1. Introduction
This Privacy Policy explains how Cellsano (“we,” “us,” or “our”), located at 12 C Rue Guillaume Kroll, L-1882 Luxembourg (VAT: LU27067223), collects, uses, shares, and protects your personal information when you visit our website www.cellsano.com (“Website”), purchase our products, or interact with us in any way.
We respect your privacy and are committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR), the Luxembourg law of 1 August 2018 on data protection, and all other applicable data protection laws.
2. Information We Collect
2.1 Information You Provide to Us
We collect information you provide directly to us, including:
- Contact information (name, email address, postal address, phone number)
- Account information (username, password)
- Payment information (credit card details, billing address)
- Order information (products purchased, delivery instructions)
- Communications you send to us (customer service inquiries, product reviews)
- Any other information you choose to provide
2.2 Information We Collect Automatically
When you visit our Website, we automatically collect certain information, including:
- Log information (IP address, browser type, pages viewed, time spent on pages)
- Device information (device type, operating system, unique device identifiers)
- Location information (based on IP address)
- Cookies and similar technologies (as described in our Cookie Policy)
3. How We Use Your Information
We use your personal information for the following purposes:
3.1 To Provide Our Services
- Process and fulfill your orders
- Manage your account
- Communicate with you about your orders, products, or account
- Provide customer support
3.2 To Improve Our Services
- Analyze website usage and trends
- Develop new products and services
- Improve existing products and services
- Enhance user experience
3.3 For Marketing Purposes
- Send promotional messages, newsletters, and updates (with your consent)
- Personalize your experience and deliver content relevant to your interests
- Administer contests, promotions, or surveys
3.4 For Legal and Security Purposes
- Comply with legal obligations
- Prevent, detect, and investigate fraud or other illegal activities
- Protect the security of our Website and services
- Enforce our Terms and Conditions
4. Legal Basis for Processing
We process your personal data on the following legal grounds:
- Performance of a contract (when processing is necessary to fulfill our contractual obligations to you)
- Legitimate interests (when processing is necessary for our legitimate business interests)
- Consent (when you have explicitly agreed to the processing of your data)
- Legal obligation (when processing is necessary to comply with the law)
5. Data Sharing and Disclosure
We may share your personal information with:
5.1 Service Providers
Third-party service providers who perform services on our behalf, such as:
- Payment processors (Mollie, PayPal, Klarna)
- Shipping and logistics providers
- Customer service providers
- Marketing and analytics providers
- IT and cloud service providers
5.2 Legal Requirements
We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, government requests).
5.3 Business Transfers
In connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business.
5.4 With Your Consent
We may share your information with third parties when you have given us your consent to do so.
6. International Data Transfers
Your personal data may be transferred to, and processed in, countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your country.
When we transfer your personal data to countries outside the European Economic Area (EEA), we ensure a similar degree of protection is afforded to it by implementing appropriate safeguards, such as:
- Standard Contractual Clauses approved by the European Commission
- Binding Corporate Rules
- Participation in the EU-US Privacy Shield Framework
7. Data Security
We have implemented appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. These include:
- Encryption of sensitive data
- Regular security assessments
- Restricted access to personal information
- Secure payment processing
However, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, while we strive to protect your personal information, we cannot guarantee its absolute security.
8. Data Retention
We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period, we consider:
- The amount, nature, and sensitivity of the personal data
- The potential risk of harm from unauthorized use or disclosure
- The purposes for which we process the data
- Whether we can achieve those purposes through other means
- Legal requirements
9. Your Data Protection Rights
Under certain circumstances, you have the following rights regarding your personal data:
- Right of access: The right to request a copy of the personal data we hold about you.
- Right to rectification: The right to request that we correct any inaccurate or incomplete personal data.
- Right to erasure: The right to request that we delete your personal data in certain circumstances.
- Right to restrict processing: The right to request that we restrict the processing of your personal data in certain circumstances.
- Right to data portability: The right to receive your personal data in a structured, commonly used, and machine-readable format.
- Right to object: The right to object to the processing of your personal data in certain circumstances.
- Right to withdraw consent: The right to withdraw your consent at any time where we rely on consent to process your personal data.
To exercise any of these rights, please contact us at support@cellsano.com.
10. Cookies and Similar Technologies
We use cookies and similar technologies to collect information about your browsing activities on our Website. For more information about how we use cookies, please see our Cookie Policy.
11. Children’s Privacy
Our Website is not intended for children under the age of 16, and we do not knowingly collect personal data from children under this age. If you are a parent or guardian and believe we may have collected information about a child, please contact us at support@cellsano.com.
12. Third-Party Links
Our Website may contain links to third-party websites, products, or services. We are not responsible for the privacy practices or content of these third parties. We encourage you to read the privacy policies of these third parties before providing any personal information to them.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the updated Privacy Policy on our Website and updating the “Last Updated” date at the top of this policy.
14. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us at:
Cellsano
12 C Rue Guillaume Kroll
L-1882 Luxembourg
Email: support@cellsano.com
VAT: LU27067223
15. Data Protection Authority
If you have concerns about our processing of your personal data that we are not able to resolve, you have the right to lodge a complaint with the Luxembourg National Commission for Data Protection (CNPD):
Commission Nationale pour la Protection des Données
15, Boulevard du Jazz
L-4370 Belvaux
Website: https://cnpd.public.lu