Privacy Policy
Privacy Policy
Last updated: 20 April 2026
This Privacy Policy explains how ArthroVital Lab SRL ("we", "us", or "our") collects, uses, and protects your personal data when you visit ostedin.net (the "Website") or when you purchase Ostedin or contact us. We are committed to handling your data in a lawful, fair, transparent, and secure way.
1. Data Controller
The data controller responsible for your personal data is:
ArthroVital Lab SRL
Website: ostedin.net
Email: [email protected]
2. Personal Data We Collect
2.1 Data you provide to us
We may collect the following information when you actively provide it to us, for example when you place an order, create an account, or contact us:
- Identification details (name, surname)
- Contact details (email address, phone number, billing and shipping address)
- Account details (login email, password in encrypted form)
- Order and payment details (products ordered, order value, chosen payment method, transaction ID)
- Messages you send us (through contact forms, email, or other communication channels)
2.2 Data collected automatically
When you use our Website, certain data is collected automatically, mainly through cookies and similar technologies:
- Technical data: IP address, browser type and version, device type and operating system, approximate location (country/region)
- Usage data: pages visited, time and date of visit, time spent on each page, clicks and interactions on the Website
This information is usually processed in an aggregated or pseudonymous form and does not allow us to identify you directly, unless combined with other data you provide.
3. Purposes and Legal Bases for Processing
We process your personal data only when we have a valid legal basis and for specific purposes:
3.1 To process and deliver your orders
We use your identification, contact, and order details to process your purchase, arrange delivery, and manage any related communication (order confirmation, shipping updates, invoicing).
Legal basis: performance of a contract and steps taken at your request before entering into a contract.
3.2 To provide customer support
When you contact us, we use the data you provide to respond to your questions, handle complaints, and offer support regarding Ostedin and your orders.
Legal basis: performance of a contract or legitimate interest in providing good customer service.
3.3 To manage your account
If you create an account on our Website, we process your registration data to allow you to log in, view order history, and manage your preferences.
Legal basis: performance of a contract.
3.4 To improve our Website and services
We analyze usage and technical data to understand how visitors use our Website, to fix technical issues, and to improve the user experience and the information we provide.
Legal basis: legitimate interest in maintaining and improving our services.
3.5 Marketing communications (where permitted)
With your consent, we may send you newsletters or promotional emails about Ostedin or related products. You can withdraw your consent at any time by using the unsubscribe link in our emails or by contacting us.
Legal basis: your consent. You are not required to give consent to complete a purchase.
4. Cookies and Similar Technologies
Our Website uses cookies and similar technologies to function properly, to remember your preferences, and to analyze traffic.
4.1 What are cookies?
Cookies are small text files stored on your device when you visit a website. They help us recognize your browser and remember certain information.
4.2 Types of cookies we use
- Essential cookies: required for basic site functions, such as adding products to your cart and completing checkout.
- Preference cookies: used to remember your language or other settings.
- Analytics cookies: help us understand how visitors use the Website in order to improve structure and content.
You can manage cookies through your browser settings. Disabling certain cookies may affect the functionality of the Website.
5. How We Share Your Data
We do not sell your personal data. We only share it with trusted third parties when this is necessary and subject to appropriate safeguards:
- Payment service providers: to process your payment in a secure way.
- Courier and logistics partners: to deliver your order to your chosen address.
- IT and hosting providers: to host our Website and maintain our systems.
- Professional advisors: such as accountants or legal advisors, where needed.
- Authorities: when required by law, court order, or to protect our legal rights.
These third parties are only allowed to process your data to provide services to us and must protect your data in line with applicable laws.
6. International Data Transfers
Your personal data may be stored or processed on servers located in different countries. When we transfer data outside the European Economic Area (EEA), we do so based on appropriate safeguards, such as standard contractual clauses or equivalent mechanisms, in order to ensure an adequate level of protection.
7. Data Retention
We keep your personal data only for as long as necessary for the purposes described in this Privacy Policy or as required by law. Retention periods may vary depending on the type of data:
- Order and billing data: kept for the period required by tax and accounting laws.
- Account data: kept as long as your account is active and for a reasonable period after closure, unless a longer period is required by law.
- Contact and support data: kept for the time necessary to handle your request and to document our communication.
- Marketing data: kept until you withdraw your consent or object to processing.
8. Your Rights
Depending on the laws that apply to you, you may have the following rights regarding your personal data:
- Right of access: to obtain confirmation whether we process your data and to access that data.
- Right to rectification: to correct inaccurate or incomplete data.
- Right to erasure: to request deletion of your data, where the law permits.
- Right to restriction: to limit processing of your data in specific situations.
- Right to data portability: to receive your data in a structured, commonly used format and to transmit it to another controller.
- Right to object: to object to processing based on our legitimate interests, and to object at any time to processing for direct marketing.
- Right to withdraw consent: where processing is based on consent, you may withdraw it at any time, without affecting processing carried out before withdrawal.
To exercise your rights, please contact us using the details in section 10 below. We may need to verify your identity before responding.
9. Data Security
We apply appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, or misuse. These measures include secure servers, restricted access, encryption where appropriate, and staff training. No system can be guaranteed to be 100% secure, but we work continuously to protect your data in a responsible way.
10. Contact Us About Privacy
If you have any questions about this Privacy Policy or how we handle your personal data, or if you wish to exercise your rights, you can contact us at:
Email: [email protected]
Website: https://ostedin.net
If you believe that your data protection rights have been violated, you also have the right to lodge a complaint with your local data protection authority.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the way we operate our Website. The updated version will be published on this page with a new "Last updated" date. We encourage you to review this page periodically.