Effective Date: October 2025
Website: www.noahveda.de
Company: Ayurvedic Company SRL
Address: Postweg 28, 81827 München, Germany
VAT ID: RO51528931
Email: contact@noahveda.de
Phone: +49 176 7288 3919

1. Introduction

At NoahVeda, we respect your privacy and are committed to protecting your personal data.
This Privacy Policy explains how we collect, use, store, and safeguard your information in compliance with the EU General Data Protection Regulation (GDPR) and applicable German data protection laws.

By using this website, you consent to the practices described below.

2. Data Controller

The data controller responsible for processing your personal data is:
Ayurvedic Company SRL
Address: Postweg 28, 81827 München, Germany
Email: contact@noahveda.de

3. Data We Collect

We may collect the following categories of personal data:

a) Personal Identification Data:
Name, surname, email address, billing/shipping address, phone number.

b) Transaction Data:
Payment information (processed securely through Stripe — we do not store card details), order history, invoices.

c) Technical Data:
IP address, browser type, device information, and browsing activity (via cookies).

d) Communication Data:
Messages sent via contact forms, emails, or chat.

4. How We Use Your Data

Your personal data is processed for the following purposes:

  • To process and deliver your orders.
  • To send transactional or confirmation emails.
  • To respond to your inquiries and support requests.
  • To improve website functionality and user experience.
  • To comply with legal obligations (invoicing, accounting, tax).
  • To send marketing updates only if you give explicit consent (newsletter subscription).

We will never sell, rent, or trade your personal data to third parties.

5. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Article 6(1)(b) GDPR — Processing necessary for contract performance.
  • Article 6(1)(c) GDPR — Processing required to comply with legal obligations.
  • Article 6(1)(a) GDPR — Processing based on your consent (for marketing).
  • Article 6(1)(f) GDPR — Processing based on legitimate interests (e.g., website security).

6. Data Retention

We retain personal data only as long as necessary to fulfill the purposes described above or as required by law.

  • Order data: up to 10 years (for tax compliance).
  • Marketing data: until you withdraw your consent.
  • Technical logs: up to 12 months for security and analytics.

7. Third-Party Services

We use trusted third-party providers who comply with GDPR requirements:

  • Stripe (Payment Processor) – for secure online payments.
    Stripe Privacy Policy
  • Google Analytics – to analyze website performance (anonymized IP).
    Google Privacy Policy
  • Hosting Provider – ensures secure storage and uptime of our website.

All third parties only process data as necessary and under strict confidentiality agreements.

8. Cookies

Our website uses cookies to enhance user experience, personalize content, and analyze traffic.
You can manage or disable cookies anytime via your browser settings.

Details about cookie usage are available in our Cookies Policy.

9. Data Security

We implement technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.
All connections to our site are secured via SSL encryption.

10. International Data Transfers

Some service providers (e.g., Stripe, Google) may process data outside the EU.
In such cases, data transfers occur under GDPR-compliant safeguards, such as Standard Contractual Clauses (SCCs).

11. Your Rights (Under GDPR)

You have the following rights:

  • Right to Access – obtain confirmation of personal data processed.
  • Right to Rectification – correct inaccurate or incomplete data.
  • Right to Erasure (“Right to be Forgotten”) – request deletion of your data.
  • Right to Restriction of Processing – limit how your data is used.
  • Right to Data Portability – receive your data in a structured, machine-readable format.
  • Right to Object – object to processing based on legitimate interests.
  • Right to Withdraw Consent – withdraw at any time for marketing purposes.

To exercise any of these rights, please contact: contact@noahveda.de

12. Children’s Privacy

Our website and products are not intended for individuals under 18 years of age.
We do not knowingly collect data from minors.

13. Changes to This Policy

We may update this Privacy Policy periodically.
All changes will be posted on this page with a new effective date.

14. Contact Information

For any privacy-related questions or GDPR requests, please contact:

NoahVeda – Ayurvedic Company SRL
📍 Postweg 28, 81827 München, Germany
📧 contact@noahveda.de
📞 +49 176 7288 3919