hopelle · soft essentials for little hoppers
Back to Hopelle
Legal · Hopelle S.r.l.

Privacy policy

Hopelle treats your personal data with care. This policy explains what we collect, why we collect it, who we share it with, and the rights you have under the EU General Data Protection Regulation (GDPR).

Last updated · May 4, 2026

1. Data controller

The data controller is Hopelle S.r.l., registered office at Via dei Glicini 12, 20144 Milano, Italy (REA MI - 2587419). For any privacy request, write to privacy@hopelle.shop.

2. What we collect

Waitlist

When you join the waitlist, we collect: your email address, your first name (optional), the colour and size you selected, and the timestamp of your submission.

Orders (when stock returns)

When you place an order, we collect: identification data (first name, last name), contact data (email, phone if you provide it), shipping and billing address, order content and amount, and payment method identifier (the card number itself is processed by our payment service provider and is not stored on our servers).

Customer service

When you contact us, we keep the content of your message and our reply for as long as needed to handle your request and any follow-up.

Site usage

We collect minimal, aggregated technical data (page views, device type, coarse geographic region) to monitor performance. See our Cookie policy for details.

3. Why we use it (legal bases)

  • Contract performance · processing orders, shipping, returns, after-sales support.
  • Consent · waitlist notifications, optional marketing emails, non-essential cookies. You can withdraw your consent at any time.
  • Legal obligation · accounting, tax and consumer protection record-keeping under Italian law.
  • Legitimate interest · fraud prevention, network security, defending legal claims, and basic anonymous analytics.

4. How long we keep it

  • Waitlist email · until the product is restocked and you are notified, plus 6 months, or until you ask us to delete it.
  • Order data · 10 years from invoice date, as required by Italian tax and accounting rules (Art. 2220 of the Italian Civil Code).
  • Customer service correspondence · 3 years from last contact.
  • Server logs · 12 months maximum.

5. Who we share it with

We share strictly necessary data with the following categories of processors, all bound by data-processing agreements:

  • Hosting provider (Vercel Inc.).
  • Payment service provider, for card processing.
  • Shipping carrier, for delivery.
  • Email service provider, for waitlist and order notifications.

We never sell your personal data, and we never share it with third parties for their own marketing.

6. Transfers outside the EEA

Some processors are established in countries outside the European Economic Area. Where this is the case, transfers are framed by the European Commission’s Standard Contractual Clauses and, where relevant, supplementary technical measures (encryption in transit and at rest).

7. Your rights

Under the GDPR, you have the right to:

  • access the personal data we hold about you,
  • request correction of inaccurate data,
  • request erasure (the “right to be forgotten”),
  • request restriction of processing,
  • request portability of the data you have provided,
  • object to processing based on legitimate interest,
  • withdraw your consent at any time, and
  • lodge a complaint with the Italian supervisory authority, the Garante per la protezione dei dati personali (garanteprivacy.it).

To exercise any of these rights, write to privacy@hopelle.shop. We respond within one month at the latest.

8. Security

We apply technical and organisational measures appropriate to the sensitivity of the data, including TLS encryption in transit, role-based access control, regular dependency updates and a documented incident response plan.

9. Updates

This policy may be updated. The current version is always available at this URL, with the “last updated” date shown above.