Soutien

Privacy Policy

Last updated: October 16, 2025

We’re Squishable B.V., and we care deeply about keeping your personal information private and secure. This Privacy Policy explains what data we collect when you use our websites (including www.squishables.eu), how we use and protect it, and the rights you have under European and UK data protection laws.

1. Who We Are

Data Controller:

Squishable B.V.
De Lairessestraat 145 C
1075 HJ Amsterdam, Netherlands
Email: privacy@squishables.eu

Squishable B.V. is responsible for processing your personal data collected through our websites and online stores, in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the UK GDPR.

If you have any questions about how we handle your personal information, you can contact us at the email address above.

2. What Personal Data We Collect

We collect information from you in several ways, depending on how you interact with us.

A. When you make a purchase or create an account

Name, billing and shipping address
Email address and phone number
Order details and payment method (payment details are processed securely by third-party providers; we do not store full credit card numbers)
Account login details if you create an account

B. When you contact us

Your name, email address, and message contents when you fill out our contact form or reach out for customer support

C. When you subscribe to our newsletter

Your email address and marketing preferences
We record your consent to receive marketing messages and the date it was given

D. When you browse our website

Device and browser type, operating system, IP address, time on pages, and referring URLs
Cookie identifiers and usage analytics (see our Cookie Policy)

E. When you apply for a job

Any personal details you provide during recruitment (CV, cover letter, employment history, etc.)

3. How We Use Your Data and the Legal Basis

We only collect and use your personal data where there is a lawful basis under GDPR.

Catégorie de renseignements personnels définie dans le § 1798.140 du Code civil de Californie	Catégories de tiers à qui nous vendons ou partageons des informations personnelles
Identifiants personnels , y compris le nom réel, l'alias, l'adresse postale, l'identifiant personnel unique, l'identifiant en ligne, l'adresse IP, l'adresse e-mail ou d'autres identifiants similaires.	Des spécialistes du marketing tiers et d’autres tiers qui installent des cookies et d’autres technologies de suivi en ligne sur notre site.
Informations personnelles des dossiers clients de Californie (Cal. Civ. Code § 1798.80(e)), y compris le nom, la signature, les caractéristiques physiques ou la description, l'adresse, le numéro de téléphone, l'éducation, l'emploi, les antécédents professionnels, etc.	Nous ne vendons ni ne partageons cette catégorie d'informations personnelles.
Caractéristiques des classifications protégées par la loi californienne ou fédérale. Cela peut inclure l'âge, le statut d'ancien combattant, les informations sur l'hébergement, l'identité et l'expression de genre, l'orientation sexuelle et la religion.	Nous ne vendons ni ne partageons cette catégorie d'informations personnelles.
Informations commerciales , y compris les enregistrements de biens personnels, de produits ou de services achetés, obtenus ou envisagés, ou d'autres historiques ou tendances d'achat ou de consommation.	Des spécialistes du marketing tiers, des fournisseurs d'analyses et d'autres tiers qui installent des cookies et d'autres technologies de suivi en ligne sur notre site.
Informations sur les activités Internet et autres réseaux électroniques , y compris, mais sans s'y limiter, l'historique de navigation, l'historique de recherche et les informations sur les interactions individuelles avec un site Web, une application ou une publicité Internet.	Des spécialistes du marketing tiers, des fournisseurs d'analyses et d'autres tiers qui installent des cookies et d'autres technologies de suivi en ligne sur notre site.
Données de géolocalisation , telles que votre adresse IP.	Des spécialistes du marketing tiers, des fournisseurs d'analyses et d'autres tiers qui installent des cookies et d'autres technologies de suivi en ligne sur notre site.
Données sensorielles , y compris les informations audio, électroniques, visuelles, thermiques, olfactives ou similaires.	Nous ne vendons ni ne partageons cette catégorie d'informations personnelles.
Informations professionnelles ou liées à l'emploi .	Des spécialistes du marketing tiers, des fournisseurs d'analyses et d'autres tiers qui installent des cookies et d'autres technologies de suivi en ligne sur notre site.
Informations éducatives non publiques telles que définies dans la loi sur les droits à l'éducation et la confidentialité de la famille (20 USC § 1232g ; 34 CFR Partie 99).	Nous ne vendons ni ne partageons cette catégorie d'informations personnelles.
Informations personnelles sensibles telles que définies dans le Cal. Civ. Code § 1798.140 , y compris le numéro de sécurité sociale, le numéro de permis de conduire, la carte d'identité d'État ou le numéro de passeport ; les informations de citoyenneté ou d'immigration ; l'origine raciale ou ethnique ; les informations d'accès au compte (comme les noms d'utilisateur ou les numéros de compte combinés avec un mot de passe ou un autre code de sécurité/d'accès pour accéder à un compte).	Nous ne vendons ni ne partageons cette catégorie d'informations personnelles.

