Threxxonchor

Privacy Policy

Last Updated: March 15, 2024

1. Introduction

This Privacy Policy describes how Threxxonchor ("we," "us," or "our") collects, uses, processes, and protects your personal information when you visit our website at threxxonchor.world (the "Website") or use our services. We are committed to protecting your privacy and ensuring transparency in our data processing practices.

This policy complies with the General Data Protection Regulation (GDPR) (EU) 2016/679 and other applicable data protection laws in the Netherlands and the European Union.

2. Data Controller Information

The data controller responsible for your personal information is:

Threxxonchor
Strawinskylaan 3105
1077 ZX Amsterdam
Netherlands
Email: customer@threxxonchor.world
Phone: +31 20 678 6780

If you have any questions about this Privacy Policy or our data processing practices, please contact us using the information provided above.

3. Information We Collect

3.1 Information You Provide Directly

When you interact with our Website, you may provide us with the following personal information:

  • Contact Information: Full name, email address, phone number, and postal address when you place an order or contact us
  • Order Information: Details about products you purchase, order history, and preferences
  • Communication Data: Messages, inquiries, and feedback you send to us through contact forms or email
  • Account Information: If you create an account, we collect username, password, and profile information
  • Payment Information: Billing address and payment method details (note: credit card information is processed by our payment processor and not stored on our servers)

3.2 Information Collected Automatically

When you visit our Website, we automatically collect certain technical information:

  • Device Information: IP address, browser type and version, operating system, device identifiers
  • Usage Data: Pages visited, time spent on pages, links clicked, referring website, date and time of visits
  • Location Data: General geographic location based on IP address
  • Cookies and Similar Technologies: Information collected through cookies, web beacons, and similar tracking technologies (see our Cookies Policy for details)

3.3 Information from Third Parties

We may receive information about you from third-party sources, including:

  • Payment processors and fraud prevention services
  • Delivery and logistics partners
  • Marketing and analytics service providers
  • Social media platforms if you interact with our social media presence

4. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Contractual Necessity: Processing is necessary to fulfill our contract with you when you place an order or use our services
  • Consent: You have given explicit consent for specific processing activities, such as marketing communications or optional cookies
  • Legitimate Interests: Processing is necessary for our legitimate business interests, such as fraud prevention, website security, and improving our services, provided these interests do not override your rights
  • Legal Obligations: Processing is required to comply with legal obligations, such as tax and accounting requirements

5. How We Use Your Information

We use your personal information for the following purposes:

5.1 Order Processing and Service Delivery

  • Processing and fulfilling your orders
  • Communicating with you about your orders and deliveries
  • Managing returns, refunds, and customer service inquiries
  • Verifying your identity and preventing fraud

5.2 Website Operation and Improvement

  • Operating, maintaining, and improving our Website
  • Analyzing usage patterns and trends to enhance user experience
  • Troubleshooting technical issues and ensuring website security
  • Conducting research and development for new products and services

5.3 Marketing and Communications

  • Sending promotional emails about new products, special offers, and updates (with your consent)
  • Personalizing content and advertisements based on your interests
  • Conducting surveys and gathering feedback
  • Managing loyalty programs and promotional campaigns

5.4 Legal and Compliance

  • Complying with legal obligations and regulatory requirements
  • Enforcing our terms and conditions and other agreements
  • Protecting our rights, property, and safety, and those of our users
  • Responding to legal requests from authorities

6. Data Sharing and Disclosure

We do not sell your personal information to third parties. We may share your information with the following categories of recipients:

6.1 Service Providers

We engage trusted third-party service providers to perform functions on our behalf, including:

  • Payment processors and financial institutions
  • Shipping and delivery companies
  • Cloud hosting and data storage providers
  • Email service providers and marketing platforms
  • Analytics and advertising services
  • Customer support and communication tools

These service providers have access to your personal information only to perform specific tasks on our behalf and are obligated to protect your data and use it only for the purposes we specify.

6.2 Business Transfers

If we are involved in a merger, acquisition, sale of assets, or bankruptcy, your personal information may be transferred as part of that transaction. We will notify you of any such change and the choices you may have regarding your information.

6.3 Legal Requirements

We may disclose your information if required by law or in response to valid requests by public authorities, including to meet national security or law enforcement requirements.

