Khythranzex

Privacy Policy

Last Updated: January 2024

1. Introduction

This Privacy Policy explains how Khythranzex ("we", "us", or "our") collects, uses, discloses, and protects your personal information when you visit our website at khythranzex.world (the "Website") or use our services. We are committed to protecting your privacy and ensuring transparency in our data processing practices.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws in the United Kingdom and European Union. By using our Website, you consent to the data practices described in this policy.

2. Data Controller Information

The data controller responsible for your personal information is:

Khythranzex
International House, 100 Wood Street
London EC2V 7AN
United Kingdom
Phone: +44 20 8951 0155
Email: request@khythranzex.world

If you have any questions about this Privacy Policy or our data processing practices, please contact us using the information provided above.

3. Information We Collect

3.1 Information You Provide Directly

We collect personal information that you voluntarily provide to us when you:

  • Place an order through our order form (name, email address, phone number, message)
  • Contact us via email or phone
  • Subscribe to our newsletter or marketing communications
  • Participate in surveys or promotions
  • Create an account on our Website

The types of personal information we may collect include: full name, email address, telephone number, postal address, payment information, and any other information you choose to provide.

3.2 Information Collected Automatically

When you visit our Website, we automatically collect certain information about your device and browsing behavior, including:

  • IP address and geographic location
  • Browser type and version
  • Operating system
  • Referring website addresses
  • Pages viewed and time spent on pages
  • Date and time of visits
  • Clickstream data

This information is collected through cookies and similar tracking technologies. Please see our Cookies Policy for more details.

3.3 Information from Third Parties

We may receive information about you from third-party sources, including payment processors, delivery services, and marketing partners, to the extent permitted by applicable law.

4. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Consent: You have given clear consent for us to process your personal data for specific purposes (e.g., marketing communications).
  • Contract Performance: Processing is necessary to fulfill our contractual obligations to you (e.g., processing and delivering your order).
  • Legal Obligation: Processing is necessary to comply with legal requirements (e.g., tax and accounting obligations).
  • Legitimate Interests: Processing is necessary for our legitimate business interests, such as fraud prevention, network security, and improving our services, provided these interests do not override your fundamental rights.

5. How We Use Your Information

We use the personal information we collect for the following purposes:

  • Processing and fulfilling your orders
  • Communicating with you about your orders, including order confirmations and shipping updates
  • Providing customer support and responding to your inquiries
  • Sending you marketing communications about our products and services (with your consent)
  • Improving our Website, products, and services
  • Conducting analytics and research to understand user behavior and preferences
  • Detecting, preventing, and addressing fraud, security issues, and technical problems
  • Complying with legal obligations and enforcing our terms and policies
  • Personalizing your experience on our Website
  • Managing our business operations and maintaining records

6. Data Sharing and Disclosure

We do not sell your personal information to third parties. We may share your information with the following categories of recipients:

6.1 Service Providers

We share your information with trusted third-party service providers who assist us in operating our Website and conducting our business, including:

  • Payment processors and financial institutions
  • Shipping and delivery companies
  • Email service providers
  • Web hosting and cloud storage providers
  • Analytics and marketing platforms
  • Customer relationship management systems

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

6.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities, including to meet national security or law enforcement requirements.

6.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred to the acquiring entity, subject to the same privacy protections.

6.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

7. International Data Transfers

Your personal information may be transferred to and processed in countries outside the United Kingdom and European Economic Area (EEA) that may have different data protection laws. When we transfer your data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions recognizing equivalent data protection standards
  • Binding Corporate Rules
  • Your explicit consent

We take all reasonable steps to ensure your data is treated securely and in accordance with this Privacy Policy.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Specific retention periods include:

  • Order Information: Retained for 7 years to comply with tax and accounting obligations
  • Marketing Communications: Retained until you unsubscribe or withdraw consent
  • Website Analytics: Typically retained for 26 months
  • Customer Support Records: Retained for 3 years after the last interaction
  • Account Information: Retained until you request deletion or close your account

After the retention period expires, we will securely delete or anonymize your personal information.

9. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using SSL/TLS protocols (HTTPS)
  • Encryption of sensitive data at rest
  • Regular security assessments and vulnerability testing
  • Access controls and authentication mechanisms
  • Employee training on data protection and security
  • Secure backup and disaster recovery procedures
  • Firewall protection and intrusion detection systems

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to maintaining industry-standard protections.

10. Your Rights Under GDPR

Under the General Data Protection Regulation, you have the following rights regarding your personal data:

10.1 Right of Access

You have the right to request a copy of the personal information we hold about you and information about how we process it.

10.2 Right to Rectification

You have the right to request correction of inaccurate or incomplete personal information.

10.3 Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your personal information in certain circumstances, such as when it is no longer necessary for the purposes for which it was collected.

10.4 Right to Restriction of Processing

You have the right to request that we restrict the processing of your personal information in certain situations.

10.5 Right to Data Portability

You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit it to another controller.

10.6 Right to Object

You have the right to object to processing of your personal information based on legitimate interests or for direct marketing purposes.

10.7 Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

10.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your habitual residence, place of work, or place of alleged infringement. In the UK, the supervisory authority is the Information Commissioner's Office (ICO), which can be contacted at ico.org.uk.

To exercise any of these rights, please contact us using the contact information provided in Section 2. We will respond to your request within one month, though this period may be extended by two additional months in complex cases.

11. Marketing Communications

With your consent, we may send you marketing communications about our products, services, and promotions. You can opt out of receiving marketing emails at any time by:

  • Clicking the "unsubscribe" link in any marketing email
  • Contacting us directly using the contact information provided
  • Updating your communication preferences in your account settings

Please note that even if you opt out of marketing communications, we will still send you transactional messages related to your orders and account.

12. Children's Privacy

Our Website and services are not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child under 16 without parental consent, we will take steps to delete that information.

13. Third-Party Links

Our Website may contain links to third-party websites, plugins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices. We encourage you to read the privacy policy of every website you visit.

14. Automated Decision-Making and Profiling

We may use automated decision-making and profiling to personalize your experience, such as showing you relevant product recommendations. You have the right not to be subject to decisions based solely on automated processing that produce legal effects or similarly significantly affect you. If you have concerns about automated decision-making, please contact us.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our Website with a new "Last Updated" date. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Your continued use of our Website after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

Khythranzex
International House, 100 Wood Street
London EC2V 7AN
United Kingdom
Phone: +44 20 8951 0155
Email: request@khythranzex.world

We are committed to resolving any privacy concerns you may have and will respond to your inquiry as promptly as possible.