.

4. Purposes and Legal Bases for Processing

We process personal data only when we have a valid legal basis under applicable data protection law.

4.1. Processing and fulfilling orders

Purpose:
To receive your order, process payment, prepare the order, issue invoices, arrange delivery, provide order confirmations, process returns, refunds or exchanges, and communicate with you about your order.

Data used:
Contact data, order data, transaction data, payment status, shipping data and communications data.

Legal basis:
Performance of a contract with you under Article 6(1)(b) GDPR.
Compliance with legal obligations, including accounting and tax obligations, under Article 6(1)(c) GDPR.

Retention:
Order, invoice and accounting data are retained for the period required by applicable accounting, tax and legal obligations. Certain order-related data may also be retained for the limitation period applicable to legal claims.

4.2. Providing customer support

Purpose:
To answer your questions, handle complaints, respond to requests, assist with delivery issues, process returns, and maintain customer relationships.

Data used:
Contact data, order data, communications data and customer account data.

Legal basis:
Performance of a contract under Article 6(1)(b) GDPR, where your request relates to an order or service.
Legitimate interests under Article 6(1)(f) GDPR, where we respond to general inquiries and maintain customer service records.

Retention:
Customer support communications are generally retained for up to 3 years after the matter is resolved, unless a longer period is required for legal, accounting, fraud-prevention or dispute-resolution purposes.

4.3. Creating and managing customer accounts

Purpose:
To allow you to create, access, update and use your customer account, view order history, save preferences and manage account details.

Data used:
Customer account data, contact data, order history, login information and preferences.

Legal basis:
Performance of a contract under Article 6(1)(b) GDPR.
Legitimate interests under Article 6(1)(f) GDPR in operating and securing customer accounts.

Retention:
Customer account data are retained while your account remains active. If you request account deletion, we will delete or anonymise the account data unless we must retain certain data for legal, accounting, fraud-prevention or dispute-resolution purposes.

4.4. Sending marketing communications

Purpose:
To send newsletters, promotional emails, offers, product updates and similar marketing communications.

Data used:
Name, email address, marketing preferences, consent records, unsubscribe records and marketing interaction data.

Legal basis:
Your consent under Article 6(1)(a) GDPR, where required.
In limited cases, our legitimate interests under Article 6(1)(f) GDPR may apply to sending marketing about similar products to existing customers, where permitted by applicable law and where you are given a clear opportunity to opt out.

Retention:
Marketing data are retained until you unsubscribe or withdraw your consent. We may keep limited suppression records to ensure that we do not contact you again after you unsubscribe.

You can unsubscribe from marketing emails at any time by using the unsubscribe link in our emails or by contacting us at info@beefjerky.world.

We do not use SMS marketing.

4.5. Operating, securing and improving our website

Purpose:
To operate our website, keep the website secure, understand how visitors use the website, detect technical issues, improve navigation, improve products and services, and optimise the shopping experience.

Data used:
Device data, technical data, usage data, cookie identifiers, IP address, pages visited, session information and approximate location.

Legal basis:
Consent under Article 6(1)(a) GDPR for non-essential analytics cookies and similar technologies, where required.
Legitimate interests under Article 6(1)(f) GDPR for strictly necessary technical logs, website operation, security and fraud prevention.

Retention:
Technical, analytics and website usage data are retained according to the retention settings of the relevant tools and our cookie settings.

4.6. Preventing fraud and protecting security

Purpose:
To detect, prevent, investigate and respond to fraud, abuse, unauthorised access, payment risks, security incidents, illegal activity and violations of our terms.

Data used:
Device data, IP address, order data, payment risk signals, customer account activity, technical logs and fraud-prevention data.

Legal basis:
Legitimate interests under Article 6(1)(f) GDPR in protecting our customers, website, payments, business and legal rights.
Compliance with legal obligations under Article 6(1)(c) GDPR, where applicable.

Retention:
Security logs and fraud-prevention data are generally retained for up to 12 months, unless a longer period is necessary for investigation, legal claims or legal obligations.

4.7. Complying with legal obligations

Purpose:
To comply with accounting, tax, consumer protection, food safety, product safety, regulatory, legal and law enforcement obligations.

Data used:
Order data, invoice data, contact data, payment records, communications, delivery records and other data required by law.

Legal basis:
Compliance with legal obligations under Article 6(1)(c) GDPR.

Retention:
Data are retained for the period required by applicable law. Accounting and invoice records are retained for the statutory retention period required under Latvian law.

4.8. Establishing, exercising or defending legal claims

Purpose:
To handle disputes, complaints, chargebacks, legal requests, investigations, enforcement of terms, and protection of our legal rights.

Data used:
Contact data, order data, payment data, communications, customer account data, technical data and other relevant records.

Legal basis:
Legitimate interests under Article 6(1)(f) GDPR in protecting our legal rights.
Compliance with legal obligations under Article 6(1)(c) GDPR, where applicable.

Retention:
Data may be retained for the duration of the relevant legal limitation periods or for as long as necessary for the legal matter.

