Privacy Policy

1. Introduction

This Privacy Policy explains how frostway B.V. ("we", "our", or "us") collects, uses, and protects your personal information when you visit our website at frostway.pro or use our services. We are committed to protecting your privacy and ensuring transparency about how we handle your personal data.

frostway B.V. is the data controller for the personal data we collect and process. We are registered in the Netherlands with registration number 91573926 and our registered address is Eikenlaan 178, 3091 EV Rotterdam, South Holland, Netherlands.

2. Data Collection

The data we collect includes information you provide directly to us and information we collect automatically when you use our website. We collect the following types of personal data:

• Contact information including name, email address, phone number, and postal address
• Account information such as username and encrypted passwords
• Order and transaction details including purchase history and payment information
• Communication records including emails, chat logs, and support tickets
• Technical data including IP address, browser type, device information, and website usage statistics
• Marketing preferences and communication consent settings

3. How We Use Your Information

We use of your data is based on legitimate interests, contractual necessity, and your consent where required. Specifically, we use your information to:

• Process and fulfil your orders and provide customer support
• Communicate with you about your account, orders, and our services
• Improve our website functionality and user experience
• Send marketing communications (only with your consent)
• Comply with legal obligations and protect against fraud
• Analyse website usage and performance for business improvements

The legal basis for processing your personal data varies depending on how we use your information and includes contract performance, legitimate interests, legal compliance, and consent.

4. Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share your information with trusted service providers who assist us in operating our business, including payment processors, shipping companies, and technology service providers. All third parties are required to maintain the confidentiality of your information and use it only for the purposes we specify.

We may also disclose your information when required by law, to protect our rights, or to prevent fraud or other illegal activities.

5. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. Specifically:

• Account information is retained whilst your account remains active and for 3 years after account closure
• Order and transaction data is retained for 7 years to comply with accounting and tax requirements
• Marketing consent records are retained until you withdraw consent or for 3 years from last interaction
• Website analytics data is retained for 26 months

When personal data is no longer needed, we securely delete or anonymise it in accordance with our data retention schedule.

6. Your Rights

Under the General Data Protection Regulation (GDPR), you have several rights regarding your personal data:

• Right of access: You can request a copy of the personal data we hold about you
• Right to rectification: You can ask us to correct inaccurate or incomplete data
• Right to erasure: You can request deletion of your personal data in certain circumstances
• Right to restrict processing: You can ask us to limit how we use your data
• Right to data portability: You can request your data in a machine-readable format
• Right to object: You can object to certain types of processing, including marketing
• Right to withdraw consent: Where processing is based on consent, you can withdraw it at any time

To exercise any of these rights, please contact us using the information provided in the contact section below. We will respond to your request within one month.

7. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption of sensitive data, regular security assessments, staff training, and access controls.

Whilst we take data security seriously, no method of transmission over the internet is completely secure. We cannot guarantee absolute security but we continuously work to improve our security measures.

8. International Data Transfers

As we operate primarily within the European Union, most of your personal data is processed within the EU/EEA. When we do transfer data outside the EU/EEA, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses approved by the European Commission.

9. Cookies and Tracking

Our website uses cookies and similar tracking technologies to enhance your browsing experience and analyse website usage. For detailed information about the cookies we use and how to manage them, please refer to our Cookie Policy.

10. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "last updated" date. We encourage you to review this Privacy Policy periodically.

12. Contact Information

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal data in accordance with applicable law.