Privacy Policy

Last updated: January 14, 2026

DUFLAUR operates this website and services to provide you with a personalized experience. This Privacy Policy describes how we collect, use, and share personal data when you visit, use, or make a request through our services, or otherwise communicate with us.

1. What Personal Data We Collect

When we use the term "personal data," we refer to information that can identify you or be directly associated with you. Depending on how you interact with our services and where you reside, we may collect the following categories of personal data:

• Contact information: Name, postal address, email address, and telephone number
• Account information: Username, password, security questions, and preferences
• Communication data: Information you provide when communicating with us, such as customer support requests
• Device information: Information about your device, browser, IP address, and other unique identifiers
• Usage information: Information about your interaction with our services, including how and when you access or browse them

2. Sources of Personal Data

We collect personal data from the following sources:

• Directly from you: When you create an account, access our services, or communicate with us
• Automatically through our services: From your device when you use our services or visit our website, including through cookies and similar technologies
• From our service providers: When we engage third-party providers to enable certain technologies and they collect data on our behalf

3. How We Use Your Personal Data

Depending on how you interact with us and which services you use, we may use your personal data for the following purposes:

• Providing and improving services: To deliver our services, manage your account, store your preferences, send account-related notifications, and create a personalized experience
• Communication: To provide customer support, respond to your inquiries, and maintain our business relationship
• Security and fraud prevention: To authenticate your account, provide secure access, detect and investigate potential fraudulent or malicious activities, and ensure service security
• Legal obligations: To comply with applicable law, respond to legal processes, investigate potential violations of our terms, and enforce our policies

4. How We Share Personal Data

Under certain circumstances, we may share your personal data for legitimate purposes. Such circumstances include:

• Service providers: Third parties who provide services on our behalf (e.g., IT management, data analysis, customer support, cloud storage)
• With your consent: When you request or consent to share certain information with third parties
• Within our corporate group: With our affiliates or within our corporate structure
• Legal and business transactions: In connection with business transactions (e.g., merger), to comply with legal obligations, enforce our terms, or protect our rights and the rights of our users

We do not sell, rent, or share your personal data with third parties for marketing purposes.

5. Third-Party Websites and Links

Our services may include links to third-party websites or online platforms. When you follow links to websites not controlled by us, you should review their privacy and security policies. We are not responsible for the privacy or security of such websites or the accuracy of their information.

6. Children's Data

Our services are not intended for use by children under the age of 16, and we do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us using the details below to request deletion.

7. Security and Data Retention

We implement industry-standard technical and organizational security measures to protect your personal data from unauthorized access, disclosure, or misuse. All data transmission is encrypted using SSL/TLS protocols. Please note that no security measures are perfect, and we cannot guarantee absolute security.

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law. Retention periods depend on factors such as whether we need the data to manage your account, provide services, comply with legal obligations, resolve disputes, or enforce our agreements.

8. Your Rights Under GDPR (EU/EEA and Austria)

If you reside in the European Union, European Economic Area, or Austria, you have the following rights regarding your personal data under the General Data Protection Regulation (GDPR):

• Right of access: You may request access to the personal data we hold about you
• Right to rectification: You may request correction of inaccurate personal data
• Right to erasure: You may request deletion of your personal data under certain circumstances
• Right to data portability: You may request a copy of your personal data in a structured, commonly used format and ask that we transfer it to another controller
• Right to object: You may object to the processing of your personal data for certain purposes
• Right to restriction of processing: You may request that we limit the processing of your personal data
• Right to withdraw consent: Where we rely on your consent, you have the right to withdraw it at any time without affecting the lawfulness of processing before withdrawal

To exercise these rights, please contact us using the contact details below. We will respond to your request within the timeframes required by applicable law. You may also designate an authorized agent to make requests on your behalf.

9. Complaints and Supervisory Authority

If you have concerns about how we process your personal data, please contact us using the details below. Depending on where you reside, you also have the right to lodge a complaint with your local data protection supervisory authority. For residents of Austria, the supervisory authority is the Austrian Data Protection Authority (Österreichische Datenschutzbehörde): www.dsb.gv.at

10. International Data Transfers

Please note that we may transfer, store, and process your personal data outside the country where you reside. When we transfer personal data outside the European Economic Area or Austria, we rely on recognized transfer mechanisms such as the European Commission's Standard Contractual Clauses or ensure the transfer is to a country that provides an adequate level of data protection.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will post the revised policy on this website and update the "Last updated" date. Any material changes will be communicated as required by applicable law.

12. Contact Information

For questions about our privacy practices or this Privacy Policy, or to exercise any of your rights, please contact us: