Anna Heister Ceramics

Privacy policy

Anna Heister Ceramics
Last updated: 14 March 2026

1. Introduction

Anna Heister Ceramics respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and protect personal data when you visit our website, place an order, or otherwise interact with us.

We process personal data in accordance with the General Data Protection Regulation and the Dutch Uitvoeringswet Algemene verordening gegevensbescherming.

2. Data Controller

The data controller responsible for the processing of your personal data is:

Anna Heister Ceramics
Tulpstraat 24
3581 RM Utrecht
Netherlands
Email: anna@heister.nl
Chamber of Commerce (KvK) number: 30158671


3. Personal Data We Process

We may process the following personal data:

Data you provide directly

  • Name

  • Email address

  • Billing address

  • Shipping address

  • Phone number (if provided)

  • Order details

  • Any information you include in communications with us

Automatically collected data

When you visit our website, certain technical information may be collected automatically, such as:

  • IP address

  • Browser type and version

  • Device type

  • Pages visited and interaction with the website

  • Date and time of your visit

This data may be collected through cookies or similar technologies.


4. Purposes and Legal Basis for Processing

We process personal data only when permitted under the General Data Protection Regulation and for the following purposes:

To process and deliver your orders, handle payments, and provide customer support.
Legal basis: performance of a contract.

To respond to inquiries or provide information regarding your order.
Legal basis: legitimate interest or contract.

To comply with accounting, tax, and administrative obligations under Dutch law.
Legal basis: legal obligation.

To analyze website usage and improve functionality and user experience.
Legal basis: legitimate interest or consent (depending on the technology used).

If you subscribe to newsletters or marketing messages.
Legal basis: consent.

You can withdraw consent at any time.


5. Sharing Personal Data with Third Parties

We only share personal data when necessary to operate our business. This may include:

  • Payment providers to process transactions

  • Shipping and delivery services to deliver orders

  • Website hosting providers

  • IT or service providers supporting our webshop

Where required, we enter into data processing agreements (verwerkersovereenkomsten) with these parties to ensure your data is protected.

We do not sell personal data to third parties.


6. International Data Transfers

If personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission

  • Transfers to countries with an adequacy decision


7. Data Retention

We do not retain personal data longer than necessary.

Typical retention periods include:

  • Order and invoice data: up to 7 years (Dutch tax law)

  • Customer communications: as long as necessary to handle inquiries

  • Marketing subscriptions: until you withdraw consent

After the retention period, data will be deleted or anonymized.


8. Cookies and Similar Technologies

Our website may use cookies or similar technologies.

Cookies may be used for:

  • Essential website functionality

  • Saving user preferences

  • Website analytics

  • Marketing purposes (if applicable)

Where required under EU and Dutch law, we request consent before placing non-essential cookies.

You can manage or disable cookies through your browser settings.


9. Your Rights

Under the General Data Protection Regulation, you have the following rights:

  • Right of access to your personal data

  • Right to rectification (correction)

  • Right to erasure (“right to be forgotten”)

  • Right to restrict processing

  • Right to object to processing

  • Right to data portability

  • Right to withdraw consent

You may exercise these rights by contacting us via the email address listed above.

We may request verification of identity before processing requests.


10. Data Security

We take appropriate technical and organizational measures to protect personal data, including:

  • Secure website connections (HTTPS)

  • Limited access to personal data

  • Secure storage systems

Despite these measures, no online system can guarantee complete security.


11. Complaints

If you believe your personal data is being processed unlawfully, you have the right to file a complaint with the Dutch supervisory authority:

Autoriteit Persoonsgegevens

Website: https://autoriteitpersoonsgegevens.nl


12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time due to changes in legal requirements or business operations. The most recent version will always be published on this page.