Privacy Policy

Last updated:

1. Introduction

Vitarinsing ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website vitarinsing.world and use our services.

This policy is designed to comply with the General Data Protection Regulation (GDPR) (EU) 2016/679, the Dutch GDPR Implementation Act (Uitvoeringswet AVG), and other applicable data protection laws in the Netherlands and the European Economic Area.

2. Data Controller

The data controller responsible for your personal data is:

Vitarinsing
Thorbeckestraat 4, 6741 XG Lunteren, Netherlands
Email: message@vitarinsing.world

3. Personal Data We Collect

We collect the following categories of personal data:

  • Identity Data: Full name
  • Contact Data: Email address, phone number (optional)
  • Communication Data: Messages and correspondence you send to us
  • Technical Data: IP address, browser type, device information, pages visited, time spent on pages
  • Cookie Data: Information collected through cookies and similar technologies

4. How We Collect Your Data

We collect personal data through:

  • Direct interactions: When you fill out forms, place orders, or contact us
  • Automated technologies: Through cookies, server logs, and similar technologies when you browse our website

5. Purposes and Legal Basis for Processing

We process your personal data for the following purposes:

  • Order Processing: To process and fulfill your orders (Legal basis: Contract performance)
  • Customer Communication: To respond to your inquiries and provide customer support (Legal basis: Legitimate interests)
  • Website Functionality: To ensure proper website operation (Legal basis: Legitimate interests)
  • Analytics: To analyze website usage and improve our services (Legal basis: Consent)
  • Marketing: To send promotional communications if you have opted in (Legal basis: Consent)
  • Legal Compliance: To comply with legal obligations (Legal basis: Legal obligation)

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Order data: 7 years for tax and accounting purposes
  • Contact inquiries: 2 years from the last communication
  • Analytics data: 26 months
  • Marketing consent records: Until consent is withdrawn plus 3 years

7. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restriction: Request limitation of processing
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time without affecting lawfulness of prior processing

To exercise any of these rights, please contact us using the details provided below. We will respond to your request within one month, as required by the GDPR (this period may be extended by two further months in complex cases, in which case we will inform you).

Right to lodge a complaint: You may lodge a complaint with a supervisory authority. Contact details for the Dutch authority and further information appear in Section 14 below.

Automated decision-making and profiling: We do not use automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you.

Data Protection Officer (DPO): We are not required to appoint a DPO under Article 37 GDPR. For privacy enquiries, please use the contact details in this policy.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • SSL/TLS encryption for data transmission
  • Secure server infrastructure
  • Access controls and authentication
  • Regular security assessments
  • Staff training on data protection

9. Data Sharing and Transfers

We may share your data with:

  • Service providers: Payment processors, delivery services, hosting providers
  • Legal authorities: When required by law or to protect our rights

If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

10. Cookies

We use cookies and similar technologies on our website. For detailed information about our use of cookies, please see our Cookie Policy.

11. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to read their privacy policies.

12. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

14. Complaints and Supervisory Authority

If you have concerns about our data processing practices, you have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

The Dutch supervisory authority is the Autoriteit Persoonsgegevens (Dutch Data Protection Authority), Postbus 93374, 2509 AJ Den Haag, Netherlands. Website: www.autoriteitpersoonsgegevens.nl.