Privacy Statement

Returnista is committed to maintaining your privacy and ensuring transparency and fairness in our personal data practices. This Privacy Statement explains how Returnista (together with its affiliates) collects, stores, uses, and discloses personal data about individuals (referred to as "you" and “B2B users”) who interact with our websites ("Visitors"), including, and any other website, webpage, e-mail, text message, or online ad under our control (collectively referred to as "Sites").

Company name: Returnista B.V.

CoC registration: 69019460

Company address: Olympisch Stadion 12, 1076 DE, Amsterdam, The Netherlands

Visitors address: Koivistokade 76A, 1013 BB, Amsterdam, The Netherlands

We urge you to read this Privacy Statement carefully and ensure that you fully understand and agree to it. If you do not agree to this Privacy Statement, please refrain from using our Services. This Privacy Statement describes how Returnista collects, stores, uses and discloses data.

Please note that providing Personal Data (defined in our Privacy Statement) is entirely voluntary and not legally required. You may choose whether or not to provide us with Personal Data, and you are free to do so at your discretion. If you choose not to provide Personal Data or do not wish for it to be processed by us or any of our Service Providers (defined in our Privacy Statement), please avoid using our Sites or Services. 

1. Data Collection

Through our Services, we collect different types of personal data from both Users and Visitors to our Sites. This data is typically obtained through interactions with our Service, automatic means, or directly from you, other Users, B2B customers, or other third parties (including Service Providers and "Cookie Providers" as defined below).

We collect the following categories of data, which is considered "Personal Data" if it pertains to an identifiable individual:

Data Automatically Collected or Generated: When you visit, interact with, or use our Service, we may collect, record, or generate technical data about you. We do this independently or with the help of third-party Service Providers (as defined in Section 4 below), which includes the use of "cookies" and other tracking technologies (as explained in Section 5 below).

This data consists of connectivity, technical, and aggregated usage data, such as IP addresses, general locations, device data (such as type, operating system, mobile device ID, browser version, locale, and language settings), usage time stamps, cookies and pixels installed or utilized on your device, and recorded activity (such as sessions, clicks, and other interactions) of Visitors and Users in relation to our Service. Additionally, phone calls (e.g., with our customer success or product consultants) may be automatically recorded, tracked, and analyzed for purposes such as analytics, service, operations, business quality control and improvements, and record-keeping purposes.

When you sign up for our Service, contact us, or request a demo or enter into an agreement of other sorts with us, you may provide us with Personal Data, including your name, address, billing information, account login details (email address, which are immediately hashed and passwords), images, related websites, and any other data you choose to provide while interacting with our Service or others. This is known as "User Data."

Our customers and Users may provide us with the contact details of their employees, team members, and colleagues to allow us to contact, invite, or subscribe them as Users to our Service. This includes data such as names, phone numbers, and work email addresses.

We may also receive Personal Data from other third-party sources. For instance, if you participate in an event, webinar, or promotion that we sponsor or take part in, we may receive your Personal Data from its organizers. Additionally, we may receive your contact and professional details, such as your name, company, position, contact details, and work position, from our business partners or service providers through the use of commonly used tools and channels for connecting between companies and individuals to explore potential business and employment opportunities, such as LinkedIn and other data sources.

We may also receive Personal Data concerning you from our customers and third-party platforms we integrate with, such as Shopify™. This data includes your customers’ purchase history, and order information. Please note that we do not receive or store your passwords for any third-party services but may typically require your API key to integrate with them.

Finally, we use analytics tools, such as Google Analytics, Hotjar and Amplitude, to collect data about the use of our Sites and Service. These tools collect data such as how often Users and Visitors visit or use the Sites or Service, which pages they visit and when, and which website, ad or email message brought them there.

2. Data Uses

We use Personal Data as necessary for the performance of our Service, to comply with our legal and contractual obligations, and to support our legitimate interests in maintaining and improving our Service. This includes understanding how our Service is used and how our campaigns are performing, gaining insights to help us allocate our resources more efficiently in marketing, advertising, and selling our Service to you and others, and developing our services and algorithms. We also use Personal Data to provide customer service and technical support, and to protect and secure our Users, customers, Visitors, ourselves, the public, and our Service.

