Privacy policy
This Privacy Policy describes how hololife.com (the “Site”, “we”, “us”) collects, uses, and discloses your personal information when you visit or make a purchase.
Contact
Controller: HOLOLIFE Center OÜ
Registered address: Tööstuse 43-100, 10411 Tallinn, Estonia
To reach our support, please contact us from the website.
Postal inquiries can be sent to the address above.
Our Role and Shopify’s Role
For data collected through this store, we are the data controller. Shopify provides the ecommerce platform and acts as our data processor for most store and checkout operations. Shopify may also act as a separate controller for limited activities required to operate and secure its platform (e.g., fraud prevention, platform analytics, Shopify Payments). See Shopify’s DPA and Privacy Policy.
Collecting Personal Information
We collect information about your device and how you interact with the Site, and information needed to process purchases and provide support. “Personal Information” means information about an identifiable person.
-
Device information
- Purpose: load the Site, keep it secure, and perform analytics to improve it.
- Source: collected automatically via cookies, log files, web beacons/tags/pixels (e.g., Google, Meta/Facebook, TikTok) where enabled.
- Disclosure: shared with our processor Shopify and, where applicable, analytics/advertising partners.
- Personal Information: browser type/version, IP address, time zone, cookie identifiers, pages/products viewed, search terms, and Site interactions.
-
Order information
- Purpose: provide products/services, process payments, arrange shipping, send invoices/confirmations, communicate, screen for risk/fraud, and—if you opt in—send marketing.
- Source: collected from you during checkout or account creation.
- Disclosure: Shopify (storefront/checkout), fulfillment and logistics (e.g., AfterShip), marketing/CRM (e.g., Klaviyo), and payment gateways (e.g., PayPal, Stripe, Shopify Payments).
- Personal Information: name, billing/shipping address, email, phone, order details, payment method details (token/last 4—not full card numbers).
-
Customer support information
- Purpose: resolve inquiries and provide support.
- Source: collected from you via forms, email, or messaging.
- Disclosure: support tools (e.g., Help Scout) and messaging channels (e.g., Facebook Messenger) as needed to service your request.
Data Shopify Controls in Its Own Capacity
Shopify may act as a separate controller for: merchant account information (store owner name/email/billing), platform usage analytics, fraud/risk/security operations, and Shopify Payments data (if used).
Using Personal Information
We use personal information to operate the Site; offer products; process payments; fulfill, ship, and return orders; provide support; prevent fraud; comply with legal obligations; and—if you consent—send marketing communications.
Lawful Basis for Processing (EEA / Estonia)
Under the GDPR (EU) 2016/679 and the Estonian Personal Data Protection Act (Isikuandmete kaitse seadus), we process your personal data on one or more of the following lawful bases:
- Consent (Art. 6(1)(a)): e.g., newsletters, marketing cookies.
- Performance of a contract (Art. 6(1)(b)): checkout, fulfillment, customer service.
- Legal obligation (Art. 6(1)(c)): tax, accounting, consumer protection.
- Legitimate interests (Art. 6(1)(f)): site security, fraud prevention, analytics, service improvements—balanced against your rights.
- Vital interests (Art. 6(1)(d)): in rare cases, to protect an individual’s life or safety.
We only process special categories of data (Art. 9) if required by law or with your explicit consent.
Retention
We retain order records as required by law. Under Estonian law, commercial and accounting records are generally kept for seven (7) years after the end of the financial year to which they relate. Other data is retained only as long as needed for the purposes above or until you exercise your rights.
Automatic Decision-Making
We do not make decisions solely by automated means that produce legal or similarly significant effects. Shopify uses limited automated anti-fraud checks (e.g., temporary IP or payment blacklists) to protect the platform.
Your Rights
If you are in the EEA/Estonia, you may request access, rectification, erasure, restriction, objection to processing, and data portability. You may withdraw consent for marketing at any time. To exercise rights, use the “Contact” details above or the tools in your account (where available). We will coordinate with Shopify to action valid requests.
Data Transfers
Shopify stores/processes data in Canada and the United States. International transfers rely on appropriate safeguards, including the EU Standard Contractual Clauses and Canada’s adequacy status. We reflect these transfers in this Policy and our agreements with Shopify and other vendors.
Sharing Personal Information
We share personal information with service providers to deliver our services and fulfill contracts with you, or where required by law (e.g., lawful requests from authorities). Examples include Shopify (store platform), payment providers (Stripe/PayPal/Shopify Payments), fulfillment providers (shipping/returns), analytics/advertising partners, and customer support tools.
Shopify privacy information: https://www.shopify.com/legal/privacy
Behavioural Advertising
We may use cookies and similar technologies to deliver relevant ads. You can opt out using partner tools and your browser settings.
- Google: Ads settings • GA Opt-out
- Facebook/Meta: Ad preferences
- Microsoft (Bing): Personalized ads
- DAA opt-out: https://optout.aboutads.info/
Minors
The Site is not intended for individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided data, contact us to request deletion.
Mobile Messages
If you opt into our SMS/text service, you agree to receive recurring messages at the number you provide. Message/data rates may apply. Frequency varies. You can opt out at any time by replying STOP or using the unsubscribe link (where available). For help, reply HELP or email support@hololifecenter.com. You do not need to consent to SMS to make a purchase.
The Site may use cookies to detect cart activity (including abandoned carts) to send cart reminders via SMS, where permitted.
Cookies
We use functional, performance, and advertising cookies. Most browsers let you control cookies via settings. Blocking cookies may impact Site functionality.
Shopify’s current cookie list: https://www.shopify.com/legal/cookies. Your store’s cookies may vary based on features and apps you enable.
Cookies Necessary for the Store to Function
Examples include: _secure_session_id, _shopify_country, cart, cart_sig, checkout, checkout_token, secure_customer_sig, _tracking_consent. Durations range from session to up to 2 years. See Shopify’s cookie page for the authoritative list.
Reporting and Analytics
Examples include: _shopify_s, _shopify_y, _y, _shopify_sa_t, _shopify_sa_p, _landing_page, _orig_referrer. Durations typically range from session to 1 year.
Do Not Track
There is no industry standard for responding to “Do Not Track” signals, so we do not adjust our practices when such signals are detected. You can control cookies and personalized ads using the tools above.
Changes
We may update this Policy to reflect changes to our practices or legal requirements. We will post the updated version here and change the date below.
Complaints
You can contact us using the details in “Contact.” You also have the right to contact your local data protection authority.
Last updated: 12th of November 2025

