Privacy Policy

Last updated: March 13, 2025

1. Data controller and contact details

The data controller responsible for your personal data in connection with this website is:

Ghakleonsholghik
47315 Van Dyke Ave, Shelby Township, MI 48317, United States
Email: feedback@ghakleonsholghik.world
Phone: +15863260006

2. Introduction and legal basis

This Privacy Policy describes how we collect, use, store, and protect your personal data when you use our website https://ghakleonsholghik.world (the "Website") and our services, including the Wellavira product. We process personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) where it applies, the California Consumer Privacy Act (CCPA), and other United States and international privacy laws.

We process your personal data only where we have a lawful basis: (a) your consent; (b) performance of a contract with you or steps at your request before entering into a contract; (c) compliance with a legal obligation; (d) our legitimate interests, provided they are not overridden by your rights; or (e) where otherwise permitted by law.

3. Personal data we collect

We may collect the following categories of personal data:

• Identity and contact data: name, email address, telephone number, and postal address when you place an order, contact us, or sign up for communications.
• Transaction and order data: order details, payment-related information (processed by secure third-party payment providers), and delivery information.
• Technical and usage data: IP address, browser type and version, device type, time zone, pages visited, and how you use our Website. This may include data collected via cookies and similar technologies as described in our Cookie Policy.
• Marketing and communications preferences: your choices regarding marketing emails and cookie consent.

4. Purposes of processing

We use your personal data for the following purposes:

• To process and fulfil your orders and to communicate with you about your order (e.g. confirmations, shipping updates).
• To respond to your enquiries and provide customer support.
• To send you service-related messages (e.g. important updates about our services or policies).
• To improve our Website, products, and services (e.g. analytics, testing, and research), where based on consent or legitimate interest.
• To send marketing communications where you have given consent or where permitted by law.
• To comply with legal obligations (e.g. tax, accounting, responding to lawful requests from authorities).
• To establish, exercise, or defend legal claims.

5. Retention periods

We retain your personal data only for as long as necessary for the purposes set out in this policy or as required by law.

• Order and customer data: typically for the duration of our business relationship plus a period necessary for legal, tax, and accounting requirements (e.g. up to 7 years where required by law).
• Contact and enquiry data: for the time needed to resolve your enquiry and for a reasonable period thereafter (e.g. up to 3 years) unless we are under a legal obligation to retain longer.
• Marketing data: until you withdraw consent or object, and then only as needed for record-keeping where required by law.
• Technical and analytics data: as specified in our Cookie Policy, generally for no longer than the periods stated there (e.g. session data until you close the browser; analytics as per the relevant tool, often up to 26 months).

After the retention period, we securely delete or anonymise your data so that it can no longer identify you.

6. Your rights

Depending on your location, you may have the following rights in relation to your personal data:

• Access: to request a copy of the personal data we hold about you.
• Rectification: to request correction of inaccurate or incomplete data.
• Erasure: to request deletion of your data in certain circumstances (e.g. where it is no longer necessary or you withdraw consent).
• Restriction: to request that we restrict processing in certain situations.
• Data portability: to receive your data in a structured, commonly used format and to transmit it to another controller where technically feasible.
• Objection: to object to processing based on legitimate interests or for direct marketing.
• Withdraw consent: where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
• Complaint: to lodge a complaint with a supervisory authority (e.g. in the EU/EEA, your local data protection authority; in the US, relevant state or federal bodies).

To exercise any of these rights, please contact us using the details in section 1. We will respond within the time limits set by applicable law (e.g. one month under GDPR). We may need to verify your identity before processing your request.

7. Security measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Use of HTTPS and encryption for data in transit.
• Secure storage and access controls for data at rest.
• Limited access to personal data on a need-to-know basis.
• Regular review of our security practices and, where applicable, use of reputable service providers who are bound by data protection commitments.

While we strive to protect your data, no method of transmission or storage over the internet is completely secure. We encourage you to use strong passwords and to keep your login details confidential.

8. Sharing and international transfers

We may share your personal data with:

• Service providers who assist us (e.g. hosting, payment processing, email delivery, analytics). Such providers are contractually required to use data only for the purposes we specify and in accordance with applicable law.
• Legal and regulatory authorities when required by law or to protect our rights.

Your data may be processed in the United States or other countries where our service providers operate. Where we transfer data from the European Economic Area or the UK to countries not deemed to provide adequate protection, we implement appropriate safeguards (e.g. standard contractual clauses or other mechanisms approved by the relevant authorities). You may request details of these safeguards by contacting us.

9. Children

Our Website and services are not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will take steps to delete it.

10. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top indicates when it was last revised. We encourage you to review this page periodically. Where required by law, we will notify you of material changes (e.g. by email or a notice on our Website).

11. Additional information for certain jurisdictions

California (CCPA/CPRA): If you are a California resident, you may have additional rights, including the right to know, delete, correct, and limit the use of sensitive personal information, and the right to non-discrimination. We do not sell personal information as defined under the CCPA. You may contact us to exercise your rights.

Other US states: Certain states have enacted privacy laws that may grant you similar or additional rights. We will honour such rights in accordance with applicable state law.

For any questions about this Privacy Policy or our data practices, please contact us at feedback@ghakleonsholghik.world or at the address above.