Privacy Policy
Last updated: January 22, 2026 | Version 1.0
Contents
1. Who We Are
DripCase.eu is operated by 2Hills Ecommerce, a company registered in the Netherlands. We are the "data controller" for the personal data we collect from you, meaning we decide how and why your data is processed.
Company Name: 2Hills Ecommerce (trading as DripCase.eu)
Address: Uraniumweg 37, 3812 RJ Amersfoort, The Netherlands
Chamber of Commerce (KvK): 09171220
VAT Number: NL8180.05.129.B01
Email: info@dripcase.eu
Privacy Team: privacy@dripcase.eu
Phone: +31 33 820 0333
2. What Data We Collect
We collect different types of personal data depending on how you interact with our website and services.
2.1 Account Information
When you create an account or place an order, we may collect:
- Contact details: Name, email address, phone number
- Account credentials: Email and password (password is securely encrypted)
- Preferences: Language preference, communication preferences
- Date of birth: Only if you choose to provide it for birthday rewards
2.2 Order and Transaction Data
When you make a purchase, we collect:
- Order details: Products ordered, quantities, prices
- Delivery information: Shipping and billing addresses
- Payment information: Payment method type (we do not store your full card details - these are processed securely by our payment provider)
- Order history: Records of your past purchases
2.3 Technical Data
When you visit our website, we may automatically collect:
- Device information: Browser type, operating system, screen resolution
- Connection data: IP address (which may indicate your general location)
- Usage data: Pages visited, time spent on site, referring website
2.4 Optional Data (With Your Consent)
If you give us permission, we may also collect:
- Marketing preferences: Whether you want to receive newsletters and promotional emails
- Analytics data: How you interact with our site to help us improve
- Advertising data: Information to show you relevant advertisements
2.5 Data You Choose to Provide
- Reviews and ratings: Product reviews you submit
- Wishlist items: Products you save for later
- Support communications: Messages you send to our customer service
3. How We Use Your Data
We use your personal data for the following purposes:
3.1 Fulfilling Orders
- Processing and shipping your orders
- Sending order confirmations and shipping updates
- Processing returns and refunds
- Generating invoices for your records
3.2 Account Management
- Creating and maintaining your customer account
- Enabling you to view order history and track deliveries
- Managing your saved addresses and preferences
- Operating our loyalty program and rewards
3.3 Communication
- Responding to your questions and support requests
- Sending important service notifications (order updates, policy changes)
- With your consent: Sending marketing emails, newsletters, and promotional offers
3.4 Improving Our Services
- Analyzing how our website is used to improve user experience
- Identifying and fixing technical issues
- Developing new products and features based on customer feedback
3.5 Security and Fraud Prevention
- Protecting against fraudulent transactions
- Securing your account from unauthorized access
- Complying with legal requirements
3.6 Marketing (Only With Your Consent)
- Showing you relevant advertisements on other platforms
- Measuring the effectiveness of our marketing campaigns
- Personalizing your shopping experience
4. Legal Basis for Processing
Under GDPR, we must have a valid legal basis to process your personal data. We rely on the following:
| Purpose | Legal Basis |
|---|---|
| Processing orders and payments | Contract: Necessary to fulfill our agreement with you |
| Account management | Contract: Necessary to provide our services |
| Service communications | Contract: Necessary to keep you informed about your orders |
| Marketing emails | Consent: Only with your explicit permission |
| Analytics cookies | Consent: Only with your explicit permission |
| Advertising pixels | Consent: Only with your explicit permission |
| Fraud prevention | Legitimate interest: Protecting our business and customers |
| Tax and legal records | Legal obligation: Required by Dutch and EU law |
5. Who We Share Data With
We do not sell your personal data. We may share your data with trusted third parties who help us operate our business:
5.1 Payment Processing
Mollie (Netherlands) - Processes payments securely. They are PCI-DSS certified and based in the EU. We never see or store your full card details.
5.2 Shipping and Delivery
QLS Logistics and other carriers - Deliver your orders. They receive your name, address, and phone number as needed for delivery.
5.3 Email Services
Resend - Sends transactional emails (order confirmations, shipping updates) and marketing emails (if you've opted in).
5.4 Website Hosting
Vercel - Hosts our website infrastructure.
5.5 Analytics and Advertising (Only With Your Consent)
If you give consent via our cookie banner:
- Google Analytics: Helps us understand how visitors use our website
- Meta (Facebook/Instagram): Enables relevant advertising and measures campaign effectiveness
- TikTok: Enables relevant advertising on TikTok
5.6 Consent Management
Cookiebot (Denmark) - Manages your cookie preferences and helps us comply with privacy regulations.
6. International Data Transfers
Some of our service providers are based outside the European Economic Area (EEA), particularly in the United States. When we transfer data outside the EEA, we ensure appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs): EU-approved contractual terms that require the recipient to protect your data to EU standards
- EU-US Data Privacy Framework: Where applicable, transfers to US companies certified under this framework
You can request more information about these safeguards by contacting us at privacy@dripcase.eu.
