Privacy Policy

PRIVACY POLICY

1) Information About the Collection of Personal Data and Contact Details of the Data Controller

1.1 Introduction

We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about how your personal data is handled when you use our website. Personal data includes all data that can be used to personally identify you.

1.2 Data Controller

The data controller for the processing of personal data on this website within the meaning of the General Data Protection Regulation (GDPR) is [Shop Name].
The person or legal entity responsible for processing personal data determines, either alone or jointly with others, the purposes and means of processing personal data.

1.3 Security Measures

This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller). You can recognize an encrypted connection by the string "https://" and the lock symbol in your browser's address bar.

2) Data Collection When Visiting Our Website

When you use our website for purely informational purposes (i.e., without registering or providing other information), we only collect the data your browser transmits to our server (so-called "server log files"). When you access our website, the following data is collected, which is technically necessary for us to display the website:

  • The website visited
  • Date and time of access
  • Amount of data sent in bytes
  • Source/referrer from which you accessed the page
  • Browser used
  • Operating system used
  • IP address used (if applicable, anonymized)

Processing is carried out in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of our website. Data will not be transferred or otherwise used. However, we reserve the right to retrospectively review server log files if there are concrete indications of illegal use.

3) Cookies

To make your visit to our website more appealing and to enable certain functions, we use so-called cookies on various pages. Cookies are small text files that are stored on your device.

  • Session Cookies: Some of the cookies we use are deleted after the end of the browser session (i.e., when you close your browser).
  • Persistent Cookies: Other cookies remain on your device and allow us or our partner companies (third-party cookies) to recognize your browser during your next visit. Persistent cookies are automatically deleted after a specific duration, which can vary depending on the cookie.

Cookies store user information, such as browser and location data or IP address values. Persistent cookies are automatically deleted after a predetermined time.

Some cookies are used to simplify order processes (e.g., remembering items in a shopping cart for a later visit). If cookies process personal data, the processing is carried out either under Art. 6(1)(b) GDPR for the execution of the contract or under Art. 6(1)(f) GDPR based on our legitimate interest in the best possible functionality of the website and a customer-friendly design of the site visit.

Third-Party Cookies

We may work with advertising partners who help us make our online presence more interesting for you. In this case, cookies from these partner companies may also be stored on your hard drive (third-party cookies).

Managing Cookies

You can set your browser to notify you about cookies being set and decide on a case-by-case basis whether to accept them or exclude cookies in certain cases or entirely. Each browser differs in how it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for the respective browsers at the following links:

Please note: Disabling cookies may limit the functionality of our website.

4) Contact

When you contact us (e.g., via a contact form or email), personal data is collected. The data collected in the case of a contact form is visible in the respective contact form. This data is stored and used solely for responding to your request or for contacting you and the associated technical administration.

  • Legal Basis: The legal basis for processing is our legitimate interest in responding to your request in accordance with Art. 6(1)(f) GDPR.
  • If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6(1)(b) GDPR.

Your data will be deleted after your inquiry has been fully processed, provided there are no legal retention obligations that would prevent this.

5) Data Processing for Account Creation and Contract Fulfillment

In accordance with Art. 6(1)(b) GDPR, personal data is collected and processed when you provide it to us for the purpose of fulfilling a contract or creating a customer account. The specific data collected is evident from the respective input forms.

You may delete your customer account at any time by notifying the data controller at the contact address provided above. We store and use the data you provide for contract processing.

Upon full completion of the contract or deletion of your customer account, your data will be restricted for further use and deleted after the expiration of statutory retention periods under tax and commercial law, unless you have expressly consented to further use of your data or we are legally permitted to retain your data for other purposes, which we will inform you about below.

6) Use of Your Data for Direct Marketing

6.1 Subscription to Our Email Newsletter

If you subscribe to our email newsletter, we will regularly send you information about our offers. The only mandatory information required for sending the newsletter is your email address. Any additional data you provide is optional and used to personalize the newsletter for you.

We use the so-called double opt-in procedure for newsletter subscriptions. This means that we will only send you an email newsletter if you explicitly confirm that you consent to receiving newsletters. After registering, we will send you a confirmation email asking you to verify your subscription by clicking on a confirmation link.

By activating the confirmation link, you consent to the use of your personal data in accordance with Art. 6(1)(a) GDPR. When you subscribe to the newsletter, we store your IP address as registered by your Internet Service Provider (ISP), as well as the date and time of registration, to track any potential misuse of your email address at a later date.