6.4 Protection of Rights

We may disclose information when we believe it is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

7. International Data Transfers

Your personal information may be transferred to and processed in countries other than the Netherlands. When we transfer data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions recognizing that certain countries provide adequate data protection
  • Binding Corporate Rules for transfers within corporate groups
  • Your explicit consent for specific transfers

We take all reasonable steps to ensure that your data is treated securely and in accordance with this Privacy Policy and applicable data protection laws.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Specific Retention Periods:

  • Order and Transaction Data: 7 years from the date of transaction (to comply with tax and accounting regulations)
  • Customer Account Information: Until you request deletion or 3 years after your last interaction with us
  • Marketing Communications: Until you unsubscribe or withdraw consent
  • Website Analytics Data: 26 months from collection
  • Customer Service Records: 3 years from the last communication
  • Legal Claims Data: Duration of applicable statute of limitations

After the retention period expires, we will securely delete or anonymize your personal information. Anonymized data may be retained indefinitely for statistical and research purposes.

9. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption: All data transmitted between your browser and our servers is encrypted using SSL/TLS protocols (HTTPS)
  • Access Controls: Strict access controls ensure that only authorized personnel can access personal data on a need-to-know basis
  • Secure Storage: Personal data is stored on secure servers with firewalls and intrusion detection systems
  • Regular Security Audits: We conduct regular security assessments and vulnerability testing
  • Employee Training: Our staff receives regular training on data protection and security best practices
  • Incident Response: We maintain procedures for detecting, reporting, and responding to data breaches

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to protecting your data using industry-standard practices.

10. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights regarding your personal information:

10.1 Right of Access

You have the right to request confirmation of whether we process your personal data and to obtain a copy of your data along with information about how it is processed.

10.2 Right to Rectification

You have the right to request correction of inaccurate personal data and to have incomplete data completed.

10.3 Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected or when you withdraw consent.

10.4 Right to Restriction of Processing

You have the right to request that we restrict processing of your personal data in certain situations, such as when you contest the accuracy of the data or object to processing.

10.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

10.6 Right to Object

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes. We will cease processing unless we have compelling legitimate grounds that override your interests.

10.7 Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before withdrawal.

10.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your residence, workplace, or where an alleged infringement occurred. In the Netherlands, the supervisory authority is:

Autoriteit Persoonsgegevens
Postbus 93374
2509 AJ Den Haag
Netherlands
Website: autoriteitpersoonsgegevens.nl

Exercising Your Rights

To exercise any of these rights, please contact us at customer@threxxonchor.world or write to us at the address provided in Section 2. We will respond to your request within one month, though this period may be extended by two additional months for complex requests. We may request additional information to verify your identity before processing your request.

11. Children's Privacy

Our Website and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information promptly.

12. Marketing Communications

With your consent, we may send you marketing communications about our products, services, and promotions. You can opt out of receiving marketing emails at any time by:

  • Clicking the "unsubscribe" link in any marketing email
  • Contacting us at customer@threxxonchor.world
  • Updating your communication preferences in your account settings

Please note that even if you opt out of marketing communications, we will still send you transactional emails related to your orders and account.

13. Third-Party Links

Our Website may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices or content of these third parties. We encourage you to review the privacy policies of any third-party sites you visit. This Privacy Policy applies only to information collected by our Website.

14. Automated Decision-Making and Profiling

We may use automated decision-making and profiling for the following purposes:

  • Fraud detection and prevention
  • Personalized product recommendations
  • Targeted marketing and advertising

You have the right not to be subject to decisions based solely on automated processing that produce legal effects or similarly significantly affect you. If you wish to exercise this right or obtain human intervention in an automated decision, please contact us.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by:

  • Posting the updated policy on our Website with a new "Last Updated" date
  • Sending an email notification to registered users
  • Displaying a prominent notice on our Website

We encourage you to review this Privacy Policy periodically. Your continued use of our Website after changes are posted constitutes your acceptance of the updated policy.

16. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

Email: customer@threxxonchor.world
Phone: +31 20 678 6780
Postal Address:
Threxxonchor
Strawinskylaan 3105
1077 ZX Amsterdam
Netherlands

We are committed to resolving any privacy concerns you may have and will respond to your inquiries as promptly as possible.