Privacy Policy

We collect information you provide directly when you create an account, place an order, or contact us.

• Personal identifiers: name, email address, phone number, and shipping address
• Payment information: billing details and transaction data processed securely by payment partners
• Account data: login credentials, preferences, and purchase history
• Communication data: messages, feedback, and support requests

We also automatically collect technical and usage information such as IP address, browser type, device details, and on-site activity through cookies and similar technologies.

We process personal data only for defined and legitimate purposes.

• Order fulfillment: process payments, ship products, and provide invoices
• Customer support: respond to questions and resolve issues
• Account management: maintain your profile and settings
• Marketing: send relevant offers where consent or legal basis exists
• Analytics: improve website performance, product selection, and user experience
• Legal compliance: meet tax, accounting, fraud-prevention, and regulatory obligations

We do not sell personal information to third parties.

Where required under applicable law, including GDPR, we rely on one or more legal bases:

• Contractual necessity: to process and deliver your orders
• Legitimate interests: to improve services, secure our platform, and prevent fraud
• Legal obligations: to comply with applicable laws and requests from authorities
• Consent: for specific activities such as marketing communications where legally required

When consent is the basis, you may withdraw consent at any time without affecting prior lawful processing.

We may share data with trusted service providers only when necessary to operate our business.

• Payment processors: to authorize and complete transactions
• Logistics and shipping partners: to deliver your orders
• Technology and analytics providers: to host, secure, and improve our services
• Communication providers: to send transactional and marketing messages

These providers are contractually required to protect your data and process it only under our instructions.

We may also disclose information where required by law, court order, or to protect rights, safety, and legal claims.

We apply appropriate technical and organizational safeguards to protect personal data against unauthorized access, loss, alteration, and disclosure.

• Encrypted transmission using SSL/TLS
• Restricted internal access to personal data
• Security monitoring and periodic control measures
• Use of providers that follow recognized security standards

We retain personal data only as long as necessary for the purposes described in this policy and to satisfy legal, tax, and accounting obligations.

Depending on your jurisdiction, you may have the right to:

• Request access to your personal data
• Request correction of inaccurate or incomplete information
• Request deletion where legal grounds apply
• Object to or restrict certain processing
• Request portability of data you provided to us
• Withdraw consent for marketing communications
• Lodge a complaint with a competent data protection authority

To exercise your rights, contact us using the details below. We will respond within the timeframes required by applicable law.

We may update this Privacy Policy to reflect operational, legal, or regulatory changes. Updated versions are published on this page with a revised date.

If you have questions about this Privacy Policy or our data practices, contact us:

• Email: info@vitaliderma.com
• Phone: +34 671 41 37 00
• Address: Calle Gerani 26, Vilacolum, 17474, Torroella de Fluvia, Girona, Spain