Política de protección de daitos
Last updated: 22.04.2025
This Privacy Notice describes how Corpus Verde OÜ (hereinafter “Corpus Verde”, “Purolyt”, "we," "us," or "our") collects, uses, and shares personal data. We are committed to protecting your privacy and ensuring the security of your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
This Privacy Notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at privacy@corpusverde.com
The controller in charge of data processing on this website, within the meaning of the General Data Protection Regulation (GDPR), is:
Corpus Verde OÜ
Narva mnt 5,
10117 Tallinn,
Estonia
Email: info@purolyt.com
Phone: +372 53453911
Table of Contents
- Data Collected
- Purposes of Processing
- Legal Basis for Processing
- Data Retention
- Data Sharing and Disclosure
- International Data Transfers
- Data Security
- Your Rights
- Cookies and Similar Technologies
- Changes to this Privacy Policy
- Contact Us
1. Data Collected
We may collect the following categories of personal data:
- Contact Information: Name, email address, postal address, phone number.l
- Account Information: Username, password, and other registration details.
- Financial Information: Payment details (processed by our payment processor, we do not store the card details). We use Stripe to process payments, and their privacy policy applies to your payment information.
- Communication Data: Records of correspondence when you contact us. We may use Google Meet or WhatsApp for customer support, and your communications through these platforms are subject to their respective privacy policies.
- Marketing Data: Preferences for receiving marketing communications. We use Meta Pixel for social media marketing and tracking the effectiveness of our advertising campaigns.
- Usage Data: Information about how you use our website, products, or services, including IP address, browser type, operating system, access times, and pages viewed. We use Google Analytics (GA4) to collect and analyze this data to improve our website and services.
- Technical Data: Data collected through cookies and similar technologies.
- Other Information: Any other information you choose to provide to us.
2. Purposes of Processing
We process your personal data for the following purposes:
- To provide and maintain our services.
- To process your orders and payments.
- To create and manage your account.
- To communicate with you, including responding to your inquiries and providing customer support.
- To personalize your experience.
- To send you marketing communications (where you have consented).
- To improve our website, products, and services.
- To monitor and analyze usage and trends.
- To detect, prevent, and address technical issues.
- To comply with legal obligations.
- To process and fulfill shipping of your orders.
3. Legal Basis for Processing
We process your personal data based on one or more of the following legal bases:
- Consent: You have given us your explicit consent to process your personal data for a specific purpose.
- Contract: The processing is necessary for the performance of a contract with you.
- Legal Obligation: We need to process your personal data to comply with a legal obligation.
- Legitimate Interests: The processing is necessary for our legitimate interests or the legitimate interests of a third party, and your interests and fundamental rights do not override those interests. We balance our interests against yours. Examples of our legitimate interests are: improving our services, preventing fraud, and direct marketing to our customers.
4. Data Retention
We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Even if data is deleted from our primary systems, copies may remain in our backup systems for some time.
Generally, we retain:
- Contact information: For the duration of our relationship and as long as required by law.
- Account information: As long as your account is active.
- Usage data: For analytics purposes.
- Financial information: As required by tax and accounting laws.
- Marketing data: Until you withdraw your consent.
We may retain data for longer periods in case of complaints or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
5. Data Sharing and Disclosure
We may share your personal data with the following categories of recipients:
- Service Providers: Third-party service providers who provide services on our behalf, such as hosting, payment processing, analytics, and marketing. We ensure these providers comply with data protection laws. This includes providers such as Google (for Analytics and Meet), Meta, Stripe, and GLS.
- Shipping Providers: We share your name and address with shipping providers such as GLS to fulfill your orders.
- Affiliates: Our subsidiaries or affiliates, for internal business purposes.
- Business Partners: Trusted partners who offer products or services that may be of interest to you (with your consent).
- Business Transfers: In connection with a merger, acquisition, or sale of all or a portion of our assets.
- Legal Authorities: When required by law or to protect our rights and safety or the rights and safety of others.
6. International Data Transfers
We may transfer your personal data to countries outside the European Economic Area (EEA) that may not have data protection laws that provide the same level of protection as those in the EEA. For example, when using Google Analytics, Meta Pixel, and Stripe, data may be transferred to the US.
If we transfer your personal data outside the EEA, we will ensure that appropriate safeguards are in place, such as:
- Adequacy Decisions: Transferring to countries that the European Commission has determined provide an adequate level of protection.
- Standard Contractual Clauses: Using standard contractual clauses approved by the European Commission.
- Other Safeguards: Relying on other legally recognized transfer mechanisms.
7. Data Security
We have implemented appropriate technical and organizational measures to protect your personal data against unauthorized access, use, or disclosure. These measures include:
- Encryption of data in transit and at rest.
- Access controls and authentication.
- Regular security assessments and audits.
- Employee training on data protection.
- Data loss prevention measures.
8. Your Rights
You have the following rights regarding your personal data:
- Right to Access: You have the right to obtain confirmation as to whether or not your personal data is being processed, and, where that is the case, access to the personal data.
- Right to Rectification: You have the right to have inaccurate personal data corrected.
- Right to Erasure ("Right to be Forgotten"): You have the right to have your personal data erased under certain circumstances.
- Right to Restriction of Processing: You have the right to restrict the processing of your personal data under certain circumstances.
- Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
- Right to Object: You have the right to object to the processing of your personal data under certain circumstances, including the right to object to processing for direct marketing purposes.
- Right to Withdraw Consent: If we are processing your personal data based on your consent, you have the right to withdraw your consent at any time.
- Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.
9. Cookies and Similar Technologies
We use cookies and similar technologies, including those implemented by Google Analytics and Meta Pixel, to collect and store information about your use of our website. You can manage your cookie preferences at our Cookie Policy or through your browser settings. For more information about Cookies, please see our Cookie Policy.
10. Changes to this Privacy Policy
We may update this privacy policy from time to time. We will notify you of any material changes by posting the updated policy on our website and/or by other means, such as email.
11. Contact Us
If you have any questions or concerns about this privacy policy or our processing of your personal data, please contact us at:
Corpus Verde OÜ
Narva mnt 5,
10117 Tallinn,
Estonia
Email: info@purolyt.com
Phone: +372 53453911