Privacy Policy

---

At Krulig International, INC, we are committed to protecting and respecting your privacy. This privacy policy describes how we collect, use, and protect your personal data in compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the Health Insurance Portability and Accountability Act (HIPAA), and the Children’s Online Privacy Protection Act (COPPA).

1. Data Controller

Company name: Krulig International, INC

Contact email: kruliginternational@gmail.com

2. Purpose of Data Processing

We collect and process your personal data for the following purposes:

To process and manage your requests and inquiries.

To communicate with you in response to your questions or requests.

To send relevant information about our products, services, promotions, and events (with your consent).

To improve our products and services based on your preferences and needs.

To manage and protect users’ health data in compliance with HIPAA (where applicable).

3. Personal Data Collected

To fulfill the purposes listed above, we may collect the following types of personal data:

Contact information: name, email address.

Transaction data: details of the products or services you have purchased.

Browsing data: IP address, browsing history, visit duration, location, and other technical data.

Protected Health Information (PHI): medical and health information provided by the user, necessary to offer our services.

Additional Information for California Residents (CCPA):

For California residents, we may also collect and identify additional categories of personal data as required by the CCPA, and provide additional information about your rights under California law.

4. Legal Basis for Processing

We rely on the following legal bases to process your data:

Contract performance: to manage your orders and provide the requested service.

Consent: for the sending of commercial communications and additional data processing.

Legitimate interest: to improve our services, direct marketing, and fraud prevention.

HIPAA compliance: to ensure the protection of health information in compliance with federal law.

5. Data Retention Period

Your data will be stored for as long as necessary to fulfill the purposes of the processing or until you request its deletion. Some data may be retained for additional periods in compliance with our legal obligations, including those under HIPAA for protected health information (PHI).

6. Recipients of Personal Data

We may share your personal data with third parties in the following circumstances:

• Service providers: acting on our behalf (e.g., hosting, marketing services).
• Legal authorities: if required by law or to protect our rights and property.
• Health providers and HIPAA-covered entities: when necessary for health data management.

All third parties processing personal data for us are required to comply with strict confidentiality and security standards.

Additional Information for California Residents (CCPA):

In compliance with the CCPA, we will not sell your personal data to third parties without your consent. You may exercise your opt-out right at any time through the “CCPA Do Not Sell My Data” link available in the footer of our website.

7. International Data Transfers

If we transfer your data outside the European Economic Area (EEA), we guarantee it will be protected at the same level through standard contractual clauses approved by the European Commission.

8. User Rights

As the data subject, you have the right to:

• Access your personal data: you will receive a copy of your stored data.
• Rectify inaccurate data: you may request the correction of any incorrect information.
• Request deletion of your data: you may ask us to delete your data when it is no longer needed.
• Restrict data processing: under certain circumstances.
• Data portability to another provider: you may request the transfer of your data to a third party.
• Object to data processing.

Additional Rights for California Residents (CCPA):

In addition to the rights mentioned above, California residents have the right to:

• Know what personal data we collect and for what purpose.
• Know to whom their data is disclosed or sold (if applicable).
• Opt-out of the sale of their personal data to third parties.

To exercise these rights, please contact us via email at krulig.international.eu@gmail.com. We will respond to your request within a maximum of 30 days.

Rights for Minors (COPPA):

If we collect data from children under the age of 13, we will obtain parental consent before collecting, using, or disclosing such information, in compliance with COPPA. Parents may contact us to review or request the deletion of their child’s information via krulig.international.eu@gmail.com.

9. Cookie Notice

We use cookies and similar tracking technologies to improve your browsing experience, analyze site usage, and offer personalized content. You can accept all cookies, configure your preferences, or reject them. For more information, please see our Cookie Policy.

10. Changes to the Privacy Policy

We reserve the right to modify this privacy policy when necessary. Any changes will be posted on this page, and where relevant, we will notify you directly.

11. Data Security

We implement appropriate technical and organizational security measures, such as data encryption and ongoing staff training, to protect your personal data against unauthorized access, alteration, loss, or destruction.

12. Contact Information

If you have any questions, concerns, or wish to exercise your privacy rights, please feel free to contact us via email at krulig.international.eu@gmail.com.