Privacy Policy

Last updated:

1. Introduction

Ximthoremlix ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website ximthoremlix.world and use our services.

We comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws. By using our website, you consent to the data practices described in this policy.

2. Data Controller

The data controller responsible for your personal data is:

Ximthoremlix
Industrivägen 25
844 41 Bispgården
Sweden
Email: reply@ximthoremlix.world

3. Information We Collect

We collect information that you provide directly to us, including:

  • Contact Information: Name, email address, phone number (if provided)
  • Order Information: Details you provide when placing an order
  • Communication Data: Messages and inquiries you send us
  • Technical Data: IP address, browser type, device information, and cookies
  • Usage Data: Information about how you use our website

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: When you have given explicit consent for specific purposes
  • Contract: When processing is necessary to fulfill a contract with you
  • Legal Obligation: When we must comply with legal requirements
  • Legitimate Interests: When processing serves our legitimate business interests, balanced against your rights

5. How We Use Your Information

We use the information we collect for the following purposes:

  • To process and fulfill your orders
  • To communicate with you about your orders and inquiries
  • To send you marketing communications (with your consent)
  • To improve our website and services
  • To comply with legal obligations
  • To detect and prevent fraud or abuse

6. Data Sharing

We may share your personal data with:

  • Service Providers: Third parties who assist us in operating our website, processing payments, and fulfilling orders
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Transfers: In connection with any merger, sale, or acquisition of our business

We do not sell your personal data to third parties.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Order Data: Retained for 7 years for accounting and legal purposes
  • Marketing Data: Retained until you withdraw consent or unsubscribe
  • Communication Records: Retained for 3 years after the last interaction
  • Website Analytics: Retained for up to 26 months

8. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Request limitation of processing of your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time for consent-based processing

To exercise any of these rights, please contact us using the information provided below.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit using SSL/TLS
  • Secure storage systems with access controls
  • Regular security assessments and updates
  • Employee training on data protection practices

While we strive to protect your personal data, no method of transmission over the Internet is 100% secure.

10. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

11. Automated Decision-Making

We do not make solely automated decisions that produce legal or similarly significant effects for you within the meaning of Article 22 GDPR when processing standard customer inquiries or orders submitted through this website.

12. Marketing and Consent Management

Where required by law, we rely on your consent for direct marketing and non-essential cookie-based processing. You may withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.

You can manage cookie preferences through our cookie banner and exercise your marketing opt-out rights by contacting us using the details below.

13. Children's Data

Our products and services are intended for adults. We do not knowingly collect personal data from children under 18. If you believe a child has provided personal data to us, please contact us and we will take appropriate steps to remove such data where required.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

15. Complaints

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with your local data protection authority. In Sweden, this is Integritetsskyddsmyndigheten (IMY): https://www.imy.se/.

Contact Us

For any questions about this Privacy Policy or to exercise your rights, please contact us:

Ximthoremlix
Industrivägen 25, 844 41 Bispgården, Sweden
reply@ximthoremlix.world
Back to Home