HandMadeForWinds

Privacy policy

1. General Information

The Data Controller is HandMadeForWinds, an online store available at: https://handmadeforwinds.com.

You can contact the Data Controller via:

The Controller makes every effort to ensure that personal data is protected in accordance with applicable law, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR).

2. What Data We Process

Depending on how you use the website, we may process:

  • Data voluntarily provided in forms (e.g., name, surname, email address, shipping address, phone number),
  • Data related to order fulfillment (contact, address, and payment details),
  • Technical data (IP address, browser type, operating system, cookies),
  • Data provided when registering an account, subscribing to the newsletter, or leaving a comment.

3. Purposes and Legal Basis of Data Processing

Your personal data may be processed for the following purposes:

  • Execution of the sales contract (e.g., order processing, product delivery, payment handling) – Art. 6(1)(b) GDPR.
  • Handling inquiries and correspondence – Art. 6(1)(b) and (f) GDPR (legitimate interest of the Controller).
  • Marketing and newsletters – only with your consent – Art. 6(1)(a) GDPR.
  • Managing comments, user accounts, and interactions on the website – Art. 6(1)(b) and (f) GDPR.
  • Legal and tax obligations (e.g., invoice storage) – Art. 6(1)(c) GDPR.
  • Website security and prevention of abuse – Art. 6(1)(f) GDPR.

4. Data Recipients

Data may be transferred to entities cooperating with the Controller only to the extent necessary to provide services, in particular:

  • Courier and postal companies (order delivery),
  • Payment operators (e.g., PayPal, PayU, Stripe),
  • Hosting and IT service providers,
  • Accounting and consulting firms,
  • Public authorities – only to the extent required by law.

5. Data Retention Period

  • Data related to order fulfillment is stored for the time necessary to perform the contract and as required by tax law (usually 5 years).
  • Marketing data (e.g., newsletters) – until consent is withdrawn.
  • Technical data and cookies – in accordance with the cookie lifecycle or until deleted by the user.
  • Comments – indefinitely, to recognize subsequent comments.
  • User accounts – until the account is deleted.

6. Your Rights

Under the GDPR, you have the following rights:

  • Right of access to your data,
  • Right to rectification,
  • Right to erasure (“right to be forgotten”),
  • Right to restriction of processing,
  • Right to data portability,
  • Right to object to processing,
  • Right to withdraw consent (if data is processed on the basis of consent),
  • Right to lodge a complaint with the President of the Personal Data Protection Office (UODO) if you believe your data is being processed unlawfully.

7. Cookies

This website uses cookies for:

  • Remembering user preferences,
  • Login and session management,
  • Statistical and analytical purposes (e.g., Google Analytics),
  • Marketing purposes (e.g., Facebook Pixel – only with the user’s consent).

Users can change their cookie settings in their web browser at any time.

8. Comments and Embedded Content

The rules regarding comments, cookies, and embedded content from other websites remain the same as in the basic version of the privacy policy (see: Comments, Media, Embedded Content).

9. Data Security

The Controller applies appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or disclosure.

10. Changes to the Privacy Policy

The Controller reserves the right to make changes to this privacy policy. Users will be informed of any changes by publishing the updated content on the website.

Shopping Cart