At Glaventa LLC, accessible via https://glaventa.com/, we are committed to protecting the privacy and security of the personal data of our customers, including those residing in the European Union (EU), and we adhere to the principles of the General Data Protection Regulation (GDPR). This statement explains how we collect, use, and protect your personal data in compliance with GDPR.

1. Who We Are (Data Controller) Glaventa LLC, located at 21 W 46th St 705, New York, NY 10036, US, acts as the data controller for the personal data you provide to us. This means we determine the purposes and means of processing your personal data.

2. What Personal Data We Collect We collect personal data to provide you with our products and services. This may include:

  • Identity Data: Your first name, last name.
  • Contact Data: Billing address, shipping address, email address, and telephone numbers.
  • Transaction Data: Details about payments to and from you, and other details of products you have purchased from us. Note that we do not directly store your full payment card details; these are securely processed by our third-party payment providers (Afterpay / Klarna).
  • Technical Data: Internet protocol (IP) address, browser type and version, time zone setting and location, operating system and platform, and other technology on the devices you use to access our website.
  • Usage Data: Information about how you use our website and services.
  • Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.

3. How We Collect Your Personal Data We collect data from and about you through various methods:

  • Direct interactions: You may give us your Identity, Contact, and Transaction Data by filling in forms or by corresponding with us by post, phone, email (support@glaventa.com, +16467558167), or otherwise. This includes data you provide when you:
    • Purchase our products.
    • Create an account on our website.
    • Subscribe to our newsletter.
    • Request marketing to be sent to you.
    • Give us feedback or contact us.
  • Automated technologies or interactions: As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies and other similar technologies. Please refer to our separate Cookie Policy for more details.

4. How We Use Your Personal Data (Purposes and Legal Basis) We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • To fulfill a contract: To process and deliver your order, manage payments, fees, and charges, and collect and recover money owed to us. (Legal Basis: Performance of a contract with you).
  • For legitimate interests: To register you as a new customer, manage our relationship with you, improve our website, products/services, marketing, customer relationships, and experiences, and for fraud prevention and network security. (Legal Basis: Necessary for our legitimate interests and your interests do not override those interests).
  • To comply with a legal obligation: To meet our legal or regulatory obligations, such as tax and consumer protection laws. (Legal Basis: Necessary to comply with a legal obligation).
  • Where we have your specific consent: For sending you marketing communications, if you have opted in. (Legal Basis: Consent).

5. Sharing Your Personal Data We may share your personal data with trusted third parties to help us provide our services:

  • Service Providers: Including payment processors (Afterpay / Klarna), shipping carriers, website hosting, and email service providers who provide IT and system administration services.
  • Professional Advisers: Including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services.
  • Law Enforcement or Regulators: Where legally required or necessary to protect our rights or the safety of others. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

6. International Transfers As Glaventa LLC is based in the United States, your personal data will be processed in the US. When we transfer personal data from the EU to the US, we ensure a similar degree of protection is afforded to it by implementing appropriate safeguards, such as standard contractual clauses approved by the European Commission, where required.

7. Data Security We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions and are subject to a duty of confidentiality.

8. Data Retention We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.

9. Your Legal Rights Under GDPR If you are an individual in the EU, under certain circumstances, you have rights under data protection laws in relation to your personal data. These include:

  • The right to be informed: About how your personal data is being used.
  • The right of access: To your personal data.
  • The right to rectification: To have inaccurate personal data corrected.
  • The right to erasure (“right to be forgotten”): To have your personal data deleted in certain circumstances.
  • The right to restrict processing: To block or suppress processing of your personal data.
  • The right to data portability: To obtain and reuse your personal data for your own purposes across different services.
  • The right to object: To certain types of processing, such as direct marketing.
  • Rights in relation to automated decision-making and profiling: Not to be subject to a decision based solely on automated processing.
  • The right to withdraw consent: At any time where we are relying on consent to process your personal data. This will not affect the lawfulness of any processing carried out before you withdraw your consent.

To exercise any of these rights, please contact us using the details provided below. You also have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or where an alleged infringement of GDPR occurred.

10. Contact Us For any questions regarding this GDPR Compliance Statement, or if you wish to exercise your rights, please contact us:

Glaventa LLC Address: 21 W 46th St 705, New York, NY 10036, US Email: support@glaventa.com Phone: +16467558167 Customer Service Hours: Monday-Friday 9AM-5PM EST