Privacy policy

Last updated: May 2026

This privacy policy explains how Elhe Globe bv, trading as Vanmoofista, collects, uses, stores and protects personal data through this website, webshop and repair services.

Vanmoofista is an independent repair and parts business specialised in VanMoof bicycles. Vanmoofista is not affiliated with, endorsed by, or officially connected to VanMoof.

1. Who we are

Data controller: Elhe Globe bv
Trading name: Vanmoofista
Website: vanmoofista.com
Email: elisa(at)vanmoofista.com
VAT number: BE0795240345
Registered office: Eeuwfeestlaan 205, 2500 Lier, Belgium

For privacy-related questions or requests, contact us by email.

2. Personal data we collect

2.1 Webshop and order data

When you place an order through the webshop, we may collect:

  • first name and last name
  • company name, if entered
  • VAT number, if entered
  • billing address
  • shipping address
  • email address
  • phone number, if entered
  • order contents
  • order notes
  • payment method
  • payment status
  • transaction reference
  • shipping method
  • tracking information
  • customer account details, if you create an account

We use this data to process orders, arrange payment, prepare shipment, provide customer support, handle returns or warranty issues, and meet accounting obligations.

2.2 Contact forms, repair requests and appointments

When you contact us through a form, email, appointment request or repair request, we may collect:

  • name
  • email address
  • phone number, if provided
  • bike model
  • frame number, if provided
  • repair issue or diagnostic information
  • photos or files, if uploaded
  • message content
  • preferred appointment or delivery information

We use this data to answer requests, diagnose issues, prepare quotes, arrange appointments, provide repair support, and keep a record of communication.

2.3 Payment data

Payments are processed through Mollie Payments for WooCommerce. During payment, Mollie may receive information necessary to process the transaction, such as name, billing details, order amount, payment method, transaction reference, payment status and limited order information.

We do not store full card details on this website. Mollie processes payment-related personal data according to its own privacy policy.

2.4 Shipping data

When we ship an order, we share the necessary delivery information with the selected courier. This may include name, delivery address, email address, phone number where required, parcel reference, tracking number and delivery status.

Depending on the shipment, we may use couriers such as Bpost, DPD, PostNL, DHL, or another courier selected for the parcel.

2.5 Invoice and accounting data

We use order and customer data to create invoices, packing slips and accounting records. This may include name, company name, VAT number, billing address, order details, payment status, invoice number, invoice date, VAT amount and total amount.

Accounting and invoice data is retained as required by Belgian tax and accounting law.

2.6 Email and website communication logs

The website may send transactional emails, such as order confirmations, payment updates, shipping notifications, form notifications, password reset emails, customer service messages and invoice emails.

Because we use WP Mail SMTP and WP Mail Logging, outgoing website emails or email metadata may be logged for troubleshooting, fraud prevention, customer support and proof of communication.

These logs may include recipient email address, sender email address, subject, date and time, delivery status, and message content depending on plugin configuration. Email logs are retained only for a limited period.

2.7 Technical and security data

When you visit the website, technical data may be processed automatically. This may include IP address, browser type, device type, operating system, pages visited, date and time of visit, error logs, security logs and server logs.

We use this data to keep the website secure, diagnose technical problems, prevent abuse and ensure the webshop works correctly.

2.8 Backups

We use UpdraftPlus for website backups. Backups may contain data stored in the WordPress database, including orders, customer details, form submissions, invoices, plugin settings, email logs and website content.

Backups are used only for security, recovery and maintenance purposes. They are stored securely and retained only as long as necessary.

3. Why we process personal data

We process personal data for the following purposes and legal bases:

  • processing webshop orders: performance of a contract
  • processing payments: performance of a contract
  • shipping orders: performance of a contract
  • providing repair services: performance of a contract or pre-contractual steps
  • answering contact forms and messages: legitimate interest or pre-contractual steps
  • creating invoices and accounting records: legal obligation
  • handling warranty, returns, disputes and customer support: contract and legitimate interest
  • website security and fraud prevention: legitimate interest
  • email delivery and troubleshooting: legitimate interest
  • website backups and recovery: legitimate interest
  • optional marketing, only if enabled: consent
  • optional analytics or tracking, only if enabled: consent

We do not sell personal data.

