Privacy Policy
Effective date: 19 March 2026 · Version: 1.0
This Privacy Policy explains how Zefrylonauquezle (“we”, “us”, “our”) processes personal data when you visit zefrylonauquezle.world, submit forms, purchase or enquire about PureVitanza, or otherwise interact with us. We act as the data controller for processing described here unless we state that another entity is an independent controller.
1. Controller and contact details
Legal trading name: Zefrylonauquezle
Registered address: Stortorget 8, 211 34 Malmö, Sweden
Email: office@zefrylonauquezle.world
Telephone: +46 77 145 04 50
We do not appoint a statutory Data Protection Officer unless required by applicable law. For privacy requests, use the email address above with the subject line “Privacy request”.
2. Scope and relationship to other documents
This Policy applies to personal data collected through our website, email, telephone, and related order handling workflows. It should be read together with our Cookie Policy, Terms of Service, and Return Policy. If you use payment services operated by banks or payment processors, their privacy notices also apply to data they process as independent controllers.
3. Categories of personal data we process
Depending on your interaction, we may process:
- Identity and contact data: name, delivery address, billing address, email address, telephone number, country of residence.
- Order and transaction data: products ordered, order value, currency, payment status, delivery status, communications about your order.
- Technical data: IP address, approximate location derived from IP, browser type, device type, operating system, referring URL, pages viewed, time and date of access.
- Cookie and similar data: identifiers stored on your device when you consent to non-essential cookies, as described in our Cookie Policy.
- Communication content: messages you send via forms, email, or post, including attachments you choose to provide.
- Marketing preferences: opt-in or opt-out records where marketing is used lawfully.
- Complaint and dispute records: correspondence and notes needed to resolve issues.
We do not intentionally collect special categories of personal data (such as health data). If you voluntarily disclose health information, we will limit its use to handling your specific request and will delete it when no longer needed unless law requires retention.
4. Sources of personal data
We obtain personal data directly from you when you place orders, complete forms, create an account if we offer one, subscribe to updates with consent, or contact us. We may receive technical data automatically when you load our pages. We may receive delivery updates from carriers and limited payment confirmations from payment service providers.
5. Purposes and legal bases (GDPR Article 6)
| Purpose | Legal basis |
|---|---|
| Operating the website, loading content over HTTPS, maintaining security, preventing fraud and abuse | Legitimate interests (Article 6(1)(f)) in secure operations and protecting users and the business, supplemented by legal obligations where applicable |
| Processing and delivering orders, taking payment, providing customer support, handling returns | Performance of a contract (Article 6(1)(b)) and, where needed, steps prior to contract at your request |
| Compliance with accounting, tax, and consumer law record-keeping | Legal obligation (Article 6(1)(c)) |
| Responding to enquiries sent through forms or email when no contract exists yet | Legitimate interests in communicating with prospective customers, or consent where you tick a consent box |
| Analytics cookies and similar technologies that are not strictly necessary | Consent (Article 6(1)(a)) |
| Marketing cookies, personalised advertising, or marketing emails where required to be consent-based | Consent (Article 6(1)(a)) |
| Product improvement, aggregate statistics, and website troubleshooting using pseudonymised or aggregated data where possible | Legitimate interests (Article 6(1)(f)) balanced against your rights |
| Establishing, exercising, or defending legal claims | Legitimate interests (Article 6(1)(f)) and, where relevant, legal obligation |
Where we rely on legitimate interests, you may object under Article 21 GDPR as explained below. We will stop processing unless we demonstrate compelling legitimate grounds or need the data for legal claims.
6. Children
Our services are directed to adults. We do not knowingly collect personal data from children under 16 without verifiable parental consent. If you believe a child has provided data, contact us and we will delete it promptly unless retention is legally required.
7. Sharing and recipients
We share personal data only when necessary and with appropriate safeguards:
- Processors bound by Article 28 GDPR contracts: hosting providers, email delivery services, customer service tools, analytics vendors if you consent, marketing platforms if you consent, IT maintenance partners.
