Cart: (empty)
to checkout total: €0.00
You are here:
Choose motorcycle model
Privacy Policy

Privacy Policy – Heedshop.eu

Version: EU GDPR Compliant (October 2025)

This Privacy Policy describes how we collect, use, and protect your personal data when you visit and use our website heedshop.eu and related services. This Policy is based on Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation – GDPR).

1. Data Controller

Justyna Tokarz ZPH "HEED"
ul. Równoległa 78A, 42-216 Częstochowa, Poland
VAT (NIP): 9491806489 | REGON: 242834485
Email: biuro@heed.com.pl | Phone: +48 663 464 653

2. Legal Basis for Processing (Article 6 GDPR)

We process personal data only where permitted by law. Depending on the purpose, the legal basis is:
- Article 6(1)(a): consent (analytics, marketing, newsletter)
- Article 6(1)(b): performance of a contract (order processing, delivery, support)
- Article 6(1)(c): compliance with legal obligations (accounting, tax law)
- Article 6(1)(f): legitimate interests (fraud prevention, security, defence of claims)

3. Categories of Personal Data (Articles 13–14 GDPR)

We may process:
- Identity and contact data (name, address, phone number, email)
- Order and transaction data (purchased products, payment, delivery details)
- Technical data (IP address, browser type, device, access time)
- Communication data (messages and correspondence)
- Cookie and tracking data (analytics, ads – after consent)

4. Purposes of Processing

Personal data is processed for the following purposes:
- Account registration and management
- Order processing and delivery
- Invoicing and legal compliance
- Customer service and communication
- Newsletter and marketing (only with consent)
- Security, fraud prevention, analytics (Consent Mode v2)

5. Recipients of Personal Data (Articles 13(1)(e), 28 GDPR)

We share data only when necessary and on the basis of appropriate data protection arrangements (such as data processing agreements or controller-to-controller terms), in particular with:
- Payment processors: PayPal, Braintree, Stripe
- Logistics partners: GLS, UPS, Poczta Polska
- Platform & hosting: Shoper S.A.
- Analytics & ads: Google Ireland Ltd. (GA4, Ads, Tag Manager, Merchant Center)

Depending on the service, these entities act either as our data processors under Article 28 GDPR or as independent data controllers. In particular, Google may act as an independent controller for its advertising and analytics services. For more details on how Google uses data from sites and apps that use its services, see: https://policies.google.com/technologies/partner-sites.

6. Transfers Outside the EEA (Articles 44–49 GDPR)

If data is transferred outside the EEA (e.g., via Google), we rely on Standard Contractual Clauses (SCCs) approved by the European Commission and apply additional safeguards.

7. Data Retention (Article 5(1)(e) GDPR)

We keep personal data only as long as necessary:
- Orders/billing: 6 years (legal obligation)
- Analytics: 26 months
- Marketing: until consent withdrawn
- Communication: until resolved
- Server logs: up to 7 days

8. Cookies and Consent

We use cookies to ensure website operation and analyse traffic. Necessary cookies are always active. Analytical and advertising cookies are activated only after consent through the cookie banner in accordance with GDPR and the ePrivacy Directive. Consent can be changed at any time via the 'Manage cookies' link in the footer.

9. Rights of Data Subjects (Articles 12–22 GDPR)

You have the right to:
- Access your data (Art. 15)
- Rectify inaccurate data (Art. 16)
- Erase data (Art. 17)
- Restrict processing (Art. 18)
- Data portability (Art. 20)
- Object to processing, including direct marketing (Art. 21)
- Withdraw consent at any time (Art. 7(3))

To exercise your rights, contact: biuro@heed.com.pl
Supervisory authority: President of the Personal Data Protection Office (UODO), ul. Stawki 2, 00‑193 Warsaw, Poland | https://uodo.gov.pl/en

10. Data Security (Article 32 GDPR)

We apply technical and organisational measures to ensure an appropriate level of protection, including encryption, pseudonymisation, access control, and regular backups.

11. Automated Decision-Making

We do not use automated decision-making that produces legal effects concerning you. We may use limited profiling for marketing purposes (for example to show personalised HEED ads on Google and partners) – but only where you have given consent to marketing cookies.

12. Social Media

We maintain profiles on Facebook, Instagram, YouTube. When you interact with them, your data is processed under those platforms’ privacy policies.

13. Updates to this Policy (Article 13(3) GDPR)

We may update this Privacy Policy to reflect changes in law or our operations. The latest version is always available at heedshop.eu.

---

Contact for data protection inquiries:
Email: biuro@heed.com.pl | Phone: +48 663 464 653

up
Shop is in view mode
View full version of the site
Sklep internetowy Shoper.pl