Privacy Policy
Effective Date: [16. October 2025]
At Highest Shift, we respect your privacy and are committed to protecting your personal data.
This Privacy Policy explains how we collect, use, and safeguard your information when you purchase our digital products or visit our website.
1. Data Controller
Controller (according to GDPR Art. 4):
Tessa Poppe
Sole Proprietorship – Highest Shift
Kurfuerstendamm 94, 10709 Berlin
2. Information We Collect
We collect and process personal information that you voluntarily provide to us, including:
- Identity Data: your name, email address, and country (for billing)
- Payment Data: details processed securely via third-party providers (Payhip, Stripe, PayPal)
- Purchase Data: product purchased, date of transaction, delivery method
- Technical Data: browser type, operating system, IP address (for analytics and fraud prevention)
3. How We Use Your Information
Your personal data is processed for the following purposes:
- To deliver the digital product you purchased
- To process and confirm your payment
- To send purchase confirmations, invoices, and download links
- To provide customer support
- To comply with legal and tax obligations
- If you have opted in, to send occasional marketing or product updates (you may unsubscribe anytime)
4. Legal Basis for Processing (GDPR Art. 6)
We process your data based on:
- Contract performance (Art. 6(1)(b)): to deliver your purchased product
- Legal obligation (Art. 6(1)(c)): to meet accounting/tax laws
- Consent (Art. 6(1)(a)): if you subscribe to newsletters
- Legitimate interest (Art. 6(1)(f)): to protect against fraud and ensure service quality
5. Third-Party Services
We use the following trusted third parties for data processing:
- Payhip Ltd. (UK) – E-commerce platform & hosting provider
- https://payhip.com/privacy
- Stripe Payments Europe Ltd. (Ireland) – Payment processing
- https://stripe.com/privacy
- PayPal (Europe) S.à r.l. et Cie, S.C.A. (Luxembourg) – Payment processing
- https://www.paypal.com/privacy
Each provider acts in compliance with GDPR and international data protection standards.
6. Data Retention
We store your personal data only as long as necessary for:
- the fulfillment of the contract,
- legal recordkeeping (up to 10 years under German tax law), or
- until you request deletion (if legally permissible).
7. Your Rights Under the GDPR
You have the following rights:
- Right of access – Request a copy of your personal data
- Right to rectification – Correct inaccurate or incomplete data
- Right to erasure (“Right to be forgotten”)
- Right to restrict or object to processing
- Right to data portability – Receive data in a common format
- Right to withdraw consent (if applicable)
To exercise any of these rights, contact us at: support@highestshift.com
8. International Transfers
Some of our third-party service providers (e.g., Payhip, Stripe, PayPal) may process data outside the EU (e.g., UK, USA).
In such cases, data transfers are based on adequate safeguards such as the EU–UK adequacy decision or Standard Contractual Clauses (SCCs) approved by the European Commission.
9. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, or loss.
Your payment details are encrypted and processed only by certified payment providers.
10. Cookies & Tracking
Payhip may use essential cookies to enable website functionality.
We do not use invasive tracking or profiling cookies.
You can control or disable cookies through your browser settings.
11. Updates to This Policy
We may update this Privacy Policy occasionally.
The most recent version will always be available on this page with the effective date updated accordingly.
12. Contact
For privacy-related questions or GDPR requests, please contact:
Based in Germany – Serving customers worldwide