The data we collect during newsletter registration is used solely for sending the newsletter. You may unsubscribe from the newsletter at any time via the link provided in the newsletter or by contacting the data controller at the address provided at the beginning of this privacy policy. Upon unsubscribing, your email address will be promptly removed from our newsletter distribution list, unless you have explicitly consented to further use of your data or we reserve the right to use your data for purposes permitted by law, which we will inform you about in this privacy policy.

6.2 Sending Email Newsletters to Existing Customers

If you have provided your email address to us when purchasing goods or services, we reserve the right to send you regular offers for similar goods or services from our range via email. For this, we do not require separate consent from you. Data processing is based solely on our legitimate interest in personalized direct marketing in accordance with Art. 6(1)(f) GDPR.

If you initially objected to the use of your email address for this purpose, we will not send you such emails. You have the right to object to the use of your email address for direct marketing purposes at any time, with future effect, by notifying the data controller mentioned at the beginning of this privacy policy. The only cost to you will be the transmission costs according to the basic tariffs. Upon receipt of your objection, the use of your email address for advertising purposes will immediately cease.

7) Data Processing for Order Fulfillment

7.1 Data Sharing with Third Parties

The personal data collected by us will be shared with the logistics provider responsible for delivery, insofar as this is necessary for delivering the goods. Your payment data will be forwarded to the payment processor responsible for handling the payment, where required. If we use payment service providers, we explicitly inform you of this below. The legal basis for this data sharing is Art. 6(1)(b) GDPR.

7.2 Use of Payment Service Providers

PayPal
When paying via PayPal, credit card via PayPal, direct debit via PayPal, or — if offered — "purchase on account" or "installment payment" via PayPal, we forward your payment data to PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. Data sharing occurs in accordance with Art. 6(1)(b) GDPR and only to the extent necessary for payment processing.

PayPal reserves the right to conduct a credit check for payment methods like credit card via PayPal, direct debit via PayPal, or — if offered — "purchase on account" or "installment payment" via PayPal. To this end, your payment data may be processed based on PayPal's legitimate interest in determining your solvency under Art. 6(1)(f) GDPR. This credit check may involve probability values (score values), which are calculated using scientifically recognized mathematical and statistical procedures. The calculation includes address data among other factors.

Further privacy information, including details about the credit agencies used, can be found in PayPal's privacy policy: PayPal Privacy Policy.

You may object to this processing of your data at any time by contacting PayPal. However, PayPal may still process your personal data if necessary for the contractual payment processing.

SOFORT
If you select the "SOFORT" payment method, payment is processed via the payment service provider SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany, part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). We transmit the information you provide during the order process, along with information about your order, to SOFORT GmbH in accordance with Art. 6(1)(b) GDPR.

Data sharing occurs solely for the purpose of payment processing and only to the extent necessary. More information on SOFORT's privacy policy can be found here: SOFORT Privacy Policy.

8) Contact for Review Reminders

Own Review Reminder (Not Sent by a Customer Review System)
We use your email address to send a one-time reminder to submit a review for your order if you have explicitly consented to this during or after your order in accordance with Art. 6(1)(a) GDPR.

You can revoke your consent at any time by notifying the data controller.

9) Use of Social Media Plugins

9.1 Facebook Plugins with Shariff Solution

Our website uses social plugins ("plugins") from the social network Facebook, operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA ("Facebook").

To protect your data when visiting our website, these buttons are not fully integrated as plugins but are implemented using an HTML link. This ensures that no connection to Facebook servers is established when accessing a page on our website containing these buttons.

When you click the button, a new browser window opens to the Facebook page, where you can interact with the plugins (if you are logged in to Facebook). Facebook Inc. is certified under the EU-US Privacy Shield, ensuring compliance with EU data protection standards.

For more information on Facebook's data collection and use, as well as your rights and privacy settings, please refer to Facebook's privacy policy: Facebook Privacy Policy.

9.2 Google+ Plugins with Shariff Solution

Our website uses social plugins from Google+, operated by Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

As with Facebook, these buttons are implemented using an HTML link to ensure no direct connection to Google servers is established when visiting our site.

Google LLC is certified under the EU-US Privacy Shield, ensuring compliance with EU data protection standards.

For more information on Google's data collection and use, as well as your rights and privacy settings, please refer to Google's privacy policy: Google Privacy Policy.

