Privacy Policy

Last updated:

1. Introduction

Phaltronfraxylon ("we," "us," or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website phaltronfraxylon.world and use our services.

This policy is designed to comply with the General Data Protection Regulation (GDPR) (EU) 2016/679 as applied in Sweden, including supplementary national rules (e.g. the Swedish Act with supplementary provisions to the GDPR, SFS 2018:218, lag med kompletterande bestämmelser till EU:s dataskyddsförordning), and other applicable data protection laws.

2. Data Controller Information

The data controller responsible for your personal data is:

  • Company Name: Phaltronfraxylon
  • Address: Hammarvägen 15C, 892 31 Domsjö, Sweden
  • Email: cooperation@phaltronfraxylon.world
  • Organisationsnummer: Where we are registered as a Swedish undertaking, our organisation number is provided on order confirmations, invoices, and other pre-contract or checkout information as required by applicable law.

We are not required to appoint a Data Protection Officer under Article 37 GDPR. For privacy matters, contact us using the details above.

3. Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Information You Provide Directly

  • Contact Information: Name, email address, phone number (when provided)
  • Order Information: Details submitted through our order form, including any messages or special requests
  • Communication Data: Records of correspondence when you contact us

3.2 Information Collected Automatically

  • Technical Data: IP address, browser type and version, operating system, device information
  • Usage Data: Pages visited, time spent on pages, navigation patterns, referring website
  • Cookie Data: Information collected through cookies and similar technologies (see our Cookie Policy)

4. Legal Bases for Processing

We process your personal data based on the following legal grounds under GDPR:

  • Contract Performance (Article 6(1)(b)): Processing necessary to fulfill your order or respond to your inquiries
  • Consent (Article 6(1)(a)): Where you have given explicit consent for specific processing activities
  • Legitimate Interests (Article 6(1)(f)): For website security, fraud prevention, and improving our services
  • Legal Obligation (Article 6(1)(c)): To comply with applicable laws and regulations

5. Purposes of Processing

We use your personal data for the following purposes:

  • To process and fulfill your orders
  • To communicate with you about your orders or inquiries
  • To provide customer support
  • To improve our website and services
  • To ensure website security and prevent fraud
  • To comply with legal obligations
  • To send marketing communications (only with your consent)

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Order Data: Retained for 7 years after the transaction to comply with accounting and tax regulations
  • Communication Records: Retained for 3 years after the last interaction
  • Cookie Data: Retention periods vary by cookie type (see our Cookie Policy)
  • Marketing Consent: Until you withdraw consent

After the retention period, your data will be securely deleted or anonymized.

7. Data Sharing and Disclosure

We may share your personal data with:

  • Service Providers: Third parties who assist us with payment processing, shipping, website hosting, and analytics
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Transfers: In connection with any merger, sale, or acquisition of our business

We require all third parties to respect the security of your personal data and process it in accordance with applicable law. We do not sell your personal data to third parties.

8. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When such transfers occur, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Transfers to countries with adequacy decisions
  • Other legally recognized transfer mechanisms

9. Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

  • Right of Access (Article 15): Request a copy of your personal data we hold
  • Right to Rectification (Article 16): Request correction of inaccurate or incomplete data
  • Right to Erasure (Article 17): Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing (Article 18): Request limitation of how we process your data
  • Right to Data Portability (Article 20): Receive your data in a structured, machine-readable format
  • Right to Object (Article 21): Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent (Article 7): Withdraw consent at any time where processing is based on consent
  • Right to Lodge a Complaint (Article 77): Complain to a supervisory authority (see Section 13 below)

We do not carry out solely automated decision-making, including profiling, that produces legal effects or similarly significantly affects you within the meaning of Article 22 GDPR.

To exercise any of these rights, please contact us at cooperation@phaltronfraxylon.world. We will respond without undue delay and in any event within one month of receipt (Article 12 GDPR). Where a request is complex or numerous, we may extend that period by up to two further months and will inform you of any such extension.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using HTTPS/TLS protocols
  • Secure storage systems with access controls
  • Regular security assessments and updates
  • Staff training on data protection

While we strive to protect your personal data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

11. Children's Privacy

Our website and services are not directed at individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any website you visit.

13. Complaints

If you believe we have not handled your personal data correctly, you have the right to lodge a complaint with a supervisory authority. In Sweden, the supervisory authority is:

Integritetsskyddsmyndigheten (IMY)
Box 8114, 104 20 Stockholm, Sweden
Email: imy@imy.se
Website: www.imy.se

You may also contact the supervisory authority in the EU member state of your habitual residence or place of work if you prefer.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

15. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

  • Email: cooperation@phaltronfraxylon.world
  • Address: Hammarvägen 15C, 892 31 Domsjö, Sweden