Privacy Policy

This Privacy Policy explains how droxenalin.top Ltd ("we", "us", or "our") collects, uses, and protects your personal information when you visit our website droxenalin.top or use our services.

Last updated: 15 January 2026

Data Controller Information

droxenalin.top Ltd is the data controller responsible for your personal data. We are registered in Malta with company registration number C85697 and VAT number MT85697446. Our registered address is Triq Dun Karm 87, Valletta VLT 2804, Malta.

Data We Collect

We collect and process various types of personal data to provide our beauty brand analytics services. The data we collect includes information you provide directly to us and information collected automatically when you use our website and services.

Information You Provide

  • Contact details (name, email address, phone number, company name)
  • Communication preferences and marketing consents
  • Messages and enquiries sent through our contact forms
  • Account information for our analytics platform
  • Business information related to your beauty brand

Information Collected Automatically

  • Website usage data and analytics
  • IP addresses and device information
  • Browser type and operating system
  • Pages visited and time spent on our website
  • Referral sources and search terms

How We Use Your Information

We use your data for specific purposes based on legitimate legal grounds. How we use your information depends on the services you use and your relationship with us.

Service Provision

  • To provide our beauty brand analytics platform and services
  • To process and respond to your enquiries and requests
  • To deliver customer support and technical assistance
  • To manage your account and subscription

Communication

  • To send service-related communications and updates
  • To provide marketing communications (with your consent)
  • To send newsletters and industry insights
  • To respond to your questions and feedback

Legal Basis for Processing

Under GDPR, we process your personal data based on:

  • Contract: To fulfil our contractual obligations when providing services
  • Legitimate Interest: To improve our services and communicate about relevant business matters
  • Consent: For marketing communications and non-essential cookies
  • Legal Obligation: To comply with applicable laws and regulations

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use, please refer to our Cookie Policy.

Data Sharing and Third Parties

We may share your personal data with trusted third parties who help us provide our services:

  • Analytics providers (Google Analytics) to understand website usage
  • Email service providers for communication and marketing
  • Cloud hosting providers for data storage and processing
  • Payment processors for subscription and billing management
  • Legal and professional advisors when required

We ensure all third parties maintain appropriate data protection standards and only process data according to our instructions.

Data Retention

We retain your personal data for as long as necessary to fulfil the purposes outlined in this privacy policy. Specific retention periods include:

  • Contact enquiries: 3 years from last contact
  • Customer account data: Duration of subscription plus 7 years for legal compliance
  • Marketing data: Until consent is withdrawn or 3 years of inactivity
  • Website analytics: 26 months (Google Analytics standard)

After the retention period expires, we securely delete or anonymise your personal data.

Your Rights

Under GDPR and applicable data protection laws, you have several rights regarding your personal data:

  • Right of Access: Request a copy of your personal data we hold
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for processing at any time

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication requirements
  • Staff training on data protection practices
  • Incident response procedures

International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules
  • Certification schemes approved by supervisory authorities

Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or applicable laws. When we make significant changes, we will notify you by email or through a prominent notice on our website. The updated policy will be effective from the date specified in the "Last updated" section.

Contact Information

If you have any questions about this privacy policy or wish to exercise your rights, please contact us:

Supervisory Authority

You have the right to lodge a complaint with the relevant supervisory authority if you believe our processing of your personal data violates applicable data protection laws. In Malta, the supervisory authority is the Information and Data Protection Commissioner.

This privacy policy is governed by Maltese law and EU data protection regulations, including the General Data Protection Regulation (GDPR).