Privacy Policy

Last updated:

1. Introduction

This Privacy Policy explains how Skyxaronghep ("we," "us," or "our") collects, uses, discloses, and protects your personal data when you visit our website skyxaronghep.world or use our services. We are committed to protecting your privacy and ensuring the security of your personal information in accordance with the General Data Protection Regulation (GDPR), the Swedish Data Protection Act (Dataskyddslagen), and other applicable data protection laws.

2. Data Controller Information

The data controller responsible for your personal data is:

  • Company Name: Skyxaronghep
  • Address: Dag Hammarskjölds väg 10, 752 37 Uppsala, Sweden
  • Email: request@skyxaronghep.world
  • Website: skyxaronghep.world

If you have any questions about this Privacy Policy or our data practices, please contact us using the information provided above.

3. Legal Basis for Processing

We process your personal data based on the following legal grounds under Article 6 of the GDPR:

  • Consent (Article 6(1)(a)): When you have given clear consent for us to process your personal data for specific purposes, such as subscribing to our newsletter or accepting marketing communications.
  • Contract Performance (Article 6(1)(b)): When processing is necessary to fulfill a contract with you, such as processing your order for our products.
  • Legal Obligation (Article 6(1)(c)): When we are legally required to process your data, such as for tax and accounting purposes.
  • Legitimate Interests (Article 6(1)(f)): When processing is necessary for our legitimate business interests, provided these do not override your fundamental rights and freedoms.

4. Personal Data We Collect

We may collect and process the following categories of personal data:

4.1 Information You Provide Directly

  • Contact Information: Name, email address, phone number (optional), and mailing address
  • Order Information: Products ordered, payment details, shipping address, and order history
  • Communication Data: Messages, inquiries, and feedback you send to us
  • Account Information: Username, password, and account preferences (if applicable)

4.2 Information Collected Automatically

  • Device Information: IP address, browser type, operating system, and device identifiers
  • Usage Data: Pages visited, time spent on pages, click patterns, and navigation paths
  • Location Data: General geographic location based on IP address
  • Cookie Data: Information collected through cookies and similar technologies (see our Cookie Policy)

5. Purposes of Data Processing

We use your personal data for the following purposes:

  • Order Processing: To process, fulfill, and deliver your orders, including payment processing and shipping
  • Customer Service: To respond to your inquiries, provide support, and resolve issues
  • Communication: To send order confirmations, shipping updates, and important service announcements
  • Marketing: To send promotional materials and newsletters (only with your explicit consent)
  • Website Improvement: To analyze usage patterns and improve our website functionality and user experience
  • Legal Compliance: To comply with legal obligations, including tax reporting and fraud prevention
  • Security: To protect our website, services, and users from unauthorized access and malicious activities

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. The specific retention periods are:

Data Category Retention Period Reason
Order Information 7 years Legal requirement for accounting and tax purposes
Customer Communication 3 years Customer service and dispute resolution
Marketing Consent Records Until consent withdrawn + 1 year Proof of consent compliance
Website Analytics 26 months Service improvement purposes
Cookie Consent Records 12 months Compliance verification

7. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

  • Service Providers: Third-party companies that help us operate our business, such as payment processors, shipping companies, and email service providers. These providers are bound by contractual obligations to protect your data.
  • Legal Authorities: When required by law, court order, or to protect our legal rights
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction

7.1 Third-Party Service Providers

Our service providers include:

  • Payment processors (for secure transaction handling)
  • Shipping and logistics companies (for order fulfillment)
  • Email service providers (for communication)
  • Analytics providers (for website improvement)
  • Cloud hosting providers (for data storage)

8. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Binding Corporate Rules for intra-group transfers
  • Other legally approved mechanisms

9. Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

  • Right of Access (Article 15): You can request a copy of your personal data we hold
  • Right to Rectification (Article 16): You can request correction of inaccurate or incomplete data
  • Right to Erasure (Article 17): You can request deletion of your data under certain circumstances
  • Right to Restrict Processing (Article 18): You can request limitation of how we process your data
  • Right to Data Portability (Article 20): You can request your data in a structured, machine-readable format
  • Right to Object (Article 21): You can object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent (Article 7): You can withdraw consent at any time where processing is based on consent
  • Right to Lodge a Complaint: You can file a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten - IMY) or another supervisory authority

To exercise any of these rights, please contact us at request@skyxaronghep.world. We will respond to your request within 30 days.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using SSL/TLS protocols
  • Secure storage of personal data with access controls
  • Regular security assessments and updates
  • Employee training on data protection practices
  • Incident response procedures for potential data breaches
  • Regular backups and disaster recovery procedures

11. Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours of becoming aware of the breach
  • Inform affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms
  • Document the breach and our response measures

12. Children's Privacy

Our website and services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately, and we will take steps to delete such information.

13. Links to Third-Party Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to read the privacy policies of any third-party websites you visit.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Email: request@skyxaronghep.world
  • Address: Dag Hammarskjölds väg 10, 752 37 Uppsala, Sweden

16. Supervisory Authority

If you are not satisfied with our response to your data protection concerns, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten - IMY):

  • Website: www.imy.se
  • Address: Box 8114, 104 20 Stockholm, Sweden
  • Email: imy@imy.se