1. Introduction
This Privacy Policy explains how Zarvaxenthralen ("we," "us," or "our") collects, uses, processes, and protects your personal data when you visit our website zarvaxenthralen.world or use our services. We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
2. Data Controller
3. Data We Collect
3.1 Information You Provide
- Contact Information: Name, email address, and any message content you submit through our order form
- Order Information: Details related to your product orders and inquiries
- Communication Data: Records of your communications with us
3.2 Automatically Collected Information
- Technical Data: IP address, browser type, device information, operating system
- Usage Data: Pages visited, time spent on pages, navigation patterns
- Cookie Data: Information collected through cookies and similar technologies (see our Cookie Policy)
4. Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Consent: When you provide explicit consent (e.g., submitting the order form, accepting cookies)
- Contract Performance: To fulfill orders and provide services you request
- Legitimate Interests: To improve our website, prevent fraud, and ensure security
- Legal Obligations: To comply with applicable laws and regulations
5. How We Use Your Data
We use your personal data for the following purposes:
- Processing and fulfilling your orders
- Communicating with you about your orders and inquiries
- Improving our website and services
- Analyzing website usage and performance
- Ensuring website security and preventing fraud
- Complying with legal obligations
- Sending marketing communications (only with your consent)
6. Data Sharing and Disclosure
We do not sell your personal data. We may share your data with:
- Service Providers: Third-party companies that help us operate our website and deliver services (e.g., hosting providers, payment processors, email services)
- Legal Authorities: When required by law or to protect our legal rights
- Business Transfers: In connection with a merger, acquisition, or sale of assets
All third parties are required to maintain the confidentiality and security of your personal data.
7. International Data Transfers
Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, such as:
- Standard Contractual Clauses approved by the European Commission
- Adequacy decisions by the European Commission
- Other legally approved transfer mechanisms
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy:
- Order Data: Retained for 7 years to comply with accounting and tax obligations
- Marketing Data: Retained until you withdraw consent or request deletion
- Technical Data: Typically retained for 12-24 months
- Communication Records: Retained for 3 years for customer service purposes
9. Your Rights Under GDPR
You have the following rights regarding your personal data:
- Right to Access: Request a copy of your personal data
- Right to Rectification: Request correction of inaccurate or incomplete data
- Right to Erasure: Request deletion of your personal data ("right to be forgotten")
- Right to Restriction: Request limitation of processing in certain circumstances
- Right to Data Portability: Receive your data in a structured, machine-readable format
- Right to Object: Object to processing based on legitimate interests or for marketing purposes
- Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
- Right to Lodge a Complaint: File a complaint with your local data protection authority
To exercise any of these rights, please contact us at touch@zarvaxenthralen.world.
10. Security Measures
We implement appropriate technical and organizational security measures to protect your personal data, including:
- HTTPS encryption for all data transmission
- Secure server infrastructure with regular security updates
- Access controls and authentication mechanisms
- Regular security assessments and monitoring
- Employee training on data protection
- Incident response procedures
While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.
11. Children's Privacy
Our website and services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information.
12. Cookies and Tracking Technologies
We use cookies and similar technologies to enhance your browsing experience. For detailed information about our use of cookies, please see our Cookie Policy.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website with a new "Last Updated" date. Your continued use of our website after changes are posted constitutes acceptance of the updated policy.
14. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
15. Supervisory Authority
If you are located in the EEA and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection supervisory authority.
For Norway, the supervisory authority is:
Datatilsynet (Norwegian Data Protection Authority)
Website: www.datatilsynet.no