<

Privacy Policy & Cookie Notice

Effective Date: [Insert Date]
Owner: 1pen (Helene Larsen)

At 1pen, your privacy is important to us. This Privacy Policy explains how we collect, use, and protect your personal data when you use our website, purchase digital products, or interact with us. It also includes our Cookie Notice in compliance with the General Data Protection Regulation (GDPR, EU 2016/679) and the most recent EU privacy guidelines (2025 updates).

1. Data Controller

The Data Controller responsible for your information is:

1pen (Helene Larsen)
[Insert Address]
📧 [Insert Contact Email]

2. What Data We Collect

We may collect the following categories of data:

  • Identity & Contact Information: name, email address, billing details.
  • Purchase Information: records of digital product purchases, invoices, and payment confirmations.
  • Technical Information: IP address, browser type, device details, location (approximate).
  • Cookies & Usage Data: see section 7 (Cookies).

We do not collect sensitive data (such as health, religion, political beliefs) unless explicitly required by law.

3. Legal Basis for Processing

We process personal data on the following legal bases:

  • Contract: to provide products/services you purchase.
  • Consent: for email marketing, analytics cookies, or newsletter subscriptions.
  • Legitimate Interest: to improve our website, protect against fraud, and secure our services.
  • Legal Obligation: to maintain tax/accounting records.

4. How We Use Your Data

Your data is used to:

  • Process and deliver your purchases.
  • Provide customer support and answer inquiries.
  • Send product updates, newsletters, or marketing (only with consent).
  • Improve website functionality and content.
  • Comply with legal obligations.

We do not sell, rent, or trade your data with third parties.

5. Data Storage & Retention

  • Personal data is stored securely on GDPR-compliant servers.
  • Data is retained only as long as necessary:
    • Purchase/accounting records: up to 7 years (legal requirement).
    • Marketing consent data: until you withdraw consent.
    • Cookies: see section 7.
  • When data is no longer required, it is securely deleted or anonymized.

6. Your Rights (GDPR)

You have the following rights:

  • Right of Access: request a copy of your data.
  • Right to Rectification: correct inaccurate data.
  • Right to Erasure: request deletion (“right to be forgotten”).
  • Right to Restrict Processing: limit how we use your data.
  • Right to Data Portability: receive data in a structured, machine-readable format.
  • Right to Object: stop processing based on legitimate interest or direct marketing.
  • Right to Withdraw Consent: for cookies, newsletters, or other optional processing.

To exercise your rights, contact us at 📧 [Insert Email].

7. Cookies & Tracking

Our website uses cookies and similar technologies:

  • Essential Cookies: required for the website to function (shopping cart, login).
  • Analytics Cookies: help us understand site traffic and usage (only active with your consent).
  • Marketing Cookies: track browsing to provide relevant ads/newsletters (only active with consent).

Cookie Consent (Updated 2025 Standard)

  • You will be asked to accept, reject, or customize cookies upon first visit.
  • Consent must be freely given, informed, and revocable at any time.
  • A “Manage Cookies” option is always available in the footer.

8. Third-Party Services

We may use trusted third-party providers:

  • Payment Processors (Stripe, PayPal, etc.) – handle transactions securely.
  • Email Providers (Mailchimp, MailPoet, or equivalent) – manage newsletters.
  • Analytics Tools (Google Analytics or alternatives) – monitor usage (with consent).

Each provider complies with GDPR or equivalent international standards.

9. Data Transfers

If data is transferred outside the EU/EEA, we ensure it is protected under:

  • Adequacy decisions by the European Commission, or
  • Standard Contractual Clauses (SCCs).

10. Security

We use appropriate technical and organizational measures to protect your data, including:

  • Encryption of data in transit (SSL/HTTPS).
  • Secure storage of files.
  • Restricted access controls.

11. Children

Our services are not directed at individuals under 16. We do not knowingly collect data from children.

12. Changes to This Policy

We may update this policy from time to time. Updates will be published on this page with a new effective date. Continued use of our services after updates indicates acceptance.

13. Contact

For questions or requests regarding this policy, contact us at:
📧 [Insert Email]