Privacy Policy

Last Updated:

1. Introduction

Welcome to Vorpalonhlixghex. We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website and use our services.

This policy applies to all personal data processed by Vorpalonhlixghex in connection with the website https://vorpalonhlixghex.world and related services. This Privacy Policy is intended to comply with applicable United States federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the CPRA, and other state consumer privacy laws (Virginia, Colorado, Connecticut, Utah, Texas, and others where applicable). By using our website, you acknowledge that you have read and understood this Privacy Policy.

2A. Do Not Sell or Share My Personal Information

We do not sell your personal information as defined under the California Consumer Privacy Act (CCPA) and similar state laws. We do not share your personal information for cross-context behavioral advertising in a way that constitutes a "sale" or "sharing" under those laws. If our practices change, we will update this policy and provide a clear method to opt out of the sale or sharing of your personal information.

2. Data Controller Information

The data controller responsible for your personal data is:

Vorpalonhlixghex

10533 N Brocket Dr, Brocket, ND 58321, United States
question@vorpalonhlixghex.world
https://vorpalonhlixghex.world

3. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity Data: Full name as provided in order forms
  • Contact Data: Email address and optional phone number
  • Transaction Data: Details of orders and purchases
  • Technical Data: IP address, browser type and version, time zone setting, browser plug-in types, operating system, and platform
  • Usage Data: Information about how you use our website and services
  • Communication Data: Messages and correspondence you send to us

4. Legal Basis for Processing

We process your personal data in accordance with applicable law. Where required by regulation (such as in the European Economic Area), we rely on the following legal grounds under the GDPR:

  • Consent: Where you have given explicit consent for specific processing activities
  • Contract Performance: When processing is necessary to fulfill our contractual obligations to you
  • Legal Obligation: Where we must process data to comply with legal requirements
  • Legitimate Interests: For our legitimate business interests, provided they do not override your rights

5. Purposes of Data Processing

We use your personal data for the following purposes:

  • Processing and fulfilling your orders for NutraTone Core products
  • Communicating with you regarding your orders and inquiries
  • Providing customer support and responding to your questions
  • Improving our website, products, and services
  • Analyzing website usage patterns through anonymized analytics
  • Complying with legal and regulatory obligations
  • Preventing fraud and ensuring website security

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Order Data: Retained for 7 years to comply with tax and accounting requirements
  • Communication Data: Retained for 3 years after your last interaction with us
  • Technical Data: Retained for 12 months for analytics and security purposes
  • Cookie Data: Retention periods vary by cookie type (see our Cookie Policy)

After the retention period expires, your data will be securely deleted or anonymized.

7. Your Rights Under GDPR (EEA and Similar Laws)

If you are in the European Economic Area or a jurisdiction with similar data protection laws, under the General Data Protection Regulation (GDPR) you may have the following rights:

  • Right of Access: Request a copy of your personal data we hold
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time where processing is consent-based
  • Right to Lodge a Complaint: File a complaint with a supervisory authority

To exercise any of these rights, please contact us using the information provided in Section 2. These rights apply to individuals in the European Economic Area and other jurisdictions that have adopted similar laws.

7A. Your Rights Under U.S. State Privacy Laws (CCPA and Other States)

If you are a resident of California, Virginia, Colorado, Connecticut, Utah, Texas, or another U.S. state with a comprehensive privacy law, you may have the following rights, subject to certain limitations under applicable law:

  • Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you, the categories of sources, the purposes for collection, and the categories of third parties with whom we share the information.
  • Right to Delete: Request deletion of your personal information, subject to certain exceptions (e.g., to complete a transaction, detect security incidents, comply with legal obligations).
  • Right to Correct: Request correction of inaccurate personal information we maintain about you (where required by state law).
  • Right to Opt-Out of Sale or Sharing: We do not sell or share your personal information for cross-context behavioral advertising; if that changes, you will have the right to opt out.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights (e.g., by denying service or charging different prices).
  • Right to Limit Use of Sensitive Personal Information: Where applicable, you may limit our use of sensitive personal information to certain purposes.

To exercise these rights, contact us using the information in Section 2 (Data Controller Information) or Section 13 (Contact Us). We may need to verify your identity before processing your request. You may also designate an authorized agent to make a request on your behalf in accordance with applicable state law. We will respond within the timeframes required by the law of your state (e.g., 45 days under CCPA, subject to extension where permitted).

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • SSL/TLS encryption for all data transmitted to and from our website
  • Secure storage systems with access controls and authentication
  • Regular security assessments and vulnerability testing
  • Employee training on data protection and privacy practices
  • Incident response procedures for potential data breaches

9. Data Sharing and Third Parties

We may share your personal data with the following categories of recipients:

  • Service Providers: Companies that help us operate our website and fulfill orders
  • Payment Processors: Secure payment service providers for transaction processing
  • Shipping Partners: Delivery services for order fulfillment
  • Legal Authorities: When required by law or to protect our legal rights

We ensure that any third parties we share data with are bound by appropriate data protection agreements.

9A. Advertising and Online Marketing

We may use your data to deliver relevant advertising, including through online advertising platforms such as Google Ads. This may include use of cookies and similar technologies to measure ad performance and show you ads based on your interests. You can control advertising cookies and preferences through our Cookie Policy and the cookie consent banner on our website. We do not sell your personal information for advertising purposes.

10. International Data Transfers

Your personal data may be transferred to and processed in countries outside your country of residence. When we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by relevant authorities, to protect your data in accordance with applicable data protection laws.

11. Children's Privacy

Our website and services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a minor, please contact us immediately so we can take appropriate action.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website with a new "Last Updated" date. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:

Vorpalonhlixghex

10533 N Brocket Dr, Brocket, ND 58321, United States
question@vorpalonhlixghex.world