Privacy Policy

This Privacy Policy describes how Nissh (the "Site", "we", "us", or "our") collects, uses, and discloses your personal information when you visit, use our services, or make a purchase from nissh.gg (the "Site") or otherwise communicate with us regarding the Site (collectively, the "Services"). For purposes of this Privacy Policy, "you" and "your" means you as the user of the Services, whether you are a customer, website visitor, or another individual whose information we have collected pursuant to this Privacy Policy.

We may update this Privacy Policy from time to time, including to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will post the revised Privacy Policy on the Site, update the "Last updated" date and take any other steps required by applicable law.

1. Data Controller

Huszák Richárd János E.V.
Contact: contact@nissh.gg
Website: nissh.gg

2. Data We Collect

Information that you directly submit to us through the order process may include:

• Contact details — your name, address, phone number, and email
• Order information — your name, billing address, shipping address, payment confirmation, email address, and phone number
• Shopping information — items you view or add to your cart, including mouse configuration choices (shape, contour settings, grip mode, color)
• Customer support information — information you choose to include in communications with us, for example when sending a message through the Services

Some features of the Services may require you to directly provide us with certain information about yourself. You may elect not to provide this information, but doing so may prevent you from using or accessing these features.

Automatically collected information:

• IP address, browser type, and timezone — collected automatically by our hosting provider for security and operational purposes

3. Legal Basis for Processing

We process your personal data on the following legal bases under GDPR Article 6(1):

• (b) Contract performance — processing necessary to fulfill your order and provide our services
• (c) Legal obligation — invoicing, tax record-keeping, and other regulatory requirements

We do not process personal data for marketing or analytics purposes. We do not perform profiling or automated decision-making.

4. Third-Party Processors

Your data is shared with the following processors solely to fulfill your order and operate our services:

• Stripe (Ireland) — payment processing
• Resend (USA) — transactional email delivery
• szamlazz.hu (Hungary) — electronic invoice generation and NAV reporting
• GLS (Hungary/EU) — package delivery
• Vercel (USA) — website hosting
• Neon (USA) — database hosting

5. International Transfers

Where personal data is transferred outside the European Economic Area — specifically to Resend, Vercel, and Neon (all USA-based) — appropriate safeguards are in place through Standard Contractual Clauses (SCCs) as approved by the European Commission.

6. Data Retention

• Order data and invoices — retained for 8 years in accordance with Hungarian accounting law (Act C of 2000 on Accounting)
• Saved configurations (without a completed order) — deleted after 1 year of inactivity
• Configuration snapshots on orders — stored as part of the order record and subject to the same 8-year retention period

7. Your Rights

Under GDPR, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Erase your data (subject to legal retention requirements)
• Data portability — receive your data in a structured, machine-readable format
• Object to processing
• Lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (NAIH) at naih.hu

To exercise any of these rights, contact us at contact@nissh.gg.

8. Cookies

This website uses only essential cookies that are strictly necessary for the functioning of the site. We do not use analytics, advertising, or tracking cookies.

• Session cookie — a secure, httpOnly cookie used to maintain authenticated sessions. It contains a random token, expires after 8 hours, and is not used for visitor tracking.
• Stripe payment cookies — when you proceed to checkout, Stripe (our payment processor) may set cookies necessary for secure payment processing and fraud prevention. These cookies are governed by Stripe's Privacy Policy.

Because we only use strictly necessary cookies, no cookie consent banner is required under GDPR.

9. Changes

We may update this policy from time to time. Changes will be posted on this page with an updated date.

Last updated: April 2026