Privacy Policy | Hertwill
Hertwill Logo
How it worksPricingShopifyWooCommerceBrands
Search
Login
Start for free
All ProductsNewTop 100 FootwearBagsJewelleryClothing & AccessoriesCosmeticsKids & BabiesHome & Garden

Privacy Policy

Resources
/
Privacy Policy

Hertwill OÜ ("Hertwill," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when using our services, including our website (www.hertwill.com) and our integrations with Shopify and WooCommerce.

1. Who We Are

Hertwill OÜ, an Estonian company (Reg. Code 16216305), located at Peetri 12, Tallinn 10415, Estonia, is the data controller responsible for your personal data. As a company based in the European Union, we comply with the General Data Protection Regulation (GDPR) and other applicable EU data protection laws.


2. What Data We Collect

We collect and process the following types of personal data:

  • Users
    • Data collected: Name, email, company information, payment details, browsing behavior.
    • Sources: Collected through website forms, cookies (if consented), behavior tracking on Hertwill website and apps.
  • Online Stores Customers (End Customers of Online Stores):
    • Data collected: Name, email, phone number, and address (necessary for order fulfillment).
    • Sources: Collected through integration with Shopify and WooCommerce stores.
  • Suppliers:
    • Data collected: Name, email, company information, and phone numbers.
    • Sources: Provided directly by suppliers via registration and communication.

3. How We Use Your Data

Legal Bases for Processing Personal Data

We process personal data based on the following legal grounds:

  • Performance of a contract: When processing is necessary for fulfilling an agreement with our customers, suppliers, or partners (e.g., order fulfillment).
  • Legal obligation: When required to comply with legal requirements (e.g., financial regulations, tax laws).
  • Legitimate interest: When processing is necessary for improving services, conducting analytics, or preventing fraud.
  • Consent: When required, such as for marketing emails or non-essential cookies. Users can withdraw consent at any time.

We process personal data for the following purposes:

  • Order Fulfillment: To process and deliver purchases, including communicating with customers.
  • Legal Compliance: To comply with applicable laws and regulations.
  • Marketing and Analytics: To analyze website usage and marketing purposes.
  • Product Development: To improve our services and develop new features.

4. Sharing Data with Third Parties

We only share personal data when necessary, ensuring that appropriate safeguards are in place. This includes:

  • Payment Processors: Stripe for processing payments securely.
  • Marketing & Analytics Platforms: Meta, Google Ads, Google Analytics, and Klaviyo for targeted advertising, analytics, and newsletters.
  • Logistics Providers: For shipping and order fulfillment.

5. Where We Store Your Data

Your data is securely stored within the European Union on encrypted servers with regular backups provided by AWS, Google Cloud, and Zone. Additionally, some data related to marketing, analytics, live chat, and email communications is processed by third-party services such as Klaviyo, Meta, Google Ads, Google Analytics, HubSpot (for live chat), and Gmail (for sending emails), which operate outside the EU. 


6. Data Retention

We retain personal data:

  • Until account deletion.
  • As required by law for compliance purposes.

7. Your Rights Under GDPR

You have the right to:

  • Access your personal data.
  • Correct inaccurate or incomplete data.
  • Request deletion of your data (subject to legal requirements).
  • Restrict processing of your data under certain circumstances.
  • Object to processing for direct marketing purposes.
  • Data portability, meaning you can request your data in a structured format.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with a Data Protection Authority if you believe your data is not handled in compliance with GDPR.

8. International Data Transfers

Some of our third-party service providers (e.g., Klaviyo, Meta, Google Ads, Google Analytics, HubSpot) operate outside the EU. We ensure compliance through:

  • Standard Contractual Clauses (SCCs): Klaviyo, Google, and HubSpot implement SCCs approved by the European Commission to safeguard data transfers.
  • EU-US Data Privacy Framework: Meta and Google comply with this framework for lawful transfers.

9. Cookies

We use cookies for functionality, analytics, and marketing. You can manage your cookie preferences via our cookie banner.


10. How to Contact Us

If you have any questions or requests regarding your personal data, contact us at hello@hertwill.com.