10) Online Marketing

10.1 DoubleClick by Google

This website uses the online marketing tool DoubleClick by Google, operated by Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

DoubleClick uses cookies to display relevant advertisements, improve campaign performance reports, and avoid multiple displays of the same ad to a user. Cookies enable Google to track which ads have been shown in your browser and which have been clicked.

Processing is based on our legitimate interest in optimal website marketing under Art. 6(1)(f) GDPR. For more information, please refer to DoubleClick’s privacy policy: DoubleClick Privacy Policy.

10.2 Google AdWords Conversion Tracking

Our website uses Google AdWords Conversion Tracking, an analytics service from Google LLC. This tool helps us analyze the effectiveness of our advertisements by tracking conversions (e.g., purchases or sign-ups).

For more information about Google AdWords and its privacy policy, visit: Google Privacy Policy.

11) Rights of the Data Subject

As per the GDPR, you have the following rights regarding your personal data:

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction of Processing (Art. 18 GDPR)
  • Data Portability (Art. 20 GDPR)
  • Right to Object (Art. 21 GDPR)
  • Withdrawal of Consent (Art. 7(3) GDPR)

To exercise these rights, contact the data controller specified in this policy.

12) Retention Period for Personal Data

Personal data is retained only as long as necessary for the purposes stated in this policy or as required by law. Data is deleted once retention is no longer necessary unless further storage is mandated by legal obligations.

 

Our website uses the “Facebook Pixel” by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA ("Facebook"). If explicit consent is granted, this tool allows us to track user behavior after they click on a Facebook advertisement and are redirected to our website.

  • Purpose: This helps us evaluate the effectiveness of Facebook advertisements for statistical and market research purposes and optimize future advertising efforts.
  • Anonymity: The collected data is anonymous to us, and we cannot use it to identify individuals. However, Facebook may link this data to your Facebook account and use it for its own advertising purposes under Facebook's Data Usage Policy: Facebook Privacy Policy.
  • Cookie Usage: Facebook may store a cookie on your device for this purpose.

Consent
This processing only takes place with your explicit consent in accordance with Art. 6(1)(a) GDPR. Consent for Facebook Pixel usage is restricted to individuals aged 13 or older. If you are younger, we ask that you seek permission from a guardian.

To manage cookies, you can adjust your browser settings or disable cookies from third-party providers such as Facebook via the Digital Advertising Alliance website: About Ads Choices.

Google AdWords Remarketing

Our website uses Google AdWords Remarketing to advertise on Google’s search engine results and third-party websites.

  • How It Works: Google uses a cookie to analyze your browsing behavior and display interest-based advertisements based on pages you’ve visited.
  • Data Sharing: This processing is based on our legitimate interest in targeted marketing under Art. 6(1)(f) GDPR.

If you wish to disable Google’s interest-based advertisements, you can install a browser plugin: Google Ads Plugin.

Further information on Google’s advertising and privacy policy can be found here: Google Privacy Policy.

13) Rights of the Data Subject

13.1 Your Rights Under GDPR

As a data subject under GDPR, you are entitled to the following rights:

  1. Access (Art. 15 GDPR): Request information about the personal data we process, including purposes, categories, recipients, retention periods, and your rights.
  2. Rectification (Art. 16 GDPR): Request correction of inaccurate or incomplete data.
  3. Erasure (Art. 17 GDPR): Request deletion of your data, provided it is no longer required for processing, legal compliance, or other legitimate purposes.
  4. Restriction of Processing (Art. 18 GDPR): Request a restriction on processing under certain conditions, such as contesting the accuracy of your data.
  5. Data Portability (Art. 20 GDPR): Request your personal data in a structured, commonly used format or have it transferred to another controller.
  6. Objection (Art. 21 GDPR): Object to data processing based on legitimate interests or for direct marketing purposes.
  7. Withdrawal of Consent (Art. 7(3) GDPR): Revoke consent for data processing at any time.
  8. Lodge Complaints (Art. 77 GDPR): File a complaint with a supervisory authority in your country or residence if you believe your rights have been violated.

13.2 Objection to Direct Marketing

You can object to the use of your personal data for direct marketing purposes at any time. After receiving your objection, we will cease processing your data for such purposes immediately.

14) Retention Period for Personal Data

The retention period for personal data depends on the relevant statutory retention period (e.g., commercial and tax laws). After the retention period expires, the respective data will be routinely deleted, provided it is no longer necessary for fulfilling a contract or initiating a contract and no legitimate interest in continued storage exists.