Privacy Policy

Table of Contents

When does this privacy policy apply?

1. Who uses your data?
2. Whose data do we use?
3. How do we obtain your data?
4. What data do we use from you?
5. What do we use your data for?
6. How long do we retain your data?
7. With whom do we share your data?
8. Where do we store your data?
9. How secure is your data with us?
10. What can you request from us?
11. What rules apply to this privacy policy?
12. What cookies do we use?
13. What do we do with data from minors?
14. Do you have a question about this privacy policy?

1. When does this privacy policy apply?

This privacy policy applies to all personal data that we process and to all domains related to us. This concerns the personal data of everyone who has ever had contact with us or visited our website, such as visitors, customers, and business contacts. Personal data means any information relating to an identified or identifiable natural person, such as your name, telephone number, email address, IP address, customer number, location data, online identifiers, or browsing behavior, as defined in Article 4(1) of the GDPR. If you want to know more about personal data, please visit the website of the Dutch Data Protection Authority.

2. Who uses your data?

Bamboovement is the data controller responsible for the website https://bamboovement.com/ and for the processing of your personal data as described in this privacy policy. Our complete contact details are:

Bamboovement
Centrale Groothandelsmarkt 186
1051 LJ Amsterdam
The Netherlands
Chamber of Commerce: 75425394
Email: info@bamboovement.com
Phone: +31 6 83776791

3. Whose data do we use?

We process the personal data of everyone who has had contact with us or visited our website. This includes visitors, private customers, business customers, and contact persons of our partners.

4. How do we obtain your data?

We obtain the data directly from you as soon as you:

• visit our website
• create an account
• enter data on our website
• contact us via email, telephone, or in any other way

5. What data do we use from you?

We use the following data:

• name
• gender
• residential address or business address
• delivery address
• email address
• telephone number
• payment details
• date of birth
• IP address and device information
• website usage data, purchase history and preferences
• communication records
• any other information you voluntarily provide to us.

We do not collect special categories of personal data (such as health, religious, or political information) unless explicitly required for specific services and with your explicit consent.

6. What do we use your data for?

We only use your personal data for legitimate business purposes and based on appropriate legal grounds as described below. Our processing activities include operating our online webstore, conducting marketing activities, and providing customer services.

• We process your personal data based on the following legal bases under Article 6 of the GDPR: (a) performance of a contract (Article 6(1)(b)) when you are our customer or when processing orders through our webstore; (b) legitimate interests (Article 6(1)(f)) for improving our services, website functionality, webstore operations, fraud prevention, security measures, and conducting business analytics; (c) legal obligation (Article 6(1)(c)) for tax, accounting, and regulatory compliance purposes; and (d) consent (Article 6(1)(a)) where explicitly given, particularly for marketing communications, personalized advertising, and non-essential cookies.

We use your data to: operate and improve our webstore and online services, process orders and payments, manage customer accounts and relationships, communicate with you about your orders and our services, comply with legal and regulatory obligations, conduct marketing activities including email campaigns and personalized advertising (only with your consent), analyze customer behavior and preferences to improve our offerings, provide customer support, and prevent fraud and ensure security (you can withdraw your consent for marketing activities at any time by contacting us or using unsubscribe links in our communications).

7. How long do we retain your data?

We retain your personal data only for as long as necessary for the purposes for which it was collected and in accordance with legal requirements. Specifically: customer account data is retained for 7 years after account closure for legal and tax obligations; order and payment data is retained for 7 years for accounting and tax purposes; marketing consent and communication preferences are retained until you withdraw consent; website analytics data is anonymized after 26 months; and technical logs are retained for 12 months for security purposes. You can request deletion of your data at any time, subject to our legal obligations.

8. With whom do we share your data?

We do not sell, rent, or trade your personal data to third parties. We may share your personal data only with the following categories of recipients: (a) service providers including payment processors, shipping companies, IT service providers, and marketing platforms, all bound by data processing agreements; (b) legal authorities when required by law, court order, or to protect our legal rights; (c) business partners in connection with a merger, acquisition, or asset sale, with appropriate safeguards; and (d) other parties with your explicit consent. All third-party processors are carefully selected and contractually bound to protect your data in accordance with GDPR requirements. 

9. Where do we store your data?

We primarily process and store your personal data within the European Economic Area (EEA). If we transfer your data outside the EEA, we ensure appropriate safeguards are in place as required by GDPR Articles 44-49, such as adequacy decisions, standard contractual clauses, or other approved transfer mechanisms. You can request information about specific transfer safeguards by contacting us.

