Privacy Policy
Last updated: July 1, 2026
IRONLAB ("we", "us", or "our") is committed to protecting the privacy and personal data of our customers and website visitors. This Privacy Policy explains how we collect, use, store, and protect your personal information in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
1. Data Controller
IRONLAB is the data controller responsible for processing your personal data. If you have any questions about this Privacy Policy or how we handle your data, you can reach us at:
Email: support@ironlab.pro
Website: Contact Form
2. Data We Collect
We may collect the following categories of personal data:
2.1 Information You Provide
- Account Information: Name, email address, phone number, and password when you create an account
- Order Information: Shipping address, billing address, payment details, and order history
- Communication Data: Messages sent via our contact form, support requests, and newsletter subscriptions
2.2 Information Collected Automatically
- Technical Data: IP address, browser type, operating system, device information
- Usage Data: Pages visited, time spent on site, click patterns, and referral sources
- Cookie Data: Information collected through cookies and similar technologies (see our Cookies Policy)
3. How We Use Your Data
We process your personal data for the following purposes:
- Order Fulfillment: Processing and delivering your orders, managing payments, and providing customer support
- Account Management: Creating and maintaining your user account, enabling order history and wishlist features
- Communication: Sending order confirmations, shipping updates, and responding to inquiries
- Marketing: With your consent, sending promotional emails and newsletters about our products and offers
- Website Improvement: Analyzing usage patterns to improve site performance, content, and user experience
- Legal Compliance: Meeting our legal obligations, including tax and accounting requirements
- Fraud Prevention: Detecting and preventing fraudulent transactions and unauthorized access
4. Legal Basis for Processing
We process your personal data based on the following legal grounds under the GDPR:
- Contract Performance: Processing necessary to fulfill orders and provide services you have requested
- Legitimate Interest: Processing for fraud prevention, website security, and business analytics
- Consent: Marketing communications and non-essential cookies, which you can withdraw at any time
- Legal Obligation: Processing required to comply with applicable laws and regulations
5. Data Sharing
We may share your personal data with the following categories of recipients:
- Shipping Partners: Courier and logistics companies to deliver your orders
- Payment Processors: Secure payment providers to process transactions
- Analytics Providers: Third-party analytics services to help us understand website usage
- Legal Authorities: When required by law, court order, or government regulation
We never sell your personal data to third parties for marketing purposes.
6. Data Storage and Security
Your personal data is stored on secure servers within the European Economic Area (EEA). We implement appropriate technical and organizational measures to protect your data, including:
- SSL/TLS encryption for all data transmitted between your browser and our servers
- Encrypted password storage using industry-standard hashing algorithms
- Regular security audits and vulnerability assessments
- Access controls limiting data access to authorized personnel only
7. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:
- Account Data: Retained for the duration of your account and up to 2 years after account deletion
- Order Data: Retained for 7 years to comply with tax and accounting regulations
- Marketing Data: Retained until you unsubscribe or withdraw consent
- Analytics Data: Retained in anonymized form for up to 26 months
8. Your Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right of Access: Request a copy of the personal data we hold about you
- Right to Rectification: Request correction of inaccurate or incomplete data
- Right to Erasure: Request deletion of your personal data ("right to be forgotten")
- Right to Restrict Processing: Request limitation of how we process your data
- Right to Data Portability: Receive your data in a structured, commonly used format
- Right to Object: Object to processing based on legitimate interests or for direct marketing
- Right to Withdraw Consent: Withdraw consent for marketing communications at any time
To exercise any of these rights, please contact us at support@ironlab.pro. We will respond to your request within 30 days.
9. International Transfers
Your personal data is primarily processed within the EEA. If data is transferred outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.
10. Children's Privacy
Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that a minor has provided us with personal data, we will take steps to delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Any significant changes will be communicated via email or a prominent notice on our website. We encourage you to review this policy periodically.
12. Contact and Complaints
If you have concerns about how we handle your personal data, you may contact us at support@ironlab.pro. You also have the right to lodge a complaint with your local data protection authority.
Last updated: July 1, 2026