Privacy Policy

1. Data Controller

Zunrylexoighak.world ("we," "us," or "our") operates the website zunrylexoighak.ddd. We are the data controller responsible for your personal data under the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.

Our commitment to your privacy is fundamental to our operations. We process your data transparently, lawfully, and in accordance with the highest standards of data protection.

Contact Information

Address: 2299 Post St, Ste 109, San Francisco, CA 94115, USA

Email: question@zunrylexoighak.world

2. Data We Collect

We may collect the following categories of personal data through our website, communications, and services:

Identity Data

Your first name, last name, and any other identifiers you provide when contacting us or placing an order.

Contact Data

Your email address, telephone number, postal address, and any other contact details you voluntarily provide.

Technical Data

Your IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, device information, and other technology on the devices you use to access our website.

Usage Data

Information about how you use our website, including pages visited, time spent on pages, click paths, and navigation patterns.

Communication Data

Messages, inquiries, and feedback you send to us through our contact forms, email, or other channels.

Marketing and Communications Data

Your preferences in receiving marketing from us and your communication preferences, where you have consented to such communications.

3. Purposes of Processing

We process your personal data for the following purposes:

• To respond to your inquiries, process your orders, and provide customer support
• To deliver our products and services to you
• To send you order confirmations, shipping updates, and transactional communications
• To improve our website, products, and services based on usage patterns and feedback
• To comply with legal obligations, including tax, accounting, and regulatory requirements
• To send marketing communications where you have given your consent
• To analyze website traffic and user behavior to enhance user experience
• To detect, prevent, and address fraud, security issues, and technical problems
• To enforce our terms and conditions and protect our rights and the rights of others

4. Legal Basis (GDPR)

For users in the European Economic Area (EEA) and United Kingdom, we process your data based on the following legal grounds:

Consent

Where you have given clear, specific, and informed consent for a particular purpose, such as marketing communications or non-essential cookies.

Contract

Where processing is necessary to perform our contract with you, such as processing your order and delivering products.

Legitimate Interests

Where we have a legitimate interest in processing your data, provided your interests and fundamental rights do not override those interests. This includes improving our services, ensuring security, and communicating with you about your orders.

Legal Obligation

Where we are required to process your data to comply with applicable laws, such as tax and accounting regulations.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements.

• Inquiry and order data: Up to 3 years after your last contact or transaction
• Marketing data: Until you withdraw consent or opt out
• Technical and usage data: Up to 24 months
• Legal and compliance records: As required by applicable law, typically 7 years
• Customer support communications: Up to 3 years from resolution

When data is no longer needed, we securely delete or anonymize it in accordance with our retention schedule.

6. Your Rights

Under GDPR, CCPA, and other applicable laws, you have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten") in certain circumstances
• Right to Restriction: Request limitation of processing in certain situations
• Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format
• Right to Object: Object to processing based on legitimate interests or for direct marketing
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
• Right to Complain: Lodge a complaint with a supervisory authority in your country

To exercise any of these rights, please contact us at question@zunrylexoighak.world. We will respond within 30 days as required by law. You will not be charged a fee for exercising your rights unless your request is clearly unfounded or excessive.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. Our security measures include:

• Encryption: All data in transit is encrypted using TLS/HTTPS. Sensitive data at rest is encrypted where appropriate.
• Access Controls: Strict access controls limit who can access your data. Access is granted only on a need-to-know basis.
• Security Assessments: Regular security assessments and vulnerability testing to identify and address risks.
• Staff Training: Ongoing training for our staff on data protection, security best practices, and confidentiality.
• Incident Response: Procedures to detect, report, and respond to data breaches in accordance with legal requirements.

While we strive to protect your data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to maintaining the highest standards.

8. Data Sharing

We may share your personal data with the following categories of recipients:

Service Providers

Third-party service providers who assist our operations, such as payment processors, shipping carriers, email service providers, and analytics providers. These providers are bound by data processing agreements and may only use your data for the purposes we specify.

Legal Authorities

Law enforcement, regulators, or other authorities when required by law or to protect our rights, safety, or the rights and safety of others.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the successor entity, subject to the same privacy protections.

We do not sell your personal data. We do not share your data with third parties for their marketing purposes without your explicit consent.

9. International Transfers

Your data may be transferred to and processed in countries outside your country of residence, including the United States. These countries may have different data protection laws.

When we transfer data outside the EEA or UK, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Binding Corporate Rules where applicable
• Adequacy decisions by the European Commission

You may request a copy of the safeguards we use for international transfers by contacting us.

10. Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last updated" date at the top of this page and, where required by law, seek your consent or provide you with additional notice.

We encourage you to review this page periodically to stay informed about how we protect your data. Your continued use of our website after changes constitutes acceptance of the updated policy.