Privacy Policy


Last Updated: 22.3.2025

Welcome to Drift and Craft ("we," "our," "us"). Your privacy is important to us. This Privacy Policy explains how we collect, use, and protect your personal data in compliance with the General Data Protection Regulation (GDPR).

1. Data Controller

The data controller responsible for your personal data is:
Dr. Sabine Joseph
Rua das Pereiras 31, 2510-662 Vau, Obidos, Portugal
sabijo07@gmail.com

2. What Data We Collect

We collect and process the following types of personal data:

  • Personal Identification Information: Name, email address, phone number (if provided)

  • Website Usage Data: IP address, browser type, device information

  • Order & Payment Data: If applicable, we collect necessary payment details via secure third-party payment processors

  • Communication Data: Messages sent via contact forms, email, or other means

3. How We Collect Your Data

We collect data when you:

  • Visit our website (cookies and tracking technologies may apply)

  • Contact us via forms, email, or phone

  • Place an order or subscribe to our services

  • Sign up for newsletters or events

4. Why We Process Your Data

We process your personal data for the following purposes:

  • To provide and maintain our services

  • To process transactions and send order confirmations

  • To communicate with you regarding inquiries, support, or updates

  • To improve our website and user experience

  • To comply with legal obligations

5. Legal Basis for Processing

We process your data based on:

  • Contractual necessity: When you purchase a product or service

  • Legitimate interests: For analytics and customer service improvements

  • Legal obligations: To comply with tax, legal, and regulatory requirements

  • Consent: When you subscribe to newsletters or allow cookie tracking

6. Data Sharing & Third Parties

We do not sell or rent your data. However, we may share data with:

  • Service providers (e.g., hosting, analytics, payment processing)

  • Legal authorities when required by law

  • Business partners only with your consent

7. Data Retention

We retain your personal data only as long as necessary to fullfill the purposes outlined in this policy or as required by law.

8. Your Rights Under GDPR

As an EU resident, you have the following rights:

  • Access: Request a copy of your personal data

  • Correction: Request corrections to inaccurate or incomplete data

  • Erasure: Request deletion of your personal data

  • Restriction: Request limited processing of your data

  • Objection: Object to data processing under certain circumstances

  • Data Portability: Request transfer of your data to another service

To exercise these rights, please contact us at: [Your Contact Email].

9. Cookies & Tracking Technologies

We use cookies to enhance your experience. You can manage or disable cookies via your browser settings.

10. Security Measures

We take appropriate technical and organisational measures to protect your personal data from unauthorised access, loss, or misuse.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date.