1. Introduction
This Privacy Policy explains how Midori (“we”, “us”, “our”) collects, uses, and protects personal data when you visit our website or contact us.
We are committed to processing personal data in accordance with the General Data Protection Regulation (GDPR) and applicable Luxembourg data protection laws.
2. Data Controller
Midori SARL
2 rue Léon Laval
L-3372 Leudelange
Luxembourg
Email: info@midori.lu
Website: www.midori.lu
Midori is the data controller responsible for processing your personal data.
3. Hosting
Our website is hosted by:
OVHcloud
France (European Union)
The hosting infrastructure is located within the European Union. Personal data processed through our website is stored on secure servers within the EU.
OVHcloud acts as a data processor under a data processing agreement in accordance with GDPR requirements.
4. What Personal Data We Collect
Technical & Usage Data
When you visit our website, certain technical data may be collected automatically:
- IP address (anonymised where applicable)
- Browser type and version
- Device information
- Referrer URL
- Pages visited
- Date and time of access
5. Language Switcher
Our website offers multiple language versions.
The language switcher may store a functional cookie to remember your selected language.
This cookie:
- Does not track personal data
- Is necessary for website functionality
- Improves user experience
Functional cookies do not require explicit consent under GDPR where strictly necessary.
6. Purpose of Processing
We process personal data for the following purposes:
- Responding to inquiries
- Providing and managing services
- Improving website performance
- Ensuring website security
- Complying with legal obligations
We only collect data necessary for these purposes.
7. Legal Basis for Processing
We rely on the following legal bases under GDPR:
- Consent (e.g., analytics cookies)
- Contractual necessity (client services)
- Legitimate interest (website security and performance)
- Legal obligations
8. Data Retention
We retain personal data only as long as necessary:
- Contact inquiries: for the duration of communication and follow-up
- Client data: for the duration of the contractual relationship and applicable legal retention periods
9. Data Sharing
We do not sell personal data.
We may share data with trusted service providers, including:
- Hosting provider (OVHcloud)
- IT or technical service providers
These providers act as data processors under appropriate contractual safeguards.
10. International Data Transfers
Where data is transferred outside the European Economic Area (EEA), appropriate safeguards are implemented in accordance with GDPR requirements.
11. Your Rights
Under GDPR, you have the right to:
- Access your personal data
- Rectify inaccurate data
- Request erasure
- Restrict processing
- Object to processing
- Request data portability
- Withdraw consent at any time
You also have the right to lodge a complaint with the Luxembourg National Commission for Data Protection (CNPD).
12. Cookies
Our website uses cookies for:
- Essential functionality (e.g., language preference)
Where required, cookie consent is obtained via a cookie banner.
You may adjust cookie preferences at any time through your browser settings or the consent management tool.
13. Data Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure.
However, no internet transmission is completely secure.
14. Changes to This Policy
We may update this Privacy Policy from time to time. The latest version will always be available on this website.
15. Contact
For any questions regarding this Privacy Policy or your personal data, please contact:
Email: info@midori.lu