Privacy Policy (GDPR)

1) Scope of this notice

This Privacy Policy applies to personal data processed by EU Returns Hub in connection with:

• visits to the website and its pages;
• contact forms, email communication, support requests, and inquiries;
• free resources, guides, and lead-capture flows;
• the sale, delivery, and support of digital products, including Operator Kit and related materials;
• affiliate, referral, and attribution processes;
• basic website security, logging, and abuse prevention.

This notice does not describe a live warehouse return-handling privacy model unless such a service is separately launched and separately contracted in writing.

2) What personal data we collect

Depending on how you interact with us, we may process the following categories of personal data:

• Contact data: name, email address, company name, country, website, social profile, messaging handle, or other details you send to us.
• Inquiry and communication data: the content of your messages, application details, support requests, and any attachments or information you voluntarily provide.
• Order and customer data: product purchased, order status, access or delivery status, billing details, invoice information, and limited payment-related metadata available to us through the platform.
• Affiliate / referral data: affiliate application details, affiliate identifiers, referral attribution information, payout-related email details, and related reporting data.
• Technical and website data: IP address, browser type, device data, server logs, page requests, referrer, timestamp, and security-related event data.
• Consent and preferences data: cookie choices, consent state, and related website settings where relevant.

We do not intentionally collect special-category personal data unless you choose to include it in a message or document you send us.

3) Where we get it from

We may collect personal data:

• directly from you when you contact us, use forms, request information, apply as an affiliate, or purchase/access products;
• from the checkout, payment, or digital-delivery platform used to fulfill orders;
• from referral and attribution mechanisms where enabled;
• automatically through server logs, security systems, and necessary website technologies;
• from public sources where you choose to share business contact information publicly and then contact us or apply to work with us.

4) Purposes and legal bases

We process personal data for the following purposes and on the following GDPR legal bases:

• To respond to inquiries and communicate with you — Article 6(1)(b) GDPR where the communication is pre-contractual or contractual, and/or Article 6(1)(f) GDPR where our legitimate interest is to manage business communication.
• To sell, process, deliver, and support digital products — Article 6(1)(b) GDPR.
• To issue invoices, maintain records, and comply with tax/accounting obligations — Article 6(1)(c) GDPR.
• To operate, secure, and defend the website and business environment — Article 6(1)(f) GDPR.
• To manage affiliate applications, referrals, commission tracking, and partner communications — Article 6(1)(b) and/or Article 6(1)(f) GDPR, depending on the relationship.
• To manage cookie preferences and consent-dependent features — consent where required, and Article 6(1)(f) GDPR for strictly necessary technologies.
• To investigate fraud, abuse, chargebacks, policy violations, or security incidents — Article 6(1)(f) GDPR and, where relevant, Article 6(1)(c) GDPR.

Where consent is the legal basis, you may withdraw consent at any time without affecting prior lawful processing.

5) Sharing and service providers

We do not sell personal data. We may share personal data only where reasonably necessary with service providers or counterparties supporting the website or business operations, such as:

• website hosting and infrastructure providers;
• email and communication providers;
• checkout, payment, and digital-delivery platforms;
• affiliate/referral tracking or commission-related systems;
• professional advisors where reasonably required, such as accountants, legal advisors, or technical providers;
• authorities, courts, or regulators where disclosure is legally required.

We share only what is reasonably necessary for the relevant purpose.

6) International transfers

Your personal data may be processed within or outside the EEA depending on the providers and tools used at the time.

Where required by law, we rely on appropriate transfer safeguards, such as contractual safeguards or other lawful transfer mechanisms used by the relevant service providers.

If you voluntarily use channels or services that operate internationally, that may involve international transfer of the data strictly necessary for that interaction.

7) Retention

We keep personal data only for as long as reasonably necessary for the relevant purpose, including legal, accounting, support, and defense needs.

• Contact and inquiry data: typically for as long as needed to handle the inquiry and for a reasonable follow-up period.
• Order, billing, and accounting data: for as long as required by tax, accounting, and legal recordkeeping obligations.
• Affiliate and referral records: for as long as reasonably necessary to manage applications, attribution, reporting, commission records, and related legal/accounting needs.
• Technical logs and security data: for as long as reasonably necessary for website security, abuse prevention, and incident review.
• Cookie or consent records: for as long as reasonably needed to honor and evidence the relevant preference or consent state.

8) Security

We apply reasonable technical and organizational measures appropriate to the nature of the website and digital business, including access control, password protection, hosting safeguards, operational restrictions, and security monitoring where appropriate.

No internet or storage system can be guaranteed completely secure, but we aim to process data in a proportionate and responsible manner.

9) Your rights

Subject to applicable law, you may have the right to request:

• access to your personal data;
• rectification of inaccurate data;
• erasure of personal data;
• restriction of processing;
• objection to certain processing;
• data portability where applicable.

You may also withdraw consent where consent is the relevant legal basis.

To exercise your rights, contact denis@eureturnshub.eu. We may need to verify your identity before acting on a request.

10) Cookies and similar technologies

We use necessary technologies to operate the website and may use consent-based technologies depending on the configuration active at the time.

These may include:

• strictly necessary technologies for site operation, security, and basic preference handling;
• consent-state storage to remember privacy or cookie choices;
• referral / attribution logic where enabled and configured;
• other non-essential technologies only where appropriate consent has been obtained, if required.

For more specific information, see our Cookies page.

11) Children

This website and its products are directed at business users and adults, not children. We do not knowingly market to or intentionally collect personal data from children.

12) Changes to this notice

We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes. The latest version will be posted on this page with an updated effective date.

13) Contact and complaints

If you have privacy questions or wish to exercise your rights, contact:

EU Returns Hub — Dzianis Vislavus
ul. Różany Zakątek 22/1, 62-069 Dąbrówka, Poland
denis@eureturnshub.eu

If you are in the EEA and believe your rights have been infringed, you may also lodge a complaint with the competent supervisory authority in your country or in Poland.