Privacy Policy
Privacy Policy
1. Information About the Collection of Personal Data & Data Controller
1.1
Thank you for visiting Vale Sandton. and for your interest in our products and services. This Privacy Policy explains how we collect, use, and protect your personal data when you use our website.
"Personal data" means any information that can directly or indirectly identify you.
1.2
The data controller responsible for processing your personal data under the General Data Protection Regulation (GDPR) is:
Vale Sandton
The data controller is the legal entity responsible for determining the purposes and means of processing personal data.
1.3
To protect your information and ensure the secure transmission of confidential content (such as orders or inquiries), our website uses SSL/TLS encryption.
You can recognize a secure connection by the https:// prefix in your browser's address bar and the padlock icon.
2. Data Collection When Visiting Our Website
If you visit our website for informational purposes only (without registering or submitting information), we automatically collect data transmitted by your browser to our server (server log files).
This may include:
-
Pages visited
-
Date and time of access
-
Amount of data transferred
-
Referring URL
-
Browser type and version
-
Operating system
-
IP address (where applicable, anonymized)
This processing is carried out under Article 6(1)(f) GDPR based on our legitimate interest in maintaining the security and functionality of our website.
We do not use this information for any other purpose unless there is evidence of unlawful use.
3. Cookies
We use cookies to improve your browsing experience and enable certain website functions.
Cookies are small text files stored on your device.
We use:
-
Session cookies (deleted when your browser closes)
-
Persistent cookies (stored for future visits)
Cookies may store information such as:
-
Browser information
-
Approximate location
-
IP address
The legal basis for processing is:
-
Article 6(1)(b) GDPR where cookies are necessary to perform a contract.
-
Article 6(1)(f) GDPR where cookies are required for the legitimate operation of the website.
You may disable cookies through your browser settings, although doing so may affect website functionality.
4. Contacting Us
If you contact us by email or through our contact form, we process your personal data solely for the purpose of responding to your request.
Legal basis:
-
Article 6(1)(f) GDPR
-
or Article 6(1)(b) GDPR where your request relates to a contract.
Your information will be deleted once your inquiry has been fully resolved unless legal retention obligations apply.
5. Customer Account & Order Processing
We process the personal data necessary to create customer accounts and process orders under Article 6(1)(b) GDPR.
You may request deletion of your customer account at any time by contacting us.
Following completion of the contract or deletion of your account, your data will be retained only for as long as legally required.
6. Marketing Communications
Newsletter Subscription
If you subscribe to our newsletter, we will use your email address to send promotional emails and updates.
We use:
-
Double opt-in confirmation
-
IP address, date and time verification
Legal basis:
Article 6(1)(a) GDPR
You may unsubscribe at any time.
Existing Customers
If you purchase from us, we may send you information about similar products.
Legal basis:
Article 6(1)(f) GDPR
You may object to these communications at any time.
7. Order Processing
Shipping & Payments
We share personal data with shipping providers and payment processors only where necessary to fulfill your order.
Legal basis:
Article 6(1)(b) GDPR
Payment Providers
PayPal
Payments may be processed through PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg.
PayPal may perform credit checks where permitted.
Legal basis:
-
Article 6(1)(b) GDPR
-
Article 6(1)(f) GDPR
Credit Cards
We accept:
-
Visa
-
Mastercard
-
American Express
Payments are processed through secure payment providers.
We do not store your credit card information.
All payment processing complies with PCI-DSS security standards.
8. Product Reviews
With your consent, we may send you an email inviting you to review your purchase.
Legal basis:
Article 6(1)(a) GDPR
9. Social Media Plugins
Our website may include integrations with:
-
Facebook
-
Instagram
-
Google
Connections are established only when you actively click the relevant social media button.
10. Online Marketing
Google DoubleClick
Used to measure advertising performance.
Legal basis:
Article 6(1)(f) GDPR
Google Ads Conversion Tracking
Used to measure advertising effectiveness.
Legal basis:
Article 6(1)(f) GDPR
11. Website Analytics
We use Google Analytics with IP anonymization enabled.
Legal basis:
Article 6(1)(f) GDPR
12. Retargeting
We may use:
-
Facebook Pixel
-
Google Ads Remarketing
to display relevant advertisements.
Processing is based on applicable GDPR requirements.
13. Your Rights
You have the right to:
-
Access your personal data
-
Correct inaccurate data
-
Request deletion
-
Restrict processing
-
Receive a copy of your data (data portability)
-
Withdraw your consent at any time
-
Lodge a complaint with your local supervisory authority
Right to Object
You may object at any time to the processing of your personal data based on legitimate interests or for direct marketing purposes.
14. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by applicable law.
Once the applicable retention period has expired, your personal data will be securely deleted unless further processing is legally required.
