Shraxellox.world

Privacy Policy

Last updated:

At Shraxellox.world, we are committed to protecting your privacy and ensuring the security of your personal information. This comprehensive Privacy Policy outlines our practices regarding the collection, use, storage, and protection of your data in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection legislation worldwide.

1. Data Controller and Contact Information

Shraxellox.world ("we," "us," or "our") operates as the data controller for all personal data processed through our website and services. For any inquiries regarding this policy or your personal data, please contact us:

Shraxellox.world
39039 Paseo Padre Pkwy #201, Fremont, CA 94538, United States
Email: office@shraxellox.world

2. Categories of Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity data: Your full name, when provided via order forms, inquiries, or account registration.
  • Contact data: Email address, telephone number, shipping and billing addresses.
  • Technical data: IP address, browser type and version, device information, operating system, time zone setting.
  • Usage data: Information about how you use our website, including pages visited, time spent, click paths, and navigation patterns (collected via cookies with your consent).
  • Marketing and communications data: Your preferences for receiving marketing communications from us.

3. Purposes of Processing

We process your personal data for the following purposes:

  • Order fulfillment, processing payments, and delivering products to you.
  • Customer service, including responding to inquiries and resolving complaints.
  • Website functionality, security, and fraud prevention.
  • Analytics to understand how visitors use our site and improve our services (with your consent).
  • Marketing communications, including newsletters and promotional offers (with your consent).
  • Legal and regulatory compliance.

4. Legal Basis for Processing (GDPR)

Under the GDPR, we process your data based on the following legal grounds:

  • Contract: Processing necessary for the performance of a contract with you (e.g., order fulfillment).
  • Legitimate interests: Website security, fraud prevention, and improving our services.
  • Consent: Analytics cookies, marketing communications, and non-essential cookies.
  • Legal obligation: Compliance with tax, accounting, and other legal requirements.

5. Data Retention Periods

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Order and transaction data: 7 years (for legal, tax, and accounting requirements).
  • Marketing consent records: Until you withdraw consent or opt out.
  • Analytics data: Up to 26 months (when consent is given).
  • Technical and security logs: Up to 90 days.
  • Customer service correspondence: Up to 3 years after resolution.

6. Your Rights

You have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your data ("right to be forgotten") in certain circumstances.
  • Right to restrict processing: Request that we limit how we use your data.
  • Right to data portability: Receive your data in a structured, machine-readable format.
  • Right to object: Object to processing based on legitimate interests or for direct marketing.
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent.
  • Right to lodge a complaint: Lodge a complaint with a supervisory authority in your country.

To exercise any of these rights, please contact us at office@shraxellox.world. We will respond within 30 days.

7. Data Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (HTTPS/TLS) and at rest where applicable.
  • Access controls and authentication mechanisms.
  • Regular security assessments and updates.
  • Employee training on data protection.
  • Secure storage and backup procedures.

8. International Data Transfers

Your data may be processed in the United States or other countries outside the European Economic Area (EEA). When we transfer data outside the EEA, we ensure adequate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or other mechanisms recognized by applicable law.

9. Third-Party Recipients

We may share your data with trusted third-party service providers who assist us in operating our website and business, including payment processors, shipping carriers, email service providers, and analytics providers. These parties process data on our behalf under strict data processing agreements and are not permitted to use your data for their own purposes.

10. Children's Privacy

Our website and services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have collected data from a minor, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Material changes will be communicated through our website or by email. We encourage you to review this policy periodically.

Return to Home