Heythemis (“we,” “us,” or “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website, use our marketplace, or interact with us.

Heythemis is registered in England and complies with the UK General Data Protection Regulation (UK GDPR) and other applicable privacy laws. By using our services, you consent to the collection and use of your information in accordance with this policy.

1. Who We Are

Heythemis is an online marketplace that connects conscious consumers with sustainable footwear brands. We also provide a B2B platform for designers, manufacturers, and suppliers within the ethical footwear industry.

Company Name: Heythemis Ltd

Registered Address: 27 Old Gloucester Street, London, WC1N 3AX

Company Number: 15163617

Email: contact@heythemis.com

2. What Personal Data We Collect

We collect and process different types of personal data depending on how you interact with Heythemis.

2.1 Information You Provide to Us

• Account Information: When you create an account as a customer or vendor, we collect your name, email address, password, and contact details.

• Order Information: When you make a purchase, we collect your billing and shipping address, phone number, and payment details (processed securely via third-party providers).

• Vendor Information: If you register as a vendor, we may collect business details, payment preferences, and documentation to verify compliance with our sustainability policies.

• Customer Support: If you contact us for support, we may collect information related to your inquiry.

2.2 Information We Automatically Collect

When you use our website, we may collect the following information through cookies and similar technologies:

• Device Information: IP address, browser type, operating system, and device identifiers.

• Usage Data: Pages visited, time spent on the site, referral sources, and interactions with features.

• Transaction Data: Purchase history and order details.

2.3 Information from Third Parties

• We may receive personal data from payment processors, logistics providers, or business partners when necessary to complete transactions or improve our services.

3. How We Use Your Information

We use personal data to:

• Provide and improve our marketplace services.

• Process transactions, payments, and order fulfillment.

• Communicate with you regarding orders, account updates, and customer support inquiries.

• Personalize your shopping experience and recommend products.

• Monitor and prevent fraudulent activity or security threats.

• Comply with legal obligations and enforce our Terms & Conditions.

We do not sell or rent your personal data to third parties.

4. Legal Basis for Processing Personal Data

Under the UK GDPR, we process your data based on the following legal grounds:

• Contractual Necessity: To provide our services, process payments, and fulfill orders.

• Legitimate Interests: To improve our platform, prevent fraud, and personalize user experiences.

• Consent: When you opt-in to marketing communications or agree to cookies.

• Legal Compliance: When required by law, such as tax reporting or fraud prevention.

5. Marketing & Communications

• If you subscribe to our newsletter, we may send you updates about new brands, promotions, or sustainability insights.

• You can opt out of marketing emails at any time by clicking the unsubscribe link in our emails or contacting us.

• We do not share your information with third parties for marketing purposes without your explicit consent.

6. Cookies & Tracking Technologies

Heythemis uses cookies to enhance your browsing experience. Cookies help us:

• Remember your preferences and login details.

• Analyze website traffic and improve functionality.

• Display relevant product recommendations.

You can control cookie settings through your browser. For more details, visit our Cookie Policy.

7. How We Share Your Data

We only share your personal data in the following situations:

• With Vendors: When you place an order, your shipping details are shared with the vendor fulfilling your purchase.

• With Payment Providers: Payments are securely processed by third-party providers (e.g., Stripe, PayPal).

• With Logistics & Delivery Services: To facilitate shipping and delivery.

• With Legal Authorities: If required by law for fraud prevention, legal compliance, or government requests.

• With Service Providers: Third-party companies that help us operate Heythemis, such as website hosting and analytics.

We ensure that all third parties handling personal data comply with data protection laws.

8. International Data Transfers

If you access Heythemis from outside the UK, your data may be transferred to servers located in the UK or other countries where our service providers operate. We take steps to ensure that international data transfers comply with applicable privacy laws.

9. Data Retention

• We keep your personal data as long as necessary for the purposes outlined in this policy.

• Account data is retained until you request deletion.

• Order history and transaction data may be kept for legal and tax obligations.

• If you unsubscribe from marketing emails, we will stop sending communications but retain your request to prevent future contact.

10. Your Rights Under UK GDPR

As a user in the UK, you have the following rights regarding your personal data:

• Right to Access: Request a copy of the personal data we hold about you.

• Right to Rectification: Request corrections if your data is inaccurate or incomplete.

• Right to Erasure: Request deletion of your personal data, subject to legal obligations.

• Right to Restriction: Request that we limit processing of your data in certain circumstances.

• Right to Object: Object to processing based on legitimate interests or direct marketing.

• Right to Data Portability: Request a copy of your data in a structured, machine-readable format.

To exercise your rights, contact us at support@heythemis.com. We may need to verify your identity before processing requests.

11. Data Security

We implement strict security measures to protect your data, including:

• Secure encryption of sensitive information.

• Restricted access to personal data on a need-to-know basis.

• Regular security audits and compliance checks.

Despite our efforts, no online platform can guarantee 100% security. Users are responsible for keeping their account credentials confidential.

12. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in laws or business operations. We will notify you of significant changes via email or platform notifications. Continued use of Heythemis after updates means you accept the revised policy.

13. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, contact us:

Email: support@heythemis.com

Address: 27 Old Gloucester Street, London, WC1N 3AX

For data protection concerns, you may also contact the UK Information Commissioner’s Office (ICO) at www.ico.org.uk.