Privacy Policy

Privacy Policy

1) INFORMATION ON THE COLLECTION OF PERSONAL DATA AND CONTACT DETAILS OF THE DATA CONTROLLER

1.1

We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about how we handle your personal data when you use our website. Personal data refers to all data that can be used to identify you personally.

1.2

The data controller responsible for processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Shop Name.
The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data.

1.3

For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the prefix “https://” in the browser’s address bar and the lock icon.

2) DATA COLLECTION WHEN YOU VISIT OUR WEBSITE

When you use our website for informational purposes only—meaning you do not register or otherwise submit information—we only collect the data that your browser automatically transmits to our server (“server log files”).
When you visit our website, we collect the following technically necessary data to display the website:

• Website visited
• Date and time of access
• Amount of data sent (bytes)
• Source/referrer from which you accessed the page
• Browser used
• Operating system used
• IP address used (if applicable, in anonymized form)

Processing is carried out based on our legitimate interest in improving the stability and functionality of our website (Art. 6(1)(f) GDPR).
The data is not shared or used in any other way.
However, we reserve the right to check server log files retrospectively if there are concrete indications of unlawful use.

3) COOKIES

We use cookies on various pages to make visiting our website more attractive and to enable certain functionalities. Cookies are small text files stored on your device.

Some cookies are deleted at the end of the browser session (“session cookies”).
Other cookies remain stored and allow us or our partner companies (third-party cookies) to recognize your browser upon your next visit (“persistent cookies”).

If cookies are set, certain user information—such as browser and location data and IP address values—may be processed. Persistent cookies are automatically removed after a defined period, which may vary.

Cookies may also simplify ordering processes by storing settings (e.g., items placed in a cart for a later visit).

When personal data is processed via cookies:

• Art. 6(1)(b) GDPR applies when necessary for contract execution.
• Art. 6(1)(f) GDPR applies for our legitimate interest in a functional and user-friendly website.

We may also collaborate with advertising partners who store third-party cookies on your device to display interest-based ads. You will be informed separately in such cases.

You can adjust cookie settings in your browser. These procedures differ per browser; help instructions are available at:

• Internet Explorer: https://support.microsoft.com/...
• Firefox: https://support.mozilla.org/...
• Chrome: https://support.google.com/...
• Safari: https://support.apple.com/...
• Opera: https://help.opera.com/...

If cookies are not accepted, website functionality may be restricted.

 

4) CONTACTING US

Personal data is collected when you contact us (e.g., via contact form or email). The data collected depends on the respective form fields.

Data is used exclusively to handle your inquiry and related administration.
Legal basis:

• Art. 6(1)(f) GDPR (legitimate interest in responding to your request)
• Art. 6(1)(b) GDPR if the contact relates to entering into a contract

Your data is deleted once your request is fully resolved, unless legal retention obligations require otherwise.

 

5) DATA PROCESSING WHEN OPENING A CUSTOMER ACCOUNT AND FOR CONTRACT PROCESSING

Personal data is collected and processed under Art. 6(1)(b) GDPR when you provide it for contract execution or when opening a customer account.

Collected data is shown in the relevant forms.
You may delete your account at any time by contacting the controller.

After contract completion or account deletion, your data is restricted from further processing and deleted after mandatory retention periods, unless further use is permitted by law or you consent to extended use.

 

6) USE OF YOUR DATA FOR DIRECT ADVERTISING

6.1 Subscription to our email newsletter

When subscribing to our newsletter, we regularly send updates about our offers.
Required field: email address.

We use a double opt-in procedure:
You receive a confirmation email and must click the link to finalize your subscription.

By confirming, you consent to processing under Art. 6(1)(a) GDPR.

We store your IP address and registration time for proof of misuse prevention.

You may unsubscribe anytime via a link in the newsletter or by notifying the controller. Your email address will then be removed unless further processing is legally permitted.

 

6.2 Newsletter to existing customers

If you provided your email when purchasing goods or services, we may email you offers for similar products.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in personalized advertising).

You may object at any time at basic transmission cost rates.

 

7) DATA PROCESSING FOR ORDER PROCESSING

7.1

Your data is shared with shipping companies when necessary for delivery. Payment data is shared with financial institutions for payment processing.
Legal basis: Art. 6(1)(b) GDPR.

7.2 Use of payment service providers

PayPal

Data is transferred to PayPal (Europe) S.à.r.l. et Cie, S.C.A., for payment processing.
PayPal may conduct credit checks under Art. 6(1)(f) GDPR, using scoring values derived partly from address data.

Privacy policy: https://www.paypal.com/...

You may object, but PayPal may still process data if required contractually.

SOFORT (Klarna Group)

If selected, data necessary for payment is transmitted to SOFORT GmbH.
Privacy policy: https://www.klarna.com/sofort/datenschutz

 

8) CONTACT FOR REVIEW REMINDERS

We may send a one-time review request email if you consented under Art. 6(1)(a) GDPR.
Consent may be withdrawn anytime.

 

9) SOCIAL MEDIA USAGE: SOCIAL PLUGINS

9.1 Facebook plugins (Shariff solution)

Buttons are integrated only as HTML links to prevent automatic data transfer.
More information: https://www.facebook.com/policy.php

9.2 Google+ plugins (Shariff solution)

Data privacy details: https://www.google.com/.../privacy/

9.3 Instagram plugins (Shariff solution)

Privacy information: https://help.instagram.com/...

 

10) ONLINE MARKETING

10.1 DoubleClick by Google

Used to display user-relevant ads and prevent repeated ad views.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in optimal marketing).

More info: https://www.google.de/policies/privacy/

10.2 Google AdWords Conversion Tracking

Used to analyze success of advertising campaigns.
Conversion cookies expire after 30 days.
Legal basis: Art. 6(1)(f) GDPR.

You may disable conversion tracking cookies via browser settings.

 

11) WEB ANALYTICS — Google (Universal) Analytics

Google Analytics uses cookies; IP anonymization (“_anonymizeIp”) is implemented.
Legal basis: Art. 6(1)(f) GDPR.

You may disable tracking via: https://tools.google.com/dlpage/gaoptout?hl=de

More info:
https://support.google.com/analytics/...

 

12) RETARGETING / REMARKETING / BEHAVIOURAL ADVERTISING

Facebook Custom Audiences (Pixel method)

Used only with explicit consent (Art. 6(1)(a) GDPR).
Data may be used by Facebook for advertising purposes.
Privacy info: https://www.facebook.com/about/privacy/

Google AdWords Remarketing

Used to show interest-based ads.
Legal basis: Art. 6(1)(f) GDPR.

More info: https://www.google.com/policies/technologies/ads/

 

13) RIGHTS OF THE DATA SUBJECT

You have the following rights under GDPR:

• Right of access (Art. 15)
• Right to rectification (Art. 16)
• Right to erasure (Art. 17)
• Right to restriction of processing (Art. 18)
• Right to notification (Art. 19)
• Right to data portability (Art. 20)
• Right to withdraw consent (Art. 7(3))
• Right to lodge a complaint (Art. 77)

13.2 Right to object

You may object at any time to processing based on legitimate interests (Art. 6(1)(f) GDPR).

If used for direct marketing, you may object at any time.

 

14) STORAGE DURATION OF PERSONAL DATA

Storage duration follows statutory retention periods (e.g., tax or commercial law). After expiration, data is routinely deleted unless required for contract performance or justified by a legitimate interest.