Privacy Policy

Introduction This privacy policy explains how we collect your personal data, the types of personal data we may collect about you, why we need it, what we do with it, how long we keep it, what we do with it and what your rights are.

This policy relates to both personal data that we have collected ourselves or acquired for our use, as well as data which has been provided to us by our clients and which we use to provide a service.

When VapeLab determines the purpose and means of processing of personal data collected, they are considered the Data Controllers. When Personal data is collected and processed by VapeLab on behalf of their clients who determine the purpose and means of processing, VapeLab acts as a data processor. This policy has been updated for the General Data Protection Regulation (GDPR). We are committed to protecting your privacy and the security of your personal data. We will not give or sell your information to any other company. We will only use such information to provide you with our services and keep you updated.

How do we collect your personal data? We may collect your personal data when you:

Visit our website; Contact us by phone or email; Engage with us on social media; Sign any of our service/product contracts; Fill out any form of information (e.g., Contact Us Form).

What type of personal data do we need? Our Personal Data Protection Policy governs the use and storage of your data. You can request a copy of our Personal Data Protection Policy by contacting our Data Protection Officer, in writing, at darren.vassallo@vdsupplies.com.

VapeLab is a data processor of the personal data our clients (our client and data controller) provide us with and of which our clients determine the purpose and means of processing.

We collect the following types of personal data from you to offer you a service, therefore acting as data processors on your behalf:

Your name; Your surname; Your address; Your telephone number; Your mobile number; Your email address; Information related to the browser or device you use to access our website.

We use reasonable efforts to safeguard the confidentiality of any and/or all Personal Data that we may process relating to our clients and regularly review and enhance our technical, physical, and managerial procedures so as to ensure that your Personal Data is protected from:

unauthorised access; improper use or disclosure; unauthorised modification; unlawful destruction or accidental loss.

To this end, we have implemented security policies, rules, and technical and organisational measures to protect the Personal Data that we process on behalf of our clients. All our members, staff, and sub-data processors (including specific subcontractors), who may have access to and are associated with the processing of Personal Data, are further obliged (under contract) to respect the confidentiality of data subjects’ Personal Data as well as other obligations as imposed by the Data Protection Laws.

Why we need your personal data? We need your personal data:

To establish and fulfil a contract with you, for example, if you enter into an agreement to provide or receive services. We require this information to enter into a contract with you and are unable to do so without it; To maintain an effective communication channel with you throughout the execution of a service/job, to manage our relationship with you as our customer and to improve our services and enhance your experience with us in the future; To respond, with your express consent, to any comments or complaints we may receive from you, and/or in accordance with our legitimate interests including to investigate any complaints received from you or from others about our website or our products or services; To personalise (i) our communications to you; provide you with (ii) updates on any services/products we are providing you with (iii) updates on any jobs where your services may be required; and (iv) products or services for you, in accordance with our legitimate interests; To protect VapeLab’s legitimate business interests and legal rights, including but not limited to, use in connection with legal claims, compliance, regulatory and investigative purposes (including disclosure of such information in connection with legal process or litigation); To receive payment for any products/services provided.

Where applicable and allowed, you have been given an opportunity to opt-out. You will continue to be able to opt out of electronic communications at any time by following the instructions in the relevant communication.

What we do with it? Your personal data is processed in our offices in Qormi located in Malta. Hosting and storage of your data takes place on our servers located in Amsterdam, Netherlands.

We may also share your personal data with the below third parties:

Any regulatory authority or statutory body pursuant to a request for information or any legal obligation which applies to us; Our professional advisors such as our auditors, consultants and external legal and financial advisors.

No other third-party providers have access to your data unless specifically required by law.

How long we keep it? As data processors on behalf of our clients:

Under Maltese law, we are required to keep your documents according to your (our client) Data Retention Policy. After this period, your personal data will be irreversibly destroyed. Any personal data held by us for marketing, service update notifications, and requests for services or products required by VapeLab, will be kept by us until such time that you notify us that you no longer wish to receive this information. We will not retain your data for longer than you (our client) stipulate.

We will keep your information for the length of any contractual relationship you have with us and after that for a period of 10 years due to fiscal laws that impinge on VapeLab. In cases of legal issues, these are retained until the relevant court case is resolved.

As data controllers:

Under Maltese law, we are required to keep your documents according to our Data Retention Policy. After this period, your personal data will be irreversibly destroyed.

What are your rights? You have the right to request:

Access to your personal data; An electronic copy of your personal data (portability); Correction of your personal data if it is incomplete or inaccurate; or Deletion or restriction of your personal data in certain circumstances provided by applicable law.

Where we have obtained your consent for the processing of your personal data, you have the right to withdraw your consent at any time.

If you still feel that your personal data has not been handled appropriately according to the law, you can contact the Information & Data Protection Office (IDPC) located in Sliema and file a complaint with them.

Office of the Information and Data Protection Commissioner

Floor 2, Airways House, Triq Il-Kbira, Tas-Sliema SLM 1549, Malta

idpc.info@idpc.org.mt

Quick Sale Items

Elfliq SALTS – Apple Peach

Elfliq SALTS – Banana Ice

Same Day Delivery

STORES

FREE SHIPPING

CUSTOMER CARE

VAPELAB

Vestibulum curae torquent diam diam commodo parturient penatibus nunc dui adipiscing convallis bulum parturient suspendisse parturient a.Parturient in parturient scelerisque nibh lectus quam a natoque adipiscing a vestibulum hendrerit et pharetra fames nunc natoque dui.

Delivery & Returns - Terms and Conditions

Vestibulum penatibushac parturient scelerisque vestibulum amet elit ut volutpat.