Privacy policy

Last updated: 14 January 2026

Privacy Policy
Sjaal met Verhaal BV
Last updated: January 2026

Who we are
Sjaal met Verhaal BV is responsible for the processing of personal data as described in this privacy policy. We are located at Klarinetweg 2D, 4337 RA Middelburg, the Netherlands.

If you have any questions about this privacy policy or about the processing of your personal data, you can contact us at info@sjaalmetverhaal.nl.

For the purposes of the General Data Protection Regulation (GDPR), Sjaal met Verhaal BV is the data controller.

Which personal data we collect
When you visit our website, place an order, create an account or otherwise contact us, we may process the following personal data.

Name
Billing and shipping address
Telephone number, if provided by you
Email address
Account details such as username and password
Order and transaction details
Payment and invoicing details
Correspondence and communication with us
Technical data such as IP address, device and browser information
Data about the use of our website
Cookie and similar technology data

We do not process more personal data than is necessary for the purposes described below.

Purposes for processing personal data
We process personal data for the following purposes and on the corresponding legal bases.

Processing and fulfilling orders
To process orders, handle payments, ship products and issue invoices.
Legal basis: performance of a contract.

Customer service and communication
To answer questions, provide support and stay in contact with you.
Legal basis: performance of a contract and legitimate interest.

Administration and legal obligations
For our financial administration and to comply with legal retention obligations.
Legal basis: legal obligation.

Marketing and newsletter
To inform you by email about products, collections or promotions, if you have given your consent.
Legal basis: consent. You can unsubscribe at any time via the unsubscribe link in the email.

Improvement of our website and services
To gain insight into the use of our website and improve our services.
Legal basis: consent for analytical cookies.

Security and fraud prevention
To secure our website, accounts and payments and to prevent misuse.
Legal basis: legitimate interest.

With whom we share your personal data
We only share personal data when this is necessary for our services or to comply with legal obligations.

This may include service providers who technically enable our webshop, including Shopify, payment service providers for processing payments, logistics and fulfilment partners for shipping, administrative and financial service providers, email marketing services and analytics and marketing services.

These parties process personal data solely on our behalf and on the basis of data processing agreements or equivalent safeguards.

Cookies and similar technologies
We use cookies and similar technologies to ensure the proper functioning of our website and to gain insight into the use of the webshop.

During your first visit, we inform you about this and, where legally required, ask for your consent. Functional cookies are always placed. Analytical and marketing cookies are only placed after you have given your consent.

You can adjust or withdraw your cookie preferences at any time via the cookie banner or through your browser settings.

How long we retain your personal data
We do not retain personal data longer than necessary for the purposes for which it was collected, unless we are legally required to retain it longer.

Order and invoice data are retained for at least seven years due to tax obligations.
Account data is retained for as long as the account remains active.
Newsletter data is deleted as soon as you unsubscribe.

Your rights
You have the right to access your personal data, have data corrected or deleted, object to processing especially for marketing purposes, restrict processing, have your data transferred to another party and withdraw consent if processing is based on consent.

You can exercise these rights by contacting us at info@sjaalmetverhaal.nl. We will respond within one month.

If you have a complaint about how we handle your personal data, you have the right to submit a complaint to the Dutch Data Protection Authority via autoriteitpersoonsgegevens.nl.

Security and international transfers
We take appropriate technical and organisational measures to protect personal data, such as the use of encrypted connections and restricted access to systems.

Personal data may be processed or stored outside the European Economic Area, for example because we use international service providers. In such cases, we ensure appropriate safeguards, such as standard contractual clauses approved by the European Commission or other recognised transfer mechanisms.

Changes
We may amend this privacy policy. The most current version will always be published on our website.