Privacy Policy

1. Who we are

Mobilityufloraor ("we", "us", or "our") operates this website as an independent journal of herbal tea recipes and brewing notes. We are the data controller responsible for the personal data described in this policy. Our contact details are set out in section 12 and on our Impressum.

2. Scope of this policy

This policy applies to personal data we process when you visit this website, read our articles, or contact us through the form provided. It does not apply to third-party websites that we may link to, each of which maintains its own privacy practices. We encourage you to read the privacy information of any external site you visit.

The content on this website is published for general informational purposes only. Using the site does not create any professional relationship between you and us.

3. Personal data we collect

We aim to collect as little personal data as possible. Depending on how you interact with the site, this may include:

• Contact form data. When you complete our contact form, we receive the name, email address, and message you choose to provide, together with your confirmation of this policy.
• Technical data. Like most websites, our hosting infrastructure may automatically record limited technical information such as your browser type, device type, approximate region, and the pages you view. This information helps keep the site secure and functioning.
• Cookie and preference data. Where you give consent, we may store information about how the site is used. You can review and change your choices at any time through the cookie settings link in the footer. See our Cookie Policy for detail.

We do not knowingly collect special categories of data, and we ask that you do not send sensitive personal information through the contact form.

4. Purposes and legal bases

Under the GDPR we must have a lawful basis for processing your personal data. The bases we rely on are:

• To respond to your enquiries. When you send a message, we process your data to read and reply to it. The legal basis is our legitimate interest in answering questions about our content, and your consent where you have given it.
• To keep the site secure and reliable. We process limited technical data on the basis of our legitimate interest in preventing misuse and maintaining availability.
• To measure and improve the site. Where you consent to analytics or marketing cookies, we process the related data on the basis of that consent, which you may withdraw at any time.
• To meet legal obligations. In limited cases we may process data to comply with applicable laws or lawful requests from authorities.

5. How and with whom we share data

We do not sell your personal data. We share it only where necessary and with appropriate safeguards, including:

• Service providers. Trusted suppliers who host the website, deliver email, or provide analytics act as our processors and may only use the data on our instructions.
• Legal and regulatory bodies. Where we are required to disclose data by law or to protect our rights.

Each processor we use is bound by a written agreement that requires them to protect personal data to the standard required by the GDPR.

6. How long we keep your data

We retain personal data only for as long as is necessary for the purposes set out above:

• Contact messages are generally kept for up to twenty-four months after our last correspondence, after which they are deleted or anonymised, unless a longer period is required to handle a dispute or meet a legal obligation.
• Technical logs are typically retained for a short period, usually no more than fourteen months, before being aggregated or removed.
• Cookie-related data is kept for the lifetime described in our Cookie Policy or until you withdraw consent.

7. How we protect your data

We take reasonable technical and organisational measures designed to protect personal data against loss, misuse, and unauthorised access. These measures include encrypted connections (HTTPS) across the website, access controls that limit who can view personal data, and regular reviews of the suppliers we work with. While no method of transmission over the internet can be guaranteed to be completely secure, we work to keep our safeguards appropriate to the data we hold.

8. Your rights

Subject to the conditions set out in the GDPR, you have the right to:

• Request access to the personal data we hold about you;
• Ask us to correct data that is inaccurate or incomplete;
• Ask us to erase your data in certain circumstances;
• Ask us to restrict or object to certain processing;
• Request that we transfer your data to you or another controller where technically feasible;
• Withdraw consent at any time, without affecting processing carried out before withdrawal.

To exercise any of these rights, please contact us using the details in section 12. You also have the right to lodge a complaint with a supervisory authority. In the Netherlands this is the Autoriteit Persoonsgegevens (Dutch Data Protection Authority).

9. International transfers

We prefer to keep personal data within the European Economic Area. Where a service provider processes data outside the EEA, we take steps to ensure an appropriate level of protection, such as relying on adequacy decisions or standard contractual clauses approved for that purpose.

10. Children

This website is intended for a general adult audience and is not directed at children. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will take appropriate steps to remove it.

11. Changes to this policy

We may update this policy from time to time to reflect changes in our practices or in applicable law. When we make material changes, we will update the review date shown at the top of this page. We encourage you to review this policy periodically.