Privacy Policy
Valhellio (“Valhellio”, “we”, “us”, or “our”) is committed to protecting your privacy and safeguarding your personal data in accordance with the highest applicable standards. This Privacy Policy outlines how personal information is collected, processed, stored, shared, and protected when you use our services, including your use of our website located at valhellio.com (“Website”). We are fully committed to processing your personal data lawfully, transparently, and fairly in compliance with applicable data protection laws including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”).
1. Commitment to Privacy and Data Protection
We place a high priority on respecting your privacy and earning your trust. At Valhellio, we proactively design our data practices to put your control, security, and transparency first. All personal data we collect is handled with full respect for your rights and with a focus on minimizing data exposure, ensuring data confidentiality, and processing only what is necessary to fulfill legitimate purposes.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to personal data processed by Valhellio as a data controller. As the data controller, Valhellio determines the purposes and means of the processing of your personal data collected through your visit or use of valhellio.com and related services.
This policy applies to all site visitors, registered users, customers, partners, and others who access or use our services.
3. Categories of Data We Process
We may collect and process the following categories of personal data, depending on your interaction with valhellio.com:
a) Usage Data
Includes information about how you use our website and services, such as IP address, browser type and version, geographic location, visit duration, pages viewed, session data, navigation paths, and referring URLs.
b) Account Data
This includes data you voluntarily provide when registering an account or making a purchase, such as your full name, email address, mailing address, and contact phone number.
c) Profile Data
Includes any information you add to your profile, such as preferences, purchase history, browsing behavior, saved items, and user-generated content submitted to the site.
d) Communication Data
Includes records of your interactions with us, including email communications, support requests, customer service chats, and feedback submissions.
e) Technical Data
Refers to device-specific information, including operating system, device identifier, hardware model, browser plug-in types and versions, screen resolution, and system configuration.
f) Transaction Data
Includes details related to payments made through our website, order histories, billing addresses, payment card data (where applicable and subject to secure tokenization), and delivery instructions.
g) Preference Data
Covers your communication preferences, consent to marketing, newsletter opt-ins, response tracking, and product interest categories.
4. Legal Bases for Data Processing
We rely on the following legal bases to process your personal data lawfully:
– Consent: When you have given explicit consent for specific processing (e.g., receiving marketing newsletters).
– Contractual Necessity: When processing is necessary to fulfill our contractual obligations to you or at your request (e.g., account management, order fulfillment).
– Legitimate Interests: When processing is required for our legitimate business interests, such as improving our services, legal compliance, fraud prevention, or marketing (except where such interests are overridden by your data protection rights).
– Legal Obligation: Where processing is necessary to comply with applicable legal or regulatory requirements.
5. Your Rights Under Data Protection Laws
Subject to applicable laws, especially under GDPR and CCPA, you have the following rights in relation to your personal data:
– Right of Access: Request access to the personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data concerning you.
– Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data, subject to legal exemptions.
– Right to Restrict Processing: Request a limitation on how we process your data in certain cases.
– Right to Data Portability: Request to receive or have your data transferred to another controller in a structured, commonly used, machine-readable format.
– Right to Object: Object to certain types of processing, including direct marketing.
– Right not to be subject to automated decision-making or profiling where it produces a legal effect or similarly significant consequence.
– Right to Withdraw Consent: You may withdraw any consent you have provided at any time.
California residents also have the right to opt out of the “sale” or “sharing” of their personal data, as defined under the CCPA.
You may exercise your rights by contacting us at: [email protected]
6. Security Measures
We take comprehensive measures to ensure your data remains secure, including:
– Encryption of data at rest and in transit.
– Secure server infrastructure and firewalls.
– Role-based access controls and authentication mechanisms.
– Regular security audits and vulnerability management processes.
– Staff training in data protection and confidentiality.
– Secure data backups with limited retention.
While no system is absolute, Valhellio adopts industry-standard techniques to guard against unauthorized access, data loss, and breaches.
7. International Data Transfers
In cases where your data is transferred outside of the European Economic Area (EEA), we ensure such transfers are subject to appropriate safeguards. These include EU-approved Standard Contractual Clauses or reliance on adequacy decisions where the receiving jurisdiction affords an equivalent level of data protection.
For users located in California or other jurisdictions, we ensure similar protections under relevant local requirements and incorporate contractual mechanisms to uphold adequate privacy standards globally.
8. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected or as mandated by law. Retention durations vary by data type:
– Account and profile data: Maintained as long as your account is active and for up to 6 months following closure.
– Transaction data: Retained for 7 years for tax and compliance purposes.
– Communication records: Held for a minimum of 3 years to address disputes or support inquiries.
– Usage and technical analytics: Typically retained for up to 24 months in anonymized or aggregated form.
– Marketing preferences and consents: Maintained until you withdraw your consent or unsubscribe.
9. Cookie Policy
Valhellio uses cookies and similar tracking technologies to enhance user experience and measure performance. Cookies are categorized as follows:
– Essential Cookies: Necessary for core website functionality, such as login and shopping cart management.
– Functional Cookies: Support personalized features like language selection and remembering preferences.
– Analytics Cookies: Help us understand usage patterns and optimize site performance via third-party services.
– Performance Cookies: Monitor site stability, page load times, and error reports.
10. Cookie Management and Compliance
Upon your first visit to valhellio.com, you will be prompted to manage your cookie preferences. You can opt in or out of non-essential cookies in compliance with GDPR. Your preferences can be modified at any time using our Cookie Settings panel, or by adjusting browser-level controls.
Under the CCPA, California residents may opt out of the sale or sharing of personal data collected via cookies. We honor user-enabled global privacy controls (GPC) that indicate such preferences.
11. Children’s Privacy
Our services are not directed to, and we do not knowingly collect personal data from, individuals under the age of 13. If we become aware that we have collected such data from a minor without verified parental consent, we will take immediate steps to delete the relevant information.
If you are a parent or guardian and believe we have collected your child’s information, please contact us at: [email protected]
12. Policy Updates and Notifications
We reserve the right to update or revise this Privacy Policy as necessary to reflect changes in law, technology, or our data processing practices. Material changes will be communicated via a notice on valhellio.com or through direct communication, where required by applicable law. We encourage you to periodically check this policy to stay informed of how your data is protected.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, you may contact us at:
Email: [email protected]
Website: https://valhellio.com
Compliance Note
Valhellio operates in alignment with the GDPR and CCPA to ensure your personal data is handled responsibly, transparently, and securely. We welcome your feedback and stand ready to address any privacy concerns at [email protected].