Privacy Policy

We process your personal data under the following legal bases:

• Contract Performance: To process orders, manage your account, and provide customer service
• Legitimate Interests: To improve our services, prevent fraud, and ensure security
• Consent: For marketing communications and non-essential cookies
• Legal Obligations: To comply with tax, accounting, and other legal requirements
• Vital Interests: In rare cases where processing is necessary to protect someone's life

You may withdraw consent at any time where consent is the legal basis for processing.

We use the information we collect to:

• Process and fulfill your orders
• Send order confirmations and shipping updates
• Respond to customer service requests
• Send marketing communications (with your consent)
• Improve our website and services
• Prevent fraud and enhance security
• Comply with legal obligations
• Conduct analytics and business intelligence

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:

• Account Information: As long as your account is active or as needed to provide services
• Order Information: 7 years for tax and accounting purposes
• Marketing Data: Until you unsubscribe or withdraw consent
• Cookie Data: As specified in our Cookie Policy
• Legal Claims: As long as necessary to establish, exercise, or defend legal claims

After the retention period expires, we will securely delete or anonymize your personal data.

We do not sell, trade, or rent your personal information. We may share your information with:

• Service Providers: Third parties who help us operate our business (e.g., payment processors, shipping companies)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, sale, or acquisition
• With Your Consent: When you explicitly agree to sharing

All third parties are required to protect your data in accordance with this policy and applicable laws.

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions where applicable
• Your explicit consent for specific transfers

Under GDPR, you have the following rights regarding your personal data:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure ("Right to be Forgotten"): Request deletion of your data
• Right to Restriction: Limit how we process your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to certain types of processing
• Rights Related to Automated Decision-Making: Not be subject to decisions based solely on automated processing

To exercise these rights, contact us at privacy@yourcompany.com. We will respond within one month of receiving your request.

We implement appropriate technical and organizational measures to protect your personal information, including:

• Encryption of sensitive data in transit and at rest
• Regular security assessments and penetration testing
• Access controls and authentication measures
• Employee training on data protection
• Incident response procedures
• Privacy by design principles

We use cookies and similar tracking technologies in accordance with GDPR requirements:

• Essential Cookies: Required for site functionality (no consent needed)
• Performance Cookies: Help us understand site usage (consent required)
• Marketing Cookies: Used for targeted advertising (consent required)

You can manage cookie preferences through our cookie consent banner or your browser settings.

Our services are not directed to children under 16 years of age (or applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately and we will take steps to delete such information.

We may use automated systems for fraud prevention and security purposes. You have the right to request human review of any automated decisions that significantly affect you. We do not use automated decision-making for profiling that produces legal or similarly significant effects.

For questions about this policy or to exercise your rights, you may contact our Data Protection Officer at:

You have the right to lodge a complaint with a supervisory authority if you believe we have not complied with applicable data protection laws. In the EU, you may contact your local data protection authority. A list of authorities is available at:https://edpb.europa.eu/about-edpb/board/members_en

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date. For significant changes, we may also notify you by email or through a notice on our website. Your continued use of our services after changes constitutes acceptance of the updated policy.

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at: