Privacy Policy

Last updated: 25 April 2026

1. Introduction

Amora Digital B.V. (“we”, “us”, “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store and protect your information when you visit or make a purchase from pinkpeck.com (the “Website”).

This Privacy Policy is issued in compliance with the EU General Data Protection Regulation (GDPR) and the Dutch GDPR Implementation Act (Uitvoeringswet AVG).

2. Data Controller

The data controller responsible for your personal data is:

  • Company: Amora Digital B.V.
  • Chamber of Commerce (KVK) number: 99536811
  • Contact email: [email protected]

For any privacy-related questions or to exercise your rights, please contact us at the email above.

3. What Information We Collect

We collect personal data that you provide directly to us, as well as information collected automatically when you use the Website.

3.1 Information you provide

  • Account information: name, email address, password (encrypted)
  • Order information: billing and shipping address, phone number, items purchased
  • Payment information: processed directly by our payment providers; we do not store full card details
  • Communication: messages you send via contact forms, email or customer support
  • Marketing preferences: newsletter subscriptions and consent choices

3.2 Information collected automatically

  • Technical data: IP address, browser type, device type, operating system
  • Usage data: pages visited, time spent, referring website, click behaviour
  • Cookies and similar technologies: see our Cookie Policy

4. How We Use Your Information

We process your personal data only for specific, legitimate purposes:

  • To process and deliver orders: verify identity, process payments, ship products, handle returns
  • To manage your account: provide login access, save preferences, manage order history
  • To communicate with you: send order confirmations, shipping updates, customer support responses
  • To send marketing communications: only with your explicit consent, and you can unsubscribe at any time
  • To improve our services: analyse Website usage, fix technical issues, develop new features
  • To comply with legal obligations: tax records, fraud prevention, regulatory reporting
  • To protect our rights: prevent fraud, misuse and security threats

5. Legal Basis for Processing

Under GDPR, we process your data on the following legal bases:

  • Contractual necessity (Article 6(1)(b)): to fulfil your order and provide our services
  • Legal obligation (Article 6(1)(c)): to comply with tax, accounting and consumer protection laws
  • Legitimate interest (Article 6(1)(f)): to improve our services, prevent fraud and ensure Website security
  • Consent (Article 6(1)(a)): for marketing communications, non-essential cookies and other optional processing

6. Sharing Your Information

We do not sell your personal data. We share information only with trusted third parties who help us operate our business, and only to the extent necessary:

  • Payment processors: to process transactions securely
  • Shipping and fulfilment providers: to deliver your orders
  • IT and hosting providers: to host the Website and store data securely
  • Email and marketing platforms: to send transactional and marketing communications
  • Analytics providers: to understand Website performance (in anonymised form where possible)
  • Legal and regulatory authorities: when required by law or to protect our legal rights

All third-party providers are bound by data protection agreements and may only process your data for the purposes we specify.

7. International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). Where this is the case, we ensure appropriate safeguards are in place, including:

  • EU Standard Contractual Clauses (SCCs)
  • Adequacy decisions issued by the European Commission
  • Other lawful transfer mechanisms under GDPR

8. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this Policy or as required by law:

  • Order and transaction records: 7 years (Dutch tax law requirement)
  • Account data: for as long as your account is active, plus a reasonable period after closure
  • Marketing data: until you withdraw consent or unsubscribe
  • Website analytics: typically 14–26 months
  • Customer support communications: up to 3 years after the last contact

After the retention period, data is securely deleted or anonymised.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

  • SSL/TLS encryption of all data transmitted between your browser and our servers
  • Secure password hashing
  • Restricted access controls for staff and third-party providers
  • Regular security reviews and updates
  • Secure payment processing through PCI-DSS compliant providers

While we take reasonable precautions, no method of transmission or storage is 100% secure. You are responsible for keeping your account credentials confidential.

10. Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access (Article 15): request a copy of the data we hold about you
  • Right to rectification (Article 16): request correction of inaccurate or incomplete data
  • Right to erasure (Article 17): request deletion of your data (“right to be forgotten”)
  • Right to restriction (Article 18): request that we limit processing of your data
  • Right to data portability (Article 20): receive your data in a structured, machine-readable format
  • Right to object (Article 21): object to processing based on legitimate interest or for marketing purposes
  • Right to withdraw consent: at any time, where processing is based on consent
  • Right not to be subject to automated decision-making (Article 22)

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.

11. Right to Lodge a Complaint

If you believe we have not handled your personal data correctly, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):

You may also contact the data protection authority in your EU country of residence.

12. Children’s Privacy

Our Website and services are intended exclusively for adults aged 18 or older. We do not knowingly collect personal data from minors. If we discover that we have collected data from someone under 18, we will delete it immediately. If you believe we may have such data, please contact us.

13. Cookies

We use cookies and similar technologies to operate the Website, remember your preferences, and analyse usage. For details, please see our Cookie Policy.

14. Third-Party Links

The Website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. We encourage you to review their privacy policies before providing any personal data.

15. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised “Last updated” date. Material changes will be communicated where practical.

16. Contact Us

For any questions about this Privacy Policy or how we handle your personal data:

Amora Digital B.V.
Email: [email protected]
KVK: 99536811