Privacy policy

Last updated: September 2025

This Privacy Policy sets out how LERA WORLD B.V. (“LERA,” “we,” “our,” or “us”) processes personal data. LERA is committed to ensuring that personal data is collected and processed in accordance with applicable privacy and data protection legislation, including the General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”).

(1) Controller Details

Entity: LERA WORLD B.V.

Chamber of Commerce (KvK) number: 91976693

Registered office: Ferdinand Bolstraat 146, 1072 LS Amsterdam, the Netherlands

Email: team@leraworld.com

LERA is the controller in respect of the personal data collected via its website(s), applications, and physical stores.

(2) Scope

This Privacy Policy applies to:

The website located at https://leraworld.com and any other websites or applications operated by LERA that refer to this Policy.

Data processed when you visit our stores or otherwise interact with our services.

(3) Categories of Personal Data

LERA may process the following categories of personal data:

Identification data (first and last name, date of birth, gender).

Contact details (address, telephone number, email address).

Transaction and financial data (payment details, order history, bank account information, invoicing records).

Demographic and business data (company name, Chamber of Commerce number).

Technical data (IP address, browser and device details, cookies—see Section 10).

Communication data (messages and correspondence with LERA).

(4) Purposes of Processing

Personal data is collected and processed exclusively for specified, explicit, and legitimate purposes, including:

The performance of contracts with customers, including the provision of goods and services.

Administration of customer accounts and processing of payments.

Compliance with legal obligations, including tax and accounting requirements.

Provision of customer support and communication.

Direct marketing, promotions, and newsletters (subject to consent where required).

Improving and developing services, websites, and customer experience.

Security, fraud prevention, and enforcement of LERA’s terms and policies.

Analytics and business operations.

(5) Legal Basis

Processing of personal data by LERA is based on one or more of the following legal grounds under Article 6 GDPR:

Performance of a contract (Article 6(1)(b)) – where data is required to provide products or services.

Consent (Article 6(1)(a)) – for direct marketing, cookies, or other non-essential processing.

Legal obligation (Article 6(1)(c)) – for compliance with applicable laws.

Legitimate interests (Article 6(1)(f)) – for business operations, improvement of services, and fraud prevention.

(6) Retention

Personal data will not be retained longer than necessary for the purposes for which it is processed. Retention periods are determined as follows:

Transactional and invoicing data: retained for 8 years in accordance with Dutch tax law.

Customer support and correspondence data: retained for up to 1 year after the last interaction, unless earlier deletion is requested.

Marketing data: retained until consent is withdrawn.

(7) Sharing of Data

LERA does not sell personal data to third parties. Personal data may be disclosed to:

Service providers and processors engaged by LERA (e.g., IT, payment, logistics, marketing) subject to contractual safeguards.

Public authorities where required by law.

Other parties where necessary to protect LERA’s rights or in connection with a business transaction, subject to applicable legal requirements.

Where personal data is transferred outside the European Economic Area, appropriate safeguards under Chapter V GDPR will be implemented.

(8) Data Subject Rights

Under GDPR, you have the following rights:

Right of access to your personal data.

Right to rectification of inaccurate or incomplete data.

Right to erasure (“right to be forgotten”) in certain circumstances.

Right to restriction of processing.

Right to data portability.

Right to object to processing, including direct marketing.

Right to withdraw consent, where processing is based on consent.

Right not to be subject to automated decision-making producing legal effects.

Requests to exercise these rights should be directed to team@leraworld.com. LERA will respond within one month of receipt.

(9) Children’s Data

LERA’s services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that such data has been collected, it will be promptly deleted.

(10) Cookies

LERA uses cookies and similar technologies to operate its websites, enhance user experience, and perform analytics. Visitors are requested to provide consent to non-essential cookies upon their first visit.

Cookies may be used for:

Essential site functionality.

Analytics (e.g., Google Analytics, Webflow statistics).

Marketing and personalization, where consented.

You can adjust or withdraw your cookie consent at any time through your browser settings or the cookie banner provided on our website.

(11) Security

LERA implements appropriate technical and organisational measures to secure personal data against unauthorised access, alteration, disclosure, or destruction. Despite these measures, absolute security of data transmitted via the internet cannot be guaranteed.

(12) Updates

LERA may amend this Privacy Policy from time to time. Any material changes will be published on our website. Continued use of our services following such updates constitutes acceptance of the revised policy.

(13) Complaints

If you are dissatisfied with the way LERA processes your personal data, you have the right to lodge a complaint with the Autoriteit Persoonsgegevens (Dutch Data Protection Authority) via https://autoriteitpersoonsgegevens.nl.

Amsterdam, September 2025

‍