Privacy Policy

1. Who we are

This Privacy Policy describes how Cleansii ("we", "us", or "our"), located at Lawick van Pabststraat 62, 6814 HK Arnhem, The Netherlands, collects, uses and protects your personal information when you visit or make a purchase from cleansii.com (the "Site"). Cleansii sells and ships products to customers worldwide. We are committed to protecting your privacy and being fully transparent about how we handle your data, regardless of where you are located.

2. What information we collect

2.1 Information you provide to us

When you place an order, create an account or contact us, we may collect:

• Contact details: name, email address, phone number
• Billing information: billing address, company name (if applicable)
• Shipping information: delivery address, which may differ from billing address
• Payment information: processed securely and exclusively through Shopify Payments. We never store, access or log your full credit card number, CVV or other sensitive payment credentials. All payment data is handled by Shopify Payments in compliance with PCI-DSS Level 1 standards.
• Communication data: messages you send us via our contact form or email at hello@cleansii.com
• Order preferences: product selections, shipping method, language and currency preferences

2.2 Information collected automatically

When you browse our Site, we automatically collect certain technical information:

• Device information: browser type, operating system, screen resolution
• Usage data: pages visited, time spent on pages, referring website
• Network data: IP address, approximate location (country/city level, used for fraud prevention and regional compliance)
• Cookies: small text files stored on your device (see Section 9 for details)

3. How we use your information

Purpose	Data used	Legal basis (GDPR)
Process, fulfill and ship your order worldwide	Name, billing address, shipping address, email, payment info	Performance of contract
Send order confirmations, invoices and shipping updates	Name, email, phone number, order details	Performance of contract
Process payments securely via Shopify Payments	Payment data (handled entirely by Shopify Payments)	Performance of contract
Process refunds and returns under our 30-day guarantee	Name, email, order details, payment reference	Performance of contract
Respond to customer support requests	Name, email, message content	Legitimate interest
Send marketing emails (only with your explicit consent)	Name, email	Consent
Improve our website, products and customer experience	Usage data, device information (anonymized)	Legitimate interest
Prevent fraud, chargebacks and unauthorized transactions	IP address, payment data, order history, device fingerprint	Legitimate interest
Calculate and apply correct taxes and duties per region	Shipping address, order value	Legal obligation
Comply with tax, accounting and legal obligations	Order records, financial data, invoices	Legal obligation

4. Payment processing and security

All payments on cleansii.com are processed exclusively through Shopify Payments, which is powered by Stripe. This means:

• Your payment data is encrypted end-to-end using industry-standard SSL/TLS encryption
• Shopify Payments is PCI-DSS Level 1 compliant, the highest level of payment security certification
• We never store, process or have access to your full credit card number, expiration date or CVV
• All transactions are monitored for fraud through Shopify's built-in fraud analysis tools
• Supported payment methods include major credit/debit cards (Visa, Mastercard, American Express), Apple Pay, Google Pay and Shop Pay
• Payments are processed in your local currency where available

For more information about how Shopify Payments handles your data, visit Shopify's Privacy Policy and Stripe's Privacy Policy.

5. Who we share your data with

We only share your personal information with trusted service providers who help us run our business. We never sell your personal data to third parties.

Service provider	Purpose	More info
Shopify	E-commerce platform, hosting, order management	Shopify Privacy Policy
Shopify Payments / Stripe	Secure payment processing, fraud prevention	Stripe Privacy Policy
Shipping carriers	International order delivery (name, address, phone for customs)	Varies by carrier and destination country
Email service provider	Transactional emails (order confirmations, shipping updates) and marketing emails (with consent only)	Processed under data processing agreement
Google Analytics	Website analytics with IP anonymization enabled	Google Privacy Policy
Customs and tax authorities	Required shipping documentation for international orders (name, address, order contents, declared value)	Required by law per destination country

We may also disclose your information if required by law, regulation, subpoena or other legal process, or to protect the rights, property or safety of Cleansii, our customers or the public.

All service providers are bound by data processing agreements and are required to handle your data in accordance with applicable privacy laws.

6. International data transfers

Cleansii ships to customers worldwide. Because we operate internationally, your personal information may be transferred to and processed in countries other than your own. When this happens, we ensure your data is protected by:

• Using service providers that comply with international data protection frameworks
• Relying on EU Standard Contractual Clauses (SCCs) for transfers outside the EEA
• Ensuring Shopify's compliance with GDPR through their Data Processing Addendum
• Applying the same level of protection regardless of where data is processed

For UK customers, transfers are governed by the UK International Data Transfer Agreement (IDTA). For customers in other regions, we comply with all applicable local data transfer requirements.

7. Data retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy:

• Order and transaction data: retained for 7 years as required by tax and accounting laws
• Payment records: transaction references retained for 7 years; full payment details are never stored by Cleansii
• Account data: retained until you request deletion
• Customer support correspondence: retained for 2 years after last contact
• Marketing preferences: retained until you unsubscribe or request removal
• Analytics data: automatically anonymized after 14 months
• Fraud prevention data: retained for up to 3 years to protect against chargebacks and disputes

8. Your rights

8.1 For all customers worldwide

Regardless of where you live, you can always:

• Unsubscribe from marketing emails at any time using the one-click link in every email
• Request a copy of the personal data we hold about you
• Ask us to correct or update your information
• Ask us to delete your personal data
• Contact us at hello@cleansii.com for any privacy-related request

We respond to all data requests within 30 days.

