Privacy Policy

PRIVACY POLICY

Noctivi

Last updated: 4 April 2026

1. Introduction

Welcome to Noctivi. We are committed to protecting your personal data and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and make purchases from our online store.


Noctivi sells home fragrance products, including aroma diffusers, and is based in The Netherlands. As a business operating within the European Union, we are subject to the General Data Protection Regulation (GDPR) and applicable Dutch data protection law.


Please read this policy carefully. If you disagree with its terms, please discontinue use of our site.

2. Who We Are (Data Controller)

The data controller responsible for your personal information is:


Noctivi

Netherlands

Email: noctivi123@gmail.com


If you have any questions about this Privacy Policy or how we handle your data, please contact us at the email address above.

3. What Personal Data We Collect

3.1 Information You Provide Directly

When you create an account, place an order, or contact us, we may collect:

  • Full name
  • Email address
  • Billing and shipping address
  • Phone number
  • Payment information (processed securely by our payment provider; we do not store card details)
  • Order history and preferences
  • Communications you send to us

3.2 Information Collected Automatically

When you browse our website, we automatically collect certain technical data, including:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Pages visited, time spent on pages, and referring URLs
  • Cookie identifiers and similar tracking technologies

3.3 Information from Third Parties

We may receive information about you from third-party services such as payment processors, shipping carriers, and marketing platforms, where you have consented to share that data with them.

4. How We Use Your Personal Data

We use your personal data for the following purposes:

  • To process and fulfil your orders, including payment processing and delivery
  • To create and manage your customer account
  • To communicate with you about your orders, returns, and customer service requests
  • To send you marketing and promotional emails, where you have given consent or where permitted by law
  • To personalise your shopping experience and recommend products
  • To improve our website, products, and services through analytics
  • To comply with our legal obligations
  • To prevent fraud and ensure the security of our platform

5. Legal Basis for Processing (GDPR)

Under the GDPR, we process your personal data on the following legal bases:

  • Contract performance: to process your orders and deliver your purchases
  • Legitimate interests: to improve our services, prevent fraud, and communicate with you about relevant products
  • Consent: for marketing communications and non-essential cookies (you may withdraw consent at any time)
  • Legal obligation: to comply with tax, accounting, and other regulatory requirements

6. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience, analyse site traffic, and support our marketing activities. These include:

  • Essential cookies: necessary for the website to function correctly
  • Analytics cookies: help us understand how visitors use our site (e.g. Google Analytics)
  • Marketing cookies: used to deliver relevant advertisements and track campaign performance


You can manage your cookie preferences through your browser settings or our cookie consent banner. Please note that disabling certain cookies may affect the functionality of our website.

7. How We Share Your Data

We do not sell your personal data. We may share your information with the following trusted third parties:

  • Payment processors (e.g. Shopify Payments, PayPal, Stripe) to securely process transactions
  • Shipping and logistics partners to deliver your orders
  • Email marketing platforms to send newsletters and promotional communications
  • Analytics providers (e.g. Google Analytics) to help us understand website usage
  • IT and platform service providers, including Shopify, who host our store


All third parties we work with are required to handle your data securely and in accordance with applicable data protection law. Where third parties are located outside the European Economic Area (EEA), we ensure appropriate safeguards are in place (such as Standard Contractual Clauses).

8. How Long We Keep Your Data

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Order and transaction data: retained for 7 years to comply with Dutch accounting and tax law
  • Customer account data: retained for as long as your account is active, plus 2 years after your last interaction
  • Marketing data: retained until you unsubscribe or withdraw consent
  • Analytics data: typically retained for 26 months


When data is no longer required, we securely delete or anonymise it.

9. Your Rights Under GDPR

As a data subject in the European Union, you have the following rights:

  • Right of access: to obtain a copy of the personal data we hold about you
  • Right to rectification: to have inaccurate or incomplete data corrected
  • Right to erasure ('right to be forgotten'): to request deletion of your data where there is no legitimate reason for us to continue processing it
  • Right to restriction of processing: to request that we limit how we use your data
  • Right to data portability: to receive your data in a structured, machine-readable format
  • Right to object: to object to processing based on legitimate interests or for direct marketing purposes
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing


To exercise any of these rights, please contact us at noctivi123@gmail.com. We will respond within 30 days. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de protection des données) at www.gegevensbeschermingsautoriteit.be.

10. Data Security

We take the security of your personal data seriously. We implement appropriate technical and organisational measures to protect your information against unauthorised access, loss, disclosure, or destruction. These include SSL/TLS encryption for data transmitted via our website, access controls, and secure storage practices.


However, no method of transmission over the internet is completely secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee its absolute security.

11. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to read their respective privacy policies.

12. Children's Privacy

Our website is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected information from a child, please contact us and we will promptly delete it.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. When we make material changes, we will update the 'Last updated' date at the top of this page and, where appropriate, notify you by email.


We encourage you to review this policy periodically to stay informed about how we protect your data.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal data, please contact us:


Noctivi

Email: noctivi123@gmail.com

Netherlands