Privacy Policy

Privacy Policy for ONTOPCO

1. Introduction
ONTOPCO (hereinafter “we”, “our”, “us”) is committed to protecting your personal data and ensuring your privacy when you visit or place an order via our website https://ontopco.com (“Website”). This privacy policy (“Policy”) explains how we collect, use, store and process your personal data in accordance with the European General Data Protection Regulation (GDPR) and other applicable laws.

2. Data Controller
ONTOPCO, Latvia (EU) is the data controller for the personal data processed via this Website. If you have any questions about this Policy or wish to exercise your data-subject rights, please contact us at: info@ontopco.com.

3. What Personal Data We Collect
We collect the following categories of personal data when you use our Website or place an order:
– Identity data: name, date of birth (optional)
– Contact data: email address, telephone number, shipping and billing address
– Payment data: credit/debit card information (processed by our payment provider)
– Order information: order number, products ordered, purchase date
– Technical and browsing data: IP address, browser type, operating system, pages visited, time and date of visit
– Marketing and communications data: your preferences in receiving marketing from us

4. How We Use Your Personal Data
We use your personal data for the following purposes:
– To process and fulfil your orders, including shipment and returns
– To manage your account and provide customer service
– To personalise your shopping experience and improve our Website
– To send promotional communications if you have opted in
– To comply with legal obligations (e.g., tax, anti-fraud)
– To analyse data for business improvement

Our legal bases for processing your personal data are: contract performance, legitimate interest, compliance with legal obligation, and (where required) your consent.

5. Sharing Your Personal Data
We do not sell, rent or trade your personal data to third parties. We may share your data with the following categories of recipients:
– Payment processors and banks for order payment
– Shipping carriers and logistics partners for order delivery
– IT service providers hosting or maintaining our Website and analytics
– Legal and compliance advisors when required by law

We ensure that all third-party service providers are bound by confidentiality and data-protection obligations.

6. International Transfers
Your personal data may be transferred outside the European Economic Area (EEA) if necessary. Where such transfers occur, we implement appropriate safeguards, such as standard contractual clauses as approved by the European Commission.

7. Cookies and Tracking Technologies
We use cookies and similar tracking technologies on our Website to:
– enable basic site functionality
– track visitor behaviour and analytics
– personalise content and offers
You can manage or disable cookies by changing your browser settings. Please note this may affect your browsing experience.

8. Retention of Personal Data
We retain your personal data only for as long as necessary to fulfil the purposes outlined in this Policy. Afterward, we will either delete or anonymise your data, unless retention is required by law (e.g., tax, accounting).

9. Data Subject Rights
Under the GDPR you have the following rights:
– Right to access your personal data
– Right to correct inaccurate or incomplete data
– Right to erasure (right to be forgotten)
– Right to restrict or object to processing
– Right to data portability
– Right to withdraw consent at any time (where processing based on consent)

To exercise any of these rights, please contact us at support@ontopco.com. We will respond within one month unless an extended period is justified.

10. Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage. However, no method of data transmission over the Internet is 100% secure.

11. Children’s Privacy
Our products and services are intended for individuals aged 18 or older. We do not knowingly collect personal data from children under 18. If you become aware of any such data collection, please contact us and we will remove the information.

12. Changes to this Policy
We may update this Policy from time to time. When we do so, we will post the updated version on the Website and update the “Last updated” date at the bottom of this page. By continuing to use the Website after any changes, you accept the revised Policy.

Last updated: [23.11.2025.]