Skip to content
Hephaestus
Home
Document

Privacy policy

How we collect, use, protect, and retain personal data.

Content

Last updated: May 19, 2026

Data controller

Controller: Hephaestus Studio S.L. Tax/VAT ID: B00000000 Address: Calle de la Forja 12, 46001 Valencia, Spain Privacy email: privacy@example.test Data protection officer, if applicable: privacy@example.test

Data we may process

We may process identity and contact details, billing and shipping data, order history, communications, preferences, technical browsing data, and any information you provide through forms or messages.

Purposes

We use data to manage enquiries, accounts, orders, payments, deliveries, returns, support, administrative communications, fraud prevention, legal compliance, service improvement, and, where you have consented, marketing communications.

Legal basis

The legal basis may be performance of a contract or pre-contractual steps, compliance with legal obligations, our legitimate interest in keeping the service secure and improving it, and your consent where required.

Recipients

We may share data with providers that help us operate the service: hosting, maintenance, email, analytics, payments, logistics, professional advice, or customer support tools. These providers must process data under our instructions and appropriate safeguards.

International transfers

If a provider processes data outside the European Economic Area or your jurisdiction, we will check that appropriate safeguards exist, such as adequacy decisions, standard contractual clauses, or other mechanisms recognised by applicable law.

Retention

We keep data for as long as necessary for the relevant purpose and for legally required periods. Consent-based data is kept until consent is withdrawn, unless another legal basis applies.

Rights

You can request access, rectification, erasure, objection, restriction, portability, or withdrawal of consent by writing to privacy@example.test. You may also complain to the competent data protection authority.

Security

We apply reasonable technical and organisational measures to protect data against loss, unauthorised access, alteration, or improper disclosure.

Minors

This site is not aimed at minors without authorisation from their legal representatives. If we detect improperly collected data, we will delete it where appropriate.