Beautoimuscle.ddd

Privacy Policy

This document describes how Beautoimuscle.ddd processes personal data for visitors, customers, and people who contact us about TrueVital. We apply the General Data Protection Regulation (GDPR), the Data Protection Act 2018 (Ireland), and ePrivacy principles.

Controller: Beautoimuscle.ddd

Controller and contact

The data controller responsible for this website and related TrueVital enquiries is Beautoimuscle.ddd, 56 Main St, Rathfarnham, Dublin 14, Ireland. You can reach us at talk@beautoimuscle.world for privacy questions, rights requests, and general correspondence.

We do not require you to use a proprietary web form to exercise GDPR rights, although forms may help us route your request efficiently.

Scope of this policy

This Privacy Policy applies to personal data collected through beautoimuscle.world, including when you browse pages, submit an order or contact request, subscribe to updates where available, or communicate with us by email. It also covers basic server and security logs generated when you access our infrastructure.

If we link to third-party sites, their privacy practices are governed by their own policies. We encourage you to read those before submitting data elsewhere.

Categories of personal data

Depending on how you interact with us, we may process:

  • Identity and contact details, such as your name and email address when you complete a form.
  • Message content that you voluntarily provide, including product questions and delivery preferences.
  • Transaction data where a purchase flow exists, such as order identifiers, delivery address, and payment status (payment card data is handled by payment processors where applicable).
  • Technical data, including IP address, browser type, device category, and approximate location derived from IP for security and analytics.
  • Usage data, such as pages viewed, referring URLs, and interaction timestamps when analytics cookies are enabled with your consent.
  • Cookie identifiers as described in our Cookie Policy.

We aim to collect only what is adequate, relevant, and limited to what is necessary for the stated purposes.

Purposes and lawful bases

We process personal data for the following purposes, relying on lawful bases under Article 6 GDPR as indicated:

  • Responding to enquiries and fulfilling contracts (performance of a contract or steps prior to contract; and legitimate interests in customer support): handling messages, processing orders, and sending service-related communications.
  • Legal and regulatory compliance (legal obligation): retaining records where tax, consumer, or product-safety rules require it.
  • Security and fraud prevention (legitimate interests): monitoring for abuse, protecting accounts and infrastructure, and investigating suspicious activity.
  • Improving our website (legitimate interests; consent where required): understanding aggregate usage patterns when you allow analytics cookies.
  • Marketing communications (consent where required): sending promotional content only if you opt in and where permitted by law.

Where we rely on legitimate interests, we balance our interests against your rights and offer ways to object where appropriate.

Retention periods

We keep personal data only as long as necessary for the purposes above:

  • Enquiry and customer service records: typically up to twenty-four months after the last interaction unless a longer period is required for disputes or legal claims.
  • Order and accounting records: as required by Irish and EU tax and commercial law, often several years.
  • Server and security logs: rolling retention, commonly up to ninety days, unless extended for incident investigation.
  • Analytics data: according to tool configuration and your cookie choices, often in pseudonymised form with shorter retention where possible.

When retention expires, we delete or anonymise data in line with internal procedures.

Recipients and processors

We share personal data with service providers who assist our operations, such as hosting providers, email delivery services, payment processors, and analytics or advertising partners when you consent. These parties process data on documented instructions and must implement appropriate security measures.

We do not sell your personal data. We may disclose information if required by law, court order, or lawful request from public authorities.

International transfers

If personal data is transferred outside the European Economic Area, we ensure appropriate safeguards such as adequacy decisions under Article 45 GDPR or standard contractual clauses approved by the European Commission under Article 46, together with supplementary measures where appropriate.

You may request further information about specific transfer mechanisms by contacting us.

Security measures

We implement technical and organisational measures including access controls, encryption in transit where supported by your connection, separation of environments, and staff training. No online transmission is completely risk-free; we continually review practices in proportion to the sensitivity of the data we handle.

A personal data breach that is likely to result in a risk to your rights may be notified to the supervisory authority and to you when required by law.

Your rights

Under GDPR you may have the right to access, rectify, erase, restrict processing, data portability, and object to certain processing, including profiling based on legitimate interests. You may withdraw consent at any time where processing is consent-based, without affecting the lawfulness of processing before withdrawal.

To exercise rights, contact us using the email above. You may also lodge a complaint with the Irish Data Protection Commission: https://www.dataprotection.ie/.

Cookies and similar technologies

Detailed information about cookies, storage duration, and your choices appears in our Cookie Policy. The banner on our site lets you accept optional cookies, reject them, or configure categories.

Online advertising and measurement

Where you consent to marketing or analytics cookies, we or our partners may process limited personal data to measure advertising performance (for example Google Ads conversion tracking if enabled), to attribute visits to campaigns, and to improve relevance. This processing is described in our Cookie Policy and subject to your consent choices.

We do not use advertising data to infer sensitive health conditions from browsing on this site beyond what you voluntarily submit. You can withdraw consent at any time through the cookie controls or by contacting us.

Children

Our services are not directed at children under sixteen. We do not knowingly collect personal data from children without appropriate parental authority. If you believe we have received such data, please contact us so we can delete it.

Changes to this policy

We may update this Privacy Policy to reflect legal, technical, or business developments. The date shown next to this document is generated dynamically when you load the page for reference; substantive revisions may also be recorded in a version note on request. Continued use of the site after changes constitutes notice where permitted by law.