Privacy Policy

Last updated: 17 March 2025

1. Controller and contact details

The controller responsible for the processing of your personal data in connection with this website is:

Blixaronkhun
Leidsestraat 74-76
1017 GM Amsterdam
Netherlands

Email: notifyuse@blixaronkhun.world
Phone: +31204220210

If you have questions about this Privacy Policy or about how we process your data, you can contact us using the details above.

2. Scope and legal basis

This Privacy Policy applies to the website blixaronkhun.world and to all personal data we collect and process in connection with our activities, including the sale and promotion of Digestavella and related customer communication. We process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Dutch implementation law (UAVG), as well as other applicable Dutch and European data protection laws.

We only process personal data where we have a valid legal basis: your consent, performance of a contract, compliance with a legal obligation, or our legitimate interests where they are not overridden by your rights.

3. Data we collect and purposes of processing

3.1 Data you provide to us

When you place an order, use the contact form, or subscribe to communications, we may collect:

• Name and contact details (email address, telephone number, postal address) for order processing, delivery and customer service.
• Message content when you contact us, to respond to your enquiries.
• Any other information you voluntarily provide in forms or correspondence.

Purpose: Fulfilment of orders, customer support, and communication regarding our products and services. Legal basis: Contract performance, consent where applicable, and legitimate interest in providing good service.

3.2 Automatically collected data

When you visit our website, we may automatically collect technical data such as your IP address, browser type and version, operating system, referring URL, pages visited, date and time of access, and similar usage data. This data may be processed via cookies and similar technologies as described in our Cookie Policy.

Purpose: Operation and security of the website, analysis of use, and improvement of our services. Legal basis: Legitimate interest and, where required, your consent.

4. Retention periods

We keep your data only for as long as necessary for the purposes for which it was collected or as required by law:

• Order and customer data: For the duration of the contractual relationship and thereafter for a period required for tax, legal and warranty purposes (typically up to 7 years from the end of the calendar year in which the transaction occurred, in line with Dutch legal obligations).
• Contact form and general enquiries: Until your request is fully resolved, and for a reasonable period thereafter for follow-up and quality purposes (e.g. up to 2 years), unless a longer period is required by law.
• Marketing and consent-based communications: Until you withdraw consent or object, and for a short period thereafter to record your preference (e.g. up to 3 years).
• Cookie and analytics data: As set out in our Cookie Policy, typically from session duration up to 24 months depending on the type of cookie.
• Legal and compliance: Where we are under a legal obligation to retain data (e.g. tax records), we retain it for the period prescribed by law.

After the retention period, we delete or anonymise your data so that it can no longer be attributed to you.

5. Recipients and transfers

We may share your data with:

• Service providers: Payment processors, shipping and logistics partners, IT and hosting providers, and other processors who assist us in operating the website and fulfilling orders. Such processors act only on our instructions and are bound by data processing agreements where required by law.
• Authorities: Where we are legally obliged to do so (e.g. tax authorities, law enforcement).

We do not sell your personal data to third parties. If we use service providers outside the European Economic Area (EEA), we ensure appropriate safeguards are in place (e.g. standard contractual clauses approved by the European Commission or an adequacy decision) in accordance with Chapter V of the GDPR.

6. Your rights

Under the GDPR you have the following rights in relation to your personal data:

• Right of access (Article 15): You may request a copy of the personal data we hold about you.
• Right to rectification (Article 16): You may request correction of inaccurate or incomplete data.
• Right to erasure (Article 17): You may request deletion of your data where the legal grounds for processing no longer apply (e.g. consent withdrawn, data no longer necessary), subject to exceptions such as legal obligations to retain data.
• Right to restriction of processing (Article 18): You may request that we limit how we use your data in certain circumstances (e.g. while accuracy is being verified).
• Right to data portability (Article 20): Where processing is based on consent or contract and carried out by automated means, you may request to receive your data in a structured, commonly used format or to have it transmitted to another controller.
• Right to object (Article 21): You may object to processing based on legitimate interests, including profiling. You may also object at any time to processing for direct marketing.
• Right to withdraw consent: Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
• Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority. In the Netherlands, this is the Autoriteit Persoonsgegevens (Dutch Data Protection Authority), https://autoriteitpersoonsgegevens.nl.

To exercise any of these rights, please contact us using the contact details in section 1. We will respond without undue delay and in any event within one month, which may be extended by two further months where necessary. We may ask you to verify your identity before processing your request.

7. Security measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction, and against other unlawful processing. These measures include:

• Use of HTTPS (TLS/SSL) for all pages to encrypt data in transit.
• Secure hosting and access controls to our systems and databases.
• Restriction of access to personal data to personnel who need it for the purposes described in this policy.
• Regular review of our security practices and, where applicable, use of encryption for data at rest.
• Data processing agreements with processors that require appropriate security and confidentiality.

While we strive to protect your data, no method of transmission or storage over the internet is completely secure. We encourage you to use strong passwords and to keep your login details confidential where applicable.

8. Children

Our website and services are not directed at children under 16. We do not knowingly collect personal data from children under 16. If you believe we have collected data from a child under 16, please contact us and we will take steps to delete such data.

9. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the website. The "Last updated" date at the top will be revised when changes are made. We encourage you to review this page periodically. Where changes are material, we may notify you by email or by a prominent notice on the website where appropriate.

10. Additional information

For information about cookies and similar technologies used on this website, please see our Cookie Policy. For the terms governing the use of our website and the purchase of our products, please see our Terms of Service and Return Policy.