8.2 European Economic Area (GDPR)

If you are a resident of the EEA, you have additional rights under the General Data Protection Regulation:

• Right of access: request a copy of all personal data we hold about you
• Right to rectification: request correction of inaccurate data
• Right to erasure: request deletion of your data ("right to be forgotten")
• Right to data portability: receive your data in a structured, machine-readable format
• Right to restrict processing: limit how we use your data
• Right to object: object to processing based on legitimate interests
• Right to withdraw consent: withdraw consent at any time where processing is based on consent

If you believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local Data Protection Authority.

8.3 United Kingdom (UK GDPR)

If you are a UK resident, your data is protected under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. You have the same rights as described in Section 8.2 above. You may lodge complaints with the Information Commissioner's Office (ICO) at ico.org.uk.

8.4 California (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act and the California Privacy Rights Act:

• Right to know: what personal information we collect, use and disclose
• Right to delete: request deletion of your personal information
• Right to correct: request correction of inaccurate personal information
• Right to opt out: opt out of the sale or sharing of personal information
• Right to non-discrimination: we will not discriminate against you for exercising your rights

Cleansii does not sell or share your personal information as defined under the CCPA/CPRA. We do not use your personal information for cross-context behavioral advertising.

8.5 Australia (Privacy Act 1988)

If you are an Australian resident, we handle your personal information in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988. You have the right to access your personal information, request corrections and make complaints to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

8.6 Canada (PIPEDA)

If you are a Canadian resident, we comply with the Personal Information Protection and Electronic Documents Act (PIPEDA). You have the right to access your data, challenge its accuracy and withdraw consent for non-essential processing. You may file complaints with the Office of the Privacy Commissioner of Canada at priv.gc.ca.

8.7 Brazil (LGPD)

If you are a Brazilian resident, we comply with the Lei Geral de Protecao de Dados (LGPD). You have the right to confirmation of processing, access to your data, correction, anonymization, portability and deletion. You may contact us or the Autoridade Nacional de Protecao de Dados (ANPD) for complaints.

9. Cookies

We use cookies and similar technologies to provide a smooth browsing experience, remember your preferences and analyze how our Site is used.

Essential cookies

Required for the Site to function properly. These handle your shopping cart, checkout session, login state and currency/language preferences. You cannot opt out of these cookies as they are necessary for the Site to work.

Cookie name	Purpose	Duration
_secure_session_id	Storefront navigation	Session
cart	Shopping cart contents	2 weeks
cart_sig, cart_ts	Checkout processing	2 weeks
checkout_token	Checkout processing	1 year
secure_customer_sig	Customer login	20 years
storefront_digest	Customer login	2 years
_shopify_u	Account information updates	1 year
localization	Currency and country preferences	1 year

Analytics cookies

Help us understand how visitors interact with our Site so we can improve it. We use Google Analytics with IP anonymization enabled.

Cookie name	Purpose	Duration
_tracking_consent	Your tracking preferences	1 year
_landing_page	Track landing pages	2 weeks
_orig_referrer	Track referral source	2 weeks
_shopify_s, _shopify_y, _s, _y	Shopify analytics	30 min - 2 years
_shopify_sa_p, _shopify_sa_t	Marketing and referral analytics	30 min

Marketing cookies

Used to deliver relevant advertisements and measure the effectiveness of our marketing campaigns. These are only placed with your explicit consent.

You can manage cookie preferences through your browser settings. Most browsers allow you to block or delete cookies. Please note that disabling essential cookies may affect the functionality of our Site. Learn more at allaboutcookies.org.

You can opt out of Google Analytics at any time: Google Analytics Opt-out Browser Add-on.

10. Fraud prevention

To protect our customers and our business, we use automated fraud prevention tools provided by Shopify Payments. These tools may:

• Temporarily flag orders for manual review based on risk indicators
• Temporarily block IP addresses associated with repeated failed transactions (persists for a few hours)
• Temporarily block credit cards associated with suspicious activity (persists for a few days)
• Compare billing and shipping addresses against known fraud patterns

These automated processes do not have a significant legal effect on you. If your order is flagged for review, our team will verify it promptly and contact you if needed. We do not engage in fully automated decision-making that has a legal or otherwise significant effect on individuals.

11. Data security

We take the security of your data seriously and implement multiple layers of protection:

• All pages and transactions use SSL/TLS encryption (HTTPS)
• Payments processed through PCI-DSS Level 1 certified Shopify Payments infrastructure
• Regular security assessments and monitoring for vulnerabilities
• Access to personal data restricted to authorized personnel only
• Service providers bound by data processing agreements with security obligations

While no system is 100% secure, we continuously review and improve our security practices to protect your data.

12. Do Not Track

There is currently no consistent industry standard for responding to "Do Not Track" browser signals. As a result, our Site does not alter its data collection practices when it detects a Do Not Track signal. If a standard is adopted in the future, we will update this policy accordingly.

13. Children's privacy

Our Site is not intended for individuals under the age of 18 (or the applicable age of majority in your jurisdiction). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at hello@cleansii.com and we will promptly delete it.

14. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements or the regions we serve. When we make significant changes, we will notify you by updating the "Last updated" date at the top of this page. For material changes that affect how we process your data, we may also notify you by email. We encourage you to review this policy periodically.

15. Contact us