LEGAL DOCUMENTATION

Privacy Policy

Last Updated: February 2, 2026

1. Introduction

SvartxLab ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our B2B e-commerce platform for thermal logistics solutions.

This policy applies to all business customers and users of our services. By using our platform, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Business Information

We collect the following business-related information:

  • Company name and registration details
  • Business contact information (email, phone, address)
  • Tax identification numbers (VAT/NIF)
  • Authorized representative details
  • Billing and shipping addresses

2.2 Transaction Data

  • Order history and product preferences
  • Payment information (processed securely through Stripe)
  • Invoicing and accounting records
  • Shipping and delivery information

2.3 Technical Data

  • IP address and browser type
  • Device information and operating system
  • Cookies and usage data (see Cookie Policy)
  • Access logs and security information

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: Processing orders, managing accounts, and fulfilling contracts
  • Communication: Sending order confirmations, invoices, and business updates
  • Customer Support: Responding to inquiries and providing technical assistance
  • Business Analytics: Improving our products and services based on usage patterns
  • Legal Compliance: Meeting tax, accounting, and regulatory obligations
  • Security: Protecting against fraud and unauthorized access

4. Legal Basis for Processing (GDPR)

Under GDPR, we process your data based on:

  • Contract Performance: Processing necessary to fulfill our B2B agreements
  • Legal Obligation: Compliance with tax, accounting, and business laws
  • Legitimate Interest: Business operations, fraud prevention, and service improvement
  • Consent: Marketing communications (where applicable and with your explicit consent)

5. Data Sharing and Disclosure

We may share your information with:

  • Payment Processors: Stripe for secure payment processing
  • Shipping Partners: Logistics providers for order fulfillment
  • Service Providers: Cloud hosting, email services, and analytics tools
  • Legal Authorities: When required by law or to protect our rights
  • Business Transfers: In case of merger, acquisition, or asset sale

We do not sell your personal data to third parties. All third-party processors are contractually bound to protect your data in accordance with GDPR.

6. Data Retention

We retain your data for the following periods:

  • Active Accounts: Duration of business relationship plus 7 years (tax/legal requirements)
  • Transaction Records: 10 years for accounting and legal compliance
  • Marketing Data: Until consent is withdrawn or 2 years of inactivity
  • Technical Logs: 90 days for security and troubleshooting

7. Your Rights Under GDPR

As a data subject, you have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data (subject to legal obligations)
  • Right to Restriction: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Oppose processing based on legitimate interests
  • Right to Withdraw Consent: For marketing communications

To exercise these rights, contact us at: info@svartxlab.com

8. Data Security

We implement industry-standard security measures:

  • SSL/TLS encryption for data transmission
  • Secure payment processing through PCI-DSS compliant providers
  • Regular security audits and vulnerability assessments
  • Access controls and authentication protocols
  • Employee training on data protection

9. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions for specific countries
  • Binding Corporate Rules where applicable

10. Contact Information

For privacy-related inquiries, contact:

SvartxLab

Email: info@svartxlab.com

Phone: +34 694 241 833

Location: Madrid, Spain

You also have the right to lodge a complaint with your local data protection authority.

11. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated "Last Updated" date. Continued use of our services after changes constitutes acceptance of the updated policy.