Privacy Policy

Last Updated: February 2, 2026

h2>1. General Information

This Privacy Policy describes how we collect, use, store, share and protect personal information when you visit our website, use our services, make purchases, subscribe to newsletters, contact our support team or interact with us in any other way.

We take your privacy seriously and process your data in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA/CPRA) where applicable, and other relevant national regulations.

By using our website and services you confirm that you have read, understood and agree to the practices described in this Privacy Policy. If you do not agree, please stop using our services immediately.

2. Controller of Your Data

The controller responsible for processing your personal data is:

Company Name Ltd.
Business address: 123 Example Street, City, Country
Registration number: 12345678
Email: [email protected]

3. Categories of Personal Data We Collect

3.1 Data You Actively Provide

• First name and last name
• Email address
• Phone number (optional)
• Username and password (for registered accounts)
• Delivery and billing address
• Messages sent via contact forms or live chat
• Reviews, comments, ratings and other user-generated content
• Payment-related information (handled securely by third-party processors)
• Preferences and settings you choose in your account
• Any other information you decide to provide us voluntarily

3.2 Data Collected Automatically

• IP address and approximate geolocation
• Browser type, version and language
• Operating system and device type
• Device identifiers (when applicable)
• Pages visited, time spent, scroll depth
• Clickstream data and interaction with elements
• Referral source and exit pages
• Cookies, pixels, web beacons and similar technologies
• Session duration and frequency of visits

3.3 Data Received From Third Parties

• Information from social login providers (if you choose this option)
• Analytics data from tools such as Google Analytics
• Aggregated insights from advertising partners
• Fraud prevention and risk assessment data

4. Purposes of Processing

We use your personal information for the following main purposes:

1. Providing access to and proper functioning of our website and services
2. Creating, managing and securing your user account
3. Processing orders, payments, deliveries and returns
4. Sending important transactional emails and notifications
5. Providing customer support and handling complaints
6. Personalizing content, recommendations and offers
7. Detecting fraud, abuse and security incidents
8. Improving our website, products and customer experience
9. Conducting internal analytics, research and statistics
10. Complying with legal obligations and court orders
11. Protecting our rights, property and safety
12. Direct marketing (only when you gave explicit consent)

5. Legal Basis for Processing

We rely on the following legal bases when processing your personal data:

• Performance of a contract or taking steps prior to entering into a contract
• Your explicit consent (especially for marketing and some cookies)
• Compliance with legal and regulatory obligations
• Legitimate interests (e.g. fraud prevention, service improvement, direct marketing where permitted)
• Vital interests of you or another natural person (in rare cases)

6. Data Sharing and Disclosure

We do not sell your personal information. We share data only in these limited cases:

• With service providers (hosting, payment gateways, email services, analytics, shipping companies, cloud storage)
• With legal authorities, regulators or courts when required by law
• In connection with mergers, acquisitions, asset sales or similar transactions
• With professional advisors (attorneys, auditors, consultants) under confidentiality
• To protect our rights, users or the public (e.g. fraud or safety threats)

All third parties are bound by strict data processing agreements and are not allowed to use your data for their own unrelated purposes.

7. International Data Transfers

Some of our service providers are located outside your country or outside the European Economic Area (EEA). Whenever personal data is transferred to countries that do not offer an adequate level of protection, we use appropriate safeguards such as:

• Standard Contractual Clauses approved by the European Commission
• Binding Corporate Rules
• Approved codes of conduct or certification mechanisms
• Your explicit consent (in specific cases)

8. Data Retention Periods

We retain your personal data only as long as necessary for the purposes listed above or as required by law:

• Active account data → while account exists + 12 months after closure
• Order & financial data → up to 10 years (tax and accounting obligations)
• Marketing consent data → until consent is withdrawn
• Technical logs & analytics → up to 26 months
• Support tickets & correspondence → up to 5 years
• Backup copies → up to 90 days after deletion

After the retention period expires, data is permanently deleted or irreversibly anonymized.

9. Your Data Protection Rights

Depending on your location and applicable law, you may have the following rights:

• Right to access – obtain copy of your personal data
• Right to rectification – correct inaccurate data
• Right to erasure – delete your data in certain cases
• Right to restrict processing – limit how we use your data
• Right to data portability – receive data in structured format
• Right to object – object to processing based on legitimate interest or direct marketing
• Right to withdraw consent – at any time when processing is consent-based
• Right to lodge a complaint with your local data protection authority

To exercise any of these rights, please contact us at [email protected]

10. Data Security

We maintain reasonable technical and organizational measures to protect your data against unauthorized access, loss, destruction, alteration or misuse. These include encryption, access controls, regular security testing, staff training and incident response procedures.

Despite our efforts, no internet-based system can be 100% secure. You should always protect your login credentials and avoid sharing them.

11. Children's Privacy

Our website and services are not directed to children under 16 years of age. We do not knowingly collect personal data from children under 16. If we discover such data has been collected, we will promptly delete it.

12. Changes to This Privacy Policy

We may revise this Privacy Policy from time to time to reflect changes in our practices, technology or legal requirements. The new version will be published here with an updated “Last updated” date. We recommend checking this page periodically.