Apoyo

Privacy Policy

Last updated: October 16, 2025

We’re Squishable B.V., and we care deeply about keeping your personal information private and secure. This Privacy Policy explains what data we collect when you use our websites (including www.squishables.eu), how we use and protect it, and the rights you have under European and UK data protection laws.

1. Who We Are

Data Controller:

Squishable B.V.
De Lairessestraat 145 C
1075 HJ Amsterdam, Netherlands
Email: privacy@squishables.eu

Squishable B.V. is responsible for processing your personal data collected through our websites and online stores, in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the UK GDPR.

If you have any questions about how we handle your personal information, you can contact us at the email address above.

2. What Personal Data We Collect

We collect information from you in several ways, depending on how you interact with us.

A. When you make a purchase or create an account

Name, billing and shipping address
Email address and phone number
Order details and payment method (payment details are processed securely by third-party providers; we do not store full credit card numbers)
Account login details if you create an account

B. When you contact us

Your name, email address, and message contents when you fill out our contact form or reach out for customer support

C. When you subscribe to our newsletter

Your email address and marketing preferences
We record your consent to receive marketing messages and the date it was given

D. When you browse our website

Device and browser type, operating system, IP address, time on pages, and referring URLs
Cookie identifiers and usage analytics (see our Cookie Policy)

E. When you apply for a job

Any personal details you provide during recruitment (CV, cover letter, employment history, etc.)

3. How We Use Your Data and the Legal Basis

We only collect and use your personal data where there is a lawful basis under GDPR.

Categoría de información personal establecida en el Código Civil de California, artículo 1798.140	Categorías de terceros a quienes vendemos o compartimos información personal
Identificadores personales , incluido nombre real, alias, dirección postal, identificador personal único, identificador en línea, dirección de Protocolo de Internet, dirección de correo electrónico u otros identificadores similares.	Comercializadores externos y otros terceros que establecen cookies y otras tecnologías de seguimiento en línea en nuestro sitio.
Información personal de registros de clientes de California (Código Civil de California § 1798.80(e)), incluido nombre, firma, características físicas o descripción, dirección, número de teléfono, educación, empleo, historial laboral, etc.	No vendemos ni compartimos esta categoría de información personal.
Características de las clasificaciones protegidas por la ley federal o de California. Esto puede incluir edad, condición de veterano, información sobre alojamiento, identidad y expresión de género, orientación sexual y religión.	No vendemos ni compartimos esta categoría de información personal.
Información comercial , incluyendo registros de propiedad personal, productos o servicios comprados, obtenidos o considerados, u otros historiales o tendencias de compra o consumo.	Comercializadores externos, proveedores de análisis y otros terceros que configuran cookies y otras tecnologías de seguimiento en línea en nuestro sitio.
Información sobre la actividad de Internet y otras redes electrónicas , que incluye, entre otros, el historial de navegación, el historial de búsqueda y la información sobre interacciones individuales con un sitio web, una aplicación o un anuncio de Internet.	Comercializadores externos, proveedores de análisis y otros terceros que configuran cookies y otras tecnologías de seguimiento en línea en nuestro sitio.
Datos de geolocalización , como su dirección IP.	Comercializadores externos, proveedores de análisis y otros terceros que configuran cookies y otras tecnologías de seguimiento en línea en nuestro sitio.
Datos sensoriales que incluyen información auditiva, electrónica, visual, térmica, olfativa o similar.	No vendemos ni compartimos esta categoría de información personal.
Información profesional o relacionada con el empleo .	Comercializadores externos, proveedores de análisis y otros terceros que configuran cookies y otras tecnologías de seguimiento en línea en nuestro sitio.
Información educativa no pública según se define en la Ley de Derechos Educativos y Privacidad de la Familia (20 USC § 1232g; 34 CFR Parte 99).	No vendemos ni compartimos esta categoría de información personal.
Información personal confidencial, según lo establecido en el Código Civil de California, artículo 1798.140 , incluyendo número de seguro social, número de licencia de conducir, documento de identidad estatal o número de pasaporte; información de ciudadanía o inmigración; origen racial o étnico; credenciales de acceso a la cuenta (como nombres de usuario o números de cuenta combinados con contraseña u otro código de seguridad/acceso para acceder a una cuenta).	No vendemos ni compartimos esta categoría de información personal.

4. How Long We Keep Your Data

We only retain your data for as long as needed for the purpose it was collected.

