Privacy Policy

Data Controller Information

xandrelivo.top Ltd is the data controller responsible for your personal data. We are a limited company registered in Malta with registration number C73682 and VAT number MT73912586. Our registered address is Triq San Ġorġ 29, Sliema SLM 0036, Malta.

Data Collection

The data we collect includes information you provide directly to us and information collected automatically when you use our website. We collect personal data through various means including contact forms, email communications, and automated technologies such as cookies and analytics tools.

Information you provide directly may include your name, email address, phone number, company details, and any messages or enquiries you send to us. We also collect technical information automatically, such as your IP address, browser type, device information, and website usage patterns.

How We Use Your Information

We use your data to provide our fitness app engagement optimization services, respond to your enquiries, and improve our website and services. The use of your data is based on legitimate business interests, contractual necessity, or your explicit consent where required by law.

Specifically, how we use your information includes processing contact form submissions, sending responses to your enquiries, providing technical support, analysing website usage to improve our services, and sending relevant business communications where you have consented to receive them.

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please refer to our Cookie Policy.

Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal bases: legitimate interests for website analytics and business communications, contractual necessity for providing our services, consent for marketing communications and non-essential cookies, and legal obligation where required by applicable laws.

Data Sharing and Third Parties

We do not sell your personal data to third parties. We may share your information with trusted service providers who assist us in operating our website and providing our services, such as hosting providers, email services, and analytics platforms. All third parties are required to maintain appropriate security measures and use your data only for the specified purposes.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Contact enquiry data is typically retained for three years, website analytics data for 26 months, and marketing consent records until withdrawn or for seven years, whichever is sooner.

Your Rights

Under GDPR and applicable data protection laws, your rights include the right to access your personal data, rectify inaccurate information, erase your data in certain circumstances, restrict processing, data portability, and object to processing based on legitimate interests.

You also have the right to withdraw consent at any time where processing is based on consent, and the right to lodge a complaint with a supervisory authority if you believe your rights have been violated. To exercise any of these rights, please contact us using the information provided below.

International Data Transfers

As we operate primarily within the European Union, your data is generally processed within the EU/EEA. Where we use service providers outside the EU/EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions by the European Commission.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, secure hosting, access controls, and regular security assessments. However, no internet transmission is completely secure, and we cannot guarantee absolute security.

Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "last updated" date. We encourage you to review this policy regularly.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out to us using the following contact information: