NOSQUITO

Your Cart

Nothing here yet

Your family's first chemical-free night is one product away.

Find Your Protection →

Emma S. from London

just purchased Nosquito Pro

2 minutes ago

Legal

Privacy Policy

Last updated: 1 May 2026. This Privacy Policy explains how Nosquito collects, uses, shares, and protects your personal data.

1. Data Controller

Nosquito B.V. (hereinafter: "Nosquito", "we", "us") acts as the Data Controller in respect of all personal data collected through and in connection with the Website located at nosquito.com and all associated sales and customer service activities.

Nosquito is a company registered under the laws of the Netherlands. For all data protection enquiries, requests, and complaints, you may contact us at: hello@nosquito.com.

We are committed to protecting your personal data and processing it in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (the General Data Protection Regulation, hereinafter: "GDPR") and applicable Dutch data protection legislation.

2. Data We Collect

Nosquito collects personal data in the following categories, depending on your interaction with our Website and services:

(a) Identity and contact data: full name, email address, postal and billing address, telephone number.

(b) Payment data: payment method type, last four digits of payment card (where applicable). Full card data is not collected or stored by Nosquito; it is processed exclusively by our third-party Payment Processor (Stripe, Inc.) in accordance with PCI-DSS. Only tokenised references are retained.

(c) Technical data: IP address, browser type and version, operating system, device identifiers, time zone setting, browser plug-in types and versions, and other technology on the devices you use to access the Website.

(d) Usage data: information about how you use the Website, including pages visited, products viewed, time spent on pages, referral sources, clickstream data, and search queries made on the Website.

(e) Transaction data: details of products purchased or returned, order history, purchase prices, and delivery information.

(f) Communications data: content of emails, chat messages, or other communications you send to us via hello@nosquito.com or through any contact form.

(g) Marketing and preference data: your preferences for receiving marketing communications, your newsletter subscription status, and your responses to surveys or promotional activities.

(h) Cookie and tracking data: as described in Section 9 of this Policy.

We do not knowingly collect special category data (sensitive personal data) as defined under Article 9 GDPR, and we do not request such data from you. If you voluntarily disclose health-related information in the context of a product enquiry (for example, regarding allergies), that data will be used solely to respond to your enquiry and will not be retained beyond the resolution of that enquiry unless required by law.

3. Legal Basis for Processing

Nosquito processes personal data on the following legal bases as defined under Article 6 GDPR:

(a) Performance of a contract (Article 6(1)(b) GDPR): We process identity, contact, payment, and transaction data to the extent necessary to conclude and perform the contract of sale, including processing your order, arranging delivery, managing returns and warranty claims, and providing customer support.

(b) Legitimate interests (Article 6(1)(f) GDPR): We process technical data, usage data, and limited communications data on the basis of our legitimate interests in: operating and improving our Website and services; detecting and preventing fraud, abuse, and security incidents; and conducting analytics to understand how our customers interact with our Platform. We have assessed that these interests are not overridden by your interests or fundamental rights.

(c) Consent (Article 6(1)(a) GDPR): We process marketing and preference data and non-essential cookie data solely on the basis of your freely given, specific, informed, and unambiguous consent. You may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.

(d) Legal obligation (Article 6(1)(c) GDPR): We process and retain certain data to the extent required to comply with legal obligations, including VAT and accounting record-keeping requirements, anti-money-laundering obligations, and compliance with court orders or regulatory requests.

4. How We Use Your Data

Nosquito uses your personal data for the following purposes:

(a) Order processing and fulfilment: to receive, process, confirm, and fulfil your purchase orders; to arrange delivery through our supplier and logistics partners; and to communicate order status and dispatch information.

(b) Shipping and delivery management: to share necessary data with our fulfilment and logistics partners to facilitate delivery to your specified address.

(c) Customer support: to respond to your enquiries, process return and warranty claims, and resolve complaints.

(d) Fraud prevention and security: to detect, investigate, and prevent fraudulent transactions, identity theft, and other unlawful activities; to protect the integrity of our payment and ordering systems.

(e) Marketing communications: to send you newsletters, promotional offers, and product updates by email, where you have provided explicit consent. Each marketing communication includes an unsubscribe link. You may withdraw consent at any time.

(f) Service improvement: to analyse usage patterns and customer feedback in order to improve the Website, our product range, and our customer experience.

