Privacy Policy

Last updated: 6 March 2025

1. Controller and contact details

The data controller responsible for the processing of your personal data in connection with this website is:

Bloxarynzar
215 Edgware Rd, Tyburnia, London W2 1ES, United Kingdom
Email: partners@bloxarynzar.world
Phone: +44 207 402 6134

If you have questions about this Privacy Policy or about how we process your data, you may contact us using the details above.

2. Scope and legal basis

This Privacy Policy applies to the website bloxarynzar.world and to any personal data we collect when you use our site, place orders, contact us or interact with our services. We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA 2018), and other applicable UK and international data protection laws where relevant.

We process your data only where we have a lawful basis: performance of a contract, consent, compliance with a legal obligation, or our legitimate interests (where they are not overridden by your rights).

3. Personal data we collect and purposes

3.1 Data you provide directly

• Contact and order data: When you submit the order or contact form, we collect your name, email address, phone number and any message you send. We use this to process your order, communicate with you, and provide customer support. Legal basis: performance of contract and, where applicable, consent.
• Account and profile data: If we offer account registration in the future, we may collect login details and profile information to manage your account. Legal basis: performance of contract.
• Consent records: We record your consent where required (e.g. marketing, cookies, terms acceptance) to demonstrate compliance. Legal basis: legal obligation and legitimate interest (compliance).

3.2 Data collected automatically

• Technical and usage data: When you visit our site, we may collect IP address, browser type and version, device type, operating system, referring URL, pages viewed, date and time of access, and similar technical data. We use this to operate and secure the website, analyse use and improve our services. Legal basis: legitimate interest (operation and security of the site) and, where we use cookies or similar technologies, consent where required by law.
• Cookies and similar technologies: We use cookies and similar technologies as described in our Cookie Policy. Where required, we obtain your consent before using non-essential cookies.

3.3 Other sources

We may receive limited data from payment or delivery partners (e.g. confirmation of payment or delivery status) to fulfil your order. We process such data only as necessary for the performance of the contract and in line with this policy.

4. Retention periods

We keep your data only for as long as necessary for the purposes set out above and to comply with legal obligations.

• Order and contact data: Retained for the duration of the contractual relationship and for a period of up to seven (7) years thereafter for legal, tax and accounting requirements, unless a longer retention is required by law.
• Marketing and consent records: Retained until you withdraw consent or object, and for a short period thereafter to document the withdrawal (e.g. up to three years where relevant for disputes or legal claims).
• Technical and access logs: Retained for a period necessary for security and diagnostics, typically up to twelve (12) months, unless a longer period is required for legal or regulatory reasons.
• Cookie-related data: As specified in our Cookie Policy.

After the retention period, we delete or anonymise your data so that it can no longer identify you.

5. Your rights under UK GDPR

You have the following rights in relation to your personal data, subject to applicable conditions and limitations under UK law:

• Right of access: You may request a copy of the personal data we hold about you.
• Right to rectification: You may request correction of inaccurate or incomplete data.
• Right to erasure (“right to be forgotten”): You may request deletion of your data where it is no longer necessary, where you withdraw consent, where you object and there are no overriding grounds, or where processing was unlawful.
• Right to restrict processing: You may request that we restrict processing in certain circumstances (e.g. while accuracy is contested or where you need the data for legal claims).
• Right to data portability: Where processing is based on consent or contract and is carried out by automated means, you may request to receive your data in a structured, commonly used and machine-readable format, or to have it transmitted to another controller where technically feasible.
• Right to object: You may object to processing based on legitimate interests, including profiling. You may also object at any time to processing for direct marketing.
• Right to withdraw consent: Where processing is based on consent, you may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.
• Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority. In the United Kingdom, the supervisory authority is the Information Commissioner’s Office (ICO): https://ico.org.uk. We would, however, appreciate the opportunity to address your concerns before you approach the ICO.

To exercise any of these rights, please contact us using the details in section 1. We will respond within one month, subject to any extension permitted by law. We may need to verify your identity before processing your request.

6. Data sharing and international transfers

We may share your data only where necessary with:

• Service providers who act on our instructions (e.g. hosting, payment processing, delivery, email delivery, analytics where you have consented). We ensure that such processors are bound by contract to protect your data and use it only as we instruct.
• Professional advisers (e.g. lawyers, accountants) where necessary for legal or compliance purposes.
• Public authorities when required by law or to protect our legitimate interests (e.g. fraud prevention).

We do not sell your personal data. If we transfer data outside the United Kingdom or the European Economic Area, we ensure appropriate safeguards are in place (e.g. adequacy decision, standard contractual clauses, or other approved mechanisms) in accordance with UK and, where applicable, EU data protection law.

7. Security measures

We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. These measures include:

• Use of HTTPS and encryption in transit for the website.
• Secure storage and access controls for data at rest.
• Restriction of access to personal data to authorised personnel on a need-to-know basis.
• Regular review of our security practices and, where appropriate, use of trusted third-party services that comply with industry standards.

Despite our efforts, no method of transmission or storage over the internet is completely secure. We encourage you to use strong passwords and to protect your own devices and accounts.

8. Children

Our website and services are not directed at individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have collected data relating to a child, please contact us and we will take steps to delete it.

9. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the website or legal requirements. The “Last updated” date at the top indicates when the policy was last revised. We encourage you to review this page periodically. Where changes are material, we may notify you by email or by a prominent notice on the website where appropriate.

10. Additional information

For details about cookies and similar technologies, please see our Cookie Policy. For the terms governing use of the website and orders, please see our Terms of Service and Return Policy.