Privacy Policy
Your privacy is important to us. This policy explains how Vitality & Grace collects, uses, and protects your personal information.
Last updated: December 15, 2024
Information We Collect
Personal Information
When you visit our website, interact with our services, or make a purchase, we may collect the following types of personal information:
- Contact Information: Name, email address, phone number, and postal address
- Payment Information: Credit card details, billing address, and transaction history
- Account Details: Username, password, and profile preferences
- Health Information: Wellness goals, fitness preferences, and health-related data (with your explicit consent)
Automatically Collected Information
We automatically collect certain information when you visit our website:
- Usage Data: Pages visited, time spent on site, clickstream data, and referral sources
- Cookies and Tracking: Session cookies, persistent cookies, and similar tracking technologies
How We Use Your Information
We use the collected information for legitimate business purposes to provide and improve our services. Your data helps us create a personalized experience and deliver the highest quality wellness solutions.
Service Provision
- Provide customer support
- Deliver personalized recommendations
Communication
- Newsletter subscriptions
- Important service updates
Legal Basis for Processing
We process your personal data based on: contractual necessity (to provide services you've requested), legitimate interests (to improve our services), your consent (for marketing communications), and legal obligations (for tax and accounting purposes).
Information Sharing and Disclosure
We Do Not Sell Your Data
Vitality & Grace never sells, rents, or trades your personal information to third parties for their marketing purposes. Your privacy is fundamental to our business model.
Limited Sharing Scenarios
- Service Providers: Trusted partners who help us operate our business
- Payment Processors: Secure payment processing companies
- Legal Requirements: When required by law or legal process
Data Protection Measures
- Encryption: SSL/TLS encryption for data transmission
- Access Controls: Limited employee access to personal data
- Regular Audits: Ongoing security assessments and updates
Your Rights and Choices
As a resident of the European Union, you have comprehensive rights regarding your personal data. We are committed to helping you exercise these rights effectively.
Right to Access
Request copies of your personal data and information about how we process it.
Right to Rectification
Correct any inaccurate or incomplete personal information we hold about you.
Right to Erasure
Request deletion of your personal data under certain circumstances.
Right to Portability
Receive your data in a structured, machine-readable format.
Right to Object
Object to processing of your personal data for direct marketing purposes.
Right to Restrict Processing
Limit the ways we use your personal information in certain situations.
Exercising Your Rights
To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.
Verification: For your protection, we may need to verify your identity before processing your request.
Cookies and Tracking Technologies
What Are Cookies
Cookies are small text files stored on your device that help us provide you with a better browsing experience. They enable us to remember your preferences and analyze how you use our website.
Types of Cookies We Use
Essential Cookies
Required for website functionality, including login and shopping cart features. Cannot be disabled.
Analytics Cookies
Help us understand website usage and improve user experience. We use anonymized data.
Marketing Cookies
Used to deliver relevant advertisements and measure campaign effectiveness.
Managing Your Cookie Preferences
You can control cookies through your browser settings or our cookie preference center. Most browsers allow you to:
- View and delete cookies
- Block third-party cookies
- Set preferences for specific websites
Data Security and Retention
Security Measures
We implement comprehensive security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction.
Encryption
AES-256 encryption for data at rest and TLS 1.3 for data in transit
Access Controls
Role-based access with multi-factor authentication for employees
Regular Monitoring
24/7 security monitoring and intrusion detection systems
Staff Training
Regular privacy and security training for all team members
Data Retention Policy
We retain your personal information only as long as necessary to fulfill the purposes outlined in this privacy policy or as required by law.
Account Information
Retained while your account is active and for 3 years after closure for legal and tax purposes.
Transaction Records
Financial records are retained for 7 years as required by tax regulations.
Marketing Data
Retained until you unsubscribe or request deletion, whichever comes first.
International Data Transfers
Vitality & Grace operates primarily within the European Union, but we may transfer your personal data to countries outside the EU when necessary for our services.
Transfer Safeguards
When we transfer your data outside the EU, we ensure adequate protection through:
- EU Commission Adequacy Decisions: Countries with data protection laws equivalent to EU standards
- Standard Contractual Clauses: EU-approved contracts with service providers
- Certification Schemes: Providers with recognized privacy certifications
Our EU Commitment
As a company based in the Czech Republic, we are fully committed to GDPR compliance and European data protection standards. Our primary data processing activities remain within the EU to minimize the need for international transfers.
Children's Privacy Protection
We are committed to protecting the privacy of children who use our services. Our wellness products and services are designed for adults and are not intended for children under 16.
Age Restrictions
- Minimum Age: Our services are available only to individuals 16 years and older
- Parental Consent: We do not knowingly collect data from children under 16
Wellness and Health Considerations
Given the health and wellness nature of our services, we maintain strict age verification to ensure our products and recommendations are appropriate for adult users only.
Changes to This Privacy Policy
We may update this privacy policy from time to time to reflect changes in our practices or applicable laws. We are committed to transparency about how we handle your information.
Notification Process
- Prominent notice on our website
- Updated "Last modified" date
Effective Dates
- Changes take effect 30 days after notice
- Continued use implies acceptance
Contact Us About Privacy
If you have any questions about this privacy policy, need to exercise your rights, or have concerns about how we handle your data, please don't hesitate to contact us.
Vitality & Grace
Business Hours
Data Protection Officer
For privacy-related inquiries, you can also reach out to our dedicated Data Protection Officer who will ensure your concerns are addressed promptly and thoroughly.