Privacy policy

Privacy Policy

Article 1 – Who are we?

We are NOTA Gathering B.V., located at Mensinge 2, 1083 HA, Amsterdam, the Netherlands. This Privacy Policy explains how we handle your personal data when you visit our website or purchase our products.

Article 2 – Which personal data do we process?

We only process personal data that is necessary for providing our services. This may include:

  • Identity and contact details
    Name, address, email address, phone number
  • Order and payment details
    Order history, payment method, transaction references (payments are processed via secure payment providers; we do not store full payment details)
  • Account information (if applicable)
    Login details and preferences
  • Communication data
    Emails, messages, and other correspondence with our customer service
  • Website usage data
    IP address, browser type, device data, cookies, and similar technical data

Article 3 – For what purposes do we process your data?

We process your personal data for the following purposes:

  • To process, deliver, and administer your orders
  • To handle returns, refunds, and complaints
  • To provide customer support and answer your questions
  • To improve our website, products, and services
  • To send marketing communications (only if you have given consent)
  • To comply with legal and administrative obligations
  • To prevent fraud and ensure the security of our website

Article 4 – Legal bases for processing

Under the GDPR, we process your personal data based on one or more of the following legal grounds:

  • Performance of a contract
    To process and deliver your order
  • Consent
    For marketing communications and non-essential cookies
  • Legal obligation
    For accounting and tax administration
  • Legitimate interest
    For website security, fraud prevention, customer service, and improving our services

You may withdraw your consent at any time without affecting prior lawful processing.

Article 5 – How long do we retain your data?

We do not retain personal data longer than necessary. The following retention periods apply:

  • Order and invoice data: 7 years (legal tax obligation)
  • Customer service correspondence: up to 12 months after resolution
  • Marketing data: up to 24 months after last interaction or until you unsubscribe
  • Website and cookie data: according to cookie settings and applicable retention periods

Article 6 – Sharing data with third parties

We do not sell your personal data.

We share data only with trusted third parties where necessary, such as

  • Shopify – webshop infrastructure
  • Payment providers – payment processing
  • Logistics partners – order delivery
  • Email and marketing tools – newsletter and campaign management
  • Analytics and advertising platforms – only with consent

All processors act under data processing agreements and in accordance with GDPR.

Article 7 – International data transfers

Some of our service providers may process data outside the European Economic Area (EEA). In such cases, we ensure appropriate safeguards are in place, such as:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses (SCCs)

Article 8 – Cookies and tracking

We use cookies and similar technologies to ensure our website functions properly and to improve your experience.

We distinguish between:

  • Functional cookies – necessary for website operation
  • Analytical cookies – to analyse website usage
  • Marketing cookies – for personalised advertising (only with consent)

You can manage your cookie preferences at any time via our cookie banner or browser settings. More information can be found in our Cookie Statement.

Article 9 – Your rights under the GDPR

You have the right to:

  • Access your personal data
  • Correct inaccurate or incomplete data
  • Request deletion of your data (where legally possible)
  • Restrict processing
  • Data portability
  • Object to processing based on legitimate interest
  • Withdraw consent at any time

You may submit a request via support@notagathering.com.
We respond within 30 days.

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

Article 10 – Data security

We take appropriate technical and organisational measures to protect your personal data, including:

  • SSL encryption
  • Secure hosting and storage
  • Restricted access to personal data
  • Regular review of security measures

Article 11 – Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The most recent version will always be available on our website. Material changes will be communicated where required.

Article 12 – Contact

If you have questions about this Privacy Policy or how we handle your personal data, please contact us at:

support@notagathering.com