Privacy Policy

How we collect, use, and protect your personal information

Last updated: December 2024

1. Introduction

ShopNexa B.V. ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website yeatsioukz.life or use our services.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws in the European Union.

2. Data Controller

The data controller responsible for your personal information is:

ShopNexa B.V.

Parkweg 29

3565 BP Utrecht, Netherlands

Registration Number: 96735284

VAT Number: NL847975824B08

Email: privacy@yeatsioukz.life

Phone: +31 20 988 6861

3. Information We Collect

3.1 Personal Information You Provide

We may collect personal information that you voluntarily provide to us, including:

  • Name and contact information (email address, phone number, postal address)
  • Account registration information
  • Order and transaction details
  • Payment information (processed securely by third-party payment processors)
  • Customer service communications
  • Feedback, reviews, and survey responses
  • Marketing preferences and communication choices

3.2 Information Collected Automatically

When you visit our website, we may automatically collect certain information, including:

  • IP address and device information
  • Browser type and version
  • Operating system
  • Pages visited and time spent on our website
  • Referring website or source
  • Cookies and similar tracking technologies (see our Cookie Policy)

3.3 Information from Third Parties

We may receive information about you from third parties, such as:

  • Payment processors
  • Delivery and logistics partners
  • Marketing and analytics service providers
  • Social media platforms (if you choose to connect your accounts)

4. How We Use Your Information

We use your personal information for the following purposes:

4.1 Service Provision

  • Processing and fulfilling your orders
  • Managing your account and providing customer support
  • Facilitating payments and transactions
  • Arranging delivery and logistics
  • Providing product recommendations

4.2 Communication

  • Sending order confirmations and updates
  • Responding to inquiries and providing customer support
  • Sending important notices about our services
  • Marketing communications (with your consent)

4.3 Business Operations

  • Improving our website and services
  • Conducting analytics and research
  • Preventing fraud and ensuring security
  • Complying with legal obligations
  • Enforcing our terms and conditions

5. Legal Basis for Processing

Under GDPR, we process your personal information based on the following legal grounds:

  • Contract Performance: To fulfill our contractual obligations when you place an order
  • Legitimate Interest: To improve our services, prevent fraud, and conduct business operations
  • Consent: For marketing communications and non-essential cookies
  • Legal Obligation: To comply with applicable laws and regulations
  • Vital Interests: To protect your safety or the safety of others

6. Information Sharing and Disclosure

We may share your personal information in the following circumstances:

6.1 Service Providers

We work with trusted third-party service providers who assist us in operating our business, including:

  • Payment processors
  • Shipping and logistics companies
  • Cloud hosting and IT service providers
  • Marketing and analytics platforms
  • Customer support tools

6.2 Legal Requirements

We may disclose your information when required by law or to protect our rights, including:

  • Compliance with legal obligations
  • Response to lawful requests from authorities
  • Protection of our rights and property
  • Prevention of fraud or illegal activities

6.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal information may be transferred as part of the transaction.

7. Data Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Employee training on data protection
  • Secure data centres and hosting environments

However, no method of transmission over the internet or electronic storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

8. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specific retention periods include:

  • Account Information: Until account deletion or 3 years of inactivity
  • Transaction Records: 7 years for tax and accounting purposes
  • Marketing Data: Until consent is withdrawn or 2 years of inactivity
  • Website Analytics: 26 months maximum
  • Customer Support Records: 3 years from last contact

9. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights regarding your personal information:

Right of Access

Request a copy of the personal information we hold about you.

Right to Rectification

Request correction of inaccurate or incomplete personal information.

Right to Erasure

Request deletion of your personal information under certain circumstances.

Right to Restrict Processing

Request limitation of how we use your personal information.

Right to Data Portability

Request transfer of your personal information to another service provider.

Right to Object

Object to certain types of processing, including direct marketing.

Right to Withdraw Consent

Withdraw consent for processing based on consent at any time.

To exercise these rights, please contact us at privacy@yeatsioukz.life. We will respond to your request within 30 days.

10. International Data Transfers

Your personal information may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses approved by the European Commission
  • Binding Corporate Rules
  • Certification schemes and codes of conduct

11. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

If we become aware that we have collected personal information from a child under 16 without verification of parental consent, we will take steps to remove that information from our servers.

12. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Updating the "Last updated" date at the top of this policy
  • Sending email notifications for significant changes (where required by law)

Your continued use of our services after any changes indicates your acceptance of the updated Privacy Policy.

13. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

Data Protection Officer

Email: privacy@yeatsioukz.life

Phone: +31 20 988 6861

Address: Parkweg 29, 3565 BP Utrecht, Netherlands

Supervisory Authority

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal information in accordance with the law.

This Privacy Policy is effective as of December 2024 and was last updated on December 2024.