Privacy Policy

Last updated: November 16, 2025

Through our webshop, privacy-sensitive data – or personal data – is processed.
Hugsback considers careful handling of personal data very important. Therefore, we process and secure your data with care.

In our processing, we comply with the requirements of the General Data Protection Regulation (GDPR). This means, among other things, that we:

  • clearly indicate for which purposes we process personal data;
  • not collect more data than necessary;
  • ask for your consent first when required;
  • take appropriate security measures;
  • respect your rights to access, correct, or delete your data.

Hugsback is responsible for data processing. In this privacy statement, we explain which personal data we collect, why we use it, and with which parties we collaborate. We advise you to read this statement carefully.

If you have any questions, you can always contact Hugsback (contact details at the bottom).

Processing your order

When you order something in our webshop, we need personal data to process your order correctly. We use the following for this:

  • your name and address details
  • phone number
  • email address
  • payment information
  • shipping information

This data is used to:

  • to process the order
  • to process payments viaMollie
  • to keep you informed about the status of your order
  • to deliver the order via our shipping partnerSendcloud (which collaborates with delivery services such as PostNL, DHL, etc.)

The legal basis for this is the execution of the agreement.

We retain this informationfor up to two years after completing the order.
We keep part of the data (such as invoices) forseven years due to the legal tax retention obligation.

Disclosure to third parties

We work with various parties that may receive your personal data when necessary for our services.

These parties include:

• Shopify (hosting our webshop)

Shopify processes personal data to enable our webshop.

• Mollie (payment processing)

For iDEAL, Bancontact, credit card, Klarna, and other payment methods.

• Sendcloud (shipping processing)

For printing shipping labels and providing shipping information to carriers.

• Klaviyo (email marketing & newsletter)

Only when you sign up.

• Meta (Facebook/Instagram) & TikTok

Only when you give consent for marketing cookies.

These parties process personal data according to their own privacy policy and comply with the GDPR.

Wenever share your data with other companies or institutions, unless legally required (for example, in a police investigation).

Statistics and analysis

We keep track of statistics about the use of our webshop. This helps us improve the website and show more relevant information.

We use the following:

  • Shopify Analytics
  • Google Analytics (non-anonymized IP by choice of tracking)

We have a data processing agreement with Google and have made strict agreements about what they may do with the data.

We do not unnecessarily combine statistical data with other personal data.

Cookies and tracking

Our webshop uses cookies. We use them for:

Functional cookies

Necessary for the webshop to function properly (login, shopping cart, preferences).

Analytical cookies

To measure how visitors use our webshop.

Marketing cookies (only with consent)

For personalized advertisements via:

  • Meta Pixel
  • TikTok Pixel
  • Klaviyo (email behavior)

On your first visit, we show a cookie banner that allows you to give or refuse consent.

You can always disable cookies through your browser settings.

Advertising and newsletters

We only send advertisements or newsletters if you have signed up for them.

We then send messages via:

  • email (Klaviyo)
  • possibly WhatsApp (only if you sign up for it)

Every marketing email contains an unsubscribe link.

You can unsubscribe at any time.

Security

We take security measures to prevent misuse, loss, or unauthorized access to personal data.

This includes:

  • secure connections (SSL)
  • secure storage via Shopify
  • access security
  • regular updates

We pay close attention to potential vulnerabilities and continuously adjust security.

Retention periods

We never retain personal data longer than necessary.

  • Order data: 2 years
  • Invoice data: 7 years (legal obligation)
  • Newsletter data: until unsubscribed
  • Support messages: up to 2 years
  • Account data: as long as the account is active

Your rights

You have the following rights under the GDPR:

  • get an explanation of what personal data we hold
  • access the data we have about you
  • request correction of errors
  • request deletion of outdated data
  • request data transfer
  • withdraw consent
  • object to a specific use

Always provide clear identification with a request, so we can ensure that the correct data is adjusted.

File a complaint

Do you feel that we are not adequately assisting you with your privacy rights?
You have the right to file a complaint with:

Data Protection Authority
https://autoriteitpersoonsgegevens.nl

Changes to this privacy statement

We may update this privacy statement from time to time.
We recommend that you review the statement regularly to stay informed of any changes.

Contact details

Hugsback
Broekkantsedijk 32
5482ET Schijndel
Netherlands

E-mail: info@hugsback.com
WhatsApp: +31 6 45972787
Chamber of Commerce: 97949620
VAT number: NL868300500B01