Privacy Policy of Orfium Website

Hexacorp Ltd, with its principal office located at The Enclave, 22619 Pacific Coast Hwy, Suite B260, Malibu, CA 90265, USA, along with its subsidiaries (collectively referred to as “Orfium”), is dedicated to protecting your privacy and personal data. We comply with the highest standards of data protection in accordance with relevant privacy laws.

This Privacy Policy explains how we collect, use, share, and protect your personal information when you visit our website (“Site”). We encourage you to read this Policy carefully before using the Site or providing any personal data. By accessing or using the Site, you acknowledge that you have read, understood, and agree to the terms of this Policy, including the collection and processing of your personal data as described herein.

Orfium is the Controller responsible for the processing of personal data collected through this website (https://www.orfium.com). If you have any questions or require clarification regarding the processing of your personal data, please contact our Data Protection Officer (DPO) at dpo@orfium.com .

1. What Personal Data We Collect?

During your visit to our website, we may process the following categories of your personal data:

  • Basic Information: Full name, email address, phone number, and other identifying details.
  • Business Information: Name of your company or organization.
  • Communications: Any comments or messages you send us through our contact channels.
  • Cookie Data: Information collected via cookies installed on our website, which you can learn more about here.
  • IP Address: Collected by our security systems implemented for antihacking.

We do not collect special categories of personal data, including but not limited to racial or ethnic origin, political opinions, religious or philosophical beliefs, union membership, genetic data, biometric data used for identification, health information, or sexual orientation. We strongly advise against submitting such data; any received will be promptly deleted.

Please note that our services are not intended for minors, and we do not seek or collect information related to individuals under the age of 18.

2. Why Do We Process Personal Data?

Orfium, along with those acting on its behalf and under its instructions (data processors), processes personal data exclusively for the following purposes:

  1. Responding to Inquiries: To address and respond to your inquiries and requests submitted through our contact form.
  2. Newsletter: To send you our newsletter, which provides updates and information about Orfium’s services.
  3. Improving Website Functionality: To enhance the functionality of our website and improve your browsing experience, including the use of cookies. Learn more in our Cookie Policy here.

Your personal data is processed solely for the purposes outlined above or, in some instances, to ensure compliance with legal and regulatory obligations or to support legal claims.

We adhere to the fundamental principles of data protection as required by applicable privacy laws. These principles include lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, confidentiality, and accountability.

3. What is the Legal Basis for Processing?

The legal basis for processing your personal information varies depending on the type of data involved. We process your personal data for several reasons:

  1. Consent: When you provide explicit consent, such as when you contact us through our website forms, subscribe to our newsletter, or accept the installation of cookies on your device.
  2. Statutory Obligations: We may process your data when necessary to comply with legal obligations, such as responding to law enforcement requests.
  3. Contractual Necessity: Processing may also be required to negotiate or fulfill a contract, such as providing services or responding to inquiries related to contractual obligations.

4. How Long Do We Process Your Data?

Your personal data is retained only for the period necessary to fulfill the purposes of its processing, comply with our legal obligations regarding data storage, and support potential legal claims. In any case, your data will not be kept for longer than five (5) years. Please note, if your data is processed based solely on your consent, you have the right to withdraw that consent at any time by contacting us at dpo@orfium.com .

5. Who Has Access to Your Personal Data and How Are They Transferred?

Access to your personal data is strictly limited to authorized employees of Orfium who require it for their job functions. These employees have received proper training on the safe handling and processing of personal data.

  1. Orfium Employees: Only those employees who need access to personal data to perform their duties are permitted to view it. They are trained to handle this information responsibly and in accordance with applicable privacy policies.
  2. Data Processors: In addition to Orfium employees, certain third-party companies and individuals, known as data processors, may also access your personal data. These processors are engaged to perform specific tasks under the Company’s direction. For example:
    • IT Support Companies: Firms that provide technical support for the Company’s website.
    • Marketing Agencies: Companies tasked with managing and sending newsletters.

These data processors are required to follow explicit instructions from Orfium and must implement adequate technical and organizational measures to ensure the protection of your personal data.

  1. Third-Party Authorities: Your personal data may also be accessible to external authorities, including:
  1. Government Agencies: Law enforcement and regulatory bodies may gain access to your data when required by law or for significant public interest reasons.
  2. Legal Obligations: Access may be granted to support the establishment, exercise, or defense of legal claims.

Data Transfer Considerations

When we transfer personal data to third parties, especially to countries outside the EU, we follow strict legal rules to protect your privacy. We comply with data protection laws, including the General Data Protection Regulation (GDPR), which only allows transferring data outside the EU if there are adequate protections in place.

At Orfium , we have a Data Sharing Agreement that includes Standard Contractual Clauses (SCCs) approved by the European Commission. These clauses ensure that any personal data transferred outside the European Economic Area (EEA) is handled in a way that protects individuals’ privacy rights.

6. What About the Processing by Other Sites You Link To?

The presence of links, hyperlinks, or banners connecting our website to third-party sites does not impose any liability on the Company for the content of those external websites, nor for the quality of the products and services they promote. Additionally, we cannot be held accountable for their privacy policies regarding the protection and processing of personal data. Users are advised to exercise caution and familiarize themselves with the privacy practices of any third-party websites they visit. We recommend reviewing their respective data protection policies to understand how they collect and manage personal information.

7. Are Your Data Processed Safely?

We are dedicated to safeguarding your personal data through the implementation of robust organizational and technical measures designed to protect against accidental or unlawful processing. Our authorized personnel who manage your personal data have received thorough training and guidance to ensure compliance with our security protocols.

Additionally, our company is certified for information security management in accordance with ISO 27001 standards, reinforcing our commitment to data protection. Furthermore, our security measures are regularly reviewed and updated as necessary to maintain their effectiveness.

8. What Are Your Rights?

As a data subject, you are entitled to exercise the following rights regarding your personal data:

  • Right to Withdraw Consent: You may withdraw your consent at any time, particularly when the processing relies on your consent as the legal basis.
  • Right of Access: You have the right to request a copy of your personal data along with confirmation of whether your data is being processed.
  • Right to Rectification: You can request corrections to any inaccurate or incomplete personal data.
  • Right to Erasure (“Right to be Forgotten”): You may request the deletion of your personal data under certain conditions, such as when the data is no longer necessary for the purposes outlined above, or if you withdraw your consent and no other lawful basis for processing exists.
  • Right to Restriction of Processing: You can request that we limit the processing of your personal data in specific situations, especially while objections are being examined.
  • Right to Data Portability: You may request to receive your personal data in a structured, commonly used format and request that this data be transferred to another data controller.
  • Right to Object: You have the right to object to the processing of your data when it is based on our legitimate interest. In such cases, we will cease processing your personal data unless we can demonstrate compelling legitimate grounds that override your rights and interests.
  • Right to File a Complaint: If you believe your data is being processed unlawfully, or if we fail to address your concerns, you may file a complaint with the relevant privacy regulator in your country, state, or province. For EU countries, contact details for Data Protection Authorities can be found at the European Data Protection Board.

Policy Updates

We may update this Privacy Policy from time to time. Any changes will be indicated by updating the “Last Updated” date.

Last updated: October 2024

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies.