Premium StickerPremium Sticker

Privacy Policy

Last updated: May 2026

This Privacy Policy describes how Premium Sticker, sole proprietor ("we", "us") collects and processes personal data of users of premium-sticker.com, in accordance with the EU General Data Protection Regulation (GDPR) and Kosovo Law No. 06/L-082 on the Protection of Personal Data.

1. Data we collect

  • Order data: name, email, phone, shipping address, order content.
  • Customer designs: the files you upload to print.
  • Payment data: handled exclusively by Stripe, PayPal, or Klarna — we never store full card numbers.
  • Technical data: IP address, browser, pages visited (audit log + analytics).
  • Communications: emails you send us via the contact form.

2. Purposes & legal bases

  • Order processing — contract execution (Art. 6.1.b GDPR).
  • Fraud prevention, security log — legitimate interest (Art. 6.1.f).
  • Accounting & tax — legal obligation (Art. 6.1.c) — 10-year retention.
  • Marketing newsletters — explicit consent (Art. 6.1.a), unsubscribe anytime.

3. Retention

  • Order data: 10 years (accounting obligation).
  • Customer designs: 1 year after the last order, then deleted.
  • Audit log: 12 months.
  • Newsletter subscription: until you unsubscribe.

4. Recipients

Your data is shared exclusively with:

  • Stripe, PayPal, Klarna (payment).
  • Carriers (Posta e Kosovës, DHL, etc.) — name + address only.
  • Resend / SMTP provider — for transactional emails.
  • Cloudflare (Turnstile anti-bot, CDN).

We never sell or rent your data.

5. International transfers

Some sub-processors are based outside Kosovo or the EU. Where so, transfers rely on Standard Contractual Clauses (Art. 46 GDPR) or adequacy decisions.

6. Your rights

Under GDPR, you can:

  • Access the data we hold on you;
  • Rectify inaccurate data;
  • Erase your data (right to be forgotten, except for accounting obligations);
  • Restrict or object to processing;
  • Receive your data in a portable format;
  • Withdraw consent at any time.

Send your request to [email protected]. We reply within 30 days.

7. Supervisory authority

In Kosovo: Information and Privacy Agency (AIP). EU residents may complain to their national DPA.

8. Cookies

See our Cookie Policy.

9. Security

We use HTTPS, CSP, rate limiting, brute-force protection, encrypted backups, and an audit log for all admin actions. See our security overview in the support documentation.

Data controller: Premium Sticker, sole proprietor · [À COMPLÉTER — adresse complète] · [email protected]