4. Plugins and services used on the website

Our WordPress website uses plugins and services that may process personal data where necessary for website operation.

  • WooCommerce
  • Mollie Payments for WooCommerce
  • PDF Invoices & Packing Slips for WooCommerce
  • Fluent Forms
  • WP Mail SMTP
  • WP Mail Logging
  • UpdraftPlus
  • Polylang
  • Duplicate Content Addon for Polylang
  • Yoast SEO
  • Spectra
  • Easy HTTPS (SSL) Redirection
  • WPCode Lite and/or Code Snippets
  • VOD Infomaniak, if used for video or media hosting
  • website hosting provider
  • couriers used for delivery
  • accounting or invoicing providers where required

Some plugins may not independently receive personal data, but they may operate on the website where personal data is stored.

5. Data sharing

We share personal data only when necessary for the purposes described in this policy.

Personal data may be shared with payment providers, couriers, hosting providers, email service providers, accounting or invoicing providers, accountants, tax advisors, IT service providers, backup/storage providers, authorities, courts or regulators when legally required.

We do not sell personal data.

6. International transfers

Where possible, we use providers located in the European Union or European Economic Area. If a provider processes data outside the EEA, we rely on appropriate safeguards required by GDPR, such as adequacy decisions, standard contractual clauses or equivalent legal mechanisms.

7. Data retention

We do not keep personal data longer than necessary.

  • WooCommerce orders and invoices: 7 years, or longer if legally required
  • Accounting and VAT records: 7 years, or longer if legally required
  • Contact form submissions: 12 to 24 months
  • Repair/customer communication: warranty period plus reasonable dispute period
  • Email logs: 30 to 90 days
  • Website backups: 30 to 90 days, unless a longer backup is needed for security or recovery
  • Security/server logs: 30 to 90 days
  • Failed or abandoned orders: 30 to 90 days, unless needed for support, security or accounting
  • Customer accounts: until deletion request, unless order or invoice data must be retained

Some data may be retained longer if required for legal claims, tax obligations, fraud prevention, accounting, warranty or dispute handling.

8. Security

We take reasonable technical and organisational measures to protect personal data. These may include HTTPS/SSL encryption, restricted administrator access, backups, security updates, plugin updates, access controls, email delivery controls, secure hosting and limited data retention.

No website or online transmission is completely risk-free. We work to reduce risks and protect the data we process.

9. Your rights

Under GDPR, you have the right to access your personal data, correct inaccurate data, request deletion, request restriction of processing, object to processing, request data portability, withdraw consent where processing is based on consent, and lodge a complaint with a supervisory authority.

In Belgium, the supervisory authority is the Belgian Data Protection Authority.

To exercise your rights, contact us at: elisa(at)vanmoofista.com

We may need to verify your identity before processing a request. Some data cannot be deleted immediately if we must retain it for legal, accounting, tax, warranty, fraud-prevention or dispute-resolution reasons.

10. Customer accounts

If customer accounts are enabled, customers may have an account containing name, email address, billing address, shipping address, order history and password-protected login details.

Passwords are not stored in plain text. Customers may request account deletion. Order and invoice records may still be retained where legally required.

11. Forms and uploaded files

If a form allows file uploads, uploaded files may be stored on the website or sent by email.

Do not upload unnecessary personal data or sensitive information unless needed for the repair or request. Uploaded photos may show bike parts, frame numbers, accessories, documents or other details. We use these only to process the request.

12. Children

This website is not directed at children. We do not knowingly collect personal data from children.

13. Changes to this policy

We may update this privacy policy when our website, webshop, plugins, services or legal obligations change. The latest version is always published on this page.

Shopping Cart
Scroll to Top