4. How Long We Keep Your Data

We only retain your data for as long as needed for the purpose it was collected.

How Long We Keep Your Data
Data Type	Retention Period
Order and contact data	3 years after your last purchase or account activity
Marketing and newsletter data	3 years after you unsubscribe
Website analytics	12 months
Job applications	1 year (longer if you give consent)
Financial and tax data	Minimum 7 years (legal requirement)

After these periods, your data will be deleted or anonymized.

5. Email Collection and Marketing Communications

If you choose to receive our newsletter or other marketing updates, we’ll store your email address and preferences securely using Omnisend.

Purpose: To send you marketing communications with your consent
Retention: Up to 3 years after you opt out, to ensure we don’t send unwanted messages
Storage: Data may be transferred to Omnisend servers in the U.S. under Standard Contractual Clauses (SCCs) as approved by the European Commission
Protection: Omnisend uses encryption, secure access controls, and GDPR-compliant data-processing agreements
Opt Out: You can unsubscribe at any time by clicking “unsubscribe” in any email or contacting us at
privacy@squishables.eu

You can view Omnisend’s policies here:

6. Cookies and Analytics

We use cookies and similar technologies to make our website work smoothly, personalize your experience, and analyze how it’s used.

For example, cookies help us remember what’s in your cart, measure website traffic, and show you relevant products.

You can see the full list of cookies and their durations by visiting our cookie policy.

You can change or withdraw your consent to cookies anytime using the “Manage Cookies” link at the bottom of our site.

7. How We Share Your Data

We only share your personal data where necessary and always under strict data-protection conditions.

This includes sharing information with trusted partners who help us provide our services, for example:

Shopify – Website hosting and e-commerce platform (servers located in the EEA) - Shopify Privacy Policy
Omnisend – Marketing communications (SCCs for U.S. transfers) - Omnisend Privacy Policy
Payment processors – PayPal, Apple Pay, Google Pay, VISA, Mastercard, American Express, and others
Analytics and advertising – Google Analytics, Meta (Facebook/Instagram), and (in future) TikTok Ads
Shipping providers – Delivery and logistics partners to fulfill your order

We require all third-party processors to comply with GDPR and use your data only as instructed by us.

We never sell or rent your personal data to anyone.

8. Data Transfers Outside the EEA or UK

If we transfer your data outside the EEA or UK, we ensure that it remains protected by one of the following safeguards:

Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions (for countries recognized as providing adequate protection)
Encryption and access control measures

Omnisend, Google, and Meta transfers are protected through SCCs and technical safeguards that align with GDPR Articles 44–49.

9. Your Rights Under GDPR

You have several important rights over your personal data, including:

Access: Request a copy of your data
Correction: Ask us to fix incorrect or outdated information
Erasure (“Right to be Forgotten”): Request deletion of your account or data (unless we need it for legal purposes)
Restriction: Ask us to limit how we use your data
Portability: Request a copy of your data in a portable format
Objection: Object to marketing or certain processing
Withdraw Consent: Withdraw consent for marketing or cookies at any time

To exercise any of these rights, you can contact us at privacy@squishables.eu or through the My Account → Manage My Data page.

We’ll respond within one month.

10. Account Deletion and Data Erasure

You can delete your account at any time through your account settings or by contacting us at privacy@squishables.eu.

We’ll delete your data within 30 days, except for records we must keep for legal or tax purposes (kept for 7 years).

11. Children’s Privacy

Our website and products are not directed to children under 16.

If we learn that we have collected data from a child under the applicable age of consent without parental permission, we’ll delete it promptly.

12. Data Security

We use appropriate technical and organizational measures to protect your personal data, including:

Encryption of data in transit
Firewalls and secure server configurations
Limited, role-based staff access
Regular audits and compliance reviews

While we take every reasonable step to protect your data, no online system can be 100% secure, so please use strong passwords and safeguard your account information.

13. Complaints

If you have a concern about how we handle your personal data, please contact us first at privacy@squishables.eu.

If we can’t resolve it, you have the right to lodge a complaint with your local supervisory authority:

Netherlands: Autoriteit Persoonsgegevens
United Kingdom: Information Commissioner’s Office (ICO)

14. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our services or legal obligations.

The latest version will always be available on our website, with the “Last updated” date shown at the top.

15. Contact Us

If you have any questions or wish to exercise your data rights, contact:

Squishable B.V.

De Lairessestraat 145 C
1075 HJ Amsterdam, Netherlands
Email: privacy@squishables.eu