1) Introduction and Contact Details of the Controller
1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data refers to all data by which you can be personally identified.

1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Mr. Khodayari, Tel.: +421903876503, Email: info@abcocare.com . The controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.

1.3 The controller has appointed a data protection officer who can be reached as follows: “Mr. Khodayari, +421903876503, info@abcocare.com”

2) Data Collection When Visiting Our Website
2.1 When using our website for informational purposes only, i.e., if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to our server (so-called “server log files”). When you visit our website, we collect the following data, which is technically necessary for us to display the website:

• Our visited website
• Date and time at the time of access
• Amount of data sent in bytes
• Source/referrer from which you came to the page
• Browser used
• Operating system used
• IP address used (possibly in anonymized form)

Processing is carried out pursuant to Art. 6 para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.

2.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller). You can recognize an encrypted connection by the string “https://” and the lock symbol in your browser line.

3) Hosting & Content Delivery Network
For hosting our website and displaying the content, we use a provider who provides services exclusively on servers within the European Union, either by themselves or via selected subcontractors.

All data collected on our website is processed on these servers. We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.

4) Cookies
To make visiting our website attractive and to enable the use of certain functions, we use cookies, i.e., small text files that are stored on your device. Some of these cookies are deleted automatically after you close your browser (so-called “session cookies”), while others remain on your device longer to save page settings (so-called “persistent cookies”). You can find the storage duration in your web browser’s cookie settings.

If personal data is also processed by individual cookies, this is done pursuant to Art. 6 para. 1 lit. b GDPR (contract performance), Art. 6 para. 1 lit. a GDPR (consent), or Art. 6 para. 1 lit. f GDPR (legitimate interests in the best functionality and user-friendliness of the website).

You can configure your browser to inform you about the setting of cookies and allow or exclude them individually or generally. Please note that disabling cookies may limit the functionality of our website.

5) Contact
5.1 WhatsApp Business
You may contact us via WhatsApp Messenger by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, using the Business version.

If you contact us regarding a specific transaction (e.g., a placed order), we will store and use your WhatsApp mobile number and—if provided—your first and last name according to Art. 6 para. 1 lit. b GDPR to process and respond to your inquiry. We may request additional data such as order number, customer number, address, or email address for identification.

For general inquiries, we process your WhatsApp number and—if provided—your name under Art. 6 para. 1 lit. f GDPR based on our legitimate interest in efficiently providing information.

Your data is only used to answer your WhatsApp inquiries. It is not passed on to third parties.

Note: WhatsApp Business has access to the address book of our mobile device and automatically transfers stored contacts to Meta Platforms Inc. servers in the USA. We ensure that only users who contacted us via WhatsApp are stored.

Thus, each user has consented to this transfer upon accepting WhatsApp’s terms (Art. 6 para. 1 lit. a GDPR). Users who do not use WhatsApp or who haven’t contacted us via WhatsApp are not affected.

Further privacy information from WhatsApp:
https://www.whatsapp.com/legal/?eea=1#privacy-policy

We have concluded a data processing agreement with the provider. Data may be transferred to Meta Platforms Inc. servers in the U.S., and the provider complies with the EU-US Data Privacy Framework to ensure an adequate level of data protection.

5.2 Contact Forms / Email
When contacting us (e.g., via form or email), personal data is collected. The data collected depends on the respective form.

These data are used solely for responding to your request and the associated technical administration.

Legal basis:

• Art. 6 para. 1 lit. f GDPR (legitimate interest)
• If aimed at contract conclusion: Art. 6 para. 1 lit. b GDPR

Data is deleted after your request is resolved unless legal retention obligations prevent this.

6) Data Subject Rights
6.1 Under GDPR, you have the following rights regarding your personal data:

• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restrict processing (Art. 18 GDPR)
• Right to notification (Art. 19 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to withdraw consent (Art. 7 para. 3 GDPR)
• Right to lodge a complaint (Art. 77 GDPR)

6.2 RIGHT TO OBJECT
IF WE PROCESS YOUR PERSONAL DATA BASED ON OUR LEGITIMATE INTERESTS, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION.

IF YOU OBJECT, WE WILL CEASE PROCESSING THE DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS THAT OVERRIDE YOUR INTERESTS OR THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL CLAIMS.

IF YOUR DATA IS USED FOR DIRECT MARKETING, YOU MAY OBJECT AT ANY TIME, AND WE WILL STOP SUCH PROCESSING.

7) Duration of Storage of Personal Data
The storage duration depends on the legal basis, processing purpose, and legal retention periods.

• If based on explicit consent (Art. 6 para. 1 lit. a GDPR), data is stored until consent is withdrawn.
• If legal retention periods exist (e.g., commercial/tax laws), data is deleted after the periods expire unless needed for contract purposes.
• If based on Art. 6 para. 1 lit. f GDPR, data is stored until the right to object is exercised unless compelling interests override or data is needed for legal claims.
• If used for direct marketing under Art. 6 para. 1 lit. f GDPR, data is stored until objection under Art. 21 para. 2 GDPR.

Unless otherwise specified, data is deleted when no longer necessary for its intended purpose.