Privacy Policy

Last updated:

1. Introduction

Welcome to Sharvexxstrshepi ("we," "our," or "us"). We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website sharvexxstrshepi.world and purchase our products.

This policy is compliant with the General Data Protection Regulation (GDPR) (EU) 2016/679, the Norwegian Personal Data Act (Personopplysningsloven), and other applicable data protection laws.

2. Data Controller Information

The data controller responsible for your personal data is:

  • Company Name: Sharvexxstrshepi
  • Registered Address: Munkegata 26, 7011 Trondheim, Norway
  • Email: write-to-us@sharvexxstrshepi.world
  • Country: Norway

For any privacy-related inquiries, please contact us using the email address above.

3. Personal Data We Collect

We collect personal data that you voluntarily provide to us when you:

  • Place an order through our website
  • Subscribe to our newsletter
  • Contact us via email or contact forms
  • Browse our website

3.1 Information You Provide Directly

  • Identity Data: Full name
  • Contact Data: Email address, phone number (if provided), delivery address
  • Transaction Data: Order details, payment information (processed securely by third-party payment processors)
  • Communication Data: Messages, inquiries, and correspondence with us

3.2 Information Collected Automatically

  • Technical Data: IP address, browser type and version, operating system, device type
  • Usage Data: Pages visited, time spent on pages, navigation paths, referral sources
  • Cookie Data: Information collected through cookies and similar technologies (see our Cookie Policy)

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6:

  • Contract Performance (Art. 6(1)(b)): Processing necessary to fulfill your order and provide our services
  • Consent (Art. 6(1)(a)): When you have given clear consent for specific purposes, such as marketing communications
  • Legitimate Interests (Art. 6(1)(f)): For our legitimate business interests, such as improving our services and fraud prevention, where these interests are not overridden by your rights
  • Legal Obligation (Art. 6(1)(c)): When processing is necessary to comply with legal requirements

5. Purposes of Data Processing

We use your personal data for the following purposes:

  • Order Processing: To process and fulfill your orders, including payment processing, shipping, and delivery confirmation
  • Customer Service: To respond to your inquiries, provide support, and handle complaints
  • Communication: To send order confirmations, shipping updates, and important product information
  • Marketing: To send promotional materials and newsletters (only with your explicit consent)
  • Website Improvement: To analyze usage patterns and improve our website functionality and user experience
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes
  • Fraud Prevention: To detect and prevent fraudulent activities and protect our business

6. Data Sharing and Disclosure

We may share your personal data with:

6.1 Service Providers

  • Payment Processors: To securely process payment transactions
  • Shipping Partners: To deliver your orders
  • Hosting Providers: To host and maintain our website
  • Analytics Services: To analyze website usage (with your consent)

6.2 Legal Requirements

We may disclose your data when required by law, court order, or governmental authority, or when necessary to protect our legal rights and the safety of others.

6.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity.

We do not sell your personal data to third parties for marketing purposes.

7. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Other legally approved mechanisms

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Order Records: 7 years from the date of purchase (for tax and legal compliance)
  • Customer Communication: 3 years from the last interaction
  • Marketing Consent Records: Until you withdraw consent, plus 1 year for compliance documentation
  • Website Analytics Data: 26 months maximum
  • Cookie Data: As specified in our Cookie Policy

After the retention period, your data will be securely deleted or anonymized.

9. Your Rights Under GDPR

As a data subject, you have the following rights:

  • Right of Access (Art. 15): You can request a copy of your personal data we hold
  • Right to Rectification (Art. 16): You can request correction of inaccurate or incomplete data
  • Right to Erasure (Art. 17): You can request deletion of your personal data ("right to be forgotten")
  • Right to Restriction (Art. 18): You can request restriction of processing in certain circumstances
  • Right to Data Portability (Art. 20): You can request your data in a structured, machine-readable format
  • Right to Object (Art. 21): You can object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent (Art. 7(3)): You can withdraw consent for processing at any time
  • Right to Lodge a Complaint: You can file a complaint with the Norwegian Data Protection Authority (Datatilsynet) or your local supervisory authority

To exercise any of these rights, please contact us at write-to-us@sharvexxstrshepi.world. We will respond to your request within 30 days.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against:

  • Unauthorized access, alteration, disclosure, or destruction
  • Accidental loss or damage

Our security measures include:

  • SSL/TLS encryption for all data transmission
  • Secure server infrastructure with regular security updates
  • Access controls limiting data access to authorized personnel only
  • Regular security assessments and monitoring
  • Secure payment processing through PCI-DSS compliant providers

11. Children's Privacy

Our website and products are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a minor, please contact us immediately, and we will take steps to delete such information.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to read their privacy policies before providing any personal information.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated policy on our website with a new "Last Updated" date. We encourage you to review this policy regularly.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

  • Email: write-to-us@sharvexxstrshepi.world
  • Address: Munkegata 26, 7011 Trondheim, Norway

15. Supervisory Authority

You have the right to lodge a complaint with the relevant data protection authority. In Norway, this is:

  • Norwegian Data Protection Authority (Datatilsynet)
  • Address: Postboks 458 Sentrum, 0105 Oslo, Norway
  • Website: datatilsynet.no