Last Updated: [01.07.2025]

In simple terms, what this document is about:
Hello! This is Lixa. Your trust means everything to us. We care about your safety not only during beauty procedures but also when you use our website.
Here, we explain honestly and simply what data we collect, why we do it, how we store it, and most importantly, how we protect it. This document is drafted in accordance with the highest data protection standards, including Europe's GDPR and US laws.

1. Who We Are and Our Role in Protecting Your Data
We are Lixa, the company that provides you with insurance services. According to European law (GDPR), we are the "Data Controller." This means we determine what personal data we need and how to use it to provide you with our services, and we are fully responsible for its security.
If you have any questions about your data, please contact our Data Protection Officer:

Email: info@lixa.insure
Address: T2-SF-3E, RAKEZ Amenity Center, Al Hamra Industrial Zone-FZ, Ras Al Khaimah, United Arab Emirates

2. What Data We Collect and Why
We only collect information that is absolutely necessary.
• When you purchase a policy: Your first name, last name, email, phone number, and country of residence. This is needed to create your account, issue your insurance policy, and be able to contact you.
• When you make a payment: We do not see or store your full credit card details. This information is securely processed by our certified payment partners (e.g., Stripe).
• When you file a claim for assistance: This is the most sensitive information, and we treat it with the utmost care. We may ask you to provide details about the procedure, photos of the consequences, and medical records. We collect this data for one purpose only: to help you and arrange for medical or legal assistance.
• Technical and Analytical Data: Your IP address, browser type, and information about your use of our website (Cookies). This helps us ensure security, improve our site, and make it more user-friendly.

3. Legal Basis for Processing Data (Why We Have the Right to Do It)
We do not process your data without a reason. Here are our legal grounds for doing so:
• Performance of a Contract: This is our primary basis. When you buy a Lixa policy, you enter into a contract with us. To fulfill our part of the agreement (to provide you with protection and organize assistance), we need to process your data.
• Your Consent: For actions that are not part of our core service (like sending you marketing offers or using non-essential cookies), we always ask for your clear and unambiguous consent. You can withdraw it at any time.
• Legal Obligation: We are required to retain financial information (such as invoices) for tax reporting purposes, as required by law.
• Legitimate Interest: To ensure the security of our website and prevent fraud, we may analyze technical data. We do this after ensuring that our interests do not override your rights and freedoms.

4. Who We May Share Your Data With
We never sell your data. We only share it when necessary to provide you with assistance, and only with trusted partners.
• Partner Clinics and Lawyers: If you request insurance assistance, we provide them with the information needed to arrange treatment or a consultation.
• Technology Partners: Certified payment systems, hosting providers, and analytics services. All of them are obligated to adhere to strict data protection standards.
• Public Authorities: Only upon a lawful and justified request (e.g., a court order).

5. Your Rights — Your Full Control Over Your Data
You have full control over your information. Here are your rights:
• The right to access: To request a copy of all the data we hold about you.
• The right to rectification: To ask us to correct any inaccurate information.
• The right to erasure ("the right to be forgotten"): To ask us to delete your data (if it's no longer needed for the performance of the contract or by law).
• The right to restrict processing: To "pause" the processing of your data.
• The right to object: To object to the processing of your data for marketing purposes.
• The right to data portability: To receive your data in a convenient electronic format.
How to exercise your rights and our verification procedure:
To submit a request, please email us at info@lixa.insure. To protect your privacy, before providing access to or deleting your data, we will ask you to verify your identity. This may involve answering a security question or confirming via the email address used to purchase the policy. This ensures that no one else can access your information.

6. Security and Data Retention
• Security: We use modern protection methods. When you enter data on our website, look for the lock icon in your browser's address bar. This means the connection is protected with SSL encryption.
Important Warning: Please remember that standard email is not a 100% secure channel. Do not send sensitive information (like medical details) in a regular email unless we have asked you to do so through a secure channel.
• Data Retention: We do not keep your data for longer than necessary.
o Your profile and policy data: Is kept for the entire duration of your policy.
o After your policy expires: We retain the information for 3 years after the contract term ends. This is necessary to handle potential claims, resolve disputes, and comply with legal obligations.
o After this period, the data will be securely deleted or anonymized.

7. International Data Transfers and Links to Other Websites
• International Transfers: Your data is stored in secure data centers, which may be located in the EU, the US, or other countries. When transferring data outside the European Economic Area, we use approved protection mechanisms, such as Standard Contractual Clauses (SCCs), to ensure the same level of protection as in Europe.
• Links to Other Websites: Our site may contain links to our partners' websites (e.g., clinics). This privacy policy applies only to the Lixa website. We encourage you to read the privacy policies of other websites you visit.

8. Changes to This Policy
We may update this policy from time to time. If the changes are significant, we will notify you by email. The most current version will always be available on this page.

Thank you for trusting us. We are here to protect you.