Skip to content
Furaoh

Privacy policy

Last updated: 2026-05-15

We process the minimum personal data needed to ship you a printed pet tag or keychain and to keep our business running. We don't sell your data, we don't run advertising trackers, and we delete uploaded photos shortly after your order is delivered. The full picture is below.

  1. 1. Who's responsible for your data

    Furaoh, based in Bemmel, The Netherlands, is the data controller for personal data you provide through furaoh.com. You can reach us at info@furaoh.com for any privacy question, request, or complaint.

  2. 2. What we collect

    When you order, we collect: your name, email address, shipping address, phone number (if you provide one), order details (products, prices, shape, texture, language), and the pet photo plus any text you placed in the editor. We also collect basic technical data through your browser (IP address, user agent, referrer) for security and aggregate analytics. We never collect your full credit card or bank details — Mollie handles that and only returns a payment status to us.

  3. 3. Why we process it

    We process this data to: produce and ship your order; send order confirmations and shipping updates; respond when you contact us; comply with Dutch tax and accounting law; protect against fraud and abuse; and run aggregate, privacy-friendly analytics so we can improve the shop.

  4. 4. Legal bases (GDPR Article 6)

    Order processing and customer support: performance of a contract (Art. 6(1)(b)). Tax and accounting retention: legal obligation (Art. 6(1)(c)). Fraud prevention, network security, aggregate analytics: legitimate interest (Art. 6(1)(f)). Marketing emails (if you sign up): consent (Art. 6(1)(a)) — you can unsubscribe at any time.

  5. 5. How long we keep it

    Order records (invoice, address, items, paid amount): 7 years from the year of the order, as required by Dutch tax law. Per-order archive (invoice PDF, packing slip, your final design files, relief map): kept alongside the order record for 7 years, as part of the legally required accounting archive (Art. 6(1)(c)). The archive is held on our own EU-hosted server, never shared, and used only to satisfy tax-audit and reprint-claim obligations. Uploaded pet photos that did NOT end up in a paid order: deleted within 30 days of upload. Contact-form messages: 24 months from receipt. Marketing-list email addresses: until you unsubscribe. Server access logs: rolling 30 days, shorter where possible.

  6. 6. Who else sees your data

    We share the minimum needed to fulfil your order: • Mollie B.V. (NL) — to process payment. • PostNL, DHL or Sendcloud — to ship your parcel (name + address only). • Resend (transactional email provider) — to send confirmation and shipping emails. • Our cloud host (server in the EU) — to run the site and store data at rest. • Plausible Analytics (EU-hosted, cookieless) — to count page views without tracking individuals. We do not sell your data, share it for advertising, or transfer it for unrelated purposes.

  7. 7. International transfers

    All our processors above are based in the EU or the EEA. We do not knowingly transfer your personal data outside the EU. If a future processor is outside the EU, we'll only use them under the European Commission's standard contractual clauses or an equivalent legal safeguard.

  8. 8. Your rights

    Under the GDPR you have the right to access, correct, delete, restrict, or port your personal data, and to object to processing based on legitimate interest. Email info@furaoh.com and we'll respond within 30 days. If you're unhappy with our response, you can file a complaint with the Dutch data protection authority (Autoriteit Persoonsgegevens, autoriteitpersoonsgegevens.nl).

  9. 9. Cookies

    We use a small number of strictly-necessary cookies to keep your cart and admin session working. We do not use advertising cookies and we do not track you across sites. Plausible analytics is cookieless. See furaoh.com/cookies for the full list.

  10. 10. Security

    Traffic between your browser and our server is encrypted with TLS. Data at rest sits in an EU-hosted database with restricted access. We follow standard security practice: limited admin accounts, regular software updates, and backups. No system is perfect, but we treat your data carefully.

  11. 11. Changes to this policy

    When we change anything material, we'll update the "Last updated" date at the top and, where relevant, email customers who are affected. Older versions are kept on request.

  12. 12. Contact

    Questions, complaints, or requests under the GDPR: info@furaoh.com. We aim to respond within a few working days and at most within 30 days.