PRIVACY POLICY

Last updated: 09/10/2025

GROF (“we,” “our,” “us”) operates this online store and website, including all related information, content, features, tools, products, and services (the “Services”).
Our store is powered by Shopify, which enables us to provide the Services to you.

This Privacy Policy explains how we collect, use, and share your personal information when you visit, make a purchase, or otherwise interact with us. By using the Services, you acknowledge that you have read and understood this Privacy Policy.

1. Information We Collect

We collect personal information that identifies or can reasonably be linked to you. This includes:

  • Contact Information: name, address, billing address, shipping address, phone number, and email.

  • Payment Information: credit or debit card details, payment method, transaction details.

  • Account Information: username, password, preferences, settings.

  • Transaction Data: products you view, add to your cart, purchase, return or exchange.

  • Communications: information you provide when contacting customer support or engaging with us.

  • Device & Usage Information: IP address, browser type, device ID, and interactions with the website.

2. Sources of Personal Information

We collect personal data through:

  • Directly from you (e.g., when you place an order or create an account)

  • Automatically via cookies and similar technologies

  • From our service providers (such as Shopify and payment providers)

  • From partners or third parties when you give consent

3. How We Use Personal Information

We use your personal data to:

  • Provide the Services: process and fulfill orders, manage payments, shipping and returns, manage your account, and personalize your shopping experience.

  • Marketing: send you newsletters, promotions, and targeted ads (you can opt out at any time).

  • Security & Fraud Prevention: protect your account and our systems.

  • Legal Compliance: fulfill our legal and tax obligations.

  • Customer Communication: respond to inquiries and provide support.

4. Legal Basis for Processing (EU / GDPR)

If you reside in the EU or UK, we only process your personal information when we have a valid legal basis under Article 6 GDPR, including:

  • To perform a contract with you (e.g., order fulfillment)

  • To comply with legal obligations

  • Based on our legitimate interests (e.g., improving the website or ensuring security)

  • With your consent (e.g., marketing emails)

5. Data Retention

We retain personal data for as long as necessary to fulfill the purposes for which it was collected, including:

  • Order and transaction data: retained as required by accounting and tax law

  • Account data: retained as long as the account is active or until you request deletion

  • Marketing data: retained until you unsubscribe or withdraw consent

After this period, data will be securely deleted or anonymized.

6. Sharing of Personal Information

We may share personal data with:

  • Shopify (platform hosting and e-commerce infrastructure)

  • Payment providers (to process payments and refunds)

  • Logistics and shipping partners (to deliver orders and handle returns)

  • Marketing partners (for targeted ads and campaigns, only with consent)

  • Government authorities if legally required.

We do not sell your personal information.

7. Relationship with Shopify

Our store is hosted on Shopify. Shopify processes personal data on our behalf and for its own purposes.
Your information may be stored and processed outside of the EU. Shopify uses Standard Contractual Clauses (SCCs) to ensure compliance with GDPR.

For more details, visit Shopify’s Privacy Policy Page here

8. International Transfers

We may transfer personal information outside the EU/EEA.
When we do, we ensure appropriate safeguards (such as Standard Contractual Clauses) are in place to protect your data in accordance with GDPR.

9. Cookies & Tracking

We use cookies and similar technologies to improve the functionality of our website, analyze traffic, and support marketing efforts.

You can manage your cookie preferences through our cookie banner or in your browser settings.
For more information, please refer to our Cookie Policy here

10. Minors

Our Services are not intended for individuals under the age of 16.
We do not knowingly collect personal data from minors.
If you believe a child has provided us with personal data, please contact us so we can delete it.

11. Your Rights (EU / UK)

If you reside in the EU or UK, you have the right to:

  • Access your personal data

  • Correct inaccurate data

  • Request deletion of your data

  • Data portability (receive a copy of your data)

  • Object to or restrict processing

  • Withdraw consent (e.g., for marketing)

  • File a complaint with your local data protection authority

In the Netherlands, you can contact the Autoriteit Persoonsgegevens at https://autoriteitpersoonsgegevens.nl

To exercise your rights, email us at connect@grof.store
We may verify your identity before processing your request.

12. Security

We implement appropriate technical and organizational measures to protect your personal data from loss, misuse, unauthorized access, and disclosure.
However, no system is completely secure. Please use a strong, unique password to protect your account.

13. Complaints

If you have a complaint about how we handle your personal data, you can:

  1. Contact us directly at connect@grof.store

  2. File a complaint with the Autoriteit Persoonsgegevens in the Netherlands or your local data protection authority.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other operational reasons. The most recent version will always be posted on our website with the “Last updated” date at the top.

15. Contact Information

GROF
KvK Number: 82430934
Address: Sterrebos 209, 4817 SE, Breda, The Netherlands
Email: connect@grof.store

If you have any questions about this Privacy Policy or how we handle your data, please contact us.