Privacy Policy

Privacy Policy for EPODIUM

Effective Date: March 1, 2025
Last Updated: March 1, 2025

EPODIUM (“we,” “us,” or “our”) is committed to protecting your personal data and respecting your privacy rights in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR).

This Privacy Policy explains how we collect, use, share, and protect your personal data when you interact with our website [www.EPODIUM.com], digital services, or communications. It also describes your rights under the GDPR.

1. Who We Are

Data Controller:

EPODIUM
Email: [privacy@epodium.com]
Website: [www.epodium.com]
If you have questions about your data or this policy, you may contact our Data Protection Officer at: [Insert DPO email, if applicable]

2. What Personal Data We Collect

We collect and process the following types of personal data:

a) Data You Provide Directly

• Name
• Email address
• Billing/shipping address
• Account login details
• Payment information (handled securely via third-party processors)
• Communication contents (support messages, feedback, etc.)

b) Data Collected Automatically

• IP address
• Browser and device information
• Site activity (pages visited, time spent, links clicked)
• Cookies and similar tracking technologies

c) Special Categories of Data

We do not knowingly collect sensitive personal data (e.g., health data, political opinions).

3. Lawful Bases for Processing

Under the GDPR, we process your personal data only when we have a lawful basis to do so, including:

• Consent – when you opt in to marketing or newsletter communications.
• Contract – to fulfill a service or transaction you request.
• Legal obligation – for compliance with laws or lawful requests.
• Legitimate interests – to improve our services, secure our platform, and better serve our users (only when these interests are not overridden by your rights).

4. How We Use Your Data

We use your personal data to:

• Provide and maintain our services
• Fulfill orders and process transactions
• Improve and personalize your experience
• Send important updates or marketing (where permitted)
• Detect and prevent fraudulent activities
• Comply with legal obligations

5. Cookies and Tracking Technologies

We use cookies for analytics, functionality, and marketing purposes. You can adjust your cookie preferences or disable cookies in your browser settings.

For more details, please review our Cookie Policy [Insert link if available].

6. Sharing Your Data

We do not sell your data. We may share personal data with:

• Trusted third-party service providers (hosting, email delivery, analytics, payment processors)
• Legal authorities if required by law
• In connection with a business sale, merger, or acquisition

All third-party processors are required to maintain GDPR-compliant safeguards.

7. Data Transfers Outside the EU

If we transfer your data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses (SCCs)
• Transfers to countries with adequate data protection laws
• Binding corporate rules (for intragroup transfers)

8. Data Retention

We retain personal data only as long as necessary for the purposes it was collected, or as required by law. You may request deletion of your data at any time (see Section 9).

9. Your Rights Under GDPR

You have the following rights:

• Right of access – know what personal data we hold about you.
• Right to rectification – correct inaccurate or incomplete data.
• Right to erasure (“right to be forgotten”) – request deletion of your data.
• Right to restrict processing – limit how we use your data.
• Right to data portability – receive your data in a commonly used format.
• Right to object – to certain types of processing (e.g., marketing).
• Right to withdraw consent – at any time, where processing is based on consent.

To exercise your rights, contact us at privacy@epodium.com.

If you are not satisfied with our response, you have the right to lodge a complaint with your national data protection authority.

10. Children’s Privacy

We do not knowingly collect personal data from children under the age of 13 (or 16 in the EU). If we become aware that we have collected data from a child without parental consent, we will delete it immediately.

11. Data Security

We implement appropriate technical and organizational measures to secure your personal data, including:

• SSL encryption
• Access controls
• Data minimization practices
• Routine security monitoring

12. Updates to This Privacy Policy

We may revise this Privacy Policy from time to time. Updated versions will be posted on this page with a new “Effective Date.” We encourage you to review it regularly.

13. Contact Us

For questions about this Privacy Policy, or to exercise your rights:

EPODIUM Privacy Team
Email: privacy@epodium.com
Website: www.epodium.com