HAIST TAKES YOUR PRIVACY SERIOUSLY. THIS POLICY EXPLAINS WHAT PERSONAL DATA WE COLLECT, WHY WE COLLECT IT, AND HOW IT IS USED. WE OPERATE IN ACCORDANCE WITH THE EU GENERAL DATA PROTECTION REGULATION (GDPR).

DATA WE COLLECT

WHEN YOU PLACE AN ORDER: NAME, EMAIL ADDRESS, SHIPPING ADDRESS, AND PAYMENT DETAILS (PROCESSED BY OUR PAYMENT PROVIDER — WE DO NOT STORE CARD DATA).

WHEN YOU SIGN UP FOR THE NEWSLETTER: EMAIL ADDRESS ONLY.

WHEN YOU BROWSE THE SITE: ANONYMISED ANALYTICS DATA (PAGE VIEWS, REFERRAL SOURCE) VIA GOOGLE ANALYTICS AND UMAMI.

HOW WE USE YOUR DATA

ORDER DATA IS USED TO FULFIL YOUR PURCHASE, SEND SHIPPING UPDATES, AND HANDLE RETURNS OR ENQUIRIES. NEWSLETTER ADDRESSES ARE USED ONLY TO SEND HAIST UPDATES — UNSUBSCRIBE AT ANY TIME VIA THE LINK IN ANY EMAIL. ANALYTICS DATA HELPS US UNDERSTAND HOW PEOPLE FIND AND USE THE SITE; IT IS NEVER SOLD OR SHARED WITH THIRD PARTIES.

DATA SHARING

WE USE SHOPIFY TO PROCESS ORDERS AND PAYMENTS. SHOPIFY PROCESSES YOUR DATA ON OUR BEHALF UNDER A GDPR-COMPLIANT DATA PROCESSING AGREEMENT. WE DO NOT SELL, RENT, OR TRADE YOUR PERSONAL DATA WITH THIRD PARTIES FOR MARKETING PURPOSES.

YOUR RIGHTS

UNDER GDPR YOU HAVE THE RIGHT TO ACCESS, CORRECT, OR DELETE THE PERSONAL DATA WE HOLD ABOUT YOU. YOU MAY ALSO OBJECT TO PROCESSING OR REQUEST DATA PORTABILITY. EMAIL US AT CONTACT@HAIST.ONE TO EXERCISE ANY OF THESE RIGHTS — WE WILL RESPOND WITHIN 30 DAYS.

CONTACT

QUESTIONS ABOUT THIS POLICY? EMAIL CONTACT@HAIST.ONE.

LAST UPDATED: [DATE] — PLACEHOLDER, REPLACE WITH FINAL LEGAL TEXT BEFORE LAUNCH.