ORDO — Privacy Policy

Effective Date: August 2025

1. Who We Are
ORDO I is the data controller responsible for how your personal information is gathered, processed, and stored.
Contact:

• Email: info@ordobox.be

• Address: Invalidenstraat 52, 9041 Oostakker, België

2. What We Collect & Why
We only capture what’s essential:

• Device & Browsing Data (e.g. IP address, browser type, pages viewed, referral links). Used to secure and analyze site performance.

• Order & Contact Information (e.g. name, address, email). Required to process purchases, returns, and customer support.

• Opt-in Data (e.g. newsletter subscriptions). Processed only with your explicit consent.

We’ll never ask for more than is necessary. This aligns with GDPR’s principle of data minimisation and purpose limitation.

3. Lawful Basis for Processing
We process data based on:

• Contract fulfillment (for order handling)

• Legal obligations (accounting, warranty compliance)

• Consent (for marketing)

• Legitimate interests (site performance analysis)

These bases match GDPR requirements for transparency and fairness.

4. Cookies & Tracking
Cookies and similar technologies help us enhance your experience and operate the site efficiently. Non-essential cookies are only activated with your consent via cookie banner or browser settings, as required by GDPR and the ePrivacy Directive.

5. Data Sharing
We only share data with:

• Shipping partners

• Payment processors

• Analytics tools (only with anonymized data where possible)

All partners are GDPR-compliant and bound by confidentiality agreements.

6. Data Retention
We retain your personal data only as long as needed—either for legal compliance or business necessity (e.g., accounting, warranty tracking). Once no longer required, your data is securely deleted or anonymized.

7. Your Rights
As a user, you’re entitled to:

• Access your data and correct inaccuracies

• Request deletion or restriction of processing

• Withdraw consent to marketing

• Port your data elsewhere

To exercise any of these rights, simply contact us at: info@ordobox.be.

8. Security & Breach Handling
We employ modern data security measures (e.g., encryption, access controls). In the unlikely event of a data breach, we will follow GDPR’s 72-hour notification requirement when impacted rights are at risk.

9. Policy Updates
We may update this policy over time. Any major changes will be highlighted with a new effective date, and, when necessary, communicated to existing users.

10. Accessibility
This Privacy Policy is prominently accessible throughout the site—via footer, checkout, and the cookie banner—ensuring full transparency from your first visit.