Privacy Policy

Last updated: 15th January 2026

Introduction

This Privacy Policy explains how aurelixora.top d.o.o. ("we", "us", or "our") collects, uses, and protects your personal information when you visit our website aurelixora.top or use our fitness equipment procurement services. We are committed to protecting your privacy and ensuring transparency about our data practices.

We are the data controller for the personal data we process about you. Our registered office is located at Cankarjeva cesta 38, 2049 Maribor, Slovenia. Our company registration number is 3625147985.

Data We Collect

The data we collect depends on how you interact with our website and services. We may collect the following types of personal information:

Information You Provide Directly

  • Contact information including name, email address, phone number
  • Company or facility information when requesting consultations
  • Messages and enquiries submitted through our contact forms
  • Preferences and requirements related to fitness equipment procurement

Information Collected Automatically

  • Technical information such as IP address, browser type, and device information
  • Website usage data including pages visited, time spent, and navigation patterns
  • Cookies and similar tracking technologies (see our Cookie Policy for details)
  • Referral sources and marketing campaign interactions

How We Use Your Information

We process your personal data for various purposes based on legitimate interests, contractual necessity, and your consent. Here's how we use your data:

Service Provision

  • Responding to your enquiries and consultation requests
  • Providing fitness equipment procurement guidance and services
  • Managing our business relationship and communications with you

Website Improvement

  • Analysing website usage to improve user experience
  • Optimising our content and services based on user feedback
  • Ensuring website security and preventing fraud

Marketing and Communications

  • Sending relevant information about our services (with your consent)
  • Personalising content and advertisements based on your interests
  • Measuring the effectiveness of our marketing campaigns

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use and how to control them, please refer to our Cookie Policy.

Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

  • Consent: When you provide explicit consent for marketing communications or optional data processing
  • Contractual necessity: To provide our services and fulfil our obligations to you
  • Legitimate interests: For business operations, website improvement, and fraud prevention
  • Legal obligation: To comply with applicable laws and regulations

Data Sharing and Third Parties

We do not sell your personal data to third parties. We may share your information in the following circumstances:

  • With service providers who assist us in operating our website and providing services (under strict confidentiality agreements)
  • With analytics and advertising platforms such as Google Analytics and Google Ads (in accordance with their privacy policies)
  • When required by law or to protect our legal rights
  • In connection with a business transfer or merger (with appropriate safeguards)

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy or as required by law. Our general data retention periods are:

  • Contact enquiries and communications: 3 years from last contact
  • Client service records: 7 years from completion of services
  • Website analytics data: 26 months (Google Analytics default)
  • Marketing consent records: Until consent is withdrawn plus 1 year

We regularly review our data retention practices and securely delete information that is no longer needed.

Your Rights

Under GDPR and applicable data protection laws, you have several rights regarding your personal data:

  • Right of access: Request copies of your personal data
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion of your personal data in certain circumstances
  • Right to restrict processing: Request limitation of how we use your data
  • Right to data portability: Request transfer of your data to another organisation
  • Right to object: Object to processing based on legitimate interests or for direct marketing
  • Right to withdraw consent: Withdraw consent for processing based on consent

To exercise any of these rights, please contact us using the information provided in the "Contact Us" section below.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Staff training on data protection and security

While we strive to protect your personal data, no method of transmission over the internet is completely secure. We cannot guarantee absolute security but are committed to maintaining industry-standard protection measures.

International Data Transfers

As we operate within the European Economic Area (EEA), your personal data is primarily processed within the EEA. When we use third-party services that may involve data transfers outside the EEA, we ensure appropriate safeguards are in place, such as:

  • Adequacy decisions by the European Commission
  • Standard contractual clauses approved by the European Commission
  • Binding corporate rules or certification schemes

Children's Privacy

Our services are not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe we have collected information from a child under 16, please contact us immediately so we can delete such information.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of significant changes by posting the updated policy on our website with a new "last updated" date. We encourage you to review this policy periodically to stay informed about how we protect your privacy.

Contact Us

If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or have concerns about how we handle your personal data, please contact us:

aurelixora.top d.o.o.

Privacy Officer

Cankarjeva cesta 38, 2049 Maribor, Slovenia

Email: [email protected]

Phone: +386 21191411

You also have the right to lodge a complaint with the Information Commissioner of the Republic of Slovenia (Informacijski pooblaščenec) if you believe we have not handled your personal data in accordance with applicable data protection laws.