(g) Legal and regulatory compliance: to retain records required for tax, accounting, and legal purposes; to respond to lawful requests from courts, regulators, and law enforcement authorities.

5. Data Sharing

Nosquito shares personal data with the following categories of third parties, solely to the extent necessary for the purposes described in this Policy:

(a) Payment processors: Stripe, Inc., for the processing of payment card transactions. Stripe processes data as an independent data controller for certain purposes and as a data processor on our behalf for others. Stripe's privacy policy is available at stripe.com/privacy.

(b) Fulfilment and shipping partners: our verified international supplier partners and third-party logistics and carrier companies, who receive name, delivery address, and order details solely for the purpose of arranging delivery.

(c) Email marketing platforms: providers used to operate our newsletter and transactional email systems, acting as data processors subject to appropriate data processing agreements.

(d) Analytics providers: providers of website analytics services. Where technically feasible, data shared with analytics providers is anonymised or pseudonymised prior to transmission.

(e) IT and hosting service providers: providers of cloud hosting, data storage, and related technical infrastructure, acting as data processors subject to appropriate data processing agreements.

(f) Legal and regulatory authorities: courts, regulators, tax authorities, and law enforcement agencies, where disclosure is required by applicable law, court order, or regulation.

Nosquito does NOT sell, rent, trade, or otherwise transfer personal data to third parties for their own marketing purposes. Any sharing of personal data with service providers is governed by written data processing agreements that bind those providers to process data only for specified, authorised purposes and in compliance with GDPR.

6. International Data Transfers

Some of our service providers, including payment processors, analytics platforms, and email marketing tools, are based in countries outside the European Union (EU) or the European Economic Area (EEA), including the United States.

Where personal data is transferred to a country that has not been deemed by the European Commission to provide an adequate level of data protection, Nosquito ensures that appropriate safeguards are in place in accordance with Chapter V GDPR. The primary safeguard mechanism used is Standard Contractual Clauses (SCCs) as adopted by the European Commission (Commission Decision 2021/914/EU).

You may request a copy of the relevant SCCs or other safeguard documentation applicable to any specific transfer by contacting us at hello@nosquito.com.

7. Data Retention

Nosquito retains personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law. The following retention periods apply:

(a) Order and transaction data (including identity, contact, and payment reference data): seven (7) years from the date of the relevant transaction, in accordance with Dutch and EU tax and accounting record-keeping requirements.

(b) Customer support communications: three (3) years from the date of the relevant communication, unless a longer period is required for legal proceedings.

(c) Newsletter subscriber data: retained until you unsubscribe, plus thirty (30) calendar days to process the unsubscription and ensure it is honoured across all systems.

(d) Website analytics data: twenty-six (26) months from the date of collection, in line with standard analytics industry practice and guidance from European data protection authorities.

(e) Abandoned cart and browse behaviour data: thirty (30) calendar days from the date of collection.

(f) Fraud prevention and security incident data: up to five (5) years, where necessary to investigate or defend against potential legal claims.

Upon expiry of the applicable retention period, data will be securely deleted or anonymised in accordance with our internal data deletion procedures.

8. Your Rights Under GDPR

As a data subject under the GDPR, you have the following rights in respect of your personal data held by Nosquito:

(a) Right of access (Article 15 GDPR): you have the right to obtain confirmation of whether we process personal data about you and, if so, to receive a copy of that data and information about how it is processed.

(b) Right to rectification (Article 16 GDPR): you have the right to require us to correct inaccurate or incomplete personal data without undue delay.

(c) Right to erasure (Article 17 GDPR): you have the right to request deletion of your personal data where, among other grounds, the data is no longer necessary for the purposes for which it was collected, or you withdraw consent and there is no other legal basis for processing.

(d) Right to restriction of processing (Article 18 GDPR): you have the right to request that we restrict the processing of your personal data in certain circumstances, such as where you contest the accuracy of the data.

(e) Right to data portability (Article 20 GDPR): you have the right to receive personal data that you have provided to us in a structured, commonly used, machine-readable format, and to transmit it to another controller, where processing is based on consent or contract and carried out by automated means.

(f) Right to object (Article 21 GDPR): you have the right to object to processing of your personal data where it is based on our legitimate interests. You also have an absolute right to object to processing of your personal data for direct marketing purposes at any time.