If you reside or are using the Service in a territory governed by privacy laws that require "consent" as the only or most appropriate legal basis for processing Personal Data, your use of the Service will be deemed as your consent to the processing of your Personal Data for all purposes detailed in this Privacy Statement. If you wish to revoke such consent, please contact us by email at

Specifically, we use Personal Data for the following purposes:

a) To facilitate, operate, and provide our Service including the creation of shipment labels at partnered carriers, submission of returns data to Warehouse Management Systems and potentially other return-related services that are part of the Service offering.

b) To verify and carry out financial transactions in connection with payments made by customers using the Service.

c) To authenticate the identity of our Users and allow them access to our Service.

d) To provide assistance and support to our Visitors, Users, and customers.

e) To gain a better understanding of how Visitors and Users evaluate, use, and interact with our Service and how we can improve their user experience and overall performance of our Service.

f) To facilitate and optimize our marketing campaigns, ad management, and sales operations, and to manage and deliver advertisements for our products and services more effectively, including on other websites and applications.

g) To contact our Visitors, Users, and customers (existing or prospective) with general or personalized service-related messages and promotional messages that may be of specific interest to them.

h) To facilitate, sponsor, and offer certain events, contests, and promotions.

i) To publish feedback, user stories, and submissions in our public forums and blogs.

j) To support and enhance our data security measures, including preventing and mitigating the risks of fraud, error, or any illegal or prohibited activity.

k) To create aggregated data, inferred non-personal data, or anonymized or pseudonymized data, which we or our business partners may use to provide and improve our respective services or for any other purpose.

l) To comply with applicable laws and regulations.

3. Data Location & Retention

Data Location: Your Personal Data is maintained, processed, and stored by us and our authorized Service Providers (defined below) within the European Economic Area. 

Returnista’s data is stored in Frankfurt, Germany, a jurisdiction which is considered by the European Commission to be offering an adequate level of protection for the Personal Data of EU Member State residents.

Data Retention: We will retain your Personal Data for as long as it is reasonably necessary in order to maintain and expand our relationship, provide you with our Service and offerings, comply with our legal and contractual obligations, or to protect ourselves from any potential disputes. This includes any requirements for log-keeping, records, and bookkeeping, and for proof and evidence concerning our relationship, should any legal issues arise following your discontinuance of use. All of this is done in accordance with applicable law and for no more than 6 months from termination of our applicable customer's engagement.

Please note that except as required by applicable law or our specific agreements with you, we will not be obligated to retain your Personal Data for any particular period. We are free to securely delete, anonymize, or restrict access to it for any reason and at any time, with or without notice to you.

If you have any questions about our data retention policy, please contact us by email at

4. Data Sharing

Legal Compliance: In exceptional circumstances, we may disclose your Personal Data or grant access to it to government and law enforcement officials in response to a subpoena, court order, or similar legal requirement, or to comply with applicable laws and regulations. We may do so if we believe in good faith that: (a) we are legally required to do so; (b) disclosure is appropriate to investigate, prevent, or take action regarding suspected illegal activity, fraud, or other wrongdoing; or (c) such disclosure is necessary to protect the security or integrity of our products and services.

Service Providers: We may engage third-party companies and individuals to provide complementary services to our own, including hosting and server co-location, CDNs, data security, billing and payment processing, fraud detection and prevention, web analytics, e-mail distribution, marketing, monitoring, recording, remote access, performance measurement, data optimization and enrichment, social and advertising networks, content providers, customer relationship management, and legal, compliance, and financial advisors (collectively, “Service Providers“). These Service Providers may have access to your Personal Data, depending on their specific roles and purposes in facilitating and enhancing our Service, and may use it only for the limited purposes specified in our agreements with them. Where Returnista assumes the role of ‘Data Controller,’ our Service Providers are considered ‘Data Processors,’ while, where Returnista acts as the Data Processor for our customers, our Service Providers are considered our ‘Sub-Processors’ (as further described in Section ‎9 below).

Sharing Personal Data with our customers, their Users, and Service Providers: We may share your Personal Data with the customer owning the account to which you are linked as a User (including data and communications). Sharing such data means that the customer can access it on behalf of the customer, and can monitor, process, and analyze your Personal Data. Returnista is not responsible for and does not control any further disclosure, use, or monitoring by or on behalf of the customer, who acts as the “Data Controller” of such data (as further described in Section ‎9 below).

Protecting Rights and Safety: We may share your Personal Data with others if we believe in good faith that it will help protect the rights, property, or personal safety of Returnista, our Users or customers, or the general public.

Returnista Subsidiaries and Affiliated Companies: We may share Personal Data within our group, including our subsidiaries and affiliates, for the purposes outlined in this Privacy Statement. If Returnista or any of its subsidiaries or affiliates undergoes a change in control or ownership, such as through a merger, acquisition, or purchase of assets, your Personal Data may be shared with the parties involved. If we believe that such a change in control might significantly affect your Personal Data stored with us, we will notify you of this event and any options you may have via e-mail or prominent notice on our Service.

For clarity, we may share your Personal Data in other ways with your explicit consent or if legally required to do so, or if we have successfully rendered such data non-personal and anonymous. We may transfer, share, or use non-personal data at our discretion and without further approval.

