Privacy Policy

Curio Wonder — a brand of Mid-Atlantic Retail Ventures, LLC. Effective 13 June 2026  ·  Last Updated: July 2, 2026

1. Who We Are

Curio Wonder is operated by Mid-Atlantic Retail Ventures, LLC ("Curio Wonder," "we," "us," or "our"), a limited liability company organized in the State of Maryland, United States. We operate from the United States and primarily serve customers in the continental United States. We understand that visitors from other regions, including the European Union and the United Kingdom, may access our website, and this policy is written with those visitors in mind.

This policy explains what information we collect, how we use it, how we keep it safe, and the rights you have over it.

2. Our Online Store

Curio Wonder is open, and our online store is live at shopcuriowonder.com. You can browse our products, create an account, place orders, subscribe to our newsletter, and contact us. The practices described in this policy apply to all of these activities, including browsing, account activity, and purchases.

3. Information We Collect

We collect only the information we need to operate, communicate with you, and fulfill orders:

Information you give us directly, such as your name, email address, and any message content when you create an account, subscribe to our newsletter, place an order, or contact us.

Order and customer information, such as billing and shipping address, order details, and contact information needed to process and ship your purchases. Payment card details are handled by our payment processor and are not stored on our servers.

Automatically collected information, such as your IP address, browser type, device information, and general usage data, collected through cookies and similar technologies (see Section 6).

We do not knowingly collect more personal data than is reasonably necessary for the purposes described in this policy.

4. How We Use Your Information

We use the information we collect to:

  • Send you updates, newsletters, and marketing communications only where you have given us permission to do so;
  • Operate, maintain, and improve our website;
  • Process, fulfill, and support your orders;
  • Respond to your questions and provide customer service;
  • Protect against fraud and keep our website and customers secure; and
  • Comply with our legal obligations.

Marketing is permission-based. We send promotional email only to people who have opted in. Every marketing email includes an easy way to unsubscribe, and we honor opt-out requests promptly, consistent with the U.S. CAN-SPAM Act and applicable state and international law. You can withdraw your consent at any time without affecting your ability to use our website or place an order.

5. We Never Sell Your Data

We do not sell your personal information, and we do not share it for cross-context behavioral advertising in exchange for value. We do not trade, rent, or otherwise monetize your personal data. We share information only with the trusted service providers described in Section 7, and only as needed to run our business, never for them to use it for their own marketing.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to make our website work, remember your preferences, understand how the site is used, and improve your experience. Some cookies are essential; others (such as analytics) are optional. Where required by law, we will ask for your consent before placing non-essential cookies, and you can manage or disable cookies through your browser settings. We honor recognized opt-out preference signals (such as Global Privacy Control) where applicable law requires.

7. Service Providers We Work With

We rely on reputable third-party providers to operate our business, for example, our e-commerce and hosting platform, payment processor, email and marketing tools, and analytics services. These providers may process your information only on our behalf and under contract, are required to safeguard it, and are not permitted to use it for their own purposes. We share the minimum information necessary for them to perform their function.

8. How We Keep Your Data Safe

We take the security of your information seriously and use reasonable administrative, technical, and organizational safeguards designed to protect it, including:

  • Encryption in transit: our website uses HTTPS/TLS so information is encrypted as it travels between your device and us;
  • Reputable, security-vetted platforms: we host our store and process payments through established providers that maintain industry-standard security and, in the case of payments, PCI-DSS compliance;
  • Limited access: personal data is accessible only to those who need it to do their job; and
  • Data minimization: we collect and keep only what we reasonably need.

No method of transmission or storage is ever 100% secure, so while we work hard to protect your information, we cannot guarantee absolute security.

9. How Long We Keep Your Information

We keep your personal information only for as long as needed for the purposes described in this policy, for example, for as long as you remain subscribed, as long as needed to fulfill and support your orders, and as required to meet our legal, tax, and accounting obligations. When we no longer need it, we delete or anonymize it.

10. Your Privacy Rights (United States)

Depending on the state you live in, U.S. privacy laws, including the California Consumer Privacy Act (CCPA/CPRA), the Maryland Online Data Privacy Act (MODPA), and comprehensive privacy laws in a growing number of other states, may give you the right to:

  • Know and access the personal information we hold about you;
  • Correct inaccurate personal information;
  • Delete your personal information;
  • Obtain a portable copy of your information;
  • Opt out of the sale of your data or targeted advertising (note: as stated above, we do not sell your data); and
  • Not be discriminated against for exercising your rights.

To exercise any of these rights, contact us using the details in Section 14. We will verify your request and respond within the timeframe required by applicable law. If we deny a request, you may appeal by replying to our response, and where available you may contact your state Attorney General. (Maryland residents may contact the Consumer Protection Division of the Maryland Office of the Attorney General.)

11. Your Privacy Rights (EU, EEA, and UK: GDPR)

If you are located in the European Union, the European Economic Area, or the United Kingdom, the EU General Data Protection Regulation (GDPR) and the UK GDPR give you additional rights, and we process your personal data on one or more of the following legal bases: your consent (for example, marketing emails), the performance of a contract (for example, fulfilling your order), our legitimate interests (for example, securing and improving our site), and compliance with legal obligations.

You have the right to:

  • Access your personal data and receive a copy of it;
  • Rectify inaccurate or incomplete data;
  • Erase your data ("right to be forgotten");
  • Restrict or object to our processing;
  • Data portability: receive your data in a portable format;
  • Withdraw consent at any time, without affecting prior lawful processing; and
  • Lodge a complaint with your local data protection authority (in the UK, the Information Commissioner's Office).

International data transfers: Because we operate from the United States, your personal data will be processed in the U.S. Where we transfer data from the EU/EEA or UK, we rely on appropriate safeguards (such as the European Commission's Standard Contractual Clauses) to protect it. To exercise any GDPR right, contact us using the details in Section 14; we will respond within one month as required by law.

12. Children's Privacy

Our website is intended for adults and is not directed to children. We do not knowingly collect personal information from children under 13 (or under 16 in regions where that higher age applies), consistent with the U.S. Children's Online Privacy Protection Act (COPPA) and applicable law. If you believe a child has provided us with personal information, please contact us and we will delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or the law. When we do, we will revise the "Last Updated" date above and, where appropriate, notify you. We encourage you to review this page periodically.

14. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

Mid-Atlantic Retail Ventures, LLC (d/b/a Curio Wonder) Email: privacy@shopcuriowonder.com

How Can We Help You?