How Long We Keep Your Data
Data Type	Retention Period
Order and contact data	3 years after your last purchase or account activity
Marketing and newsletter data	3 years after you unsubscribe
Website analytics	12 months
Job applications	1 year (longer if you give consent)
Financial and tax data	Minimum 7 years (legal requirement)

After these periods, your data will be deleted or anonymized.

5. Email Collection and Marketing Communications

If you choose to receive our newsletter or other marketing updates, we’ll store your email address and preferences securely using Omnisend.

Purpose: To send you marketing communications with your consent
Retention: Up to 3 years after you opt out, to ensure we don’t send unwanted messages
Storage: Data may be transferred to Omnisend servers in the U.S. under Standard Contractual Clauses (SCCs) as approved by the European Commission
Protection: Omnisend uses encryption, secure access controls, and GDPR-compliant data-processing agreements
Opt Out: You can unsubscribe at any time by clicking “unsubscribe” in any email or contacting us at
privacy@squishables.eu

You can view Omnisend’s policies here:

6. Cookies and Analytics

We use cookies and similar technologies to make our website work smoothly, personalize your experience, and analyze how it’s used.

For example, cookies help us remember what’s in your cart, measure website traffic, and show you relevant products.

You can see the full list of cookies and their durations by visiting our cookie policy.

You can change or withdraw your consent to cookies anytime using the “Manage Cookies” link at the bottom of our site.

7. How We Share Your Data

We only share your personal data where necessary and always under strict data-protection conditions.

This includes sharing information with trusted partners who help us provide our services, for example:

Shopify – Website hosting and e-commerce platform (servers located in the EEA) - Shopify Privacy Policy
Omnisend – Marketing communications (SCCs for U.S. transfers) - Omnisend Privacy Policy
Payment processors – PayPal, Apple Pay, Google Pay, VISA, Mastercard, American Express, and others
Analytics and advertising – Google Analytics, Meta (Facebook/Instagram), and (in future) TikTok Ads
Shipping providers – Delivery and logistics partners to fulfill your order

We require all third-party processors to comply with GDPR and use your data only as instructed by us.

We never sell or rent your personal data to anyone.

8. Data Transfers Outside the EEA or UK

If we transfer your data outside the EEA or UK, we ensure that it remains protected by one of the following safeguards:

Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions (for countries recognized as providing adequate protection)
Encryption and access control measures

Omnisend, Google, and Meta transfers are protected through SCCs and technical safeguards that align with GDPR Articles 44–49.

9. Your Rights Under GDPR

You have several important rights over your personal data, including:

Access: Request a copy of your data
Correction: Ask us to fix incorrect or outdated information
Erasure (“Right to be Forgotten”): Request deletion of your account or data (unless we need it for legal purposes)
Restriction: Ask us to limit how we use your data
Portability: Request a copy of your data in a portable format
Objection: Object to marketing or certain processing
Withdraw Consent: Withdraw consent for marketing or cookies at any time

To exercise any of these rights, you can contact us at privacy@squishables.eu or through the My Account → Manage My Data page.

We’ll respond within one month.

10. Account Deletion and Data Erasure

You can delete your account at any time through your account settings or by contacting us at privacy@squishables.eu.

We’ll delete your data within 30 days, except for records we must keep for legal or tax purposes (kept for 7 years).

11. Children’s Privacy

Our website and products are not directed to children under 16.

If we learn that we have collected data from a child under the applicable age of consent without parental permission, we’ll delete it promptly.

12. Data Security

We use appropriate technical and organizational measures to protect your personal data, including:

Encryption of data in transit
Firewalls and secure server configurations
Limited, role-based staff access
Regular audits and compliance reviews

While we take every reasonable step to protect your data, no online system can be 100% secure, so please use strong passwords and safeguard your account information.

13. Complaints

If you have a concern about how we handle your personal data, please contact us first at privacy@squishables.eu.

If we can’t resolve it, you have the right to lodge a complaint with your local supervisory authority:

Netherlands: Autoriteit Persoonsgegevens
United Kingdom: Information Commissioner’s Office (ICO)

14. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our services or legal obligations.

The latest version will always be available on our website, with the “Last updated” date shown at the top.

15. Contact Us

If you have any questions or wish to exercise your data rights, contact:

Squishable B.V.

De Lairessestraat 145 C
1075 HJ Amsterdam, Netherlands
Email: privacy@squishables.eu