Privacy Policy

Privacy Policy of Healmo Online Store
We value your privacy and are committed to protecting your personal data. This Privacy Policy describes how we process your data in accordance with the legislation of the European Union, including the General Data Protection Regulation (GDPR).

1. Data Controller

The controller of your data is Dmitrii Catanchin, registered in Poland, registration number NIP: 5213904981. Legal address: Poland, Warsaw 02-467, Stawy 5.

For any questions related to the processing of personal data, you can contact us:

• Email: healmo.eu@gmail.com

• Phone: +48 797 179 789

2. What Data Do We Collect?

We only process the data necessary to fulfill your orders:

• First name and last name

• Delivery address

• Email address

• Phone number

• Payment details (processed via a third-party payment system).

In addition, we may collect data using analytics tools such as Google Analytics (see below).

3. Purpose of Data Processing

Your data is used for the following purposes:

• Processing and delivering your orders.

• Issuing invoices in compliance with tax legislation.

• Ensuring the security of transactions through payment systems.

• Fulfilling legal obligations (e.g., accounting).

• Improving the functionality of the website, including analyzing user behavior (using Google Analytics).

Legal basis for processing:

• Fulfillment of a contract (Article 6(1)(b) GDPR).

• Compliance with legal obligations (Article 6(1)(c) GDPR).

• Legitimate interest (Article 6(1)(f) GDPR) — analyzing user behavior to optimize our website.

4. Use of Google Analytics

We use Google Analytics to analyze traffic and user behavior on our website. Google Analytics processes data such as:

• User’s IP address (anonymized).

• Information about the type of device, browser, and operating system.

• Details about the pages visited by the user.

• Time spent on the website.

Important: We have enabled the IP anonymization feature to prevent user identification.

Data Transfer to the USA:
Google LLC is based in the USA, and data may be transferred outside the European Economic Area (EEA). To protect your data, Google uses Standard Contractual Clauses (SCCs) approved by the European Commission.

You can disable Google Analytics by:

• Installing the browser plugin: https://tools.google.com/dlpage/gaoptout.

• Disabling analytics cookies through the cookie settings on our website.

For more information on how Google processes your data, please refer to Google's Privacy Policy: https://policies.google.com/privacy.

5. Transfer of Data to Third Parties

We only share your data with third parties necessary for fulfilling your order or analyzing the website:

Courier Services

To deliver your orders, we share your name, address, and contact phone number with courier companies (e.g., DHL, UPS, etc.).

Payment System Stripe

We use the Stripe payment system to process payments. Stripe acts as a data processor in compliance with GDPR. We do not store payment details ourselves.

Hosting and Data Storage

Our online store and order data are hosted on the servers of Hostinger. Hostinger provides hosting services and operates in compliance with GDPR.

Data Transfer Outside the EU:
If your data is transferred outside the European Economic Area (EEA), it is done in accordance with international data protection standards such as Standard Contractual Clauses (SCCs) approved by the European Commission.

6. Data Retention Periods

• Order and invoice data is retained for 5 years in compliance with tax legislation.

• Contact data of customers who have not placed orders is deleted within 12 months.

• Data collected via Google Analytics is retained for no longer than 14 months (in accordance with the settings of our Google Analytics account).

• If you request the deletion of your data, we will fulfill your request unless the data is required to comply with legal obligations.

7. Your Rights

Under GDPR, you have the following rights:

• The right to access your data.

• The right to rectify or delete your data.

• The right to restrict data processing.

• The right to data portability.

• The right to withdraw consent for data processing (if processing is based on consent).

• The right to lodge a complaint with a national data protection authority.

If you believe your rights have been violated, you can contact the data protection authority in your country (e.g., BfDI in Germany, UODO in Poland).

8. Cookies

We use:

• Functional cookies (necessary for the operation of the website, such as saving items in the cart).

• Analytical cookies (for Google Analytics).

Upon your first visit to the website, we ask for your consent to use analytical cookies via a cookie banner.

You can change your cookie preferences at any time through the [cookie settings on the website].

9. Data Security

We take technical and organizational measures to protect your data, including:

• Encrypting data using an SSL certificate.

• Limiting access to your data within the company.

In the event of a data breach, we will notify the national supervisory authority and affected users within 72 hours.

10. Updates to the Privacy Policy

We may periodically update this Privacy Policy. All changes will be published on this page.

If you have any additional questions or wish to exercise your rights, please contact us:

• Email: healmo.eu@gmail.com