Privacy Policy

Last Updated: 10-04-2025

1. Introduction

Welcome to Bluelike Ceramics ("we," "us," "our," a trading name of Aleachrome Studios). We are committed to protecting the privacy of visitors to our website, bluelike.xyz (the "Site"). This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal data when you interact with our Site, in compliance with the General Data Protection Regulation (GDPR) and relevant Dutch data protection laws.

Please read this privacy policy carefully. By using the Site, you acknowledge you have read and understood this policy. If you do not agree with the terms, please do not access the Site.

2. Data Controller

The data controller responsible for your personal data collected through the Site is Aleachrome Studios (trading as Bluelike Ceramics), registered with the Dutch Chamber of Commerce (Kamer van Koophandel) under KVK number 88106896, located in Amsterdam, The Netherlands.

You can contact us regarding data protection matters via email at: [email protected] or through our Connect page.

3. Information We Collect

We collect personal data in the following ways:

  • Information You Provide Directly:
    • Contact Information: When you use our contact form, you provide your name (optional) and email address, along with the content of your message. If you subscribe to our occasional newsletter, you provide your email address.
    • Order Information: When you place an order, you provide your name, email address, shipping address, and billing address. We do not collect phone numbers.
  • Information Collected Automatically:
    • Log and Usage Data: Our servers automatically collect standard log information when you access the Site, including your IP address, browser type, operating system, access times, pages viewed, and referring URLs. This data is typically used for operational and security purposes.
    • Cookies and Local Storage: We use technically necessary local storage (similar to session cookies) solely to manage your shopping cart contents during your visit. We do not currently use non-essential cookies for analytics, tracking, or advertising purposes.
  • Information from Third Parties:
    • Payment Processors: When you make a purchase, your payment details are processed directly by our payment processor, Stripe. We do not store your full credit card number. We receive transaction confirmations and limited payment information (like card type and last four digits) from Stripe to fulfill your order. Please review Stripe's Privacy Policy.

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

  • Contract Performance: To fulfill our contractual obligations when you place an order (processing payment, shipping goods, communicating about the order).
  • Consent: When you subscribe to our occasional newsletter. You can withdraw your consent (unsubscribe) at any time via the link in the emails.
  • Legitimate Interests: For purposes like responding to your inquiries via the contact form, maintaining website security and operation (including necessary logs and cart functionality), and preventing fraud. We balance our interests against your data protection rights.
  • Legal Obligation: To comply with applicable laws and regulations, such as financial record-keeping (bookkeeping requirements) for tax purposes.

5. How We Use Your Information

We use the collected information for various purposes, including:

  • Processing and fulfilling your orders.
  • Communicating with you about your orders, inquiries, or customer service requests.
  • Sending occasional updates or news about Bluelike Ceramics (our "newsletter") if you have explicitly consented.
  • Operating, maintaining, and securing our Site and its essential functionality (like the shopping cart).
  • Ensuring the security of our Site and preventing fraud.
  • Complying with legal and regulatory requirements.

6. How We Share Your Information

We do not sell your personal data. We may share your information with the following categories of third parties only when necessary:

  • Payment Processors: Stripe, to process your payments securely.
  • Shipping Carriers: Such as PostNL or DHL, to deliver your orders (we share necessary details like name and address).
  • Service Providers:
    • Hosting: Digital Ocean provides the infrastructure for our website.
    • Email: We use Gmail (Google Workspace) for email communications related to orders and inquiries.
    These providers process data on our behalf based on our instructions and appropriate data processing agreements where required.
  • Legal Authorities: If required by law, regulation, or legal process, or to protect the rights, property, or safety of Aleachrome Studios, our customers, or others.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction, subject to confidentiality agreements.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  • Order information (including name, email, address, and transaction details) is retained for the period required by Dutch tax and commercial law, which is typically 7 years for financial records.
  • Contact form inquiries and related email correspondence are generally deleted within 6 months after the inquiry has been resolved and is considered inactive.
  • Newsletter subscription data (your email address) is kept until you unsubscribe.

8. Data Security

We implement appropriate technical and organizational security measures designed to protect the security of any personal information we process, considering the state of the art and the costs of implementation. This includes measures taken by us and our service providers like Digital Ocean and Stripe. However, despite our safeguards and efforts, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. We cannot promise or guarantee that unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.

9. International Data Transfers

Your information may be processed and stored in countries outside of the European Economic Area (EEA). For instance, our website hosting (Digital Ocean), payment processing (Stripe), and email services (Google Workspace/Gmail) may involve servers located in the United States or other non-EEA countries. When we transfer your data outside the EEA, we ensure appropriate safeguards are in place to protect your data in accordance with GDPR requirements. This typically involves relying on mechanisms like Standard Contractual Clauses (SCCs) approved by the European Commission, or adequacy decisions where applicable.

10. Your Data Protection Rights (GDPR)

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access: Request copies of your personal data.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure ('Right to be Forgotten'): Request deletion of your personal data under certain conditions (e.g., if it's no longer needed for the original purpose and no legal obligation requires retention).
  • Right to Restrict Processing: Request restriction of processing under certain conditions.
  • Right to Object to Processing: Object to processing based on legitimate interests.
  • Right to Data Portability: Request transfer of your data provided directly by you (based on consent or contract) to another organization, or directly to you, in a structured, commonly used, machine-readable format, under certain conditions.
  • Right to Withdraw Consent: Withdraw your consent at any time where processing is based on consent (i.e., for the newsletter).

To exercise any of these rights, please contact us via email at [email protected] or use our Connect page. We will respond to your request within one month.

11. Cookies and Local Storage

Our Site uses technically necessary local storage to manage the state of your shopping cart and handle temporary inventory reservations during your browsing session. This is essential for the basic functionality of purchasing items on our Site. We do not use cookies or similar technologies for tracking, analytics, or advertising purposes. You do not need to provide consent for this essential storage.

12. Children's Privacy

Our Site is not intended for use by children under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected data from a child under 16 without parental consent, we will take steps to delete that information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Last Updated" date and will be effective as soon as it is accessible. We encourage you to review this policy frequently to stay informed.

14. Contact Us

If you have questions, comments, or requests regarding this Privacy Policy or your data protection rights, please contact us via email at: [email protected] or via the Connect page on our website: bluelike.xyz/connect.

15. Supervisory Authority

If you have concerns about our data processing practices that we cannot resolve, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens): https://autoriteitpersoonsgegevens.nl/.