- Logistics partners to deliver goods and provide tracking.
- Payment service providers to authorise and settle payments.
- Professional advisers such as lawyers and accountants under confidentiality duties.
- Public authorities when required by lawful requests, court orders, or regulatory obligations.
We do not sell personal data in the sense of exchanging data for money with unrelated third parties for their independent use.
8. International transfers
Our primary operations are in the European Economic Area (EEA). If we transfer personal data outside the EEA or to organisations not covered by an adequacy decision, we use mechanisms recognised under Chapter V GDPR, such as the EU Commission Standard Contractual Clauses (SCCs) with supplementary measures where appropriate, or other lawful transfer tools. You may request a summary of safeguards by emailing us.
9. Retention periods
We retain personal data only as long as necessary for the purposes collected, unless a longer period is required by law:
- Order and accounting records: up to seven years from the end of the financial year in line with Swedish bookkeeping practice, unless a shorter period applies to specific items.
- Customer service emails and form submissions tied to contracts: duration of the warranty and complaint periods under consumer law, typically at least three years from delivery for consumer purchases in Sweden, plus a reasonable margin.
- Marketing consents and marketing logs: until you withdraw consent and for a short period thereafter to prove consent status.
- Security and server logs: typically between 30 and 180 days, unless extended for incident investigation.
- Cookie-based identifiers: as stated in the Cookie Policy, often between session end and 24 months depending on the tool.
When retention ends, we delete or irreversibly anonymise data where anonymisation is feasible.
10. Security measures
We implement technical and organisational measures appropriate to the risk, including TLS encryption for website traffic, access controls for administrative systems, principle of least privilege for staff accounts, malware protection on workstations where applicable, backups with encryption at rest where supported by providers, vendor due diligence, and procedures for incident detection and response. No online transmission is completely secure; you should also protect your devices and passwords.
11. Automated decision-making and profiling
We do not make decisions based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless we expressly inform you and provide a lawful basis. Basic fraud screening by payment partners may occur under their policies.
12. Your rights under the GDPR
If the GDPR applies to our processing of your personal data, you have the following rights subject to conditions in the GDPR:
- Access (Article 15): obtain confirmation whether we process your data and receive a copy.
- Rectification (Article 16): correct inaccurate or incomplete data.
- Erasure (Article 17): request deletion where applicable, for example when data is no longer necessary or you withdraw consent and no other ground applies.
- Restriction (Article 18): limit processing in specific situations.
- Data portability (Article 20): receive machine-readable data you provided where processing is based on consent or contract and is automated.
- Objection (Article 21): object to processing based on legitimate interests or to direct marketing.
- Withdraw consent (Article 7(3): where processing is consent-based, without affecting prior lawful processing.
- Lodge a complaint with a supervisory authority, in particular in your habitual residence, place of work, or place of the alleged infringement.
To exercise rights, email office@zefrylonauquezle.world. We may request reasonable identity verification. We respond within one month, extendable by two further months where complex, as permitted by Article 12 GDPR.
13. Supervisory authority in Sweden
The Swedish Authority for Privacy Protection (IMY) supervises compliance with data protection law in Sweden. Official contact information for IMY is available through public registers in Sweden. You may also contact another EU/EEA supervisory authority under Article 77 GDPR.
14. California and other regional notices
If you reside in jurisdictions with additional privacy laws (for example certain U.S. state laws), you may have supplemental rights such as access, deletion, or opt-out of sale/sharing of personal information as defined locally. Submit requests using the email above. We will verify and respond according to applicable law. We do not discriminate against consumers for exercising privacy rights where such protection applies.
15. Changes to this Policy
We may update this Policy to reflect legal, technical, or business changes. The effective date at the top will change, and for material updates we will provide a notice on the website or by email where appropriate. Continued use after the effective date constitutes acceptance of the updated Policy where permitted by law; where consent is required, we will seek it separately.
16. Contact
For privacy questions: office@zefrylonauquezle.world · +46 77 145 04 50 · Stortorget 8, 211 34 Malmö, Sweden.