Privacy Policy

1. Controller and contact details

The controller responsible for the processing of your personal data in relation to this website and the VitaHerbion product is:

Marketwarranted
Jan Tooropstraat 164
1061 AE Amsterdam
Netherlands

Email: help@marketwarranted.world
Phone: +31 20 510 8826

If you have questions about this Privacy Policy or about how we process your data, you can contact us using the details above. You may also contact us if you wish to exercise your rights under the General Data Protection Regulation (GDPR) or other applicable data protection laws.

2. Scope and applicability

This Privacy Policy applies to the website marketwarranted.world and to any personal data we collect when you use our website, place an order, contact us, or otherwise interact with us. It describes what data we collect, for what purposes we use it, on what legal basis we process it, how long we keep it, and what rights you have. We process personal data in accordance with the GDPR (Regulation (EU) 2016/679) and with Dutch national data protection law (UAVG). If you are located in another country, additional local laws may apply to you.

3. Personal data we collect and purposes of processing

3.1 Data you provide to us

When you place an order or use our contact or order form, we may collect:

• Name (full name)
• Email address
• Phone number (if you provide it)
• Message or order details
• Your consent to our Terms of Service and Privacy Policy, and where applicable your consent to marketing or analytics

Purpose: To process your order, communicate with you about your order, respond to your enquiries, and where you have consented, to send you marketing communications or to use analytics to improve our website.

Legal basis: Performance of a contract (order processing), our legitimate interest (customer service, improving our services), or your consent (marketing, non-essential cookies/analytics).

3.2 Data collected automatically

When you visit our website, we may automatically collect technical data such as your IP address, browser type and version, device type, operating system, referring URL, pages visited, and date and time of access. This may be done through our server logs and, if you have consented, through cookies or similar technologies as described in our Cookie Policy.

Purpose: To ensure the security and proper functioning of our website, to prevent fraud and abuse, and with your consent to analyse how our website is used so we can improve it.

Legal basis: Our legitimate interest (security, technical operation) or your consent (analytics).

3. Data we do not collect

We do not knowingly collect special categories of personal data (e.g. health data) unless you voluntarily provide it in a message and we need it to answer your question. We do not collect payment card details on our own servers; any payment processing is handled by third-party payment providers who have their own privacy policies.

4. Retention periods

We keep your personal data only for as long as necessary for the purposes for which it was collected, or as required by law.

• Order and contact data: We retain data related to orders and customer communications for a period of up to seven (7) years after the last order or communication, for the purposes of contract performance, legal obligations (e.g. tax and commercial law), and handling complaints or legal claims.
• Marketing and analytics: If you have consented to marketing or analytics, we retain the relevant data until you withdraw consent or for the period stated when you gave consent, and thereafter only in anonymised or aggregated form where applicable.
• Server logs and security: Technical and access logs may be retained for a limited period necessary for security and troubleshooting, typically up to twelve (12) months, unless a longer period is required for legal or regulatory reasons.
• Cookie data: As set out in our Cookie Policy; session cookies are deleted when you close your browser; persistent cookies are stored for the duration stated in the Cookie Policy or until you withdraw consent.

After the retention period has ended, we will delete or anonymise your personal data so that it can no longer be attributed to you.

5. Recipients and international transfers

We may share your personal data with:

• Service providers: Such as hosting providers, email delivery services, and if applicable payment processors or logistics partners, who process data on our behalf and are bound by data processing agreements.
• Legal and regulatory bodies: Where we are required to do so by law, or to protect our rights or the rights of others.

We do not sell your personal data to third parties. If we transfer personal data to countries outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place (e.g. adequacy decision, standard contractual clauses, or other mechanisms approved under the GDPR). You may request information about these safeguards by contacting us.

6. Security measures

We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include:

• Use of HTTPS (TLS/SSL) for all pages of our website to encrypt data in transit.
• Restriction of access to personal data to authorised personnel who need it for the purposes described in this policy.
• Secure storage and handling of data, including where applicable encryption at rest and secure backup procedures.
• Regular review of our security practices and updating of measures as technology and risks evolve.

Despite our efforts, no method of transmission or storage over the internet is completely secure. If you have reason to believe that your interaction with us is no longer secure, please contact us immediately.

7. Your rights under the GDPR

Under the GDPR and applicable Dutch law, you have the following rights in relation to your personal data:

• Right of access (Article 15): You may request a copy of the personal data we hold about you and information about how we process it.
• Right to rectification (Article 16): You may request that we correct any inaccurate or incomplete personal data.
• Right to erasure (“right to be forgotten”) (Article 17): You may request that we delete your personal data in certain circumstances, e.g. where it is no longer necessary, where you withdraw consent, or where you object and there are no overriding legitimate grounds.
• Right to restriction of processing (Article 18): You may request that we restrict the processing of your data in certain situations (e.g. while we verify accuracy or while a dispute is ongoing).
• Right to data portability (Article 20): Where we process your data by automated means on the basis of contract or consent, you may request to receive your data in a structured, commonly used and machine-readable format, and to transmit it to another controller where technically feasible.
• Right to object (Article 21): You may object to processing based on legitimate interests, including profiling. You may also object at any time to processing for direct marketing.
• Right to withdraw consent: Where we rely on your consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

To exercise any of these rights, please contact us using the contact details in section 1. We will respond within one month, and we may need to verify your identity. You also have the right to lodge a complaint with a supervisory authority. In the Netherlands, the competent authority is the Autoriteit Persoonsgegevens (Dutch Data Protection Authority), autoriteitpersoonsgegevens.nl.

8. Children

Our website and services are not directed at children under 16. We do not knowingly collect personal data from children under 16. If you believe we have collected data from a child under 16, please contact us and we will take steps to delete it.

9. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the website. The “Last updated” date at the top indicates when the policy was last revised. We encourage you to review this page periodically. Where changes are material, we may notify you by email or by a notice on our website. Continued use of the website after the effective date of changes constitutes acceptance of the updated policy where permitted by law.

10. Contact

For any questions about this Privacy Policy or our data practices:

Marketwarranted
Jan Tooropstraat 164, 1061 AE Amsterdam, Netherlands
Email: help@marketwarranted.world
Phone: +31 20 510 8826