10. How secure is your data with us?

We have done a lot to secure your data both organizationally and technically as well as possible. We have secured our systems and various communication tools to ensure that your data does not fall into the hands of others. Your data is therefore safe with us. We also ensure that your data is only used by people who have received permission from us to do so. If you have questions about the specific way of securing, please contact us.

11. What can you request from us?

Because we use personal data from you, you have various rights. We list these rights below for you.

Right to information | We must explain to you in an understandable and clear way what we do with your data and what control you have over it. That is why we explain extensively in this privacy policy what data we collect from you and how we handle your data. 

Right of access | You may always ask us to view the data that we have from you. 

Right to rectification | You may ask us to correct your data if it is not accurate or incomplete.

Right to object | You may object to the processing of your data if you disagree with the way we handle your personal data. This right applies to the data we use for direct marketing. For example, you can indicate to us that you no longer want to receive emails from us. This also applies to personalized recommendations on our website. 

Right to data portability | If you are a customer with us or have given consent for the use of your data, you may ask us to send you the digital data we have from you. This way, you can transfer that data to another organization if you wish. 

Right to restriction | You may ask us to restrict the use of your data. This means that in certain cases we may only store your data but not use it. 

Right to be forgotten | You may ask us to delete all data we have from you. We will then delete all data that can be traced back to you. In some cases, we cannot or may not delete your data yet. For example, we must retain some data for 7 years for the tax authorities.

Right to lodge a complaint | You may file a complaint about the way we handle your data. If you have a complaint, we are happy to resolve it for you. Please contact us for this purpose. You may also file your complaint with the Dutch Data Protection Authority. Of course, we hope it does not come to that, but in the extreme case, you may also go to court. In that case, it is the court in the place of establishment of Bamboovement that will handle your complaint. 

How do you submit a request?

Send your request to us via info@bamboovement.com or our postal address. We will respond to your request without undue delay and in any event within one month of receipt. This period may be extended by two further months where necessary, taking into account the complexity and number of requests, and we will inform you of any such extension within one month of receipt of the request. We may request additional information to verify your identity before processing your request to ensure data security.

12. What rules apply to this privacy policy?

Our privacy policy must meet various requirements. These requirements can be found mainly in the General Data Protection Regulation. In addition, the general rules that apply under Dutch law are applicable to our privacy policy. 

13. What cookies do we use?

We use cookies and similar tracking technologies on our website. A cookie is a small text file stored on your device when you visit our website. You can manage your cookie preferences through our cookie banner, which appears when you first visit our site. You can withdraw or modify your consent at any time through our cookie settings.  

We use the following types of cookies:

• functional cookies, such as session and login cookies for tracking session and login information
• anonymized analytical cookies, to gain insight into visits to our website based on information about visitor numbers, popular pages, and popular topics
• non-anonymized analytical cookies, to gain insight into visits to our website based on information about visitor numbers, popular pages, and popular topics
• tracking cookies such as advertising cookies that are intended for showing relevant advertisements

More specifically, we use the following cookies:

• Google Analytics anonymized (analytical cookies)
• Meta Ads 
• Facebook (tracking cookie)
• Google Ads (tracking cookie) 

Cookie Consent and Management

You have the right to accept or reject non-essential cookies. Essential cookies necessary for website functionality cannot be disabled. For all other cookies, we will only place them on your device with your explicit consent. You can withdraw your consent at any time by adjusting your cookie preferences in our cookie banner or by contacting us. Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal.

14. What do we do with data from minors?

We do not knowingly collect personal data from children under 16 years of age without verifiable parental consent, in accordance with GDPR Article 8. If you are under 16, you need consent from your parent or guardian before using our website or services. If we become aware that we have collected personal data from a child under 16 without proper consent, we will take steps to delete such information promptly. Parents or guardians can contact us to review, modify, or delete their child's personal data. 

15. Do you have a question about this privacy policy?

Do you have a question about our privacy policy? Please feel free to contact us by sending an email to info@bamboovement.com. We are happy to help you.

Data Protection Officer

For specific questions about data protection and privacy matters, you can also contact our Data Protection Officer at: ainu@bamboovement.com 

Effective Date and Version Control

This privacy policy is effective as of October 14, 2025 (Version 1.0).