Privacy Policy | Data Protection Guarantee

1. Introduction

Welcome to Xuxagio.com ("we," "our," or "us"). We are committed to protecting your privacy and providing a safe online experience. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, including any other media form, media channel, mobile website, or mobile application related or connected to Xuxagio.com.

Please read this Privacy Policy carefully. By accessing or using our website, you acknowledge that you have read, understood, and agree to be bound by all the terms outlined in this policy. If you do not agree with our policies and practices, please do not use our website.

2. Information We Collect

We collect several types of information from and about users of our website, including:

2.1 Personal Data

When you place an order, create an account, subscribe to our newsletter, or interact with our website, we may collect:

Contact information (name, email address, phone number, delivery address)
Payment information (processed through secure third-party payment processors)
Order history and preferences
Account credentials

2.2 Automatically Collected Information

When you visit our website, we automatically collect certain information about your device and browsing actions, including:

IP address and location data
Browser type and version
Operating system
Pages visited and time spent on pages
Referral sources
Device information

2.3 Cookies and Similar Technologies

We use cookies, web beacons, and similar technologies to enhance your experience on our website. These technologies help us remember your preferences, understand how you use our website, and improve our services. You can manage your cookie preferences through your browser settings.

3. How We Use Your Information

We use the information we collect for various purposes, including:

Processing and fulfilling your orders for gingerbread cookies and related products
Creating and managing your account
Providing customer support and responding to inquiries
Sending order confirmations, updates, and promotional materials
Improving our website, products, and services
Analyzing usage patterns and trends
Protecting against fraudulent transactions and unauthorized access
Complying with legal obligations

We process your personal data based on the following legal grounds:

Performance of a contract when we provide you with products or services
Legitimate interests in operating and improving our business
Your consent, where specifically requested
Compliance with legal obligations

4. Data Sharing and Disclosure

We may share your information with:

Service Providers: Third-party vendors who perform services on our behalf, such as payment processing, delivery services, data analysis, and customer support
Business Partners: Trusted partners who help us operate our business and serve you
Legal Requirements: When required by law, court order, or governmental regulation
Business Transfers: In connection with a merger, acquisition, or sale of assets

We do not sell your personal information to third parties for marketing purposes.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

Encryption of sensitive data
Secure network architecture
Regular security assessments
Access controls and authentication procedures
Staff training on data protection practices

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

6. Your Rights Under GDPR

If you are a resident of the European Economic Area (EEA), you have certain data protection rights under the General Data Protection Regulation (GDPR). These include:

Right to Access: You can request copies of your personal data we hold
Right to Rectification: You can request that we correct inaccurate or complete incomplete data
Right to Erasure: You can request that we delete your personal data in certain circumstances
Right to Restrict Processing: You can request that we restrict the processing of your data in certain circumstances
Right to Data Portability: You can request to receive your data in a structured, commonly used format
Right to Object: You can object to our processing of your personal data in certain circumstances

To exercise any of these rights, please contact us using the information provided in the "Contact Us" section below. We will respond to your request within 30 days.

7. Children's Privacy

Our website is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us immediately.

8. International Data Transfers

Your information may be transferred to and processed in countries other than the country in which you reside. These countries may have data protection laws that differ from your country's laws. We implement appropriate safeguards to ensure your data receives adequate protection, including standard contractual clauses approved by the European Commission when transferring data from the EEA.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically for any changes.

10. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us through the contact form on our website or by mail at our registered address.