Cart

Privacy Policy

Last updated: June 2026

1. Data Controller

HiFiHub
Zacisze 77C, 64-020 Borowo, Poland
Email: hifihubglobal@gmail.com

2. Data We Collect

To process your order we collect: name, email address, shipping address, and phone number. If you create an account, we also store your password in encrypted form (bcrypt hash) and β€” if you sign in via Google β€” your Google account ID and profile picture.

Server log files (IP address, browser type, access timestamp) are stored automatically for up to 7 days for technical security purposes (Art. 6(1)(f) GDPR).

3. Payment Processing – Stripe

All payments are handled by Stripe Payments Europe, Ltd. (Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland). Card details never pass through our servers and are not stored by us. Stripe may transfer data to the US under EU Standard Contractual Clauses. Stripe's privacy policy: stripe.com/privacy

4. Google Sign-In (OAuth)

If you sign in with your Google account, Google shares your name, email address, and profile picture with us. This data is used solely to identify your account. Provider: Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. Privacy policy: policies.google.com/privacy

5. Transactional Emails

Order confirmations and shipping notifications are sent via Brevo (Sendinblue SAS), 7 rue de Madrid, 75008 Paris, France. Brevo receives your email address and name for this purpose. Privacy policy: brevo.com/legal/privacypolicy

6. Hosting

The website is hosted on servers operated by Railway (Railway Corp.), 340 Pine Street, Suite 1501, San Francisco, CA 94104, USA. Data transfers to the US are covered by EU Standard Contractual Clauses. Privacy policy: railway.app/legal/privacy

7. Cookies

We use only technically necessary session cookies (shopping cart, language preference, currency, login state). These cookies do not require consent. No tracking or advertising cookies are set.

8. Sharing Data with Shipping Carriers

To deliver your order we share your name, shipping address, and where applicable your phone number with the relevant carrier (DPD, DHL, or Deutsche Post).

9. Retention Periods

Order data is retained in line with statutory obligations (10 years under Polish tax law). Account data is deleted upon request, provided no legal retention obligation applies.

10. Your Rights

Under GDPR you have the right to access (Art. 15), rectify (Art. 16), erase (Art. 17), restrict processing (Art. 18), data portability (Art. 20), and object (Art. 21). You also have the right to lodge a complaint with a supervisory authority.
Contact: hifihubglobal@gmail.com