Privacybeleid

Last updated: January 2025

1. Information We Collect

1.1 Information You Provide Directly

We collect information that you voluntarily provide to us when you:

• Make a Purchase: Name, email address, shipping address, billing address, phone number, and payment information (processed securely through Stripe)
• Subscribe to Our Newsletter: Email address and name (optional)
• Contact Us: Name, email address, and any information you include in your message
• Create an Account: Username, email address, and password (if applicable)

1.2 Information Collected Automatically

When you visit our website, we automatically collect certain information about your device and browsing behavior:

1.3 Cookies and Similar Technologies

We use cookies and similar tracking technologies to track activity on our website and store certain information. The cookies we use include:

• Essential Cookies: Required for website functionality (e.g., shopping cart, user authentication)
• Analytics Cookies: Help us understand how visitors use our website (Google Analytics, Microsoft Clarity)
• Preference Cookies: Remember your settings and preferences (e.g., language, currency)
• Marketing Cookies: Used to track the effectiveness of our advertising campaigns (only with your consent)

You can manage your cookie preferences through our cookie consent banner or your browser settings.

2. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

• Contract Performance: To fulfill orders, process payments, and provide customer service
• Legitimate Interests: For fraud prevention, security, and basic analytics
• Consent: For marketing emails, non-essential cookies, and detailed analytics
• Legal Obligations: To comply with tax, accounting, and other legal requirements

3. How We Use Your Information

We use the information we collect for the following purposes:

• Process and fulfill your orders
• Send order confirmations and shipping updates
• Respond to customer service requests and support needs
• Send marketing communications (with your consent)
• Improve our website, products, and services
• Prevent fraud and enhance security
• Comply with legal obligations
• Analyze website usage and optimize user experience

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information with:

4.1 Service Providers

• Stripe: Payment processing (PCI-DSS compliant)
• Plunk: Email marketing and transactional emails
• Shipping Partners: Order fulfillment and delivery
• Google Analytics: Website analytics (anonymized)
• Microsoft Clarity: User experience analytics
• Vercel: Website hosting and infrastructure

4.2 Legal Requirements

We may disclose your information if required by law or in response to valid requests by public authorities.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

• Order Information: 7 years (Belgian legal requirement for accounting records)
• Customer Account Data: Until account deletion request
• Marketing Consent: Until withdrawal of consent
• Analytics Data: 26 months (Google Analytics default)
• Cookie Data: Variable (see cookie policy)

6. Your Rights

To exercise any of these rights, please contact us using the information provided below.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• SSL/TLS encryption for data transmission
• Secure payment processing through Stripe (PCI-DSS Level 1 compliant)
• Regular security assessments and updates
• Access controls and employee training
• Secure data storage with encryption at rest

However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

8. International Data Transfers

Your information may be transferred to and processed in countries other than Belgium. When we transfer data outside the EEA, we ensure appropriate safeguards are in place:

• EU-US Data Privacy Framework (for US-based services)
• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions for countries with equivalent data protection laws

9. Children's Privacy

Our website is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child, please contact us immediately.

10. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to know what personal information we collect, use, and share
• Right to delete your personal information
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your privacy rights
• Right to correct inaccurate personal information
• Right to limit use of sensitive personal information

To exercise these rights, California residents may contact us using the information below.

11. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we may also notify you by email or through a prominent notice on our website.

12. Contact Information