Privacy Policy
Effective Date: August 16, 2025
This Privacy Policy explains how LuxRegDrafts.com (“we,” “us,” or “our”) collects, uses, and protects your personal data. We are a Luxembourg-based company providing regulatory compliance news, templates and solutions. This policy applies to our website, services, and all interactions with you.
We are committed to providing you with clear and simple solutions, and this policy is designed to give you peace of mind regarding your data.
1. Data Controller and Contact Information
The data controller for the personal data we collect is:
LuxRegDrafts.com
For any questions about this policy or to exercise your legal rights, please contact our Data Protection Officer at:
Email: luxregdraftsteam@gmail.com
Our processing of your personal data is governed by the General Data Protection Regulation (EU) 2016/679 (GDPR) and relevant Luxembourg data protection laws.
2. Information We Collect and How We Use It
We collect and process your personal data based on specific legal grounds. We will only use your data for the purposes for which it was collected.
a. Data Collected and Purpose
| Type of Data | Purpose of Processing | Legal Basis |
| Identity & Contact Data (Name, Company, Email, Address) | To register you as a new customer, manage your account, and provide customer support and newsletter (if you opted for the newsletter). | Performance of a contract. This data is essential to deliver the services you have purchased. |
| Transaction Data (Purchase history, billing details) | To process your orders, manage payments, and fulfill our contractual obligations. | Performance of a contract and Legal obligation (e.g., for tax and accounting records). |
| Technical & Usage Data (IP address, browser, visit duration, pages viewed) | To improve our website functionality, diagnose technical issues, and ensure our services are secure and reliable. | Legitimate interests. It is in our interest to provide an efficient and secure website. |
| Marketing & Communication Data (Preferences, subscription status) | To send you marketing communications about our products and services that may be of interest to you, provided you have explicitly opted in. | Consent. You have the right to withdraw this consent at any time. |
Important Note: We do not collect or process any sensitive personal data (e.g., racial origin, political opinions, health data) from you. Furthermore, as a provider of B2B services, we do not collect personal data from your end-customers or clients.
b. How We Collect Your Data
- Directly from You: When you create an account, purchase a product, sign up for a newsletter, or contact us.
- Automatically: Through cookies and similar technologies as you navigate our website. A separate Cookie Policy details the specific types of cookies used.
- From Third Parties: We may receive technical data from analytics providers (e.g., Google Analytics).
3. Data Disclosures and International Transfers
We share your personal data only when necessary and in accordance with the law. We do not sell your personal data to any third party.
- Service Providers: We may share your data with trusted third-party service providers who assist us in our business operations, such as payment processors (e.g., Stripe) and cloud hosting services. We only share the minimum data necessary for them to perform their functions.
- Professional Advisers: We may disclose your data to professional advisers, including lawyers, auditors, and insurers, to obtain legal, financial, or other advice.
- Legal & Regulatory Authorities: We may disclose your data to competent authorities in Luxembourg or other jurisdictions when required by law, court order, or to comply with a binding legal obligation.
We store and process your data primarily within the European Economic Area (EEA). If we ever transfer your data outside the EEA, we will ensure adequate protection is in place as required by the GDPR, such as through the use of Standard Contractual Clauses.
Transfers outside the EEA may occur through providers such as Google and Meta. Safeguards used: EU–US Data Privacy Framework or standard contractual clauses.
4. Data Security
The integrity of your data is paramount. We have implemented robust technical and organizational measures to protect your personal data against accidental loss, unauthorized access, alteration, or disclosure. We limit access to your personal data to only those employees, agents, and third parties who have a legitimate business need to know. All such parties are subject to a duty of confidentiality.
5. Data Retention
We will retain your personal data only for as long as is necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. As a rule, we retain transaction and financial records for a period of up to 10 years, as required by Luxembourg law.
6. Your Legal Rights
Under the GDPR, you have the following rights concerning your personal data:
- Right to Access: You can request a copy of the personal data we hold about you.
- Right to Rectification: You can ask us to correct any incomplete or inaccurate data we hold about you.
- Right to Erasure (‘Right to be Forgotten’): You can request that we delete your personal data.
- Right to Object: You can object to the processing of your personal data where we are relying on a legitimate interest.
- Right to Restrict Processing: You can ask us to suspend the processing of your personal data.
- Right to Data Portability: You can request the transfer of your personal data to another party.
- Right to Withdraw Consent: Where we rely on your consent, you can withdraw it at any time.
To exercise any of these rights, please contact us at luxregdraftsteam@gmail.com. We will respond to your request within one month.
7. Third-Party Websites
Our website may contain links to third-party websites, such as those of our payment processors or affiliates. Please be aware that we are not responsible for the privacy practices or the content of these external sites. We encourage you to review their privacy policies before providing any personal data to them.
8. Newsletters & opt-out
If you subscribe to our newsletter, we will send you updates about CSSF circulars, compliance insights, and related services. You may unsubscribe at any time by clicking the “unsubscribe” link in our emails or by contacting us directly at luxregdraftsteam@gmail.com.
9. Complaints
If you have any questions or concerns about our privacy practices, please contact us directly at luxregdraftsteam@gmail.com. You also have the right to lodge a complaint with the Luxembourg National Commission for Data Protection (CNPD), the supervisory authority for data protection issues in Luxembourg.