At Exvolix LLC (https://exvolix.com), we are committed to protecting your privacy and handling your personal data with the utmost care and transparency. While Exvolix LLC is based in the US, we believe in upholding robust data protection standards, including those outlined by the General Data Protection Regulation (GDPR), to ensure the privacy of all our customers. This statement explains how we comply with GDPR principles regarding the collection, use, and protection of your personal information.

1. Who We Are Exvolix LLC, located at 451 Big Hill Ave, Richmond, KY 40475, US, acts as the data controller for the personal data you provide when you interact with our website, https://exvolix.com. This means we determine the purposes and means of processing your personal data.

2. Information We Collect and Why We collect personal data to provide you with an excellent shopping experience and manage our business operations. The types of data we collect and our purposes for doing so include:

  • Contact Information: Such as your name, shipping address, email address, and phone number (+1 (313) 884-0096). We use this to process and fulfill your orders for our Health & Beauty > Personal Care > Skin Care > Body Oil products, provide customer service, and send order updates.
  • Payment Information: Details required to process purchases via Credit/Debit Cards (Visa, Mastercard, Amex). Please note, we do not store full payment card details on our servers; this information is securely processed by our payment partners.
  • Order History: Information about the products you’ve purchased from us. This helps us manage returns and understand your preferences.
  • Communication Data: Records of your interactions with our customer service team (Monday-Friday 9AM-5PM EST) via support@exvolix.com or phone. This allows us to resolve issues and improve our service.
  • Technical Data: Information about your device and browsing activity on https://exvolix.com (e.g., IP address, browser type, operating system). This helps us ensure our website functions correctly and to detect fraud. We use WooCommerce as our e-commerce platform, which may collect such data.

3. Our Lawful Basis for Processing Your Information We rely on the following legal bases under GDPR to process your personal data:

  • Performance of a Contract: We process your contact and order information to fulfill our contractual obligations to you, such as processing your order and delivering your products.
  • Legitimate Interests: We process certain data for our legitimate business interests, such as improving our website and services, preventing fraud, and enhancing customer support, provided these interests do not override your fundamental rights and freedoms.
  • Legal Obligation: We may process your personal data where we have a legal obligation to do so, for example, for tax and accounting purposes.
  • Consent: Where required, we will obtain your explicit consent to process your data for specific purposes, such as sending marketing communications. You have the right to withdraw your consent at any time.

4. Your Data Protection Rights Under GDPR Even though Exvolix LLC is a US-based company, we respect and uphold your fundamental data protection rights. You have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request that we correct any inaccurate or incomplete personal data we hold about you.
  • Erasure (Right to be Forgotten): Request that we delete your personal data under certain circumstances (e.g., if the data is no longer necessary for the purposes for which it was collected).
  • Restriction of Processing: Request that we restrict the processing of your personal data under certain conditions (e.g., if you contest the accuracy of the data).
  • Data Portability: Request to receive your personal data in a structured, commonly used, and machine-readable format, and have the right to transmit that data to another controller.
  • Objection: Object to the processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.

5. How We Protect Your Data We implement a variety of security measures to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information. These include encryption, access controls, and secure server environments. Our e-commerce platform, WooCommerce, also provides security features designed to protect your data.

6. Sharing Your Information We do not sell, trade, or otherwise transfer your personally identifiable information to outside parties for their marketing purposes. We may share your data with trusted third parties who assist us in operating our website, conducting our business, or serving you, as long as those parties agree to keep this information confidential and comply with data protection standards. These third parties include:

  • Payment Processors: To securely handle your transactions.
  • Shipping Partners: To deliver your orders (as we ship domestically only within the US).
  • Customer Service Tools: To manage communications and support requests.

7. Data Retention We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. This typically means keeping your order data for a period that allows us to manage returns, warranties, and comply with tax obligations.

8. Contact Us If you have any questions about this GDPR Compliance Statement, wish to exercise any of your data protection rights, or have a concern regarding your privacy, please contact us:

  • Email: support@exvolix.com
  • Phone: +1 (313) 884-0096
  • Mail: Exvolix LLC, 451 Big Hill Ave, Richmond, KY 40475, US
  • Customer Service Hours: Monday-Friday 9AM-5PM EST

We will respond to your request within a reasonable timeframe.

9. Updates to This Statement We may update this GDPR Compliance Statement from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We encourage you to review this statement periodically. The effective date will be updated accordingly.