Spring Core collection just dropped 🌸
free worldwide shipping over €200 📦

Search

Menu

Cart
Your cart is empty

Privacy Policy

Privacy Policy – HILLS WEAR

Last updated: 07 January 2026

§1 General Provisions

This Privacy Policy defines the rules for processing personal data by the online store HILLS WEAR, available at https://hillswear.com/ (hereinafter: the “Store”).

The controller of personal data is HILLS WEAR FILIP GIZA, ul. Szamarzewskiego 21/2, 60-514 Poznań, Poland, VAT ID (NIP): 9241911699 (hereinafter: the “Controller”).

This Privacy Policy has been prepared in accordance with:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR),

  • Polish data protection regulations,

  • the Act on the provision of electronic services.

By using the Store, the User confirms that they have read this Privacy Policy.

§2 Data Controller

The controller of personal data is:
HILLS WEAR FILIP GIZA
ul. Szamarzewskiego 21/2
60-514 Poznań, Poland
E-mail: store@hillswear.com

The Controller processes personal data in accordance with applicable law and applies appropriate technical and organisational measures to ensure data protection.

§3 Scope of Processed Data

The Controller may process the following personal data:

1) Order-related data:

  • first and last name,

  • delivery address,

  • e-mail address,

  • phone number,

  • billing details.

2) Customer Account data:

  • first and last name,

  • e-mail address,

  • password (stored in encrypted form).

3) Payment data:

  • processed via payment operators (Shopify Payments, Przelewy24, PayPal);
    the Controller does not have access to full card payment details.

4) International shipping data:

  • data required for customs clearance in accordance with the law of the destination country.

5) Returns and complaints data:

  • order number,

  • description of the issue,

  • photographic documentation,

  • e-mail correspondence.

6) Technical and analytical data:

  • IP address,

  • device and browser information,

  • cookies,

  • activity data within the Store (analytics).

§4 Purposes and Legal Bases of Processing

Personal data are processed for the following purposes:

  1. Order fulfilment and sales contract performance
    (Article 6(1)(b) GDPR).

  2. Handling returns and complaints
    (Article 6(1)(c) GDPR – legal obligation).

  3. Creation and management of a Customer Account
    (Article 6(1)(b) GDPR).

  4. Customer contact and enquiry handling
    (Article 6(1)(f) GDPR – legitimate interest of the Controller).

  5. Direct marketing of the Controller’s own products

    • based on the User’s consent (Article 6(1)(a) GDPR), or

    • based on the Controller’s legitimate interest (Article 6(1)(f) GDPR).

  6. Analytics and statistics
    (Google Analytics, Meta Pixel, TikTok Pixel)
    (Article 6(1)(f) GDPR).

  7. Compliance with accounting and tax obligations
    (Article 6(1)(c) GDPR).

Profiling is used solely to tailor marketing content and does not produce legal effects or similarly significantly affect the User.

§5 Data Recipients

Personal data may be transferred only to entities necessary for service provision, including:

  • payment service providers (Shopify Payments, Przelewy24, PayPal),

  • courier and logistics companies (InPost and international carriers),

  • accounting and legal service providers,

  • analytics and marketing platforms (Google, Meta, TikTok),

  • public authorities, where required by law.

The Controller does not sell personal data to third parties.

§6 Transfers Outside the European Economic Area (EEA)

Personal data may be transferred outside the EEA only to entities ensuring an adequate level of data protection, in particular based on:

  • Standard Contractual Clauses approved by the European Commission, or

  • recognised data protection frameworks (e.g. Data Privacy Framework).

This applies in particular to services provided by Shopify, Google, Meta and TikTok.

§7 Data Retention Period

Personal data are retained for the following periods:

  • order data – 5 years (tax and accounting obligations),

  • Customer Account data – until the account is deleted,

  • complaints and returns data – 3 years after case completion,

  • e-mail correspondence – up to 2 years,

  • marketing data – until consent is withdrawn or an objection is raised.

§8 Rights of Data Subjects

The User has the right to:

  • access their personal data,

  • rectify data,

  • erase data (“right to be forgotten”),

  • restrict processing,

  • data portability,

  • object to processing,

  • withdraw consent at any time,

  • lodge a complaint with the supervisory authority.

Requests may be submitted to: store@hillswear.com

§9 Obligation or Voluntariness of Providing Data

Providing personal data is voluntary but necessary to conclude a contract and fulfil an order.
Failure to provide data may result in the inability to process an order or handle a complaint.

§10 Cookies

The Store uses cookies:

  • necessary for proper website operation,

  • analytical cookies,

  • marketing cookies.

Analytical and marketing cookies are used only after obtaining the User’s consent, which may be withdrawn at any time via the cookie settings available on the Store’s website or in the User’s browser.

§11 Data Security

The Controller applies appropriate security measures, including:

  • SSL encryption,

  • system-level security safeguards,

  • encrypted passwords,

  • restricted access to personal data for authorised personnel only.

§12 Changes to the Privacy Policy

The Controller reserves the right to amend this Privacy Policy.
The current version is always available on the Store’s website.
In the event of material changes, registered Customers will be notified by e-mail.

    Don't miss any drops and subscribe to our newsletter
    Apple Pay BLIKGoogle Pay Przelewy24 Visa Mastercard Shop Pay PayPal © HILLS WEAR – all rights reserved

    Language

    Country/region