Privacy Policy

Last updated: 12 March 2025

1. Controller and contact details

The controller responsible for the processing of your personal data in relation to this website is:

Plyxaronxynlixer
Ferdinand Bolstraat 103
1072 LE Amsterdam
Netherlands

Email: help@plyxaronxynlixer.world
Phone: +31 20 662 1256

2. Scope and purpose of this policy

This Privacy Policy describes how we collect, use, store, and protect your personal data when you use our website https://plyxaronxynlixer.world (the “Website”) and related services. We process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the Dutch Implementation Act (Uitvoeringswet Algemene verordening gegevensbescherming, “UAVG”), and other applicable data protection laws in the Netherlands and the European Economic Area.

By using our Website or providing your data to us, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please do not use our Website or provide your data.

3. Personal data we collect

We may collect and process the following categories of personal data:

• Identity and contact data: name, email address, telephone number, and postal address when you place an order, contact us, or subscribe to communications.
• Transaction and order data: order details, payment-related information (e.g. payment method; we do not store full card numbers where applicable), delivery address, and correspondence relating to your orders.
• Technical and usage data: IP address, browser type and version, device type, operating system, referring URLs, pages visited, time and date of access, and similar data collected via cookies and similar technologies where you have consented or where strictly necessary.
• Communication data: content of messages you send us (e.g. via contact form or email) and records of our responses.

We do not collect special categories of data (e.g. health, race, religion) unless you voluntarily provide such information in free-text fields (e.g. in a message). In that case, we process it only to respond to your request and in accordance with applicable law.

4. Legal basis and purposes of processing

We process your personal data only where we have a valid legal basis under the GDPR:

• Contract performance (Art. 6(1)(b) GDPR): to process and fulfil your orders, manage deliveries, handle returns, and communicate with you about your orders.
• Legitimate interests (Art. 6(1)(f) GDPR): to operate and improve our Website, prevent fraud, ensure security, analyse usage (where not based on consent), and defend our legal rights, provided our interests are not overridden by your rights.
• Consent (Art. 6(1)(a) GDPR): where we rely on your consent, e.g. for non-essential cookies, marketing communications, or other optional processing. You may withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
• Legal obligation (Art. 6(1)(c) GDPR): where we must retain or disclose data to comply with tax, accounting, or other legal obligations in the Netherlands or the EU.

Purposes include: order fulfilment and customer service; sending order and shipping confirmations; responding to enquiries; improving our Website and services; ensuring security and preventing misuse; complying with legal obligations; and, where you have consented, sending marketing and analysing site usage (e.g. analytics cookies).

5. Data retention

We retain your personal data only for as long as necessary for the purposes set out in this policy or as required by law.

• Order and customer data: generally for the duration of the contractual relationship plus 7 years for tax and legal compliance (Dutch and EU requirements).
• Contact form and enquiry data: for the time needed to handle your enquiry and, where relevant, for a limited period thereafter for follow-up or legal claims (typically up to 2 years unless a longer period is required by law).
• Marketing and consent-based processing: until you withdraw consent or object, or for a maximum of 2 years from last interaction, unless a shorter period is specified when we collect the data.
• Cookies and technical logs: as specified in our Cookie Policy (e.g. session cookies until you close the browser; analytics/marketing cookies as stated in the cookie settings).
• Legal and regulatory: where retention is required by Dutch or EU law (e.g. 7 years for certain business records), we retain data for that period.

After the retention period, we securely delete or anonymise your data so that it can no longer identify you.

6. Security measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction, in line with Article 32 GDPR. These include:

• Use of HTTPS and encryption (e.g. TLS) for data transmitted between your device and our servers.
• Access controls so that only authorised personnel can access personal data on a need-to-know basis.
• Secure storage of data on servers with appropriate security configurations and updates.
• Regular review and, where necessary, improvement of our security practices and procedures.

While we strive to protect your data, no method of transmission or storage over the internet is completely secure. We encourage you to use strong passwords and keep your login details (if any) confidential.

7. Sharing and international transfers

We may share your personal data with:

• Service providers: e.g. hosting, payment processing, shipping, email delivery, and analytics providers, who act as processors on our instructions and are bound by data processing agreements where required by the GDPR.
• Legal and public authorities: when required by Dutch or EU law, or to protect our rights, your safety, or the public.

We do not sell your personal data. Where we transfer data to countries outside the European Economic Area, we ensure appropriate safeguards are in place (e.g. adequacy decision, standard contractual clauses, or other mechanisms approved under the GDPR). You may request details of such safeguards by contacting us.

8. Your rights under the GDPR

Under the GDPR and Dutch law, you have the following rights in relation to your personal data:

• Right of access (Art. 15): you may request a copy of the personal data we hold about you and information about how we process it.
• Right to rectification (Art. 16): you may request correction of inaccurate or incomplete personal data.
• Right to erasure (Art. 17): you may request deletion of your data in certain circumstances (e.g. where it is no longer necessary, where you withdraw consent, or where you object and there are no overriding legitimate grounds).
• Right to restriction (Art. 18): you may request that we limit the processing of your data in certain situations (e.g. while we verify accuracy or while a dispute is ongoing).
• Right to data portability (Art. 20): where processing is based on contract or consent and carried out by automated means, you may request to receive your data in a structured, commonly used, machine-readable format or to have it transmitted to another controller where technically feasible.
• Right to object (Art. 21): you may object to processing based on legitimate interests, including profiling. You may also object at any time to processing for direct marketing.
• Right to withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.
• Right to lodge a complaint: you have the right to lodge a complaint with a supervisory authority. In the Netherlands, the competent authority is the Autoriteit Persoonsgegevens (Dutch Data Protection Authority), PO Box 93374, 2509 AJ The Hague, Netherlands; website: autoriteitpersoonsgegevens.nl.

To exercise any of these rights, please contact us using the details in section 1. We will respond within one month (which may be extended by two further months where necessary). We may ask you to verify your identity before processing your request.

9. Cookies and similar technologies

Our Website uses cookies and similar technologies. For detailed information on the types of cookies we use, their purposes, retention, and how to manage your preferences, please see our Cookie Policy.

10. Children

Our Website and services are not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will take steps to delete it.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the Website. The “Last updated” date at the top will be revised when we make material changes. We encourage you to review this page periodically. Where required by law, we will seek your consent or provide additional notice for material changes.

12. Contact

For any questions about this Privacy Policy or our processing of your personal data, please contact us:

Plyxaronxynlixer
Ferdinand Bolstraat 103, 1072 LE Amsterdam, Netherlands
Email: help@plyxaronxynlixer.world
Phone: +31 20 662 1256