Privacy Policy

Longevitybg respects your privacy. This Privacy Policy explains how we collect, use, disclose and protect personal data when you visit or purchase from our website operated on WordPress with WooCommerce.

Effective date: October 8, 2025 · Version: 1.0

1. Data Controller & Contact
2. Scope & Definitions
3. Personal Data We Collect
4. Purposes & Legal Bases
5. Sharing & Recipients
6. Retention
7. Cookies & Tracking
8. International Transfers
9. Security
10. Your Rights
11. Children
12. Changes to this Policy
13. How to Contact Us

1) Data Controller & Contact

Longevitybg (“we”, “us”, “our”) is the data controller for personal data processed via our website and store.

Email: office@longevitybg.com
Registered company details, address and registration/VAT number will be added here once available.

If we appoint a Data Protection Officer (DPO), we will publish their contact details here.

2) Scope & Definitions

This Policy applies to personal data processed when you browse our website, create an account, place an order, contact us, or subscribe to marketing communications. “Personal data” means information relating to an identified or identifiable natural person.

We sell premium longevity products, including third-party brands such as MILLIONDAYS and Dremenia, and our own proprietary Longevitybg product (collectively, the “Products”).

3) Personal Data We Collect

3.1 Data you provide to us

Account & profile: name, email, password, phone (optional), preferences.
Orders & fulfilment: billing and shipping details (name, address, email, phone), order contents, chosen delivery options, comments/instructions.
Communications: emails, contact form messages, support requests, product reviews.
Marketing opt-ins: newsletter subscription status and preferences.

3.2 Data collected automatically

Device/usage data: IP address, browser, OS, device identifiers, pages viewed, referring/exit pages, timestamps, approximate location (derived from IP).
Cookies & similar technologies: see Section 7.
Logs & diagnostics: server logs, error logs for performance and security.

3.3 Payment data

We do not store full card numbers. Payments are processed by third-party payment gateways. We receive limited information from them (e.g., last 4 digits, transaction ID, status) for reconciliation, fraud prevention, and customer service.

3.4 Special categories of data

We do not intentionally collect health or other special category data. Please do not submit such information via free-text fields. If it is inadvertently provided, we will delete or minimize it where feasible and lawful.

4) Purposes & Legal Bases

We process personal data for the purposes and on the legal bases below (Art. 6 GDPR for EU/EEA users):

Contract Order processing & fulfilment: to take and process orders, provide the Products, arrange delivery, handle returns/warranty, and provide customer support.
Contract Account management: to create and maintain your account and order history.
Legal obligation Compliance: tax and accounting, consumer protection, responding to lawful requests, record-keeping.
Legitimate interests Security, fraud prevention, site reliability, analytics, and service improvement, provided your rights and freedoms are not overridden.
Consent Marketing communications & non-essential cookies, where required by law. You can withdraw consent at any time without affecting prior processing.

5) Sharing & Recipients

We share personal data only as necessary and with appropriate safeguards:

Payment processors: to process payments and prevent fraud.
Couriers/shipping providers: to deliver orders and handle returns.
Hosting & IT service providers: to operate and secure our WordPress/WooCommerce platform.
Analytics & marketing tools: to measure site usage and (with consent where required) to send newsletters and offers.
Professional advisors & auditors: for compliance and business operations.
Public authorities: if required by law or to protect rights, safety, and property.
Third-party brands/suppliers (MILLIONDAYS, Dremenia, etc.), only where necessary for fulfilment, product support, recalls, or legal compliance, and limited to what is required.

We do not sell your personal data.

6) Retention

We retain personal data only for as long as necessary for the purposes described, or as required by law (e.g., tax/accounting). After that, we will delete or anonymize data in accordance with our retention procedures.

7) Cookies & Tracking

We use cookies and similar technologies on our WordPress/WooCommerce website to enable core functions (cart, checkout, account), remember preferences, analyze traffic, and (with consent where required) deliver marketing.

Strictly necessary: enable checkout, login, and security.
Performance/analytics: help us understand usage and improve the site.
Marketing: personalize offers and measure campaign effectiveness.
Preferences: remember your choices (e.g., language).

You can manage cookie preferences via our cookie banner (where provided) and your browser settings. Disabling certain cookies may affect site functionality. Third-party cookies may be set by our service providers (e.g., analytics or email platforms).

If we maintain a separate Cookie Policy, it will be linked from the cookie banner and website footer.

8) International Data Transfers

Where personal data is transferred outside your country (including outside the EU/EEA), we will ensure appropriate safeguards (e.g., adequacy decisions or Standard Contractual Clauses) and implement supplementary measures where necessary.

9) Security

We implement technical and organizational measures appropriate to the risk, including secure hosting, access controls, encryption in transit (HTTPS), and least-privilege practices. No method of transmission or storage is 100% secure; we continuously improve our safeguards.

10) Your Rights

Subject to applicable law (including the GDPR for EU/EEA residents), you may have the right to:

Access your personal data and obtain a copy;
Rectify inaccurate or incomplete data;
Erase personal data in certain circumstances (“right to be forgotten”);
Restrict processing in certain circumstances;
Object to processing based on our legitimate interests and to direct marketing at any time;
Data portability (receive your data in a structured, commonly used, machine-readable format and/or have it transmitted to another controller, where technically feasible);
Withdraw consent where processing is based on consent (e.g., newsletters), without affecting the lawfulness of processing before withdrawal;
Lodge a complaint with a supervisory authority. For Bulgaria, this is the Commission for Personal Data Protection (CPDP/KZLD).

To exercise your rights, contact us at office@longevitybg.com. We may need to verify your identity before fulfilling your request.

11) Children

Our website is intended for adults. We do not knowingly collect personal data from children under the age required by applicable law (typically 16 in the EU). If you believe a child has provided personal data, please contact us and we will take appropriate steps to delete it.

12) Changes to this Policy

We may update this Policy from time to time. The “Effective date” at the top indicates the latest version. We will post updates on this page and, where appropriate, notify you by email or prominent notice on the site.

13) How to Contact Us

If you have questions about this Policy or how we handle your personal data, please contact:

Longevitybg
Email: office@longevitybg.com
(Postal address and company registration details to be added when available.)

Note: This Privacy Policy does not constitute legal advice. You should review it with qualified counsel to ensure compliance with your specific operations, Products, and jurisdictions.

سياسة الخصوصية