5. Cookies and Similar Technologies

Our website uses cookies and similar technologies.

Cookies may be used for the following purposes:

a) Strictly necessary cookies

These cookies are required for the website and online store to function. They support features such as shopping cart, checkout, security, fraud prevention, customer account login, language settings and order processing. These cookies do not require consent but are necessary to provide the service you request.

b) Preference cookies

These cookies remember your preferences, such as language, region or display settings.

c) Analytics cookies

These cookies help us understand how visitors use our website and how we can improve it.

d) Advertising and marketing cookies

These cookies may be used to measure advertising campaigns, understand the effectiveness of marketing, create audiences, and show relevant ads where such tools are used.

We will ask for your consent before placing non-essential analytics, advertising or marketing cookies, where required by law.

You can manage or withdraw cookie consent through the cookie banner or cookie settings tool available on our website, where such tool is provided. You can also control cookies through your browser settings.

Please note that blocking certain cookies may affect the functionality of the website, shopping cart, checkout or customer account features.

6. How We Share Personal Data

We may disclose personal data to the following categories of recipients where necessary for the purposes described in this Privacy Policy:

a) Shopify

Our store is hosted by Shopify, which provides the e-commerce platform, hosting, checkout, payment-related services, analytics, security and other store functionality.

b) Payment service providers

We share payment-related data with payment processors and financial service providers, including Shopify payment services, Google Pay and PayPal, to process payments, refunds, chargebacks and fraud checks.

c) Delivery and fulfilment providers

We share contact and delivery data with shipping, postal, courier, fulfilment, warehouse and logistics providers to deliver your order. The specific delivery provider may depend on your country, selected shipping method and order destination.

d) IT and hosting providers

We may share data with providers that support website hosting, cloud storage, backups, security, maintenance and technical infrastructure.

e) Email and customer support providers

We may share data with providers that help us send transactional emails, order confirmations, customer support replies and service notifications.

f) Analytics and website operation providers

We may share technical and usage data with providers that help us operate, secure and improve our website and online store.

g) Professional advisers

We may share personal data with accountants, auditors, lawyers, tax advisers, insurers and other professional advisers where necessary.

h) Public authorities and law enforcement

We may disclose personal data where required by law, court order, lawful request or regulatory obligation, including to tax authorities, consumer protection authorities, data protection authorities, customs authorities or law enforcement.

i) Business transfers

If our business is involved in a merger, acquisition, reorganisation, sale of assets, insolvency or similar transaction, personal data may be transferred as part of that transaction, subject to applicable law.

We do not sell your personal data in the ordinary meaning of the word “sell”.

7. Relationship with Shopify

Our online store is powered by Shopify. Shopify processes personal data to provide, secure and improve the e-commerce services used by our store.

When you visit our store, browse products, create a customer account, place an order, use checkout, make a payment, or otherwise interact with our Shopify-powered store, personal data may be transmitted to and processed by Shopify and its service providers.

Shopify may process personal data as our processor where it provides services to us. In some circumstances, Shopify may also process personal data as an independent controller, for example where it provides certain enhanced services, security, analytics, fraud prevention, personalised shopping features, or services connected to Shopify’s own consumer products.

Where Shopify enhanced services are enabled, Shopify may use information collected from your interactions with our store, other merchants and Shopify to provide enhanced services, protect against fraud, improve services, and support personalised or improved commerce experiences.

You can learn more about Shopify’s processing of personal data in Shopify’s Consumer Privacy Policy:
https://privacy.shopify.com/en

Depending on where you live, you may also be able to exercise certain rights directly through Shopify’s Privacy Portal:
https://privacy.shopify.com/en

8. International Transfers

We are located in Latvia. However, some of our service providers, including Shopify, PayPal, Google Pay and other technology providers, may process personal data outside Latvia, the European Economic Area (“EEA”), or the United Kingdom.

Where personal data are transferred outside the EEA or the United Kingdom, we rely on appropriate safeguards where required by law, such as:

- adequacy decisions adopted by the European Commission or relevant UK authority;
- Standard Contractual Clauses approved by the European Commission;
- equivalent UK transfer mechanisms;
- contractual, organisational and technical safeguards required by applicable data protection law.

9. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including to provide our services, fulfil orders, comply with legal obligations, resolve disputes, prevent fraud and enforce our rights.

In general:

- order, invoice, payment confirmation and accounting data are retained for the statutory period required by applicable accounting and tax laws;
- customer account data are retained while the account remains active, unless deletion is requested and no legal reason requires further retention;
- customer support communications are usually retained for up to 3 years after the matter is resolved;
- marketing consent and unsubscribe records are retained for as long as necessary to manage your preferences and demonstrate compliance;
- analytics and cookie data are retained according to the applicable cookie settings and provider retention periods;
- security and fraud-prevention logs are usually retained for up to 12 months, unless a longer period is necessary.

When personal data are no longer needed, we will delete, anonymise or securely archive them in accordance with applicable law.

