Naturpolish
Legal Document

Privacy Policy

How Naturpolish collects, uses, stores, and protects your personal information.

Last updated:

1. Introduction and Data Controller

This Privacy Policy describes how Naturpolish ("we," "us," or "our") processes personal data when you visit our website at naturpolish.world, use our contact form, purchase educational products, or engage with our consulting services related to daily training habit systems.

The data controller responsible for your personal information is:

Naturpolish
401 NE Northgate Way, Seattle, WA 98125, United States
Email: hello@naturpolish.world
Phone: +1 206-362-5171

We are committed to protecting your privacy and processing personal data in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) where applicable, and other relevant international privacy legislation.

2. Personal Data We Collect

We collect personal data only when necessary for the purposes described in this policy. The categories of data we may collect include:

2.1 Information You Provide Directly

  • Contact form data: Your name, email address, message content, and GDPR consent confirmation when you submit an inquiry through our contact page.
  • Consulting and service data: Information you share during consulting engagements, including schedule preferences, training goals, and communication records.
  • Purchase data: Name, email address, billing address, and payment-related information when you purchase educational products or enroll in programs.
  • Communication data: Content of emails, phone calls, or other correspondence you initiate with our team.

2.2 Information Collected Automatically

  • Technical data: IP address, browser type and version, operating system, device type, and screen resolution.
  • Usage data: Pages visited, time spent on pages, referral source, click patterns, and navigation paths within our website.
  • Cookie data: Information stored through cookies and similar technologies as described in our Cookie Policy.

2.3 Information We Do Not Collect

We do not intentionally collect sensitive personal data such as health records, medical diagnoses, financial account numbers beyond what payment processors require, or information about children under 16 years of age. Our website and services are directed at adults interested in general educational content about training habit systems.

3. Purposes and Legal Bases for Processing

We process your personal data for specific, legitimate purposes. Under GDPR, each purpose is supported by an appropriate legal basis:

  • Responding to inquiries (Contract / Legitimate Interest): To read, process, and reply to messages submitted through our contact form or email.
  • Delivering services (Contract): To provide consulting sessions, educational products, and program enrollments you have requested or purchased.
  • Website operation (Legitimate Interest): To maintain, secure, and improve the functionality and performance of our website.
  • Analytics (Consent): To understand how visitors interact with our content and improve user experience, only when you have accepted analytics cookies.
  • Marketing communications (Consent): To send informational updates about our educational content, only when you have opted in or accepted marketing cookies.
  • Legal compliance (Legal Obligation): To comply with applicable laws, respond to lawful requests from authorities, and enforce our Terms of Use.

4. Data Retention Periods

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required by law:

  • Contact form submissions: Retained for 24 months from the date of submission, then securely deleted unless an ongoing business relationship exists.
  • Consulting records: Retained for 36 months after the final session to support follow-up inquiries and service continuity.
  • Purchase and transaction records: Retained for 7 years to comply with tax and accounting regulations.
  • Analytics data: Aggregated and anonymized within 14 months. Raw analytics data is deleted when you withdraw cookie consent.
  • Cookie consent records: Retained for 12 months to document your preferences.
  • Marketing preferences: Retained until you unsubscribe or withdraw consent.

When retention periods expire, data is securely deleted or anonymized so it can no longer be associated with you.

5. Data Sharing and Third Parties

We do not sell your personal data. We may share data with trusted third parties only when necessary:

  • Hosting providers: To store website data on secure servers located in the United States and, where applicable, the European Economic Area.
  • Email service providers: To deliver responses to your inquiries and service-related communications.
  • Payment processors: To process transactions for educational products and consulting services. Payment processors handle card data according to PCI DSS standards.
  • Analytics providers: To analyze website usage, only when you have consented to analytics cookies.
  • Legal authorities: When required by law, court order, or to protect our legal rights.

All third-party processors are bound by data processing agreements that require them to protect your data and process it only according to our instructions.

6. International Data Transfers

Naturpolish is based in the United States. If you access our website from the European Economic Area, the United Kingdom, or other regions with data transfer restrictions, your data may be transferred to and processed in the United States.

Where required, we implement appropriate safeguards for international transfers, including Standard Contractual Clauses approved by the European Commission and supplementary measures to ensure an adequate level of data protection.

7. Security Measures

We implement technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

  • HTTPS encryption for all data transmitted between your browser and our servers.
  • Access controls limiting personal data access to authorized personnel with a legitimate business need.
  • Regular security assessments and software updates for our website infrastructure.
  • Secure storage practices for digital records, including encryption at rest where appropriate.
  • Employee training on data protection principles and incident response procedures.

While we take reasonable precautions, no method of electronic transmission or storage is completely secure. We encourage you to use strong passwords and protect your own devices when communicating with us.

8. Your Rights Under GDPR and Applicable Laws

Depending on your location, you may have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your data when it is no longer necessary or when you withdraw consent.
  • Right to restrict processing: Request that we limit how we use your data in certain circumstances.
  • Right to data portability: Receive your data in a structured, machine-readable format where technically feasible.
  • Right to object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to withdraw consent: Withdraw consent at any time for processing that relies on consent, without affecting the lawfulness of prior processing.
  • Right to lodge a complaint: File a complaint with your local data protection authority if you believe your rights have been violated.

To exercise any of these rights, contact us at hello@naturpolish.world or through our Contact page. We will respond within 30 days of receiving a verifiable request.

9. Children's Privacy

Our website and services are not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately and we will take steps to delete such information.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. The "Last updated" date at the top of this page indicates when the most recent revision took effect. Material changes will be communicated through a notice on our website or via email where appropriate.

11. Contact Information

For privacy-related questions, data subject requests, or concerns about this policy, contact:

Naturpolish — Privacy Team
401 NE Northgate Way, Seattle, WA 98125, United States
Email: hello@naturpolish.world
Phone: +1 206-362-5171