Privacy Policy
This Privacy Policy is intended to inform you of our policies and procedures regarding the collection, use, protection, and disclosure of personal data from your use of www.palet.shop and related websites and social media platforms operated by Palet (collectively the “Site”).
As both our business and some of our users are based in the European Union, this policy is aligned with the General Data Protection Regulation (GDPR) (EU) 2016/679. If you have any questions, please contact us at contact@palet.company.
Information we may collect
Personal Data
“Personal data” means any information relating to an identified or identifiable individual. This includes: name, email address, postal address, phone number, order details and payment info, and communication history. We collect this data when you place an order and/or sign up for emails or marketing.
Technical & Usage Data
We also collect: IP address, browser/device data, operating system, referring/exit pages, pages viewed, cookies and similar technologies (see Section 4).
Legal basis for processing (GDPR compliance)
We only process personal data when permitted under GDPR. This includes:
Consent: For email marketing, advertising, and use of non-essential cookies.
Contractual necessity: For processing and fulfilling orders or handling inquiries.
Legal obligation: For tax, accounting, and compliance purposes.
Legitimate interests: For improving the Site, fraud prevention, and internal analytics—only when not overridden by your rights.
You can withdraw your consent at any time by contacting us.
How we use your information
We may use your personal data to: Process purchases and fulfill orders, respond to inquiries and requests, send transactional and promotional communications (with consent), analyze usage and improve the Site, conduct internal reporting and research, and ensure compliance with applicable laws.
Cookies, pixels and similar technologies
We and our service providers use cookies and related technologies for: essential operations (e.g., checkout, cart functionality), analytics and performance tracking, functionality (e.g., remembering preferences), and advertising (e.g., Google Ads, META Pixels).
You can disable cookies through your browser settings. See “How You Manage Your Personal Data” for opt-out options.
Automated workflows and third party platforms
We use automated systems and tools to store, organize, and move personal data across platforms to streamline operations. Examples include:
Shopify: Our e-commerce platform where we manage products, checkout, and customer orders.
Airtable: A secure cloud-based platform where we organize internal customer records for production purposes.
These integrations are automated and GDPR-compliant, and data is only shared for specific operational purposes.
How we share your information
We share your data only as necessary and with trusted third parties, including: Payment processors (e.g., Shopify Payments), fulfillment and shipping providers (e.g., FedEx), IT and database providers (e.g., Airtable), Email marketing (e.g., Mailchimp), advertising platforms (e.g., Meta, Google), and legal and accounting service providers.
When third-party services are located outside the EU/EEA, we ensure appropriate safeguards are in place (e.g., EU Standard Contractual Clauses).
International transfers
We may transfer personal data to countries outside the EU/EEA. In such cases, we ensure: The country has an adequacy decision from the EU; or appropriate safeguards (e.g., Standard Contractual Clauses) are in place.
Data retention
We retain personal data only as long as necessary for: providing services, legal compliance, resolving disputes, and backup and operational continuity.
Retention periods vary based on purpose and applicable laws. Data stored on platforms like Airtable and Shopify is governed by our internal retention policy and those providers’ security practices.
Your rights (GDPR)
Under GDPR, you have the right to: access your personal data, correct inaccurate or incomplete data, request deletion (“right to be forgotten”), restrict or object to certain processing, withdraw consent at any time, port your data to another controller, and lodge a complaint with a data protection authority.
To exercise these rights, contact us at contact@palet.company. We may verify your identity to process your request.
How you may manage your personal information
You may: opt out of marketing by clicking “unsubscribe” in our emails or contacting us, disable cookies via your browser, request to access, correct, or delete your data at any time and request that we stop using or sharing your data
Note: Disabling cookies may limit the functionality of the Site.
Data security
We take data security seriously and implement appropriate safeguards, including: TLS encryption for online transmission, secure storage solutions and role-based access controls.
However, no method of transmission or storage is 100% secure. We strive to use best practices, but cannot guarantee absolute security.
Children's privacy
Our Site is not intended for children under 13. If you believe a child has submitted personal data to us without consent, contact us and we will take steps to delete the information promptly.
Applicable law
This Privacy Policy is governed by Dutch law. Disputes will be submitted to the competent court in the district where Palet is based, unless legal exceptions apply.
Contact
If you have questions, concerns, or requests about this Privacy Policy or your data, contact us at contact@palet.company.