10. Your Rights

If you are located in the European Economic Area, the United Kingdom, or another jurisdiction with applicable privacy rights, you may have the following rights:

a) Right of access

You have the right to request confirmation as to whether we process your personal data and to receive a copy of the personal data we hold about you.

b) Right to rectification

You have the right to request correction of inaccurate or incomplete personal data.

c) Right to erasure

You have the right to request deletion of your personal data in certain circumstances.

d) Right to restriction of processing

You have the right to request that we restrict the processing of your personal data in certain circumstances.

e) Right to data portability

You have the right to receive certain personal data in a structured, commonly used, machine-readable format and to request transmission of that data to another controller, where technically feasible.

f) Right to object

You have the right to object to processing based on our legitimate interests, including profiling based on legitimate interests. You also have the right to object to direct marketing at any time.

g) Right to withdraw consent

Where we rely on your consent, you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

h) Right not to be subject to certain automated decisions

You have the right not to be subject to a decision based solely on automated processing, including profiling, where such decision produces legal effects or similarly significant effects, except where permitted by law.

We do not intentionally make decisions about you based solely on automated processing that produce legal or similarly significant effects. Shopify, payment providers or fraud-prevention providers may use automated tools to assess transaction risk, fraud risk or security issues. Where required by law, you may request human review of such decisions.

11. How to Exercise Your Rights

To exercise your rights, contact us at:

Email:
info@beefjerky.world

Postal address:
Sabiedrība ar ierobežotu atbildību "SmartBuy"
Rīga, Duntes iela 7A, LV-1013, Latvia

Phone:
+371 20225222

Please include enough information for us to identify you and understand your request. We may ask you to verify your identity before responding to your request, especially if your request relates to access, deletion, correction or customer account information.

We will respond to your request within the period required by applicable law. In most cases under GDPR, we will respond within one month of receiving your request. If your request is complex or we receive multiple requests, we may extend the response period where permitted by law and will inform you accordingly.

You may also authorise another person to submit a request on your behalf. In such case, we may require proof of authorisation and may ask you to verify your identity directly.

We will not discriminate against you for exercising your privacy rights.

12. Marketing Communications

If you subscribe to our newsletter or agree to receive marketing communications, we may send you promotional emails, offers, product updates and other marketing messages.

You can unsubscribe at any time by:

- clicking the unsubscribe link in any marketing email;
- contacting us at info@beefjerky.world;
- updating your communication preferences, where available.

Even if you opt out of marketing communications, we may still send you non-marketing messages, such as order confirmations, delivery updates, customer account notices, security notices and legally required communications.

We do not send SMS marketing.

13. Security

We use appropriate technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration, disclosure or destruction.

These measures may include secure hosting, access controls, encryption where appropriate, payment security tools, fraud-prevention tools, staff access restrictions and service provider due diligence.

However, no website, internet transmission or storage system is completely secure. You are responsible for keeping your customer account credentials confidential. Please do not share your password or login details with anyone.

14. Children’s Privacy

Our website and services are not intended for children under the age of 18. We do not knowingly collect personal data from children.

If you believe that a child has provided personal data to us, please contact us at info@beefjerky.world. If we become aware that we have collected personal data from a child without appropriate legal basis, we will delete it where required by law.

15. Third-Party Websites and Links

Our website may contain links to third-party websites, platforms, payment services, delivery tracking pages, social media pages or other services that we do not control.

We are not responsible for the privacy practices, security, content or policies of third-party websites or services. We encourage you to read the privacy policies of those third parties before providing personal data to them.

16. Worldwide Sales and Deliveries

We may sell and deliver products to customers worldwide, subject to checkout availability, delivery availability, legal restrictions, customs requirements, product restrictions, food import rules and other limitations that may apply to the destination country.

Where an order is shipped outside Latvia or outside the European Economic Area, your contact and delivery data may be shared with delivery providers, customs authorities, postal operators, fulfilment providers and other parties necessary to complete delivery and comply with legal obligations.

17. Complaints

If you have concerns about how we process your personal data, please contact us first at info@beefjerky.world so that we can try to resolve the issue.

You also have the right to lodge a complaint with the Latvian supervisory authority:

Data State Inspectorate of Latvia
Elijas iela 17
Riga, LV-1050
Latvia

Email:
pasts@dvi.gov.lv

Phone:
+371 67223131

Website:
https://www.dvi.gov.lv

If you live in another EEA country, you may also contact your local data protection authority.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our business, website, service providers, legal obligations or data processing practices.

When we update this Privacy Policy, we will post the updated version on our website and update the “Last updated” date at the top of this page. Where required by law, we will provide additional notice or request consent.

19. Contact Us

If you have any questions about this Privacy Policy, our privacy practices or your rights, please contact us:

THE JERKY
Sabiedrība ar ierobežotu atbildību "SmartBuy"
Registration number: 40203098869
Rīga, Duntes iela 7A, LV-1013
Latvia

Website:
https://thejerky.world

Email:
info@beefjerky.world

Phone:
+371 20225222