Privacy Policy for KITPRO EOOD
Last Updated: [06/12/2024]

​

This Privacy Policy explains how Kitpro EOOD (“we,” “us,” or “our”) collects, uses, and protects your personal data when you visit our webshop or purchase our products. We are committed to safeguarding your privacy in compliance with both European Union General Data Protection Regulation (GDPR) and applicable North American data privacy laws. By using our services, you consent to the practices described here.

​

1. Information We Collect

​

Personal Information: Includes name, email address, shipping address, billing address, phone number, payment details, and other identifiers provided directly by you during account creation, order placement, or communication.

​

Technical Information: Includes IP address, device information, browser type, location data, and usage data, collected through cookies and similar tracking technologies.

Transactional Information: Purchase history, order details, and payment method, for order fulfillment and customer service.

​

Communications: Emails, messages, and feedback sent to us for inquiries or customer service purposes.

​

2. How We Use Your Information

​

Order Processing: To fulfill orders, process payments, arrange shipping, and provide customer support.

​

Communication: To send order confirmations, delivery updates, and customer service responses.

​

Marketing (with Consent): To send promotional materials or updates about new products or services if you have opted in.

​

Improvement of Services: To enhance and personalize our website and services based on your feedback and usage patterns.

​

Legal Compliance: To comply with applicable laws and regulations, enforce our terms, and prevent fraud or other misuse of our services.

​

3. Legal Basis for Processing Personal Data

​

Consent: For direct marketing and optional data sharing, where we obtain your consent.

​

Contractual Necessity: For order fulfillment and service delivery as part of our contractual obligations to you.

​

Legal Obligation: For compliance with applicable laws and regulatory requirements.

​

Legitimate Interests: For certain essential data processing activities, such as fraud prevention and service improvement.

​

4. Cookies and Tracking Technologies

​

We use cookies and similar tracking technologies to enhance your browsing experience, remember your preferences, and analyze website usage.

​

Types of Cookies: Session cookies (temporary) and persistent cookies (stored for a specified period).

​

Your Choices: You can disable cookies through your browser settings. Note that disabling cookies may affect the functionality of our website.

​

5. Sharing Your Information

​

Service Providers: We may share data with third-party service providers, such as payment processors, shipping partners, IT service providers, and marketing platforms, solely for business operations.

​

Legal Requirements: We may disclose data to authorities when required by law or in response to lawful requests.

​

Business Transfers: In the event of a merger, sale, or acquisition, personal data may be transferred as part of the business transaction, with notifications provided.

​

6. International Data Transfers

​

If data is transferred outside of the European Economic Area (EEA), such transfers will comply with GDPR standards. We use safeguards like Standard Contractual Clauses to protect your data.

​

7. Data Security

​

We implement technical and organizational measures to protect your data from unauthorized access, alteration, and loss. Measures include encryption, secure servers, and regular monitoring.

​

8. Retention of Data

​

Personal data is retained only as long as necessary to fulfill the purposes for which it was collected, such as completing orders, resolving disputes, or complying with legal obligations.

​

Transactional records are generally retained for [Specify Retention Period, e.g., 5 years] for accounting and tax compliance.

​

9. Your Rights (GDPR)

​

Access: Request access to the personal data we hold about you.

Rectification: Request corrections if your information is inaccurate or incomplete.

Erasure: Request deletion of your data under certain conditions (e.g., if no longer necessary).

Restriction: Request limitations on processing your data.

Portability: Request your data in a structured, commonly used format.

Objection: Object to processing based on legitimate interests or for direct marketing.

Withdrawal of Consent: You may withdraw consent at any time where processing is based on consent, without affecting the lawfulness of processing prior to withdrawal.

To exercise your rights, contact us at [web-shop@kitprogastro.com].

​

10. Children’s Privacy

​

We do not knowingly collect personal data from children under the age of 16. If we learn that we have collected data from a child without appropriate consent, we will 
promptly delete it.

​

11. Changes to this Privacy Policy

​

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated “Last Updated” date. Continued use of our services constitutes acceptance of the revised policy.

​

12. Contact Us

​

If you have any questions or concerns regarding this Privacy Policy or your personal data, please contact us at:

- Email: [privacy@kitprogastro.com]
- Address: KITPRO EOOD, [Kardzhali, Bulgaria]