Privacy Policy | Velmoriniz

1. Introduction

Velmoriniz ("we", "us", or "our") is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website velmoriniz.world and use our services.

This policy applies to all visitors, users, and customers of our website and services. By using our website, you consent to the data practices described in this policy.

2. Data Controller Information

The data controller responsible for your personal data is:

Velmoriniz
Address: Kirsebærvænget 19, 4681 Herfølge, Denmark
Email: office@velmoriniz.world
Country: Denmark

3. Personal Data We Collect

We may collect the following categories of personal data:

Identity Data: Full name as provided in order forms
Contact Data: Email address and phone number (optional)
Communication Data: Messages and inquiries submitted through our forms
Technical Data: IP address, browser type, operating system, device information, and browsing patterns
Usage Data: Information about how you use our website and services
Cookie Data: Data collected through cookies and similar technologies

4. How We Collect Your Data

We collect personal data through:

Direct interactions: When you fill out forms, place orders, or contact us
Automated technologies: As you navigate our website, we collect technical data through cookies and similar technologies
Third parties: Analytics providers and advertising networks

5. Purposes and Legal Basis for Processing

We process your personal data for the following purposes:

Contract performance (GDPR Article 6(1)(b)): To process and fulfill your orders, manage payments, and deliver products
Legitimate interests (GDPR Article 6(1)(f)): To improve our website and customer service, prevent fraud, and maintain website security
Consent (GDPR Article 6(1)(a)): To send marketing communications (where consent is obtained) and set non-essential cookies
Legal obligations (GDPR Article 6(1)(c)): To comply with accounting, tax, consumer-protection, and other legal requirements

5A. Data Recipients and Processors

We share personal data only where necessary and under written data processing arrangements where required by law. Depending on the service used, recipients may include:

Payment service providers (to process transactions)
Shipping and logistics partners (to deliver orders)
Hosting and IT service providers (to operate and secure the website)
Analytics and advertising partners (only where you have provided the required cookie consent)

We do not sell personal data.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

Order data: Retained for 5 years after the order date for accounting and legal purposes
Communication data: Retained for 2 years after the last communication
Marketing preferences: Retained until you withdraw consent
Technical data: Retained for 12 months for analytics purposes

7. Your Rights Under GDPR

Under the General Data Protection Regulation (GDPR), you have the following rights:

Right of access: Request copies of your personal data
Right to rectification: Request correction of inaccurate or incomplete data
Right to erasure: Request deletion of your personal data ("right to be forgotten")
Right to restrict processing: Request limitation of how we use your data
Right to data portability: Request transfer of your data to another organization
Right to object: Object to processing based on legitimate interests or direct marketing
Right to withdraw consent: Withdraw consent at any time for consent-based processing

To exercise any of these rights, please contact us using the details provided below. We will respond to your request without undue delay and within one month, unless a longer period is permitted by law.

7A. Automated Decision-Making

We do not make solely automated decisions, including profiling, that produce legal or similarly significant effects on you.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

SSL/TLS encryption for data transmission
Secure server infrastructure
Access controls and authentication measures
Regular security assessments
Employee training on data protection

9. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:

Standard Contractual Clauses approved by the European Commission
Adequacy decisions by the European Commission
Binding Corporate Rules for transfers within corporate groups

10. Third-Party Services

We may share your data with trusted third parties who assist us in operating our website, conducting our business, or servicing you. These parties are contractually obligated to keep your information confidential and use it only for the purposes we specify.

11. Cookies

Our website uses cookies and similar tracking technologies. Non-essential cookies are set only after you provide consent through our cookie banner. For detailed information, please see our Cookie Policy.

12. Children's Privacy

Our website and services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have collected data from a minor, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will post any changes on this page and update the "Last updated" date. We encourage you to review this policy periodically.

14. Complaints

If you have concerns about our data practices, you have the right to lodge a complaint with a supervisory authority. In Denmark, the relevant authority is:

Datatilsynet (Danish Data Protection Agency)
Carl Jacobsens Vej 35
2500 Valby, Denmark
Website: www.datatilsynet.dk