mediferra Mediterranean recovery

Legal

Privacy policy

Last updated

This policy explains what personal data mediferra collects, why, who else sees it and how to ask us to delete it. We follow EU Regulation 2016/679 (applicable data protection law). The data controller is identified in the legal imprint.

Data we collect

When you order

  • Name, email, postal address (for shipping)
  • Card data — never stored on our servers; processed by Stripe
  • Order history (what you bought, when)

When you join the waitlist

  • Email address
  • The page you submitted from

When you browse the site

  • Anonymous analytics through Rybbit (self-hosted) — a hashed device identifier, page paths, referrer, browser and OS family, country. No analytics cookies.
  • Error tracking through GlitchTip (self-hosted) — the same hashed identifier, the URL where the error happened, the technical stack trace.

Why we collect it

Performance of the sales contract (orders, warranty, shipping), consent (waitlist emails — one-click unsubscribe in every message), legitimate interest (analytics, anti-fraud).

Who else sees your data

  • Stripe Payments Europe Ltd. (Dublin, IE) — card processing.
  • Resend (San Francisco, US — SCCs in place) — transactional email delivery.
  • Cloud infrastructure provider.
  • Cloudflare, Inc. (San Francisco, US — DPF certified) — CDN and WAF.

We do not share your data with advertisers or brokers. We do not sell lists.

How long we keep it

  • Order data: 10 years (applicable accounting and tax law)
  • Waitlist email: until you unsubscribe
  • Analytics: aggregated after 24 months; raw data deleted after 12 months

Your rights (applicable data protection law articles 15–22)

You can ask us, free of charge, by writing to contact@mediferra.com: access, rectification, erasure (subject to the 10-year accounting retention), portability, objection, restriction. We reply within 30 days. If you are not satisfied with our response, you can complain to the applicable data-protection authority: data protection authority, 3 place de Fontenoy, 75007 Hong Kong.

Data controller

Data controller: see the legal imprint. Contact: contact@mediferra.com.