Privacy Policy

Privacy Policy

1) Introduction and contact details of the person responsible
1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about how we handle your personal data when you use our website. Personal data refers to all data that can be used to personally identify you.

1.2 The person responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Shop Name, (Address), Email: .The person responsible for the processing of personal data is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data.

2) Data collection when visiting our website
2.1 If you use our website for informational purposes only, i.e., if you do not register or otherwise provide us with information, we only collect data that your browser transmits to the website server (so-called "server log files"). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:

Our visited website
Date and time of access
Amount of data sent in bytes
Source/reference from which you came to the page
Browser used
Operating system used
IP address used (if applicable: in anonymized form)
Processing is carried out in accordance with Art. 6 (1) (f) GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be shared or used for any other purpose. However, we reserve the right to subsequently review the server log files if there are concrete indications of illegal use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the character string "https://" and the lock symbol in your browser bar.

3) Hosting & Content Delivery Network
Shopify

For hosting our website and displaying the page content, we use the system of the following provider: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (“Shopify”)

Data is also transferred to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc. or Shopify (USA) Inc.

All data collected on our website is processed on the provider's servers. We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

When data is transferred to Canada, an appropriate level of data protection is guaranteed by an adequacy decision of the European Commission.

For the transfer of data to the USA, the provider relies on standard contractual clauses of the European Commission, which are intended to ensure compliance with the European level of data protection.

4) Cookies
To make visiting our website more attractive and enable the use of certain functions, we use cookies, i.e., small text files that are stored on your device. Some of these cookies are automatically deleted after closing your browser (so-called "session cookies"); others remain on your device for a longer period and allow you to save page settings (so-called "persistent cookies"). In the latter case, you can find out how long cookies are stored in the overview of your web browser's cookie settings.

If personal data is also processed by individual cookies used by us, the processing is carried out in accordance with Art. 6 (1) (b) GDPR either to execute the contract, in accordance with Art. 6 (1) (a) GDPR in the event of consent being given, or in accordance with Art. 6 (1) (f) GDPR to protect our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the site visit.

You can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies in certain cases or in general.

Please note that if you do not accept cookies, the functionality of our website may be limited.

5) Contact
When you contact us (e.g. via contact form or email), personal data will be processed exclusively for the purpose of processing and answering your request and only to the extent necessary for this purpose.

The legal basis for processing this data is our legitimate interest in responding to your request in accordance with Art. 6 (1) (f) GDPR. If your contact is for the purpose of entering into a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR. Your data will be deleted if the circumstances indicate that the matter in question has been conclusively resolved and provided there are no statutory retention periods to the contrary.

6) Data processing for order processing
To the extent necessary for the execution of the contract for delivery and payment purposes, the personal data we collect will be passed on to the commissioned transport company and the commissioned credit institution in accordance with Art. 6 (1) (b) GDPR.

If we owe you updates for goods with digital elements or for digital products based on a corresponding contract, we will process the contact information you provided when placing your order (name, address, email address) in order to inform you personally about upcoming updates within the legally stipulated period via a suitable communication channel (e.g., by post or email) within the scope of our statutory information obligations pursuant to Art. 6 (1) (c) GDPR. Your contact information will be used strictly for the purpose of notifying you about updates owed by us and will only be processed by us to the extent necessary for the respective information.

To process your order, we also work with the following service provider(s), who support us in whole or in part in the execution of concluded contracts. Certain personal data will be transmitted to these service providers in accordance with the following information.

7) Retargeting/remarketing and conversion tracking
Facebook Pixel for creating custom audiences

Within our online offering, we use the "Facebook Pixel" service of the following provider: Meta Platforms Ireland Limited, 4 Grand Canal Quare, Dublin 2, Ireland ("Facebook")

When a user clicks on an ad we place on Facebook, the URL of our linked page is extended with a parameter using "Facebook Pixel." This URL parameter is then entered into the user's browser after redirection via a cookie set by our linked page itself.

This allows Facebook to define visitors to our online offering as a target audience for displaying advertisements (so-called "Facebook Ads"). Accordingly, we use the service to display the Facebook ads we place only to those Facebook users who have also shown an interest in our online offering or who exhibit certain characteristics (e.g., interests in certain topics or products determined based on the websites visited) that we transmit to Facebook (so-called "Custom Audiences").

On the other hand, “Facebook Pixel” can be used to track whether users were redirected to our website after clicking on a Facebook ad and which actions they perform there (so-called “conversion tracking”).

The data collected is anonymous to us, meaning it does not allow us to draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook, allowing a connection to the respective user profile and allowing Facebook to use the data for its own advertising purposes.

All processing described above, in particular the setting of cookies for reading information on the device used, will only be carried out if you have given us your express consent in accordance with Art. 6 (1) (a) GDPR. You can revoke your consent at any time with future effect by deactivating this service in the "Cookie Consent Tool" provided on the website.

We have concluded a data processing agreement with the provider, which ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

The information generated by Facebook is usually transferred to a Facebook server and stored there; in this context, it may also be transferred to Meta Platforms Inc. servers in the USA.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision of the European Commission.

8) Rights of the data subject

The applicable data protection law grants you the following data subject rights (rights of information and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the legal basis stated for the respective conditions for exercising them:

Right to information pursuant to Art. 15 GDPR;
Right to rectification pursuant to Art. 16 GDPR;
Right to erasure pursuant to Art. 17 GDPR;
Right to restriction of processing pursuant to Art. 18 GDPR;
Right to information pursuant to Art. 19 GDPR;
Right to data portability pursuant to Art. 20 GDPR;
Right to revoke consent given in accordance with Art. 7 (3) GDPR;
Right to lodge a complaint pursuant to Art. 77 GDPR.