Privacy Policy

1. Information on the Collection of Personal Data and Controller's Contact Details

1.1 Welcome to Our Website

We appreciate your interest in our website. This section outlines how we handle your personal data when you visit. Personal data refers to any information that can identify you personally.

1.2 Data Controller

The controller responsible for data processing on this website, as per the General Data Protection Regulation (GDPR), is Shop Name. The controller determines the purposes and means of processing personal data, either alone or with others.

1.3 Data Security

To ensure secure transmission of personal data and confidential content (e.g., orders or inquiries), our website uses SSL or TLS encryption. You can identify an encrypted connection by the "https://" prefix and a lock symbol in your browser's address bar.

2. Data Collection When Visiting Our Website

When you visit our website for informational purposes without registering or providing additional information, we collect only the data your browser sends to our server (server log files). This includes:

• The website you visited

• Date and time of access

• Amount of data sent in bytes

• Source/referral link

• Browser used

• Operating system used

• IP address (anonymized, if applicable)

This data is processed under Art. 6(1)(f) GDPR to improve our website’s stability and functionality. We do not share or use this data for other purposes, but we may review server log files if there are indications of illegal activity.

3. Cookies

We use cookies—small text files stored on your device—to enhance your website experience and enable specific features.

Types of Cookies

• Session Cookies: Deleted after you close your browser.

• Persistent Cookies: Remain on your device to recognize your browser on future visits and are deleted after a set period.

Cookies may collect user information like browser type, location data, and IP addresses. They help simplify processes, such as saving your shopping cart contents, and are processed under Art. 6(1)(b) GDPR for contract performance or Art. 6(1)(f) GDPR for our legitimate interest in optimizing website functionality and user experience.

Third-Party Cookies

We may collaborate with advertising partners to enhance our online offerings. These third-party cookies are stored on your device when visiting our site, and we’ll provide specific details about their use in relevant sections.

Managing Cookies

You can configure your browser to notify you about cookies, accept them selectively, or block them entirely. Check your browser’s help menu for instructions:

• Internet Explorer

• Firefox

• Chrome

• Safari

• Opera

Note that disabling cookies may limit some website functionality.

4. Contacting Us

When you contact us (e.g., via contact form or email), we collect personal data as shown in the contact form. This data is used solely to respond to your inquiry or manage related technical administration, based on Art. 6(1)(f) GDPR. If your contact aims to conclude a contract, Art. 6(1)(b) GDPR applies. Your data will be deleted once your request is fully resolved, unless legal retention obligations apply.

5. Data Processing for Customer Accounts and Contract Processing

Under Art. 6(1)(b) GDPR, we collect and process personal data you provide when opening a customer account or fulfilling a contract. You can delete your account at any time by contacting the controller. We store and use your data for contract processing, and after contract completion or account deletion, your data is blocked per tax and commercial retention periods, then deleted unless you consent to further use or we reserve legally permitted uses.

6. Use of Your Data for Direct Marketing

6.1 Email Newsletter Subscription

Subscribing to our email newsletter requires only your email address, with additional data being optional for personalization. We use a double opt-in process: after subscribing, you’ll receive a confirmation email to verify your consent under Art. 6(1)(a) GDPR. We store your IP address, registration date, and time to prevent misuse. You can unsubscribe anytime via the newsletter link or by contacting the controller, and your email will be removed from our list unless further use is legally permitted.

6.2 Newsletters for Existing Customers

If you’ve provided your email when purchasing goods or services, we may send you offers for similar products based on our legitimate interest under Art. 6(1)(f) GDPR. You can object to this at any time by contacting the controller, incurring only standard transmission costs. Upon objection, we’ll stop using your email for advertising.

7. Data Processing for Order Processing

7.1 Data Sharing

For order fulfillment, we share necessary personal data with transport companies for delivery and with credit institutions for payment processing, per Art. 6(1)(b) GDPR.

7.2 Payment Service Providers

• PayPal: When using PayPal (credit card, direct debit, purchase on account, or installment payment), we share payment data with PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg, under Art. 6(1)(b) GDPR. PayPal may conduct credit checks based on its legitimate interest (Art. 6(1)(f) GDPR) to assess solvency, using address data and probability scores. See PayPal’s privacy policy: PayPal Privacy Policy. You can object to this processing by contacting PayPal.

