Privacy policy

Privacy Policy

Last updated: 29 October 2025

At Ïnnassi, we are committed to protecting your privacy and handling your personal data with care, transparency and respect. This Privacy Policy outlines how we collect, use, store and safeguard your information when you interact with our website or services.

By using our website or placing an order, you agree to the practices described below.

1. Data Controller

Ïnnassi acts as the Data Controller under EU General Data Protection Regulation (GDPR).

Contact email: info@innassi.com
Registered operational address: Available upon request

2. Data We Collect

We may collect and process:

Identity & Contact Data

  • Name

  • Email

  • Shipping and billing details (if provided)

Order & Transaction Data

  • Order history

  • Payment details (processed securely by third-party providers)

Technical & Usage Data

  • IP address

  • Device type and browser

  • Cookies and browsing behavior

Communications data

  • Newsletter sign-ups

  • Customer service requests

  • Contact form submissions

We do not store complete credit card information.

3. Purpose of data processing

We process your data to:

  • Fulfill and deliver your order

  • Communicate regarding your purchase or inquiries

  • Process secure payments

  • Improve website performance and user experience

  • Send updates or marketing emails (only with consent)

  • Prevent fraud and ensure site security

  • Comply with legal and tax obligations

We do not sell or rent your data.

4. Legal basis

We process personal data based on:

  • Performance of a contract (order fulfillment)

  • Legitimate interests (fraud prevention, business improvement)

  • Legal obligations (financial and tax records)

  • Consent (newsletter, cookies, marketing)

5. Data sharing

We only share your data with trusted partners where required, such as:

  • Payment processors

  • Delivery carriers

  • Secure hosting providers

  • Email and marketing platforms (opt-in only)

All third-party partners are GDPR-compliant.

6. International transfers

If data is stored or processed outside the EU, we ensure appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs)

  • GDPR-approved data protection measures

7. Data retention

We retain personal data only as necessary:

  • Order & accounting records: up to 7 years (legal requirement)

  • Marketing data: until consent is withdrawn

  • Security logs: limited operational period

8. Cookies

Our website uses cookies to improve functionality and browsing experience.
You may manage cookie preferences in your browser settings.

See our Cookie Policy for more details.

9. Data subject rights

Under GDPR, you have the right to:

  • Access your data

  • Request correction or deletion

  • Object to processing

  • Withdraw consent at any time

  • Request data portability

  • File a complaint with the Belgian Data Protection Authority (GBA/APD)

For requests, contact info@innassi.com.

10. Security

We apply technical and organizational measures to protect your personal information.
Despite this, no online system can guarantee absolute security.

11. Minors

Our website and services are not intended for individuals under 18 years old.
We do not knowingly collect personal data from minors.

12. Policy updates

We may update this policy when required.
The latest version will always be available on our website.

Contact

For privacy inquiries or GDPR requests:
info@innassi.com