Privacy Policy

Last updated:

1. Data Controller

The data controller responsible for the processing of your personal data is:

Wyxranorphranux
Östra Hamngatan 16, 411 09 Gothenburg, Sweden
Email: mail-us@wyxranorphranux.world
Website: https://wyxranorphranux.world

2. What Personal Data We Collect

We collect and process the following categories of personal data:

  • Identity Data: Full name as provided in the order form.
  • Contact Data: Email address and, optionally, phone number.
  • Communication Data: Messages or special requests submitted through the order form.
  • Technical Data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
  • Usage Data: Information about how you use our website, including pages visited, time spent on pages, and navigation paths.
  • Cookie Data: Data collected through cookies and similar technologies as described in our Cookie Policy.

3. How We Collect Your Data

We collect personal data through the following means:

  • Direct interactions: When you fill in our order form, contact us by email, or interact with our website.
  • Automated technologies: As you navigate our website, we may automatically collect Technical Data and Usage Data through cookies, server logs, and similar technologies.

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under the General Data Protection Regulation (GDPR, EU Regulation 2016/679):

  • Consent (Article 6(1)(a) GDPR): Where you have given explicit consent, for example by checking the consent checkbox on our order form or accepting optional cookies.
  • Contract performance (Article 6(1)(b) GDPR): Where processing is necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering into a contract.
  • Legal obligation (Article 6(1)(c) GDPR): Where we need to comply with applicable legal or regulatory requirements, such as tax and accounting obligations.
  • Legitimate interests (Article 6(1)(f) GDPR): Where processing is necessary for our legitimate interests (e.g., improving our website, fraud prevention), provided those interests are not overridden by your rights and freedoms.

5. Purposes of Processing

We use your personal data for the following purposes:

  • To process and fulfill your orders and requests.
  • To communicate with you regarding your order, including sending order confirmations and updates.
  • To respond to your inquiries and provide customer support.
  • To improve and optimize our website, products, and services.
  • To comply with legal and regulatory obligations.
  • To detect and prevent fraud and abuse.
  • To analyze website usage and generate aggregated, non-identifying statistics.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. Specifically:

  • Order data: Retained for the duration necessary to process and fulfill the order, plus an additional period to comply with legal obligations (e.g., accounting and tax requirements under Swedish law — typically 7 years).
  • Communication data: Retained for up to 2 years from the date of your last communication, unless a longer retention period is required by law.
  • Technical and usage data: Retained for up to 26 months from the date of collection.
  • Cookie consent records: Retained for up to 12 months, after which you will be asked to renew your consent.

When your personal data is no longer needed, we will securely delete or anonymize it.

7. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data. We may share your data with the following categories of third parties, only as necessary:

  • Service providers: Trusted third-party providers who assist with website hosting, email delivery, payment processing, and analytics. These providers are bound by data processing agreements and may only process your data on our instructions.
  • Legal authorities: Where required by law, regulation, court order, or governmental request.

Any transfers of personal data to countries outside the European Economic Area (EEA) will be carried out in compliance with GDPR, using appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission.

8. Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access (Article 15): You may request a copy of the personal data we hold about you.
  • Right to rectification (Article 16): You may request that we correct inaccurate or incomplete personal data.
  • Right to erasure (Article 17): You may request that we delete your personal data, subject to certain legal exceptions.
  • Right to restriction of processing (Article 18): You may request that we restrict the processing of your personal data under certain conditions.
  • Right to data portability (Article 20): You may request your personal data in a structured, commonly used, and machine-readable format.
  • Right to object (Article 21): You may object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
  • Right to withdraw consent (Article 7(3)): Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal.
  • Right to lodge a complaint: You have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY) or another competent supervisory authority.

To exercise any of these rights, please contact us at mail-us@wyxranorphranux.world. We will respond to your request within 30 days.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • SSL/TLS encryption for all data transmitted through our website.
  • Access controls limiting data access to authorized personnel only.
  • Regular security assessments and updates of our systems.
  • Secure storage and backup procedures.
  • Data processing agreements with all third-party service providers.

10. Cookies

Our website uses cookies and similar technologies. For detailed information about the types of cookies we use, their purposes, and how to manage your preferences, please refer to our Cookie Policy.

11. Children's Privacy

Our website and products are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from a child, we will take immediate steps to delete it.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. The updated version will be posted on this page with a revised "Last updated" date. We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Wyxranorphranux
Östra Hamngatan 16, 411 09 Gothenburg, Sweden
Email: mail-us@wyxranorphranux.world

14. Supervisory Authority

If you believe that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a supervisory authority. In Sweden, the relevant authority is:

Integritetsskyddsmyndigheten (IMY)
Box 8114, 104 20 Stockholm, Sweden
Website: https://www.imy.se