Privacy Policy

Last updated:

1. Introduction

Zipharonvorm ("we", "us", or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website zipharonvorm.world and use our services.

This policy is compliant with the General Data Protection Regulation (GDPR) (EU) 2016/679, the Swedish Data Protection Act (2018:218) (Swedish supplementary provisions to the GDPR), and other applicable data protection laws in Sweden and the European Union.

2. Data Controller Information

The data controller responsible for your personal data is:

Zipharonvorm
Törnskatevägen 10
856 53 Sundsvall
Sweden
Email: callback@zipharonvorm.world

3. Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Information You Provide

  • Contact Information: Name, email address, phone number (if provided)
  • Order Information: Details provided when placing an order through our contact form
  • Communication Data: Messages, inquiries, and correspondence you send to us

3.2 Automatically Collected Information

  • Technical Data: IP address, browser type, operating system, device information
  • Usage Data: Pages visited, time spent on pages, navigation paths
  • Cookie Data: Information collected through cookies and similar technologies (see our Cookie Policy)

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

  • Consent (Article 6(1)(a)): Where you have given explicit consent for processing your data for specific purposes, such as marketing communications
  • Contract Performance (Article 6(1)(b)): Where processing is necessary to fulfill our contractual obligations to you, such as processing orders
  • Legal Obligation (Article 6(1)(c)): Where we are required to process data to comply with legal requirements
  • Legitimate Interests (Article 6(1)(f)): Where processing is necessary for our legitimate business interests, such as improving our services and website security

5. Purposes of Data Processing

We use your personal data for the following purposes:

  • Processing and fulfilling your orders
  • Responding to your inquiries and providing customer support
  • Sending order confirmations and updates
  • Improving our website, products, and services
  • Analyzing website usage and user behavior
  • Ensuring website security and preventing fraud
  • Complying with legal obligations
  • Sending marketing communications (only with your consent)

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Order Data: Retained for 7 years for accounting and legal compliance purposes
  • Contact Inquiries: Retained for 2 years after the last communication
  • Marketing Data: Retained until you withdraw consent or unsubscribe
  • Technical/Analytics Data: Retained for up to 26 months

After the retention period expires, we will securely delete or anonymize your data.

7. Your Rights Under GDPR

As a data subject, you have the following rights regarding your personal data:

  • Right of Access (Article 15): Request a copy of your personal data
  • Right to Rectification (Article 16): Request correction of inaccurate or incomplete data
  • Right to Erasure (Article 17): Request deletion of your personal data ("right to be forgotten")
  • Right to Restriction (Article 18): Request restriction of processing of your data
  • Right to Data Portability (Article 20): Receive your data in a structured, machine-readable format
  • Right to Object (Article 21): Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent (Article 7(3)): Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at callback@zipharonvorm.world. Withdrawing consent is as easy as giving it, where processing is based on consent. We will respond to your request without undue delay and in any event within one month (this period may be extended by two further months where necessary, in line with Article 12 GDPR).

7.1 Automated Decision-Making

We do not use solely automated decision-making, including profiling, which produces legal effects concerning you or similarly significantly affects you within the meaning of Article 22 GDPR. If we were to introduce such processing in the future, we would inform you separately and describe your rights.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

  • SSL/TLS encryption for data transmission
  • Secure storage systems with access controls
  • Regular security assessments and updates
  • Employee training on data protection
  • Limited access to personal data on a need-to-know basis

9. Data Sharing and Third Parties

We may share your personal data with:

  • Service Providers: Third-party companies that help us operate our business (payment processors, shipping companies, hosting providers)
  • Legal Authorities: When required by law or to protect our legal rights

We do not sell your personal data to third parties. When we share data with service providers, we ensure appropriate data processing agreements are in place.

10. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When such transfers occur, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Transfers to countries with an adequacy decision
  • Other legally approved transfer mechanisms

11. Children's Privacy

Our website is not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

12. Right to Lodge a Complaint

If you believe that your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. In Sweden, the relevant authority is:

Integritetsskyddsmyndigheten (IMY)
Box 8114
104 20 Stockholm
Sweden
Website: https://www.imy.se

13. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Zipharonvorm
Törnskatevägen 10
856 53 Sundsvall
Sweden
Email: callback@zipharonvorm.world