Your cart
There are no more items in your cart
Effective Date: 1 June 2026
This Privacy Policy explains how BMS Vital collects, uses, and protects your personal data when you visit our website or use our services, including newsletter subscriptions and marketing communications. We process personal data in accordance with the General Data Protection Regulation (GDPR) and applicable Dutch law.
1. Data Controller
BMS Vital, Paul Scholtenweg 70, 5652 XD Eindhoven, Netherlands. Email: hello@vita-store.eu. Phone: +31 6 21928433. Chamber of Commerce (KvK): 66792487. VAT number (BTW): NL002469137B55.
2. Data We Collect
We collect and process the following personal data: name and email address (when placing an order, creating an account, or subscribing to our newsletter); billing and shipping address; payment information (processed securely by Stripe — we do not store card details); IP address and browsing behaviour (via cookies and analytics tools); login and account information; and order history.
3. Legal Basis for Processing
We process your personal data on the following legal bases: performance of a contract (order fulfilment, shipping, billing, and account management); legitimate interest (fraud prevention, website security, and improving our services); consent (newsletter subscriptions, cookie preferences, and marketing communications); and legal obligation (tax and accounting records).
4. Purpose of Data Processing
Your data is used for order fulfilment and logistics; billing and invoicing; customer support; account management; fraud prevention; website analytics; sending newsletters and marketing communications (only with your consent); and compliance with legal obligations.
5. Newsletters and Marketing
We only send newsletters and marketing emails if you have explicitly consented. You may withdraw consent and unsubscribe at any time via the unsubscribe link in any email. Marketing communications may collect engagement statistics, such as email opens and clicks, for statistical and newsletter performance purposes only.
6. Cookies
Our website uses cookies for functionality, analytics, and marketing purposes. Non-essential cookies are only placed after your consent via our cookie banner. For full details, please see our Cookie Policy.
7. Sharing Data with Third Parties
We share personal data with third parties only to the extent necessary for service delivery. Our partners include FulfilmentCrowd (order fulfilment and logistics), Stripe (payment processing), Google Analytics (website analytics), and Meta platforms such as Facebook and Instagram (marketing and advertising services). These providers process personal data in compliance with the GDPR and applicable data protection laws. We do not sell personal data to third parties.
Some service providers may process personal data outside the European Economic Area (EEA). Where applicable, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.
8. Data Retention
We retain personal data for as long as necessary to fulfil the purposes described in this Policy, or as required by law. Order and billing data is retained for a minimum of 7 years in accordance with Dutch tax law. Newsletter subscription data is retained until you unsubscribe or withdraw consent.
9. Your Rights
Under the GDPR, you have the right to access your personal data; request rectification or deletion (unless retention is required by law); request restriction of processing; object to processing based on legitimate interest; withdraw consent at any time (without affecting the lawfulness of prior processing); and lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, autoriteitpersoonsgegevens.nl).
10. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, misuse, or disclosure. Our website uses SSL/TLS encryption, secure hosting infrastructure, restricted administrative access, and industry-standard security practices. Payment data is handled exclusively by Stripe using industry-standard encryption.
11. Children’s Privacy
This website is not intended for children under the age of 16. We do not knowingly collect personal data from children.
12. Contact
For questions about data protection or to exercise your rights, please contact us at hello@vita-store.eu. We aim to respond within 30 days as required by the GDPR.
13. Language
This Privacy Policy is drafted in the English language. Translations are provided for your convenience only. In the event of any inconsistency, the English version shall prevail.