Last updated: 03.03.2026
This Privacy Policy explains how Gearrista ApS ("Gearrista", "we", "us", "our") collects, processes, and protects personal data when you visit gearrista.com, and all subdomains, make a purchase, place a pre-order, or otherwise interact with our services (the "Services").
We process personal data in accordance with applicable data protection legislation, including the EU General Data Protection Regulation (GDPR).
1. Data Controller
Gearrista ApS
Navervej 6
7100 Vejle
Denmark
CVR no. 44282542
Email: contact@gearrista.com
Gearrista ApS is the data controller for personal data processed under this Privacy Policy.
2. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. The latest version will always be available on our website, and the "Last updated" date will be revised accordingly.
3. Personal Data We Collect
The personal data we collect depends on how you interact with us.
Information You Provide Directly
We may collect:
Name, email address, phone number
Billing and shipping address
Order and pre-order details
Payment confirmation (processed via secure payment providers)
Account information (if applicable)
Customer support correspondence
Providing certain information is necessary to complete purchases or use specific services. Failure to provide required information may limit access to certain Services.
Information Collected Automatically
When you visit our website, we may collect:
IP address
Device and browser information
Pages visited and interactions
This data is collected through cookies and similar technologies. See our Cookie Policy for details.
Information from Third Parties
We may receive personal data from trusted third parties, including:
Shopify (store platform provider)
Payment service providers
Analytics and marketing providers (subject to consent when required)
Third-party data is processed in accordance with this Privacy Policy.
4. Legal Basis for Processing
We process personal data only where a lawful basis applies.
Contractual Necessity (GDPR Art. 6(1)(b))
Processing orders and pre-orders
Handling payments and deliveries
Providing customer support
Legatimate Interests (GDPR Art. 6(1)(f))
Improving website functionality
Preventing fraud and misuse
Maintaining service security
Consent (GDPR Art. 6(1)(a))
Marketing communications
Certain analytics or cookies
Consent can be withdrawn at any time.
5. Cookies
We use cookies to ensure proper website functionality, improve performance, and analyze usage.
You may manage or withdraw consent via Cookie Settings. Blocking certain cookies may affect site functionality.
We respect Global Privacy Control (GPC) signals where applicable.
For further details, see our Cookie Policy.
6. Sharing of Personal Data
We may share personal data with:
Payment processors
Hosting providers
Logistics partners
Technical and analytics providers
Public authorities where required by law
Such parties act as data processors under contractual agreements or, where applicable, as independent data controllers.
We do not sell personal data.
7. International Transfers
Some service providers may process personal data outside the EU/EEA.
Where applicable, transfers are safeguarded through:
EU Standard Contractual Clauses (SCCs), or
Adequacy decisions or equivalent legal mechanisms.
8. Data Retention
We retain personal data only as long as necessary:
Order and accounting data: in accordance with statutory requirements (typically five years)
Marketing data: until consent is withdrawn
Customer support data: as required to resolve inquiries
Data is deleted or anonymized when no longer necessary.
9. Your Rights
Subject to applicable law, you may have the right to:
Access your personal data
Rectify inaccurate data
Request erasure
Restrict or object to processing
Withdraw consent
Data portability
Requests can be submitted to contact@gearrista.com
We may require identity verification before responding.
10. Children’s Data
Our Services are not directed at children under 16 years of age. We do not knowingly collect personal data from minors.
11. Security
We implement appropriate technical and organizational measures to protect personal data.
However, no system can guarantee absolute security.
12. Complaints
If you believe your personal data has been processed unlawfully, you may:
Contact us directly, or
Lodge a complaint with the relevant supervisory authority.
Supervisory Authority (Denmark)
Datatilsynet
Carl Jacobsens Vej 35
2500 Valby
Denmark
You may file a complaint with Datatilsynet if you believe your personal data has been processed in violation of applicable law.
