Identity of the Controller

MadeByBarry
Established in the Netherlands
KvK number: Not yet registered

MadeByBarry is responsible for the processing of personal data as described in this Privacy Policy.

Personal Data We Collect

We collect personal data when you:

  • Visit our website
  • Place an order
  • Contact us via our contact form

We may collect the following data:

  • First and last name
  • Billing and shipping address
  • Email address
  • Payment information (processed via payment provider)
  • IP address
  • Browser and device information

Purpose and Legal Basis for Processing

We process personal data for the following purposes:

  • To process and fulfill orders
  • To handle payments
  • To provide customer support
  • To prevent fraud
  • To improve our website and services
  • To comply with legal obligations

Legal bases under GDPR include:

  • Performance of a contract
  • Compliance with legal obligations
  • Legitimate interest
  • Consent (for marketing or non-essential cookies)

Payments

Payments are processed via third-party payment providers (such as Stripe, PayPal, Mollie, or similar depending on integration).

We do not store full credit or debit card details on our servers. Where payment details are saved for future purchases, this is handled securely via tokenization by the payment provider.

Cookies

Our website uses cookies.

Essential Cookies

These are required for the proper functioning of the webshop, including:

  • Shopping cart functionality
  • Login sessions
  • Security measures

These cookies do not require consent.

Analytical and Marketing Cookies

If we use services such as Google Analytics or advertising platforms, we request prior consent via a cookie banner before placing these cookies.

You can adjust your cookie preferences at any time via your browser settings or our cookie management tool.

Sharing of Personal Data

We share personal data only where necessary for business operations or legal compliance.

This may include:

  • Payment providers
  • Hosting providers
  • IT service providers
  • Accounting services
  • Shipping carriers such as PostNL or DHL

Where third parties process data on our behalf, we enter into data processing agreements in accordance with GDPR requirements.

If personal data is transferred outside the European Economic Area (EEA), appropriate safeguards are implemented in accordance with GDPR standards.

Data Retention

We retain personal data only as long as necessary for the purposes outlined above.

  • Order data: minimum 7 years (Dutch tax retention obligation)
  • Customer service communications: up to 12 months after resolution

Your Rights Under GDPR

Under the General Data Protection Regulation (GDPR), you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure (“right to be forgotten”)
  • Restrict processing
  • Object to processing
  • Data portability

We may ask for identity verification before processing your request.

You also have the right to lodge a complaint with the Dutch supervisory authority, the Autoriteit Persoonsgegevens.

Data Security

We implement appropriate technical and organizational security measures, including:

  • Regular software updates
  • SSL encryption
  • Secure hosting environment
  • Restricted access to personal data

Changes to This Policy

We reserve the right to update this Privacy Policy at any time.
The latest version will always be published on this page.