Privacy Policy
Last updated: 17 March 2025
This Privacy Policy describes how Slyxaronvrzim (“we”, “us”, “our”) collects, uses, stores, and protects your personal data when you use our website https://slyxaronvrzim.world and related services, including the purchase of Herbivanta and other products. We are committed to complying with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the EU General Data Protection Regulation (GDPR) where applicable.
1. Data controller
Legal name: Slyxaronvrzim
Address: 5 Henry St, North City, Dublin, D01 AP04, Ireland
Email: contact@slyxaronvrzim.world
Phone: +35315828510
We are the data controller responsible for your personal data. If you have questions about this policy or your data, please contact us using the details above.
2. Personal data we collect
We may collect and process the following categories of personal data:
2.1 Data you provide directly
- Name and surname
- Email address
- Phone number (if you choose to provide it)
- Delivery and billing address
- Message or enquiry content
- Consent records (e.g. agreement to terms and privacy policy, marketing preferences)
2.2 Data collected automatically
- IP address
- Browser type and version
- Device type and operating system
- Pages visited, date and time of access, and referring URL
- Cookie and similar technology data (see our Cookie Policy)
2.3 Data from third parties
We may receive limited data from payment or delivery partners necessary to fulfil your order (e.g. confirmation of payment, delivery status). We do not buy or sell personal data.
3. Purposes and legal basis for processing
We process your personal data only for specified, explicit, and legitimate purposes. The table below summarises the purposes and the legal basis under UK GDPR / GDPR.
| Purpose | Legal basis |
|---|---|
| Processing and fulfilling orders | Contract (Art. 6(1)(b) GDPR) |
| Customer support and responding to enquiries | Contract / Legitimate interest (Art. 6(1)(b), (f) GDPR) |
| Sending order and delivery confirmations | Contract (Art. 6(1)(b) GDPR) |
| Compliance with legal obligations (e.g. tax, consumer law) | Legal obligation (Art. 6(1)(c) GDPR) |
| Website operation, security, and abuse prevention | Legitimate interest (Art. 6(1)(f) GDPR) |
| Analytics (where you have consented) | Consent (Art. 6(1)(a) GDPR) |
| Marketing communications (where you have consented) | Consent (Art. 6(1)(a) GDPR) |
Where we rely on legitimate interest, we have balanced our interests (e.g. site security, improving services) against your rights and freedoms. You may object to processing based on legitimate interest where applicable.
4. Retention periods
We keep your personal data only for as long as necessary for the purposes set out above and to comply with legal obligations.
- Order and customer data: For the duration of the contractual relationship and thereafter for up to 7 years for tax, accounting, and legal claims (or longer if required by law).
- Enquiry and contact data: Until the enquiry is resolved and for a reasonable period thereafter (typically up to 3 years) unless a longer period is required for legal or regulatory reasons.
- Marketing and consent records: Until you withdraw consent or object, and for a short period thereafter to document consent (e.g. up to 3 years).
- Server and access logs: Typically up to 12 months for security and troubleshooting, unless a longer period is required for legal or regulatory reasons.
- Cookie-related data: As described in our Cookie Policy.
After the retention period, we securely delete or anonymise your data so it can no longer identify you.
5. Your rights under UK GDPR / GDPR
You have the following rights in relation to your personal data. These may be subject to conditions and exceptions under applicable law.
- Right of access (Art. 15): You may request a copy of the personal data we hold about you.
- Right to rectification (Art. 16): You may request correction of inaccurate or incomplete data.
- Right to erasure (“right to be forgotten”) (Art. 17): You may request deletion of your data in certain circumstances (e.g. where it is no longer necessary, or you withdraw consent).
- Right to restriction of processing (Art. 18): You may request that we limit how we use your data in certain situations.
- Right to data portability (Art. 20): Where processing is based on contract or consent and carried out by automated means, you may request your data in a structured, commonly used, machine-readable format.
- Right to object (Art. 21): You may object to processing based on legitimate interest or to processing for direct marketing at any time.
- Right to withdraw consent: Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.
- Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner’s Office (ICO): ico.org.uk. In Ireland, the Data Protection Commission: dataprotection.ie.
To exercise any of these rights, contact us at contact@slyxaronvrzim.world. We will respond within one month (or inform you of any extension and the reasons). We may need to verify your identity before processing your request.
6. Data sharing and international transfers
We do not sell your personal data. We may share your data with:
- Service providers: Payment processors, delivery and logistics partners, email and hosting providers, and IT support, acting as processors on our instructions and under contractual safeguards.
- Legal and regulatory bodies: When required by law (e.g. court order, tax authority, or regulatory request).
If we transfer personal data outside the UK or the European Economic Area (EEA), we ensure appropriate safeguards are in place (e.g. adequacy decision, standard contractual clauses, or other approved mechanisms) in line with UK and EU data protection law.
7. Security measures
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction, including:
- Use of HTTPS and encryption in transit for the website
- Secure storage and access controls for data at rest
- Restricted access to personal data on a need-to-know basis
- Regular review of our security practices and contracts with processors
Despite our efforts, no method of transmission or storage over the internet is 100% secure. We encourage you to use strong passwords and to contact us if you suspect any unauthorised use of your data.
8. Children
Our website and services are not directed at individuals under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will delete it promptly.
9. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in law, our practices, or our services. The “Last updated” date at the top will be revised when we make changes. We encourage you to review this page periodically. Where changes are material, we may notify you by email or a prominent notice on the website where appropriate.
10. Contact
For any questions about this Privacy Policy or our handling of your personal data:
Slyxaronvrzim
5 Henry St, North City, Dublin, D01 AP04, Ireland
Email: contact@slyxaronvrzim.world
Phone: +35315828510