• SOFORT: For SOFORT payments, we share order data with SOFORT GmbH, part of Klarna Group, under Art. 6(1)(b) GDPR for payment processing. See Klarna’s privacy policy: Klarna Privacy Policy.

8. Rating Reminder

With your express consent under Art. 6(1)(a) GDPR, we may use your email for a one-time reminder to rate your order. You can revoke this consent by contacting the controller.

9. Use of Social Media: Social Plugins

9.1 Facebook Plugins (Shariff Solution)

Our website uses HTML-linked Facebook buttons (operated by Facebook Inc., USA) to protect your data. Clicking a button opens a new window to interact with Facebook, requiring login if applicable. Facebook is Privacy Shield certified. See their privacy policy: Facebook Privacy Policy.

9.2 Google+ Plugins (Shariff Solution)

We use HTML-linked Google+ buttons (operated by Google LLC, USA) to prevent direct server connections until clicked. Google is Privacy Shield certified. See their privacy policy: Google Privacy Policy.

9.3 Instagram Plugins (Shariff Solution)

HTML-linked Instagram buttons (operated by Instagram LLC, USA) ensure no server connection until clicked. Instagram is Privacy Shield certified. See their privacy policy: Instagram Privacy Policy.

10. Online Marketing

10.1 DoubleClick by Google

We use DoubleClick by Google (Google LLC, USA) to serve relevant ads and track conversions, based on Art. 6(1)(f) GDPR. Your browser may connect to Google’s servers, and if you’re logged into a Google service, visits may be linked to your account. Disable tracking at Google Ad Settings or via the Digital Advertising Alliance: About Ads. Google is Privacy Shield certified. See their privacy policy: Google Privacy Policy.

10.2 Google AdWords Conversion Tracking

We use Google AdWords Conversion Tracking (Google LLC, USA) to measure ad effectiveness, setting cookies that expire after 30 days, based on Art. 6(1)(f) GDPR. Disable tracking via browser settings or the Google plugin: Google Ads Plugin. Google is Privacy Shield certified. See their privacy policy: Google Ads Policy.

11. Web Analytics Services

Google Universal Analytics

We use Google Analytics (Google LLC, USA) with IP anonymization to analyze website usage, based on Art. 6(1)(f) GDPR. Data is transmitted to Google’s US servers, but IP addresses are shortened within the EU/EEA. Prevent tracking with the browser plugin: Google Analytics Opt-Out or by clicking: Disable Google Analytics. Google is Privacy Shield certified. Learn more: Google Analytics Info.

12. Retargeting/Remarketing/Referral Advertising

Facebook Custom Audience (Pixel Method)

With your consent under Art. 6(1)(a) GDPR, we use the Facebook Pixel to track ad effectiveness. Data is anonymous to us but may be linked to your Facebook profile. Disable cookies via browser settings or the Digital Advertising Alliance: About Ads. See Facebook’s privacy policy: Facebook Privacy Policy.

Google AdWords Remarketing

We use Google AdWords Remarketing (Google LLC, USA) to advertise based on your browsing, using cookies under Art. 6(1)(f) GDPR. Disable tracking via the Google plugin: Google Ads Plugin or the Digital Advertising Alliance: About Ads. See Google’s privacy policy: Google Ads Policy.

13. Rights of the Data Subject

13.1 Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Access (Art. 15): Request information about your data, purposes, recipients, storage duration, and more.

• Rectification (Art. 16): Correct inaccurate or incomplete data.

• Erasure (Art. 17): Request data deletion, subject to legal exceptions.

• Restriction of Processing (Art. 18): Limit processing under specific conditions.

• Notification (Art. 19): Be informed about recipients of your data corrections or deletions.

• Data Portability (Art. 20): Receive or transfer your data in a machine-readable format.

• Withdraw Consent (Art. 7(3)): Revoke consent without affecting prior processing.

• Lodge a Complaint (Art. 77): Contact a supervisory authority if GDPR is violated.

13.2 Right to Object

You may object to processing based on legitimate interests (Art. 6(1)(f) GDPR) for reasons specific to your situation. We’ll stop processing unless we have compelling legitimate grounds or it’s needed for legal claims. You can also object to direct marketing, and we’ll cease such processing immediately.

14. Duration of Personal Data Storage

Personal data is stored for the duration of applicable legal retention periods (e.g., tax or commercial laws). After this period, data is deleted unless needed for contract fulfillment, initiation, or our legitimate interest in further storage.