Privacy Policy

ProvaFit LTD United Kingdom & Wales GmbH

71-75 Shelton Street, Covent Garden, London, WC2H 9JQ

 

1. Security and Protection of Your Personal Data

At ProvaFit.com (referred to hereafter as 'ProvaFit', 'we', 'our', or 'us'), we prioritize the protection of your personal data. We employ strict security measures and advanced technologies to ensure your data remains secure. Our primary responsibility is to maintain the confidentiality of the personal data you provide and protect it from unauthorized access.

2. Definitions

To ensure transparency and clarity regarding the processing of your personal data, we provide the following definitions:

  • Personal Data: Any information related to an identified or identifiable natural person, such as a name, identification number, location data, or other identifiers.

  • Processing: Any action performed on personal data, including collection, recording, organization, structuring, storage, retrieval, consultation, usage, transmission, alignment, restriction, or destruction.

  • Restriction of Processing: Marking stored personal data to limit its future processing.

  • Profiling: Automated processing of personal data to evaluate aspects concerning a natural person's performance, preferences, behavior, health, or other characteristics.

  • Pseudonymization: Processing personal data in a way that prevents identification without additional information.

  • Filing System: A structured set of personal data that can be accessed according to specific criteria.

  • Data Controller: The entity that determines the purposes and means of processing personal data.

  • Processor: An entity that processes personal data on behalf of the controller.

  • Recipient: A person or entity to which personal data is disclosed.

  • Third Party: Any entity other than the data subject, controller, processor, or authorized persons under the direct authority of the controller.

  • Consent: Clear and unambiguous agreement given by the data subject for processing their personal data.

3. Lawfulness of Processing

Personal data will only be processed if there is a legal basis, as per Article 6(1) of the General Data Protection Regulation (GDPR). These bases include:

  • The data subject has given consent to the processing.
  • Processing is necessary to perform a contract to which the data subject is party.
  • Processing is required to comply with a legal obligation.
  • Processing is necessary to protect vital interests of the data subject or another individual.
  • Processing is necessary for the performance of a public task or official authority vested in the controller.
  • Processing is necessary for the legitimate interests pursued by the controller or a third party, provided these interests are not overridden by the data subject’s rights and freedoms.

4. Visiting Our Website – Server Log Files; Hosted by Shopify

  1. When you visit ProvaFit.com purely for informational purposes, without registering or providing any other data, we collect the personal data automatically transmitted by your browser. This information is stored in server log files and includes:

    • IP address
    • Date and time of the request
    • Time zone difference to GMT
    • Content of the request (specific page)
    • Access status/HTTP status code
    • Data volume transmitted
    • Website from which the request originated
    • Browser used
    • Operating system and interface
    • Language and browser version

This data is needed to display the website properly in your browser and ensure system security. It is processed solely for statistical purposes and is not linked with other data sources.

  1. Our Shop is Hosted by Shopify
    ProvaFit’s e-commerce platform is hosted by Shopify Inc. Shopify provides us with the tools to sell our products and services. Your data is securely stored on Shopify's servers, protected by a firewall. Transaction data is encrypted and retained only for processing your purchase and erased once the transaction is complete. Shopify adheres to PCI-DSS standards for secure payment transactions.

For more details, please refer to Shopify’s Terms of Use and Privacy Policy.

5. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Once your data is no longer needed for these purposes, it will be securely erased or anonymized.

6. Your Rights as a Data Subject

You have the following rights under applicable data protection laws:

  • Access: You can request access to the personal data we hold about you.
  • Rectification: You can request corrections to any inaccurate or incomplete data we have.
  • Erasure: You can request the deletion of your personal data under certain conditions.
  • Restriction of Processing: You can request that we restrict the processing of your data in specific situations.
  • Data Portability: You can request a copy of your data in a structured, commonly used format for transmission to another data controller.
  • Objection: You have the right to object to the processing of your data in certain circumstances.

7. Processing of Personal Data When Contacting Us, Setting Up a Customer Account, and Paying in the Online Shop

  1. Contacting Us: If you contact us via email or through our contact form, the personal data you provide (such as email address, name, and phone number, if necessary) will be stored by us to respond to your inquiries. We will delete this data once it is no longer needed for this purpose.

  2. Creating a Customer Account and Purchasing Products: When you make a purchase or create a customer account, we collect the personal data necessary to process the order. This data is processed for the performance of the contract, as per Art. 6(1)(b) GDPR.

  3. Payment Methods: We work with external payment service providers like PayPal. Depending on your payment method, your data may be transmitted to these providers. The legal basis for this is Art. 6(1)(a), (b), or (f) GDPR.

  • PayPal: If you choose PayPal, your personal data will be transmitted to PayPal as per its Privacy Policy.

8. Social Media and Other Third-Party Integrations

We use third-party social media and marketing services. These services may collect and process data in accordance with their own privacy policies:

  • Social Media Plugins (Facebook, Twitter, Pinterest, etc.): These plugins allow you to interact with social networks directly from our website. Please review the privacy policies of the respective platforms for how they handle your data.

  • Marketing and Tracking Tools: We use services like Facebook Pixel and Hotjar to improve user experience and track performance. These services process personal data for marketing, analytics, and personalization.

9. Cookie Consent and Preferences

We ask for your consent to store cookies on your device. You can manage and adjust your preferences at any time via your browser settings or the cookie consent banner.

10. Data Processing Agreements

For all third-party services mentioned, we ensure that appropriate data processing agreements are in place to safeguard your personal data and ensure compliance with GDPR.

11. Contact Information

If you have any questions about this privacy policy or wish to exercise your rights, please contact us at:

  • Email: contact@provafit.com
  • Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