Last updated: 1 June 2024 · Effective: 1 June 2024

WandoMix ("we", "us", "our") is committed to protecting the privacy of all individuals who interact with our website at wando-mix.it.com ("the Site"). This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and your rights under applicable data-protection law, including the EU General Data Protection Regulation (GDPR) and the UK GDPR.

1. Data Controller

The data controller responsible for your personal data is WandoMix (operated under the domain wando-mix.it.com). For data-protection enquiries, contact us at [email protected].

2. What Data We Collect

2.1 Information You Provide

Contact and quote forms: name, email address, telephone number, company name, project description, and any other information you voluntarily submit.
Communications: the content of emails or messages you send us.

2.2 Data Collected Automatically

Log data: IP address, browser type, operating system, referrer URL, pages visited, and timestamps.
Cookies and similar technologies: see our Cookie Policy for full details.

2.3 Data We Do Not Collect

We do not collect or store payment card numbers. Payment processing is handled by certified third-party payment processors. We do not knowingly collect data from persons under the age of 16.

3. How We Use Your Data

Purpose	Legal Basis (GDPR)
Responding to quote and contact requests	Legitimate interests / contract performance
Sending a requested specification or offer	Contract performance / pre-contractual steps
Improving Site performance and security	Legitimate interests
Sending marketing communications (where opted in)	Consent
Legal and regulatory compliance	Legal obligation

4. Data Sharing

We do not sell, rent, or trade your personal data. We may share it with:

Service providers: hosting, email, and CRM providers acting as data processors under GDPR-compliant agreements.
Fulfilment partners: where necessary to process and deliver your order (e.g., freight carriers receiving a delivery address).
Legal authorities: where required by law or to protect the rights and safety of WandoMix or others.

5. International Transfers

If your data is transferred outside the European Economic Area (EEA), we ensure an adequate level of protection via Standard Contractual Clauses (SCCs) approved by the European Commission or equivalent safeguards.

6. Data Retention

We retain contact and quote enquiry data for up to 3 years from your last interaction unless a longer retention period is required by law (e.g., for tax or accounting purposes). Log data is retained for a maximum of 12 months. You may request earlier deletion — see Section 7.

7. Your Rights

Under GDPR and equivalent laws you have the right to:

Access — request a copy of the personal data we hold about you.
Rectification — ask us to correct inaccurate data.
Erasure ("right to be forgotten") — request deletion of your data, subject to legal retention obligations.
Restriction — ask us to limit processing in certain circumstances.
Data portability — receive your data in a structured, machine-readable format.
Object — object to processing based on legitimate interests, including direct marketing.
Withdraw consent — where processing is based on consent, withdraw it at any time without affecting prior processing.

To exercise any right, email [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with your national data-protection authority.

8. Security

We implement appropriate technical and organisational measures — including TLS encryption for data in transit, access controls, and regular security reviews — to protect your data against unauthorised access, loss, or disclosure. No transmission over the internet is 100% secure; you submit data at your own risk.

9. Third-Party Links

Our Site may contain links to third-party websites (for example, to xaman.at or xamanwallet.at for information about the Xaman wallet). We are not responsible for the privacy practices of those sites. We encourage you to review their privacy policies before providing any personal data.

10. Children's Privacy

The Site is not directed at children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be indicated by updating the "Last updated" date at the top of this page. Continued use of the Site after changes constitutes acceptance of the updated Policy.

12. Contact

For privacy-related questions: [email protected]