7. Cookies and Tracking
We use cookies and similar technologies on our website. A cookie is a small file stored on your device that helps us provide a better experience.
7.1 Cookie Categories
| Category | Purpose | Your Choice |
|---|---|---|
| Necessary | Essential for the website to function (shopping cart, login, security) | Always active - required for the site to work |
| Preferences | Remember your settings (language, currency) | You can opt out |
| Statistics | Help us understand how visitors use our site (Google Analytics) | You can opt out |
| Marketing | Enable relevant advertising (Meta Pixel, TikTok Pixel) | You can opt out |
7.2 Managing Your Cookie Preferences
When you first visit our website, you'll see a cookie consent banner where you can choose which cookies to accept. You can change your preferences at any time by clicking the "Cookie Settings" link in our website footer.
7.3 Tracking Pixels
With your consent, we may use tracking pixels from Meta and TikTok. These help us measure the effectiveness of our advertising and show you relevant ads. When you make a purchase, we may share hashed (encrypted) information with these platforms to measure conversions. This data cannot be used to directly identify you.
8. Your Rights
Under GDPR, you have the following rights regarding your personal data:
Right to Access
You can request a copy of all personal data we hold about you. We'll provide this in a portable format (JSON) within 30 days.
Right to Rectification
You can ask us to correct any inaccurate or incomplete data. You can also update most information directly in your account settings.
Right to Erasure ("Right to be Forgotten")
You can request that we delete your personal data. Note: We may need to retain some data for legal reasons (e.g., order records for tax purposes for 7 years).
Right to Restrict Processing
You can ask us to limit how we use your data in certain circumstances.
Right to Data Portability
You can request your data in a machine-readable format to transfer to another service.
Right to Object
You can object to processing based on legitimate interests. You can also opt out of marketing at any time.
Right to Withdraw Consent
Where we process data based on consent, you can withdraw that consent at any time. This won't affect the lawfulness of processing before withdrawal.
How to Exercise Your Rights
You can exercise your rights in several ways:
- Self-service: Visit our Privacy Center to export your data or request deletion
- Email preferences: Manage your communication preferences in your account settings
- Cookie settings: Update your cookie preferences via the link in our footer
- Contact us: Email privacy@dripcase.eu for any privacy-related requests
We will respond to your request within 30 days. In complex cases, we may extend this by up to 60 additional days, but we'll inform you if this is necessary.
Right to Lodge a Complaint
If you believe we have not handled your data correctly, you have the right to lodge a complaint with the Dutch Data Protection Authority:
9. Data Retention
We keep your data only for as long as necessary for the purposes described in this policy or as required by law.
| Data Type | Retention Period | Reason |
|---|---|---|
| Account information | Until you delete your account | To provide our services |
| Order records | 7 years after purchase | Legal requirement (Dutch tax law) |
| Payment records | 7 years after purchase | Legal requirement |
| Marketing preferences | Until you unsubscribe | To respect your choices |
| Cookie consent records | Up to 3 years | Compliance documentation |
| Security logs | 2 years | Security and fraud prevention |
| Abandoned shopping carts | 90 days | Service improvement |
What Happens When You Delete Your Account
When you request account deletion:
- Your personal profile and login credentials are permanently deleted
- Your addresses, wishlists, and preferences are removed
- Order records are anonymized but retained for 7 years (legal requirement)
- You will receive confirmation when deletion is complete
10. Data Security
We implement appropriate technical and organizational measures to protect your personal data:
- Encryption: All data transmitted between your browser and our servers is encrypted using industry-standard TLS/SSL
- Secure passwords: Your password is stored using strong encryption - we can never see your actual password
- Payment security: Payments are processed by Mollie, a PCI-DSS Level 1 certified payment provider
- Access controls: Only authorized personnel can access personal data, and only for legitimate business purposes
- Regular reviews: We regularly review and update our security practices
11. Children's Privacy
Our website and services are intended for users aged 16 and older. We do not knowingly collect personal data from children under 16. If you are under 16, please do not create an account or provide us with any personal information.
If we discover that we have collected data from a child under 16 without proper parental consent, we will delete that data promptly. If you believe we may have collected data from a child, please contact us at privacy@dripcase.eu.
12. Changes to This Policy
We may update this privacy policy from time to time to reflect changes in our practices, services, or legal requirements.
When we make changes:
- We will update the "Last updated" date at the top of this policy
- For significant changes, we may notify you by email or display a prominent notice on our website
- We encourage you to review this policy periodically
Your continued use of our services after changes are posted constitutes acceptance of those changes.
13. Contact Us
If you have any questions about this privacy policy or how we handle your personal data, please contact us:
Privacy Team
Email: privacy@dripcase.eu
General Contact
Email: info@dripcase.eu
Phone: +31 33 820 0333
Address
2Hills Ecommerce
Uraniumweg 37
3812 RJ Amersfoort
The Netherlands
This privacy policy was last updated on January 22, 2026. Previous versions are available upon request.