Privacy Policy

Heather’s Wardrobe

Information on the Handling of Personal Data

We appreciate your visit to our website and your interest in Heather’s Wardrobe. Protecting your personal data is very important to us. This Privacy Policy explains how we collect, use, and protect your personal information in accordance with the General Data Protection Regulation (GDPR).

Personal data refers to any information that can be used to identify you personally.

1. Data Controller

The data controller responsible for processing personal data on this website is:

Heather’s Wardrobe
Email: info@heatherswardrobe.com

We are not legally required to appoint a Data Protection Officer.

2. Website Security

Our website uses SSL/TLS encryption to ensure secure data transmission. You can recognize a secure connection by “https://” and the lock symbol in your browser.

We do not use automated decision-making or profiling that produces legal or similarly significant effects.

3. Data Collection When Visiting Our Website

When you visit our website, we automatically collect technical data:

  • Pages visited
  • Date and time of access
  • Amount of data transferred
  • Referring URL
  • Browser type and version
  • Operating system
  • IP address (anonymized where possible)

Legal basis: Legitimate interest (Art. 6(1)(f) GDPR)
This data is used to ensure website stability, functionality, and security.

4. Cookies

We use cookies to improve user experience and website functionality.

Types of cookies:

  • Necessary cookies – required for website operation (legal basis: legitimate interest)
  • Analytics cookies – to understand website usage (legal basis: consent)
  • Marketing cookies – for personalized advertising (legal basis: consent)

Cookies may collect information such as browser type, approximate location, and IP address.

On your first visit, you will be asked to consent to non-essential cookies via a cookie banner. You can change or withdraw your consent at any time.

You can also manage cookies through your browser settings. Disabling cookies may affect website functionality.

5. Contacting Us

If you contact us via email or contact form, we process your data to respond to your inquiry.

Legal basis:

  • Legitimate interest (general inquiries)
  • Contract performance (order-related inquiries)

Your data will be deleted once your request is resolved, unless legal retention obligations apply.

6. Customer Accounts and Orders

When you create an account or place an order, we process necessary personal data such as:

  • Name
  • Address
  • Email
  • Payment details

Legal basis: Contract performance (Art. 6(1)(b) GDPR)

You may request deletion of your account at any time. Data will then be retained only as required by law (e.g., tax regulations, typically 7 years in the Netherlands).

7. Email Marketing

Newsletter Subscription

If you subscribe to our newsletter:

  • We use a double opt-in process
  • We store your email address, IP address, and timestamp

Legal basis: Consent (Art. 6(1)(a) GDPR)

You can unsubscribe at any time via the link in the email or by contacting us.

Marketing Emails to Existing Customers

If you have made a purchase, we may send you emails about similar products.

Legal basis: Legitimate interest (Art. 6(1)(f) GDPR)

You can object to this at any time.

8. Order Processing and Payments

To fulfill your order, we share data with:

  • Shipping providers
  • Payment providers

Payment Providers

We may use services such as:

  • PayPal (PayPal Europe S.à r.l. et Cie, S.C.A.)
  • Klarna (Klarna Bank AB)

These providers process data under their own privacy policies and may perform credit checks.

Legal basis: Contract performance

9. Review Requests

After a purchase, we may send a one-time email requesting a review only if you have given consent during checkout.

You can withdraw your consent at any time.

10. Social Media Plugins

Our website includes social media buttons (e.g., Instagram, Facebook).

These are implemented in a privacy-friendly way. A connection to the platform is only established when you click the button.

After clicking, data processing is governed by the respective platform.

11. Analytics and Advertising

We use tools such as:

  • Google Analytics (Google Ireland Ltd.)
  • Google Ads
  • Meta (Facebook) Pixel

These tools help us analyze website usage and improve marketing.

  • IP anonymization is enabled where applicable
  • Data processing occurs only after consent (for tracking/marketing)

Legal basis: Consent (Art. 6(1)(a) GDPR)

You can withdraw consent at any time via cookie settings.

12. Retargeting and Remarketing

We use remarketing technologies to display relevant ads across platforms.

These services use cookies and tracking technologies.

Legal basis: Consent

You can opt out via:

  • Browser settings
  • Platform ad preferences

13. International Data Transfers

Some third-party providers (e.g., Google, Meta, PayPal) may transfer data outside the European Economic Area (EEA), including to the United States.

Where this occurs, we ensure appropriate safeguards, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission

14. Data Retention

We retain personal data only as long as necessary:

  • Order data: up to 7 years (legal obligation)
  • Customer accounts: until deletion request
  • Newsletter data: until unsubscribe
  • Analytics data: typically 14–26 months

After this period, data is securely deleted.

15. Your Rights

Under GDPR, you have the right to:

  • Access your data
  • Correct inaccurate data
  • Request deletion
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent at any time

You have the right to lodge a complaint with a relevant data protection authority. In the United States, this may include the Federal Trade Commission (FTC) or your state’s Attorney General.

16. Contact

If you have any questions or wish to exercise your rights:

Email: info@heatherswardrobe.com