Privacy Policy

This Privacy Policy explains how Xiwaju.com ("we," "us," or "our") collects, uses, shares, and protects your personal information when you visit our website or make purchases of our eco-friendly lifestyle products. We respect your privacy and are committed to protecting your personal data in accordance with applicable privacy laws, including the General Data Protection Regulation (GDPR).

1. Information We Collect

We collect information that you provide directly to us, information we collect automatically when you use our services, and information from third parties. This may include:

• Personal Identification Information: Name, email address, postal address, phone number, and other similar contact data when you create an account, place an order, or contact customer service.
• Transaction Information: Details about purchases, product preferences, order history, shipping details, and payment information.
• Technical Data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
• Usage Data: Information about how you use our website, products, and services, including browsing patterns, page views, and search queries.
• Communication Data: Your preferences in receiving marketing communications from us and our third parties and your communication preferences.

2. How We Use Your Information

We use the information we collect for various purposes, including:

• Processing and fulfilling your orders, including managing payments, shipping, and returns
• Creating and managing your account
• Providing customer support and responding to your inquiries
• Improving our website, products, and services
• Personalizing your shopping experience
• Sending you marketing communications about products, services, and promotions (with your consent where required by law)
• Conducting research and analysis to better understand our customers' needs
• Preventing fraud and ensuring the security of our website
• Complying with legal obligations

3. Legal Basis for Processing

Under the GDPR, we process your personal data based on one or more of the following legal grounds:

• Consent: Where you have given us explicit consent to process your data for specific purposes.
• Contractual Necessity: When processing is necessary for the performance of a contract with you (e.g., to fulfill your order).
• Legal Obligation: When processing is necessary for compliance with a legal obligation.
• Legitimate Interests: When processing is necessary for our legitimate interests, provided those interests do not override your fundamental rights and freedoms.

4. Data Sharing and Disclosure

We may share your personal information with:

• Service Providers: Third-party vendors who perform services on our behalf, such as payment processing, order fulfillment, shipping, customer service, and marketing.
• Business Partners: Trusted partners who help us provide and improve our services.
• Legal Authorities: When required by law, court order, or governmental regulation.
• Business Transfers: In connection with a merger, acquisition, or sale of all or a portion of our assets.

We do not sell your personal information to third parties for their marketing purposes without your explicit consent.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, accidental loss, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and staff training.

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, and applicable legal requirements.

7. Your Rights

Under the GDPR and other applicable privacy laws, you have certain rights regarding your personal information, including:

• Right to Access: You can request a copy of the personal information we hold about you.
• Right to Rectification: You can request correction of inaccurate or incomplete information.
• Right to Erasure: You can request deletion of your personal information in certain circumstances.
• Right to Restrict Processing: You can request restriction of processing in certain circumstances.
• Right to Data Portability: You can request transfer of your information to you or another organization.
• Right to Object: You can object to processing based on legitimate interests and direct marketing.
• Right to Withdraw Consent: You can withdraw consent where processing is based on consent.

8. Cookies and Similar Technologies

We use cookies and similar technologies to collect information about your browsing activities and to distinguish you from other users of our website. This helps us provide you with a good experience, improve our website, and personalize content and advertisements. You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies. However, if you disable or refuse cookies, some parts of our website may become inaccessible or not function properly.

9. International Data Transfers

Your personal information may be transferred to, and processed in, countries other than the country in which you reside. These countries may have data protection laws that differ from the laws of your country. Whenever we transfer your personal information to other countries, we implement appropriate safeguards in accordance with applicable law.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the updated Privacy Policy on our website with a new effective date. We encourage you to review this Privacy Policy periodically.

Last updated: June 10, 2023