Privacy policy

Hill's Donuts (details under "Company information") is the data controller for the personal data collected on hillsdonuts.shop. Contact: hello@hillsdonuts.shop.

We collect: identification data (name, email, phone), delivery address, billing data, order history, and technical data (IP, browser) for security and analytics.

We process your data to: (a) execute your order — contractual basis; (b) comply with our tax & accounting obligations — legal basis; (c) send our newsletter — your consent (you can unsubscribe at any time); (d) improve our service and prevent fraud — legitimate interest.

Your data is shared with our payment provider, our shipping carrier (bpost), our IT and email service providers, and tax authorities when required. We never sell your data.

Order data is kept for 7 years to meet Belgian accounting obligations. Newsletter data is kept until you unsubscribe. Technical logs are kept for a maximum of 12 months.

Under the GDPR, you have the right to access, rectify, erase, restrict, and port your data, and to object to its processing. To exercise these rights, contact hello@hillsdonuts.shop.

If you believe your rights are not respected, you can file a complaint with the Belgian Data Protection Authority (APD/GBA): Rue de la Presse 35, 1000 Brussels — contact@apd-gba.be — www.dataprotectionauthority.be.

Some of our service providers (e.g. hosting) may be located outside the EU. In such cases, we rely on the European Commission's Standard Contractual Clauses to protect your data.

See our Cookie policy for details on the cookies we use and how to manage them.