Privacy Policy

At IstriaEssence.com (“we”, “our”, “us”), your privacy is important to us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, Istriaessence.com (the “Site”). We are committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Information We Collect

We may collect the following types of personal data:

• Personal Identification Information: Name, email address, phone number, billing and shipping addresses.
• Technical Data: IP address, browser type and version, device type, operating system, referring URLs, and browsing behavior on the Site.
• Usage Data: Information about how you use our Site, products, and services.
• Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.

2. How We Use Your Data

We use your personal data for the following purposes:

• To provide and manage our services: To process your orders, provide customer support, and communicate with you regarding your transactions.
• To improve the Site: To analyze how users interact with the Site to improve user experience, content, and functionality.
• To send marketing communications: With your consent, we may send you promotional emails, newsletters, and offers. You can opt-out at any time by following the unsubscribe instructions in the emails.
• To comply with legal obligations: We may process your data to comply with legal requirements, resolve disputes, and enforce agreements.

3. Legal Basis for Processing Your Data (GDPR)

Under the GDPR, we rely on the following legal bases to process your personal data:

• Consent: We process your data based on your consent, which you can withdraw at any time.
• Contractual necessity: We process data to fulfill contracts, such as processing orders or providing customer service.
• Legal obligation: We process data to comply with legal requirements.
• Legitimate interests: We may process data based on our legitimate interests, such as improving our services or marketing.

4. Data Sharing and Disclosure

We do not sell, rent, or trade your personal data. However, we may share your data with trusted third-party service providers for the following purposes:

• Payment processors: To process payments securely.
• Shipping and delivery services: To fulfill your orders.
• Marketing and analytics providers: To help us analyze trends, improve the Site, and deliver personalized advertising.

We may also disclose your personal data if required by law, such as to comply with a subpoena, legal obligation, or to protect our rights.

5. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law. After this period, your personal data will be securely deleted or anonymized.

6. Your Data Protection Rights (GDPR)

As a data subject, you have the following rights under the GDPR:

• Right to access: You can request a copy of the personal data we hold about you.
• Right to rectification: You can request correction of inaccurate or incomplete data.
• Right to erasure (“right to be forgotten”): You can request the deletion of your data under certain conditions.
• Right to restrict processing: You can request that we restrict the processing of your data in certain situations.
• Right to data portability: You can request that we transfer your data to another controller in a structured, commonly used, and machine-readable format.
• Right to object: You can object to the processing of your data based on legitimate interests or for direct marketing purposes.
• Right to withdraw consent: If we process your data based on consent, you can withdraw your consent at any time.

To exercise any of these rights, please contact us at [Insert Contact Email].

7. Security of Your Data

We use reasonable technical and organizational measures to protect your personal data from unauthorized access, use, or disclosure. However, please note that no data transmission over the internet can be guaranteed to be 100% secure.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to improve your experience on our Site. Cookies are small files stored on your device that help us remember your preferences, understand how you interact with our Site, and provide targeted advertising.

You can control the use of cookies through your browser settings. For more information, please refer to our [Cookie Policy].

9. International Data Transfers

If you are located in the European Economic Area (EEA), we may transfer your personal data to countries outside the EEA. If we do, we ensure that appropriate safeguards are in place to protect your personal data in accordance with applicable data protection laws.

10. Third-Party Links

Our Site may contain links to third-party websites. Please note that we are not responsible for the privacy practices or content of those websites. We encourage you to review their privacy policies.

11. Updates to this Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will post the updated version on this page and update the “Last updated” date at the top of the policy. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your data.

12. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:

• By email: info@istriaessence.hr

---

This Privacy Policy is intended to meet the requirements of the GDPR and provide clear information about your data processing practices. Make sure to replace placeholder text (like contact info and dates) with your actual details.

If your site offers specific services, products, or processes that require special data collection (such as health-related data), it may be necessary to modify this policy further. Always seek legal advice to ensure full compliance with applicable laws.