Privacy Policy

At Vojia, we are committed to protecting your privacy and handling your personal information with transparency and care. This policy explains how we collect, use, and protect your data.

Last Updated: December 2024 | Effective Date: Immediately
Data Controller: Vojia | Contact: privacy@vojia.eu

1. Information We Collect

Personal Information You Provide

• Account Information: Name, email address, password, phone number
• Purchase Information: Billing and shipping addresses, payment method details
• Communication Data: Messages you send us, customer service interactions
• Profile Data: Beauty preferences, skin type, product reviews
• Marketing Preferences: Newsletter subscriptions, communication preferences

Information Automatically Collected

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages visited, products viewed, time spent on site, search queries
• Location Data: General location based on IP address (not precise location)
• Analytics Data: Website performance, user behavior patterns (anonymized)

Third-Party Information

• Social Media: Information from social login (with your permission)
• Payment Processors: Transaction verification data from payment providers
• Delivery Partners: Shipping and delivery status information

2. How We Use Your Information

Legal Basis for Processing (GDPR)

• Contract Performance: Processing orders, account management
• Legitimate Interest: Fraud prevention, website security, customer service
• Consent: Marketing communications, cookies, social media integration
• Legal Obligation: Tax records, compliance with consumer protection laws

3. Information Sharing & Disclosure

Service Providers

• Payment Processors: Secure payment processing (PayPal, Stripe, etc.)
• Shipping Partners: Order fulfillment and delivery tracking
• Email Service Providers: Transactional and marketing emails
• Analytics Services: Google Analytics, Facebook Pixel (anonymized data)
• Customer Support: Help desk and chat support services

Dropshipping Partners

Important: As a dropshipping business, we share order information (name, address, product details) with our trusted suppliers to fulfill your orders. We require all partners to maintain strict confidentiality and data protection standards.

Legal Disclosures

We may disclose information when required by law, to:

• Comply with legal obligations or court orders
• Protect our rights and property
• Prevent fraud or security breaches
• Protect user safety

4. Cookies & Tracking Technologies

Essential Cookies

• Session Cookies: Shopping cart, login status, security
• Preference Cookies: Language, currency, display settings
• Security Cookies: Fraud prevention, secure browsing

Analytics & Marketing Cookies (With Consent)

• Google Analytics: Website usage statistics
• Facebook Pixel: Advertising and retargeting
• Marketing Cookies: Personalized advertising

Your Choice: You can control cookies through your browser settings or our cookie banner. Note that disabling essential cookies may affect website functionality.

5. Data Security & Protection

Security Measures

• Encryption: SSL/TLS encryption for all data transmission
• Secure Storage: Encrypted database storage with access controls
• Payment Security: PCI DSS compliant payment processing
• Regular Monitoring: Security audits and vulnerability assessments
• Staff Training: Regular privacy and security training for our team

Data Breach Response

In the unlikely event of a data breach, we will:

• Notify affected users within 72 hours
• Report to relevant authorities as required
• Provide clear information about the incident
• Offer assistance and protective measures

6. Data Retention

Automatic Deletion: We automatically purge data that exceeds retention periods, except where legally required to maintain records.

7. Your Privacy Rights

GDPR Rights (EU Residents)

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate information
• Erasure: Request deletion of your data (“Right to be Forgotten”)
• Portability: Export your data in a portable format
• Restriction: Limit how we process your data
• Objection: Object to processing for marketing purposes
• Withdraw Consent: Opt-out of consent-based processing

CCPA Rights (California Residents)

• Know: What personal information we collect and how it’s used
• Delete: Request deletion of personal information
• Opt-Out: Opt-out of sale of personal information
• Non-Discrimination: Equal service regardless of privacy choices

Note: Vojia does not sell personal information to third parties.

8. International Data Transfers

Your information may be transferred to and stored on servers located outside your country of residence, including:

• European Union: Primary data storage location
• United States: Cloud services and analytics providers
• Dropshipping Partners: Various locations for order fulfillment

All transfers comply with applicable data protection laws through:

• Standard Contractual Clauses (SCCs)
• Adequacy decisions by regulatory authorities
• Other approved transfer mechanisms

9. Children’s Privacy

Vojia does not knowingly collect personal information from children under 13 (or 16 in the EU). If we become aware that we have collected information from a child without parental consent, we will take steps to remove that information promptly.

Parents: If you believe your child has provided us with personal information, please contact us immediately at privacy@vojia.eu.

10. Third-Party Services

Our website integrates with third-party services that have their own privacy policies:

• Google Services: Analytics, reCAPTCHA – Google Privacy Policy
• Facebook/Meta: Social login, advertising – Facebook Privacy Policy
• PayPal: Payment processing – PayPal Privacy Policy
• Mailchimp: Email marketing – Mailchimp Privacy Policy

11. Contact & Complaints

12. Policy Updates

We may update this privacy policy periodically to reflect:

• Changes in our business practices
• Legal and regulatory requirements
• New features or services
• Industry best practices

Notification: We will notify you of material changes via email (if you have an account) or prominent notice on our website at least 30 days before changes take effect.

---

Frequently Asked Questions

How do I delete my account and data?

Email privacy@vojia.eu with “Account Deletion Request” in the subject line. We’ll confirm your identity and process the deletion within 30 days, retaining only what’s legally required (e.g., tax records).

Do you sell my information to third parties?

No, Vojia does not sell personal information to third parties. We only share data with trusted service providers who help us operate our business (payment processors, shipping partners, etc.) under strict confidentiality agreements.

How is my payment information protected?

We use PCI DSS compliant payment processors and never store complete credit card information. Payment data is encrypted and handled by certified payment service providers like PayPal and Stripe.

Can I opt-out of marketing emails?

Yes, you can unsubscribe from marketing emails at any time by clicking the unsubscribe link in any email, or by updating your preferences in your account settings. This won’t affect important transactional emails like order confirmations.

How do you handle dropshipping partner data sharing?

We only share necessary order information (name, shipping address, product details) with verified suppliers to fulfill your orders. All partners sign data protection agreements and are prohibited from using your information for any other purpose.

This privacy policy demonstrates our commitment to transparency and compliance with global privacy regulations. For additional questions or concerns, please don’t hesitate to contact our privacy team.