Privacy Policy

Last updated: August 28, 2025

At NÓNE, transparency doesn’t just mean being clear about what’s inside our supplements — it also applies to your personal data. This Privacy Policy explains how we collect, use, store, and protect your information, in full compliance with the General Data Protection Regulation (GDPR) and other applicable laws.

This version applies to customers outside of Germany and the Netherlands. Local versions apply to those countries.

1. Who We Are

NÓNE is operated by:
Pand Apparel B.V.
Hogelanden WZ 94bs
3552AD Utrecht
The Netherlands
Chamber of Commerce (KVK): 75089602
Email: care@nonesupplements.com

We are the "Data Controller" for all personal data collected through our website and connected services.

2. What Data We Collect

We only collect what is strictly necessary to provide you with a smooth and secure experience. Depending on your interaction, we may process:

  • Identification Data: Name, email address, shipping and billing address.
  • Transaction Data: Order history, payment method (never stored by us), timestamps.
  • Communication Data: Emails, chats, or messages with our support team.
  • Technical Data: IP address, browser type, device ID, pages visited, time spent on site.
  • Marketing Data: Your preferences, if you have subscribed to marketing.
  • Health-related Data (optional): Only if you voluntarily share it with us (e.g., in a support inquiry).

We do not process sensitive data unless you actively choose to share it with us.

3. How We Collect Data

  • When you place an order.
  • When you create an account or subscribe to our newsletter.
  • When you contact our support.
  • When you use our website (via cookies & tracking tools).

4. Why We Use Your Data

We use your data to:

  • Process and ship orders.
  • Communicate with you regarding your order or inquiries.
  • Send product updates or marketing (only if you have consented).
  • Improve our website and user experience.
  • Detect fraud or misuse.

Legal grounds under GDPR:

  • Performance of a contract (e.g., to deliver your order).
  • Legal obligation (e.g., for tax records).
  • Legitimate interest (e.g., for analysis & optimization).
  • Consent (e.g., for marketing or optional cookies).

5. Storage & Protection

Your data is securely stored on GDPR-compliant platforms. We use strong encryption (SSL/TLS), access controls, and limited retention periods.

Platforms used:

  • Shopify (E-commerce, EU/US hosting)
  • Klaviyo (Email marketing, US, Standard Contractual Clauses)
  • Google Analytics (Anonymized analysis)

Data Processing Agreements (DPAs) are in place with all providers.

6. Retention

We store data only as long as necessary or legally required:

  • Order & Payment Data: 7 years (Tax & Accounting).
  • Support Messages: 1 year.
  • Marketing Data: Until consent is withdrawn.
  • Cookies/Analytics: See Cookie Policy.

Thereafter, data is deleted or anonymized.

7. Data Sharing

We only share your data when necessary, and only with trusted partners:

  • Payment Providers (e.g., Stripe, PayPal)
  • Shipping Partners (e.g., postal services & couriers)
  • IT Service Providers (e.g., hosting, backups)
  • Analysis & Marketing (e.g., Google, Klaviyo)

All partners are GDPR-compliant. Data transfers outside the EU occur only with Standard Contractual Clauses or equivalent guarantees.
We never sell your data. Period.

8. Your Rights

You have the right to:

  • Access your stored data.
  • Rectify incorrect data.
  • Erasure of your data ("Right to be forgotten").
  • Restrict processing.
  • Object (e.g., against marketing).
  • Data Portability.
  • Withdraw consent at any time.

To exercise these rights, email: care@nonesupplements.com.
Responses are generally provided within 30 days. You may also lodge a complaint with your supervisory authority (in NL: Autoriteit Persoonsgegevens).

9. Cookies & Tracking

We use cookies and similar tools to:

  • Keep the website running stably.
  • Understand user behavior.
  • Show relevant content & ads (only with consent).

Details can be found in our Cookie Policy.

10. International Transfers

As some providers are located outside the EU, data may be transferred internationally. For this, we use:

  • EU–US Data Privacy Framework certified providers.
  • Standard Contractual Clauses (SCCs).

This ensures your data protection remains at EU levels.

11. Privacy of Minors

Our site and products are not intended for persons under the age of 18. We do not knowingly collect data from children.

12. Changes

We may update this policy. The current version is always available on our website. Significant changes will be communicated via email.

13. Contact

Questions or concerns?
Write to us at: care@nonesupplements.com
We are real people. Responses are usually provided within 48 hours.