Privacy
Policy

The responsible controller and processor of the collected data is:

We may forward data required for payment processing to Maksekeskus AS, Stripe, or PayPal Holdings Inc., depending on the payment method selected by the customer.

2.1. Device Information

When you visit the site, we collect:

• IP address
• browser information
• time zone
• cookies
• browsing behavior (pages viewed, referrals, search terms)

Collected through:

• Cookies
• Log files
• Web beacons, tags, pixels

2.2. Order Information

When you make or attempt to make a purchase or reservation, we collect:

• name
• billing & shipping address
• payment details (we do not store full card numbers)
• e-mail
• phone number
• purchase or booking history

“Personal Information” refers to both Device Information and Order Information.

We use Personal Information to:

• process and fulfill orders and bookings,
• provide invoices, confirmations, and shipping,
• offer customer support,
• manage refunds,
• analyze purchase trends,
• prevent fraud and improve site performance.

Device Information is used for:

• identifying security risks,
• optimizing user experience and marketing.

We share Personal Information only when necessary with:

• Payment providers
• Transport and courier companies
• Accounting service providers
• IT and hosting services
• Analytics providers (e.g., Google Analytics)

We may also share data to comply with legal obligations or lawful requests from authorities.

All processors must provide GDPR-compliant security.

Access to Personal Information is available only to authorized Hype Group OÜ personnel for:

• technical troubleshooting,
• order handling,
• customer support.

We implement organizational, physical, and IT security measures to prevent loss, unauthorized access, or unlawful processing.

We process Personal Information under:

• performance of contract (orders, reservations),
• legal obligations (accounting, dispute handling),
• legitimate interest (fraud prevention, business improvement).

If you are an EU resident, you have the right to:

• access your data,
• request correction or deletion,
• restrict processing,
• object to processing,
• request data portability.

To exercise your rights, contact:

Requests are answered within 30 days.

• Order Information — stored until deletion is requested.
• Purchase history (no customer account) — 3 years.
• Accounting information — 7 years (as required by Estonian law).
• Dispute-related data — until resolved.

We do not alter our data collection when receiving a Do Not Track browser signal.

This Privacy Policy may be updated to reflect operational or legal changes. Updates will be posted with a new effective date.

Customer complaints regarding data processing should be sent to:

If unresolved, customers may contact the Estonian Data Protection Inspectorate:

For questions or concerns about privacy matters, contact: