Privacy Policy

Last updated:

1. Introduction

Zephyroxgrzulax ("we", "us", "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website zephyroxgrzulax.world (the "Website") and purchase our products.

This policy is compliant with the General Data Protection Regulation (GDPR) (EU) 2016/679, the UK Data Protection Act 2018, and other applicable data protection laws.

2. Data Controller Information

The data controller responsible for your personal data is:

  • Company Name: Zephyroxgrzulax
  • Address: 100 Corporation St, Birmingham B4 6TB, United Kingdom
  • Email: privacy@zephyroxgrzulax.world

For any data protection inquiries, please contact us using the details above.

3. Information We Collect

3.1 Information You Provide Directly

We collect personal information that you voluntarily provide to us when you:

  • Place an order through our Website
  • Subscribe to our newsletter
  • Contact us with inquiries
  • Fill out forms on our Website

This information may include:

  • Full name
  • Email address
  • Phone number (if provided)
  • Delivery address
  • Payment information (processed securely by third-party payment providers)
  • Any message or communication you send to us

3.2 Information Collected Automatically

When you visit our Website, we may automatically collect certain information, including:

  • IP address
  • Browser type and version
  • Operating system
  • Referring website
  • Pages viewed and time spent on pages
  • Date and time of visit
  • Device information

This information is collected through cookies and similar technologies. Please see our Cookie Policy for more details.

4. Legal Basis for Processing

Under the GDPR, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to fulfill orders and provide our services to you.
  • Consent: Where you have given clear consent for us to process your personal data for a specific purpose (e.g., marketing communications).
  • Legitimate Interests: Processing necessary for our legitimate business interests, such as improving our services and preventing fraud, provided these do not override your fundamental rights.
  • Legal Obligation: Processing necessary to comply with legal obligations, such as tax and accounting requirements.

5. How We Use Your Information

We use the information we collect for the following purposes:

  • To process and fulfill your orders
  • To communicate with you about your orders and inquiries
  • To send you important information regarding our Website, products, and policies
  • To send marketing communications (only with your consent)
  • To improve our Website and user experience
  • To analyze Website usage and trends
  • To prevent fraudulent transactions and protect against errors
  • To comply with legal and regulatory requirements

6. Data Sharing and Disclosure

We may share your personal information with the following categories of recipients:

  • Service Providers: Third-party companies that perform services on our behalf, such as payment processing, shipping and fulfillment, email marketing, and website analytics. These providers are contractually bound to protect your data and use it only for the purposes we specify.
  • Legal Requirements: We may disclose your information if required by law, court order, or governmental regulation, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction.

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

7. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) and the United Kingdom. When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Transfers to countries with an adequacy decision
  • Other legally approved transfer mechanisms

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Order Information: Retained for 7 years after the last transaction for tax and accounting purposes.
  • Marketing Communications: Until you withdraw consent or unsubscribe.
  • Customer Inquiries: For 3 years after the inquiry is resolved.
  • Website Analytics: Aggregated and anonymized data may be retained indefinitely.

After the retention period expires, your data will be securely deleted or anonymized.

9. Your Rights Under GDPR

Under the GDPR and UK data protection law, you have the following rights:

  • Right of Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request correction of inaccurate or incomplete data.
  • Right to Erasure: You can request deletion of your personal data in certain circumstances.
  • Right to Restriction: You can request that we restrict the processing of your data.
  • Right to Data Portability: You can request to receive your data in a structured, commonly used, machine-readable format.
  • Right to Object: You can object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of prior processing.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any of these rights, please contact us using the details provided in Section 2.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Secure Socket Layer (SSL) encryption for data transmission
  • Secure storage with access controls
  • Regular security assessments and updates
  • Staff training on data protection
  • Third-party security audits where applicable

While we take reasonable precautions, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

11. Children's Privacy

Our Website is not intended for children under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us, and we will delete such information.

12. Third-Party Links

Our Website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to read the privacy policies of any third-party websites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The updated policy will be posted on this page with a revised "Last updated" date. We encourage you to review this policy periodically.

Significant changes may be communicated through email or a prominent notice on our Website.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Address: 100 Corporation St, Birmingham B4 6TB, United Kingdom
  • Email: privacy@zephyroxgrzulax.world

We will respond to your inquiry within 30 days.