Privacy Policy

Privacy Policy for Studio van den Heuvel

Owner: Kjeld van den Heuvel
Business: Studio van den Heuvel, CVR: 41750030
Website: https://kjeldvandenheuvel.com
Location: Denmark

At Studio van den Heuvel, your privacy is of utmost importance. This Privacy Policy outlines how we collect, use, process, and safeguard your personal data in accordance with applicable Danish and EU data protection laws, including the General Data Protection Regulation (GDPR).

1. Who We Are

Studio van den Heuvel is a small creative studio owned by Kjeld van den Heuvel. We produce, sell, and ship original artwork and prints via our website. We are committed to protecting the privacy and personal data of our customers and website visitors.

2. Personal Data We Collect

2.1 WooCommerce Orders

When you purchase products through our website, we collect personal data necessary to process and fulfill your orders. This includes:

  1. First name and last name
  2. Email address
  3. Phone number
  4. Shipping and billing addresses

We share this information solely with Gelato for printing and shipping purposes. We do not share your data with Google, Meta, or other social media platforms.

2.2 Contact Forms and Inquiries

When you submit inquiries via our contact forms, we collect:

  1. Name
  2. Email address
  3. Message content

This allows us to respond efficiently to your inquiries. Messages are stored only for as long as necessary to provide a response.

2.3 Security and Anti-Spam

We use reCAPTCHA to protect our website from spam and abuse. reCAPTCHA may collect minimal technical information, such as IP addresses and browser behavior, for security purposes. This data is processed in accordance with reCAPTCHA’s privacy policy.

2.4 Analytics

We use Google Site Kit (Google Analytics) and MonsterInsights to collect anonymized website analytics to improve usability and performance. The data collected includes:

  1. Anonymized IP addresses
  2. Country or region
  3. Pages visited, session duration, and other engagement metrics

These tools differentiate between human visitors and bots to provide accurate statistics. No additional personal profiling occurs, and no personal data is sold or shared with third parties.

2.5 Cookies

Our website uses cookies to:

  • Enable WooCommerce functionality, including shopping cart, login, and checkout
  • Support basic website analytics

You can manage or block cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

3. Who We Share Your Data With

Your personal data is shared only with trusted service providers for specific purposes:

  1. Gelato – order fulfillment and shipping
  2. reCAPTCHA – spam prevention
  3. Analytics providers – anonymized IPs and visitor statistics for website performance

We never sell your personal data to third parties.

4. Legal Basis for Processing

We process your personal data under the following legal bases, as defined by GDPR:

  1. Performance of a contract (order processing)
  2. Consent (newsletter subscriptions, cookies, analytics)
  3. Compliance with legal obligations (accounting and tax)
  4. Legitimate interest (website security, fraud prevention, analytics)

5. Data Retention

  1. WooCommerce order data is retained for administrative, legal, and accounting purposes, following Danish law.
  2. Contact form submissions are retained only as long as necessary to respond to inquiries.
  3. Analytics data is anonymized and retained in accordance with service provider policies.

6. Your Rights

Under GDPR, you have the following rights regarding your personal data:

  1. Access your personal data
  2. Request correction or deletion
  3. Receive a portable copy of your data
  4. Withdraw consent at any time
  5. Object to processing for legitimate interests, marketing, or analytics
  6. Lodge a complaint with a Danish or EU supervisory authority

To exercise these rights, contact: vandenheuvel.kjeld@gmail.com

7. Data Protection Measures

We implement technical and organizational safeguards to protect your data, including:

  1. Secure hosting and HTTPS encryption
  2. Access controls limiting internal access to personal data
  3. Regular monitoring and security audits
  4. Staff training on data protection principles

8. Data Breach Procedures

In the unlikely event of a data breach, we will:

  1. Notify affected individuals promptly
  2. Report the breach to the Danish Data Protection Agency and other authorities as required by law
  3. Take remedial action to prevent recurrence

9. Automated Decision-Making

We do not use automated decision-making or profiling that legally or significantly affects individuals.

10. Regulatory Compliance

We comply with all applicable Danish and EU data protection, e-commerce, and consumer protection laws.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

12. Contact Information

For any questions regarding this Privacy Policy or the processing of your personal data, please contact:

Kjeld van den Heuvel
Email: vandenheuvel.kjeld@gmail.com

Scroll to top

Please contact me if you would like to use my pictures,