5. Cookies and Tracking Technologies

We use various technologies, including cookies, anonymous identifiers, and container tags, to ensure proper performance and analysis of our Sites and Service. These technologies allow us to personalize your experience and recall previously indicated Personal Data, such as your IP address. Please note that we explicitly ask for consent before using cookies on any of our Services.

6. Communications

Communication Services: We may contact you with critical information concerning our Service. For instance, we may notify you (through any means we have access to) about changes or updates to our Service, billing inquiries, log-in attempts, password reset notices, and more. Our customers and other Users on the same account may also send you notifications, messages, and other updates regarding their or your use of the Service. However, please note that you will not be able to opt-out of receiving certain communications services that are essential to your use (such as password resets or billing notices).

Marketing Communications: We may also send you notifications about new features, additional offerings, events, special opportunities, or any other information that we think our Users will find valuable. We may provide such notifications through any of the available contact means (e.g., phone, mobile or e-mail), through the Service, or through our marketing campaigns on any other sites or platforms. We may decide to send promotional emails only to certain Users on our mailing list, based on their known characteristics.

If you do not want to receive such marketing communications, you can notify Returnista at any time by sending an e-mail to, changing your communication preferences in your settings, or by following the “unsubscribe,” “stop,” “opt-out,” or “change e-mail preferences” instructions contained in the promotional communications you receive.

7. Data Security

In order to protect your Personal Data held with us, we are using industry-standard physical, procedural and technical security measures, including encryption as appropriate. However, please be aware that regardless of any security measures used, we cannot and do not guarantee the absolute protection and security of any Personal Data stored with us or with any third parties as described in Section 4 above.

8. Data Subject Rights

You have the right to exercise your legal rights, including those under the EU General Data Protection Regulation (GDPR), with respect to your Personal Data held by Returnista. These rights include the right to request access to, rectification or erasure of, or restriction or objection to processing of your Personal Data, as well as the right to data portability and the right to equal services and prices to the extent available under applicable laws. To exercise these rights, please contact us at We will make every effort to respond promptly and begin the selection process within 72 hours of receiving authorization from the customer (if applicable) and verifying your identity. Some information may take up to 30 days to be deleted from our backup files. Please note that once you contact us by email, we may provide instructions on how to independently fulfill your request through your settings or may require additional information and documentation, including Personal Data, to authenticate and validate your identity and process your request. Any additional data collected will be retained by us for legal purposes, in accordance with Section 3 of this Privacy Statement.

If you have any requests or questions regarding Personal Data processed on behalf of our customers, please contact the customers directly, as they are the "Data Controller" of such data, as described in Section 9.

9. Data Controller/Processor

Some data protection laws differentiate between two roles in processing Personal Data: the “Data Controller” and the “Data Processor”. In accordance with these laws, Returnista is the Data Controller for Personal Data relating to its Visitors and other business contacts at our customers, as well as User Data consisting of profile and contact details, usage, preferences, engagement, analytics data and data obtained from the Solution. Our Service Providers processing such data are considered Data Processors. For any other Personal Data submitted to our service, Returnista acts solely on behalf of our customer, the account owner, and all other User Data processed on their behalf. In these cases, our customer is considered the Data Controller and Returnista acts as their Data Processor, processing the data according to their reasonable instructions, and our Service Providers act as Sub-Processors. Our customer is responsible for meeting any legal requirements applicable to Data Controllers.

11. Additional Notices

Updates and Changes: We may make changes and updates to this Privacy Statement by posting a revised version on our Service. The updated version will be effective on the date it is published. If we make material changes to the terms, we will notify customers appropriately, such as by displaying a notice in the Service or by sending an email. Your continued use of the Service after the changes have been implemented will constitute your agreement to the changes.

External Links: Our Service may include links to other websites or services, but we are not responsible for their privacy practices. We recommend that you carefully review the privacy policies of any third-party websites or services you visit. This Privacy Statement only applies to our Service.

Service for the website or application of such third parties, and to read the privacy policies of each and every website and service you visit. This Privacy Statement applies only to our Service.

Our Service is not intended for children under 16 years of age: We do not knowingly collect Personal Data from children under 16, and we have no desire to do so. If we become aware that a person under the age of 16 is using our Service, we will take steps to prohibit and block such use, and we will make our best efforts to promptly delete any Personal Data we have collected about such a child. If you believe that we may have collected such data, please contact us by email at

Questions, Concerns, and Complaints: If you have any questions, comments, or concerns about our Privacy Statement or your Personal Data, please contact us at If you are a GDPR-protected individual, you may also have the right to file a complaint with an EU supervisory authority.


Returnista B.V.
Koivistokade 76A, 1013BB, Amsterdam, The Netherlands