Privacy Policy

Last reviewed: 2026-05-11

Who we are

This site is operated by Alpisto d.o.o., registered in Slovenia (EU). Contact us at info@alpisto.eu for any data protection question.

What data we collect

Order data — when you place an order, Stripe collects your name, email, shipping address, and payment method. We do not see or store your card details. Stripe is the payment processor; see stripe.com/privacy.
Invoice — a PDF invoice with your name and shipping address is generated by Stripe and emailed to you.
Order notification — when an order is placed, we receive an internal notification email containing your name, email, items, and shipping address so we can ship to you.
No analytics or tracking cookies — the site does not run Google Analytics, Facebook Pixel, or third-party tracking.

Why we need it

To process your order and fulfil our contract with you (Art. 6(1)(b) GDPR). To meet Slovenian accounting law, which requires us to keep order records for 10 years (Art. 6(1)(c) GDPR).

Your rights under GDPR

Access — request a copy of the data we hold about you.
Rectification — ask us to correct inaccurate data.
Erasure — ask us to delete your data, subject to the 10-year accounting retention.
Data portability — receive your data in a machine-readable format.
Lodge a complaint with the Slovenian Information Commissioner (Informacijski pooblaščenec).

Email info@alpisto.eu to exercise any of these.

Cookies

Only essential cookies set by Stripe Checkout when you start a purchase. We do not use cookies for tracking or marketing — no analytics or advertising cookies.

Hosting

We use Cloudflare to deliver our website. Cloudflare may log technical information (IP, browser) for security and performance, in line with their privacy policy.

Data retention

Order records are kept for 10 years to comply with Slovenian accounting law. After that, they are deleted.

Changes

Material changes will be announced at the top of this page. The "Last reviewed" date above tells you when this text was last revised.