(g) Right to withdraw consent: where processing is based on your consent, you may withdraw that consent at any time without affecting the lawfulness of processing prior to withdrawal.

To exercise any of the above rights, please submit a written request to hello@nosquito.com. We will respond within thirty (30) calendar days of receipt of your request. We may ask you to verify your identity before processing your request. In complex cases, or where we receive a high volume of requests, we may extend the response period by a further sixty (60) days, of which we will notify you.

9. Cookies

The Website uses the following categories of cookies and similar tracking technologies:

(a) Strictly necessary cookies: These cookies are essential to the operation of the Website and cannot be disabled. They are used for purposes such as maintaining your session, enabling secure login, and facilitating the shopping basket and checkout functions. No consent is required for these cookies.

(b) Functional cookies: These cookies remember your preferences (such as language settings and currency selection) to provide a more personalised experience. They are placed only with your consent.

(c) Analytics cookies: These cookies collect anonymous or pseudonymous information about how visitors use the Website, including pages visited, time spent, and error messages encountered. We use this information to improve the Website. Analytics cookies are placed only with your consent.

(d) Marketing cookies: These cookies are used to deliver advertisements relevant to you and your interests, and to measure the effectiveness of advertising campaigns. They may be set by us or by third-party advertising partners. Marketing cookies are placed only with your explicit consent.

You may manage your cookie preferences at any time by clicking the "Cookie Settings" link in the footer of the Website. Please note that disabling certain categories of cookies may affect Website functionality.

10. Newsletter and Marketing Communications

Nosquito sends newsletter and promotional communications exclusively to individuals who have actively opted in by providing their email address and confirming their consent through a verified opt-in process.

Every marketing email we send includes a clearly labelled unsubscribe link. You may unsubscribe at any time with immediate effect. Unsubscribe requests will be processed within ten (10) business days.

Your email address and associated preference data will not be shared with third parties for their own direct marketing purposes. We will not add you to a marketing list as a result of placing an order unless you have separately and explicitly consented to receive marketing communications.

11. Children's Data

The Website and our services are intended for adults aged 18 years and over. We do not knowingly collect personal data from children under the age of 16 (or the applicable age of digital consent in the relevant EU Member State).

If we become aware that we have inadvertently collected personal data from a child under the applicable age of digital consent without verifiable parental consent, we will take immediate steps to delete that data from our systems.

If you are a parent or guardian and believe that your child has provided personal data to us, please contact us at hello@nosquito.com and we will promptly address the matter.

12. Security

Nosquito implements appropriate technical and organisational security measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access, in accordance with Article 32 GDPR.

The security measures we employ include, but are not limited to:

(a) SSL/TLS encryption of all data transmitted between your browser and the Website.

(b) PCI-DSS compliant payment processing via our third-party Payment Processor; raw card data is not transmitted to or stored on our servers.

(c) Access controls and role-based permissions limiting access to personal data to authorised personnel who require it for their role.

(d) Regular security reviews and vulnerability assessments of our technical infrastructure.

(e) Pseudonymisation and minimisation of data wherever feasible.

Notwithstanding the foregoing, no electronic system is entirely immune to security breaches. In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay in accordance with Article 34 GDPR.

13. Changes to This Privacy Policy

Nosquito reserves the right to update, amend, or modify this Privacy Policy at any time. Any changes will be published on the Website with a revised "Last Updated" date. We encourage you to review this Policy periodically.

Where a change materially affects how we process your personal data, we will notify you by email (to the address associated with your account or most recent order) at least fourteen (14) calendar days prior to the change taking effect, where we have a valid email address for you.

Continued use of the Website following the publication of an updated Privacy Policy constitutes your acceptance of that updated Policy.

14. Contact and Complaints

For all data protection enquiries, access requests, or complaints regarding how we process your personal data, please contact us at:

Email: hello@nosquito.com

We will endeavour to respond to all data protection enquiries within thirty (30) calendar days.

If you are not satisfied with our response, or if you believe that we are processing your personal data unlawfully, you have the right to lodge a complaint with the competent supervisory authority. In the Netherlands, the supervisory authority is:

Autoriteit Persoonsgegevens (Dutch Data Protection Authority) Website: autoriteitpersoonsgegevens.nl Telephone: +31 (0)70 888 85 00

If you are resident in another EU Member State, you also have the right to lodge a complaint with the supervisory authority in your country of habitual residence.