top of page

PRIVACY POLICY

Last updated: May 2026

1. Who we are

Cláritas Regulatory is a consultancy specialising in EU cosmetics regulatory compliance. We provide services including Product Information Files (PIFs), CPNP notifications, labelling and claims review, and regulatory audits to independent beauty brands across Europe.

Trading name: Cláritas Regulatory

Website: claritasregulatory.eu

Contact email: info@claritasregulatory.eu

2. Scope of This Policy

This Privacy Policy explains how Cláritas Regulatory collects, uses, and protects personal data when you:

  • Visit our website (claritasregulatory.eu)

  • Contact us by email or through any contact form on our website

  • Engage with us in relation to our professional services

This policy is issued in compliance with Regulation (EU) 2016/679 (GDPR).

3. Personal Data We Collect

Data you provide directly

 

When you contact us or engage our services, we may collect:

  • Your name and job title

  • Your business name and website

  • Your email address and, where provided, telephone number

  • Information about your products and regulatory needs that you share with us

 

Data collected automatically

 

Our website may collect standard technical data through cookies and analytics tools, including IP address, browser type, pages visited, and visit duration. Where we use third-party analytics (e.g. Wix Analytics), that provider's own privacy policy also applies.

4. Legal Basis for Processing

We process your personal data on the following legal bases under Article 6 GDPR:

  • Legitimate interests (Art. 6(1)(f)): to respond to your enquiries, manage client relationships, and provide our services effectively

  • Performance of a contract (Art. 6(1)(b)): when processing is necessary to deliver agreed services

  • Compliance with a legal obligation (Art. 6(1)(c)): where required by applicable law

  • Consent (Art. 6(1)(a)): where you have explicitly agreed, for example by subscribing to communications

5. How We Use Your Personal Data

We use the personal data we collect for the following purposes:

  • To respond to your enquiries and provide the services you have requested

  • To manage our client relationships and fulfil our contractual obligations

  • To send relevant regulatory updates or communications where you have consented or where we have a legitimate interest

  • To comply with applicable legal obligations

  • To improve our website and services

 

We do not sell, rent, or trade your personal data to third parties for marketing purposes.

6. Data Sharing and Third Parties

We may share your personal data with trusted third-party service providers who assist us in operating our business, strictly on a need-to-know basis and under appropriate data processing agreements. These may include:

  • Our website platform provider (Wix.com Ltd), which hosts claritasregulatory.eu

  • Email service providers used for professional correspondence

  • Cloud storage or document management tools used to deliver our services

We do not transfer your personal data outside the European Economic Area (EEA) unless appropriate safeguards are in place in accordance with Chapter V of the GDPR.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Enquiry data from contacts who do not become clients: up to 12 months from last contact

  • Client data: for the duration of the engagement and up to 5 years thereafter

  • Website analytics data: as determined by the third-party analytics provider

8. Your Rights Under the GDPR

As a data subject under EU law, you have the following rights:

  • Right of access (Art. 15): to obtain a copy of your data

  • Right to rectification (Art. 16): to request correction of inaccurate data

  • Right to erasure (Art. 17): to request deletion of your data

  • Right to restriction of processing (Art. 18): to limit how we use your data

  • Right to data portability (Art. 20): to receive your data in a machine-readable format

  • Right to object (Art. 21): to object to processing based on legitimate interests

  • Right to withdraw consent: at any time, without affecting prior processing

To exercise any of these rights, please contact us at: info@claritasregulatory.eu

You also have the right to lodge a complaint with a supervisory authority. If you are located in Spain: Agencia Española de Protección de Datos (AEPD) — www.aepd.es. If located in another EU Member State, contact the supervisory authority of your country of residence.

9. Cookies

Our website uses cookies to ensure basic functionality and to analyse site traffic. You can control cookie settings through your browser preferences. Where cookies require your consent, we will request it via a cookie notice on your first visit.

For further information on how Wix uses cookies, please refer to Wix's Privacy Policy at www.wix.com/about/privacy.

10. Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, alteration, or disclosure. However, no method of transmission over the internet is completely secure.

11. Changes to this Policy

We may update this Privacy Policy from time to time. The date at the top of this document indicates when it was last revised.

12. Contact

Claritas Regulatory

Email: info@claritasregulatory.eu

Website: claritasregulatory.eu

bottom of page