PRIVACY POLICY
Last updated: 01.03.2026
1. INTRODUCTION

Welcome to Composite Marin ("Company", "we", "our", "us"). We are committed to protecting your personal data and your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website composite-marin.com (the "Site"). Please read this policy carefully. If you do not agree with the terms, do not access the Site.
2. CONTROLLER

The entity responsible for the processing of your personal data (the data controller) is:

[Company Name]
[Full legal address]
[Country]
Email: [Email address for privacy inquiries]
Phone: [Phone number, optional]

If you have any questions about this Privacy Policy or our data practices, please contact our Data Protection Officer (DPO) at [DPO email or contact] (if applicable).
3. WHAT PERSONAL DATA WE COLLECT

We may collect and process the following categories of personal data about you:
  • Identity Data: first name, last name, username, title, date of birth.
  • Contact Data: delivery address, email address, telephone numbers.
  • Financial Data: payment card details, bank account information – Note: we may not store full payment details; they are processed by our payment providers.
  • Transaction Data: details about payments to and from you, products/services you have purchased.
  • Technical Data: IP address, browser type and version, time zone setting, operating system and platform, device information.
  • Profile Data: username and password, purchases or orders made by you, preferences, feedback, survey responses.
  • Usage Data: information about how you use our website, products and services.
  • Marketing and Communications Data: your preferences in receiving marketing from us and your communication preferences.
We do not collect any Special Categories of Personal Data (sensitive data) unless explicitly required and with your explicit consent.

4. HOW WE COLLECT YOUR PERSONAL DATA

We use different methods to collect data from and about you, including:
  • Direct interactions: You may give us your Identity, Contact, and Financial Data by filling in forms, registering on the Site, placing an order, subscribing to our newsletter, or corresponding with us.
  • Automated technologies or interactions: As you interact with our Site, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this data by using cookies, server logs, and other similar technologies.
  • Third parties or publicly available sources: We may receive personal data about you from various third parties, such as analytics providers (e.g., Google Analytics), advertising networks, payment processors, and delivery services.
5. HOW WE USE YOUR PERSONAL DATA

We will only use your personal data when the law allows us to. Most commonly, we will use your data in the following circumstances:
  • To perform a contract we are about to enter into or have entered into with you (e.g., to process your order).
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (e.g., to improve our website, for fraud prevention).
  • To comply with a legal or regulatory obligation.
  • Where you have given consent (e.g., for marketing communications, for certain cookies).
Below is a table summarising the purposes for which we use your data and the legal bases we rely on.

Purpose/Activity

Type of data

Lawful basis for processing

To register you as a new customer

Identity, Contact

Performance of a contract with you

To process and deliver your order

Identity, Contact, Financial, Transaction

Performance of a contract with you; necessary for our legitimate interests (e.g., to recover debts)

To manage our relationship with you (e.g., to notify you about changes to our terms)

Identity, Contact, Profile

Performance of a contract; necessary to comply with a legal obligation; necessary for our legitimate interests

To administer and protect our business and this Site (including troubleshooting, data analysis, testing, system maintenance)

Identity, Contact, Technical

Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security)

To deliver relevant website content and advertisements to you

Identity, Contact, Profile, Usage, Marketing, Technical

Consent (for cookies/tracking); necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business)

To use data analytics to improve our website, products/services, marketing, customer relationships

Technical, Usage

Necessary for our legitimate interests (to keep our Site updated and relevant, to develop our business and inform our marketing strategy)

To make suggestions and recommendations about goods or services that may be of interest to you

Identity, Contact, Technical, Usage, Profile

Consent (for direct marketing); necessary for our legitimate interests (to develop our products/services and grow our business)

6. COOKIES AND TRACKING TECHNOLOGIES

Our Site uses cookies and similar tracking technologies to distinguish you from other users. This helps us provide you with a good experience, allows us to improve our Site, and enables us to show you relevant advertising.
  • Strictly Necessary Cookies: Essential for the operation of our Site.
  • Functional Cookies: Used to recognise you when you return and remember your preferences.
  • Analytical/Performance Cookies: Allow us to recognise and count the number of visitors and see how visitors move around our Site.
  • Targeting/Advertising Cookies: Record your visit to our Site, the pages you have visited, and the links you have followed. We may share this information with third parties for advertising purposes.
When you first visit our Site, a cookie banner will appear asking for your consent to set non-essential cookies.
7. DISCLOSURES OF YOUR PERSONAL DATA

We may share your personal data with the following categories of third parties for the purposes set out in Section 5:
  • Service providers acting as processors who provide IT, system administration, payment processing, marketing, and other services.
  • Professional advisers including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services.
  • Regulators and other authorities who require reporting of processing activities in certain circumstances.
  • Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Policy.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
8. INTERNATIONAL TRANSFERS

Some of our external third parties may be based outside the European Economic Area (EEA), so their processing of your personal data may involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by implementing at least one of the following safeguards:
  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection by the European Commission.
  • Where we use certain service providers, we may use specific contracts approved by the European Commission (Standard Contractual Clauses) which give personal data the same protection it has in Europe.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
9. DATA SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
10. DATA RETENTION

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process your data, and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances you can ask us to delete your data (see Section 11 below). We may also anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
11. YOUR LEGAL RIGHTS

Under certain circumstances, you have rights under data protection laws in relation to your personal data:
  • The right to access your personal data (commonly known as a "data subject access request").
  • The right to rectification of inaccurate personal data.
  • The right to erasure of your personal data (the "right to be forgotten").
  • The right to restrict processing of your personal data.
  • The right to data portability (to receive a copy of your data in a structured, commonly used, machine-readable format and to transmit it to another controller).
  • The right to object to processing of your personal data, including processing for direct marketing purposes.
  • The right to withdraw consent at any time where we are relying on consent to process your personal data. This will not affect the lawfulness of any processing carried out before you withdraw your consent.
  • The right to lodge a complaint with a supervisory authority (in particular in the EU member state of your habitual residence, place of work, or place of an alleged infringement) if you consider that our processing of your personal data infringes data protection laws.
If you wish to exercise any of these rights, please contact us at [Email for privacy requests] .
12. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. Any changes will be posted on this page, and if the changes are significant, we will provide a more prominent notice (such as sending an email notification). Please check back frequently to see any updates or changes.
13. THIRD-PARTY LINKS

Our Site may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Site, we encourage you to read the privacy policy of every website you visit.