Privacy policy
PRIVACY POLICY
ANVIGELA
Last updated: March 2026
1) Overview
Auto Boom ApS (“Auto Boom”, “we”, “us”, “our”) respects your privacy and is committed to protecting your personal data.
This Privacy Policy explains how we collect, use, store, protect, and share your personal data when you:
- visit our website anvigela.com
- place an order
- contact us
- use our services
We process personal data in accordance with:
- EU General Data Protection Regulation (GDPR)
- Danish Data Protection Act (Databeskyttelsesloven)
- UK GDPR (where applicable)
- Applicable US privacy requirements where relevant
2) Data Controller
Data Controller:
Email:
anvigela@outlook.com
Website:
anvigela.com
You may contact us at any time regarding your personal data.
3) Personal Data We Collect
We collect personal data necessary to operate our business and provide services.
3.1 Information You Provide
When placing an order or contacting us, we may collect:
Identity & Contact Data
- Name
- Email address
- Phone number
- Billing address
- Shipping address
Transaction Data
- Order details
- Purchased items
- Payment confirmation
- Order history
- Refund records
Communication Data
- Emails
- Chat messages
- Customer support requests
We do not intentionally collect sensitive personal data, such as:
- health information
- religion
- biometric data
Please do not provide such information.
3.2 Automatically Collected Data
When visiting our website, we may automatically collect:
- IP address
- Browser type
- Device type
- Time zone
- Language settings
- Website usage behavior
- Pages visited
- Session duration
- Referring URLs
This is collected using:
- Cookies
- Pixels
- Log files
- Analytics tools
(See Section 10 — Cookies)
4) Legal Basis for Processing (GDPR Compliance)
We process personal data only when permitted under GDPR Article 6.
4.1 Order Processing
Purpose:
- Process orders
- Handle payments
- Deliver products
- Provide customer service
- Manage returns
Legal Basis:
Contract performance
(GDPR Art. 6(1)(b))
4.2 Legal Obligations
Purpose:
- Accounting
- Tax compliance
- Fraud prevention
Legal Basis:
Legal obligation
(GDPR Art. 6(1)(c))
Under Danish law, accounting data must typically be retained for 5 years.
4.3 Customer Communication
Purpose:
- Respond to inquiries
- Provide updates
- Handle complaints
Legal Basis:
Contract or Legitimate interest
(GDPR Art. 6(1)(b) and (f))
4.4 Fraud Prevention and Security
Purpose:
- Fraud detection
- Risk analysis
- Website security
Legal Basis:
Legitimate interest
(GDPR Art. 6(1)(f))
4.5 Marketing Communications
Purpose:
- Send newsletters
- Provide offers
- Recommend products
Legal Basis:
Consent
(GDPR Art. 6(1)(a))
You may withdraw consent at any time.
4.6 Analytics and Website Improvement
Purpose:
- Improve website usability
- Analyze performance
- Measure marketing results
Legal Basis:
Consent
(GDPR Art. 6(1)(a))
5) Sharing Personal Data
We share personal data only where necessary.
Third parties may include:
- Shopify (website platform)
- Payment providers
- Shipping providers
- IT service providers
- Marketing providers
- Analytics providers
We do not sell personal data.
All partners must comply with GDPR.
5.1 Third-Party Service Providers
To operate our business and provide services, we use trusted third-party providers.
Shopify (Website Platform)
Our online store is hosted by Shopify Inc.
Shopify provides:
- website hosting
- order processing
- checkout services
- customer data storage
Shopify Privacy Policy:
https://www.shopify.com/legal/privacy
Payment Providers
Payments may be processed through:
- Shopify Payments
- Stripe
- PayPal
- MobilePay
We do not store full card details.
Google Analytics
We use Google Analytics, provided by Google LLC.
Used for:
- traffic measurement
- website improvement
- campaign analysis
Google Privacy Policy:
https://policies.google.com/privacy
Meta Platforms (Facebook & Instagram)
We use services from Meta Platforms Ireland Ltd.
Includes:
- Facebook Pixel
- Instagram Ads
Meta Privacy Policy:
https://www.facebook.com/privacy/policy
TikTok Advertising
We use TikTok Pixel, provided by TikTok Technology Limited.
TikTok Privacy Policy:
https://www.tiktok.com/legal/privacy-policy
Shipping and Logistics Providers
We share delivery information such as:
- name
- address
- phone number
Only data necessary for delivery is shared.
6) International Data Transfers
Your data may be transferred outside the EU/EEA.
This includes transfers to:
- logistics providers
- hosting services
- marketing platforms
We ensure safeguards using:
- Standard Contractual Clauses (SCCs)
- Approved GDPR safeguards
Data Storage Location
Personal data may be stored on secure servers operated by Shopify and its partners.
These servers may be located in:
- Canada
- United States
- European Union
Shopify applies GDPR safeguards.
7) Data Retention
We retain data only as long as necessary.
Typical retention:
Orders & Accounting:
Up to 5 years
Customer Support:
Up to 24 months
Marketing:
Until consent withdrawal
Website Logs:
Up to 12 months
Legal Claims Retention
We may retain data longer if necessary to:
- establish legal claims
- defend legal claims
- comply with legal requirements
8) Your GDPR Rights
You have the right to:
- Access your data
- Correct data
- Delete data
- Restrict processing
- Object to processing
- Request portability
- Withdraw consent
Contact:
9) Complaints
You may file a complaint with:
Datatilsynet (Denmark)
https://www.datatilsynet.dk
10) Cookies and Tracking Technologies
We use cookies to:
- operate the website
- store preferences
- analyze traffic
- deliver advertising
Types:
- Essential cookies
- Analytics cookies
- Marketing cookies
Cookies are activated only after consent, where required.
Marketing and Advertising Technologies
We may use:
- Google Analytics
- Meta Pixel
- TikTok Pixel
These tools help:
- measure advertising
- personalize marketing
- improve campaigns
Consent is managed through cookie settings.
11) Automated Decision-Making
We may use automated systems to:
- detect fraud
- prevent misuse
- improve services
These processes do not create legal effects without human review.
12) Do Not Track Signals
Our website may not respond consistently to Do Not Track signals.
13) Children’s Privacy
Our services are not intended for children under 13 years.
If we discover children's data:
We delete it immediately.
14) Data Security
We implement:
- SSL encryption
- Secure servers
- Access restrictions
- Security monitoring
- Fraud detection
However, no system is fully secure.
Data Protection Officer (DPO)
We are currently not required to appoint a Data Protection Officer under GDPR Article 37.
For privacy matters, contact:
15) Changes to This Policy
We may update this Privacy Policy.
Changes take effect once published.
Continued use means acceptance.
16) Contact Information
Email:
anvigela@outlook.com
Website:
anvigela.com