Privacy Policy

1. Introduction

Dyxvalondrizelon ("we", "our", "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website dyxvalondrizelon.world and use our services.

We comply with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs), for personal information we collect in the course of our Australian operations or about individuals in Australia. Where the EU or UK General Data Protection Regulation (GDPR) or similar laws apply, we also comply with those requirements. This policy describes our practices regardless of your location.

By submitting information through our website or otherwise engaging with us, you acknowledge this policy. Where the law requires separate consent (for example, for certain marketing messages), we will obtain it explicitly.

2. Data Controller Information

The organisation responsible for your personal information under the Privacy Act and, where applicable, the data controller under the GDPR is:

3. Information We Collect

3.1 Personal Information You Provide

We collect information that you voluntarily provide to us, including:

• Name
• Email address
• Phone number (if provided)
• Message content from contact forms
• Order and billing information
• Delivery address

3.2 Automatically Collected Information

When you visit our website, we may automatically collect:

• IP address
• Browser type and version
• Device type
• Operating system
• Pages visited and time spent
• Referral source
• Cookie data (see our Cookie Policy)

4. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Consent: When you have given clear consent for us to process your personal data for a specific purpose.
• Contract: When processing is necessary for the performance of a contract with you (e.g., order fulfillment).
• Legal Obligation: When processing is necessary to comply with legal requirements.
• Legitimate Interests: When processing is necessary for our legitimate business interests, provided these do not override your rights.

5. How We Use Your Information

We use the collected information for the following purposes:

• To process and fulfill your orders
• To communicate with you regarding your orders and inquiries
• To provide customer support
• To improve our website and services
• To send promotional communications only where permitted—typically with your express or inferred consent as required under the Spam Act 2003 (Cth) and the APPs, and with a working unsubscribe mechanism in each message
• To comply with legal obligations
• To prevent fraud and maintain security
• To analyze website usage and performance

6. Data Sharing and Disclosure

We may share your personal information with:

• Service Providers: Third parties who assist us with payment processing, shipping, hosting, analytics, and customer service.
• Legal Requirements: When required by law, court order, or government regulations.
• Business Transfers: In connection with a merger, acquisition, or sale of assets.

We do not sell your personal information to third parties for marketing purposes.

7. International Data Transfers

Your information may be transferred to and processed in countries outside your country of residence. Where we disclose personal information to an overseas recipient and Australian law applies, we take reasonable steps under APP 8 of the Privacy Act 1988 (Cth) to ensure the overseas recipient does not breach the APPs (except where permitted by law, for example if you consent or a prescribed exception applies).

When we transfer data internationally, we also use appropriate safeguards where required, including:

• Standard Contractual Clauses approved by relevant authorities
• Transfers to countries with adequate data protection laws
• Other legally approved transfer mechanisms

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

• Order Data: 7 years for tax and accounting purposes
• Marketing Consent: Until you withdraw consent
• Website Analytics: 26 months
• Customer Support Records: 3 years after resolution

After the retention period, data is securely deleted or anonymized.

9. Your Rights

Under GDPR and applicable laws, you have the following rights:

• Right of Access: Request a copy of your personal data we hold.
• Right to Rectification: Request correction of inaccurate data.
• Right to Erasure: Request deletion of your personal data.
• Right to Restrict Processing: Request limitation of how we use your data.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests or for marketing.
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact us at writetous@dyxvalondrizelon.world. We will respond within a reasonable period and, where the GDPR applies, within 30 days unless the law allows an extension.

9.1 Rights of individuals in Australia (APPs)

If you are in Australia, the APPs in Schedule 1 of the Privacy Act 1988 (Cth) apply. In summary, you may request access to the personal information we hold about you (APP 12) and ask us to correct inaccurate information (APP 13). You may complain about our handling of your information (see Complaints below). Where we collect sensitive information, we do so only as permitted by the APPs (for example, with your consent where required).

We take reasonable steps to ensure the personal information we collect is accurate, up to date, and complete (APP 10), and to protect it from misuse, interference, loss, and unauthorised access, modification, or disclosure (APP 11).

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

• SSL/TLS encryption for data transmission
• Secure data storage with access controls
• Regular security assessments
• Employee training on data protection
• Incident response procedures

While we strive to protect your data, no method of transmission over the Internet is 100% secure.

10.1 Notifiable Data Breaches (Australia)

Where the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act 1988 (Cth) applies to us, we will assess any incident that may involve unauthorised access to, disclosure of, or loss of personal information. If there is an eligible data breach, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals when required by law, and provide information to help you safeguard your interests.

11. Children's Privacy

Our website and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to read their privacy policies before providing any personal information.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically. Continued use of our website after changes constitutes acceptance of the updated policy.

14. Complaints

If you have concerns about how we handle your personal information, please contact us first so we can try to resolve the matter. You may also lodge a complaint with a supervisory authority:

• Australia: Office of the Australian Information Commissioner (OAIC) — oaic.gov.au
• EU: Your national data protection authority
• UK: Information Commissioner's Office (ICO)

15. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: