We care about your privacy
What data does Xippas collect?
Xippas collects information that can be used to identify you (e.g. full name, postal address, e-mail address, phone number, birthdate, gender, credit card info, IP address, web-browsing data, cookies or other contact data – hereafter referred to as “Personal Data”). Xippas collects your Personal Data in compliance with the relevant applicable legislation.
In which circumstances are Personal Data collected?
Xippas may collect personal data either directly from you e.g. when placing an order for any of our product(s), when interacting with us, (e.g., when communicating via email), when requesting and receiving product descriptions, when subscribing to our newsletter, when voluntarily providing feedback; or indirectly e.g. when using the website, via the browser, e.g. IP address, cookies, referring web page, time and date, content viewed.
On which basis does Xippas collect / process your Personal Data?
On the basis of your prior consent (e.g., when subscribing to our newsletter); when the processing is necessary in connection with our service (e.g., when you make a purchase); when we have a legitimate interest (not overridden by your interests, fundamental rights, or freedoms) (e.g. to prevent payment fraud); or when we need to comply with applicable laws and regulations.
For which purposes may Xippas may use your Personal Data?
To process your order; to prevent fraudulent purchases, to reply to your queries; to improve our services, to provide information to regulatory bodies when legally required as well as for advertising and marketing purposes.
Xippas only transfers your Personal Data to potential partner companies according to applicable law, especially when you have expressly given your consent. Xippas undertakes to ensure an adequate protection of Personal Data transferred outside of the European Union.
How does Xippas secure your Personal Data?
Xippas securely stores your Personal Data at OVH.com, to prevent these from being distorted, damaged or communicated to unauthorized persons. All Personal Data provided to us is secured using industry standard procedures. We strive to update our security measures on a regular basis to keep track of new industry standards.
For how long does Xippas store your personal data?
Xippas will retain your Personal Data as long as required for the specific purpose(s) for which it was collected.
What are your data protection rights?
Upon your request, we will inform you in writing or electronically whether and what Personal Data relating to you Xippas has stored and will review any requests you may have. Your rights are more in particular the followings:
- right to access modify or delete your Personal Data: You can always access your Personal Data by asking us what Personal Data we store about you and you can receive a copy of such data.
- Please note that we may be required to keep some of your Personal Data for legal reasons, for instance to comply with statutory retention periods or for tax purposes. In such cases, we will mark your Personal Data accordingly to make sure that it is not used for any other purpose than complying with the retention requirement.
- right to restrict or object to processing: You have the right to request that Xippas restricts processing or does not process your Personal Data under certain conditions, e.g. if you contest the accuracy of the data.
- right to withdraw your consent: You can always withdraw a consent you have given to the collection and/or processing of your Personal Data at any time with effect for the future by mail.
- right to data portability: You have the right to request that Xippas transfers the data it has collected to another organization or directly to you, under certain conditions.
- right to contact the competent data protection authority: In case you have any questions or concerns regarding our use of your Personal Data and if you do not wish to contact us directly, you may also contact your local data protection authority.
Who we are and how to contact us?
Where sharing of Personal Data is needed, all involved entities cooperate closely and are then designated “joint controllers”, each entity being responsible for all use of Personal Data.