Privacy Policy

1) Introduction and Contact Details of the Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data refers to all data with which you can be personally identified.

1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is EasyBuy GbR, Goethestraße 8, 34308 Bad Emstal, Germany, Tel.: 015754102781, E-mail: info@easybuy-shop.de. The controller is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data.

2) Data Collection When Visiting Our Website

2.1 When you use our website for information purposes only — i.e. if you do not register or otherwise provide us with information — we only collect data that your browser transmits to the page server (so-called "server log files"). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:

Our visited website
Date and time of access
Amount of data sent in bytes
Source/referral from which you reached the page
Browser used
Operating system used
IP address used (where applicable: in anonymised form)

Processing is carried out pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used for any other purpose. We do, however, reserve the right to review server log files retrospectively if there are concrete indications of unlawful use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or enquiries to the controller), this website uses SSL or TLS encryption. You can recognise an encrypted connection by the string "https://" and the padlock symbol in your browser bar.

3) Hosting & Content Delivery Network

3.1 Shopify

For hosting our website and displaying page content, we use the system of the following provider: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify").

Data is also transferred to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada.

All data collected on our website is processed on the provider's servers. We have concluded a data processing agreement with the provider that ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

For data transfers to Canada, an adequate level of data protection is guaranteed by an adequacy decision of the European Commission.

3.2 Cloudflare

We use a content delivery network from the following provider: Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA.

This service enables us to deliver large media files such as graphics, page content or scripts more quickly via a network of regionally distributed servers. Processing is carried out to safeguard our legitimate interest in improving the stability and functionality of our website pursuant to Art. 6(1)(f) GDPR. We have concluded a data processing agreement with the provider that ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

4) Cookies

To make visiting our website attractive and to enable certain functions, we use cookies — small text files that are stored on your device. Some of these cookies are automatically deleted when you close your browser (so-called "session cookies"); others remain on your device for a longer period and allow website settings to be saved (so-called "persistent cookies"). In the latter case, you can find the storage duration in the cookie settings overview of your web browser.

Where individual cookies we use also process personal data, this is done pursuant to Art. 6(1)(b) GDPR either to perform the contract, pursuant to Art. 6(1)(a) GDPR in the case of consent given, or pursuant to Art. 6(1)(f) GDPR to safeguard our legitimate interests in the best possible functionality of the website and a user-friendly and effective design of the site visit.

You can configure your browser to inform you about the setting of cookies and to decide individually whether to accept them, or to exclude the acceptance of cookies for certain cases or in general.

Please note that if you do not accept cookies, the functionality of our website may be limited.

5) Contact

5.1 WhatsApp Business

You have the option of contacting us via the messaging service WhatsApp, provided by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. For this purpose, we use the so-called "Business version" of WhatsApp.

If you contact us via WhatsApp in connection with a specific transaction (e.g. an order you have placed), we store and use the mobile phone number you use on WhatsApp and — if provided — your first and last name pursuant to Art. 6(1)(b) GDPR to process and respond to your enquiry. On the same legal basis, we may ask you via WhatsApp to provide further data (order number, customer number, address or e-mail address) in order to be able to assign your enquiry to a specific process.

If you use our WhatsApp contact for general enquiries (e.g. about our range of services, availability or our website), we store and use the mobile phone number you use on WhatsApp and — if provided — your first and last name pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interest in providing the requested information efficiently and promptly.

Your data is used solely to respond to your enquiry via WhatsApp. It is not passed on to third parties.

Please note that WhatsApp Business gains access to the address book of the mobile device we use for this purpose and automatically transmits phone numbers stored in the address book to a server of the parent company Meta Platforms Inc. in the USA. For the operation of our WhatsApp Business account, we use a mobile device in whose address book only the WhatsApp contact details of users who have also contacted us via WhatsApp are stored.

This ensures that every person whose WhatsApp contact details are stored in our address book has already consented, upon first use of the app on their device and by accepting the WhatsApp Terms of Service, to the transmission of their WhatsApp phone number from the address books of their chat contacts pursuant to Art. 6(1)(a) GDPR. The transmission of data of users who do not use WhatsApp and/or have not contacted us via WhatsApp is therefore excluded.

For information on the purpose and scope of data collection, further processing and use of data by WhatsApp, as well as your related rights and privacy settings, please refer to WhatsApp's privacy policy: https://www.whatsapp.com/legal/?eea=1#privacy-policy

We have concluded a data processing agreement with the provider that protects the data of our site visitors and prohibits disclosure to third parties.

In the context of the above-mentioned processing, data may be transferred to servers of Meta Platforms Inc. in the USA. For such transfers, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

5.2 When you contact us (e.g. via contact form or e-mail), personal data is processed solely for the purpose of handling and responding to your enquiry and only to the extent necessary.

The legal basis for processing this data is our legitimate interest in responding to your enquiry pursuant to Art. 6(1)(f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6(1)(b) GDPR. Your data will be deleted once it is apparent from the circumstances that the matter in question has been conclusively resolved, provided that no statutory retention obligations apply.

6) Data Processing When Opening a Customer Account

Pursuant to Art. 6(1)(b) GDPR, personal data will continue to be collected and processed to the extent necessary if you provide it to us when opening a customer account. The data required for account opening can be found in the input form of the corresponding form on our website.

You may delete your customer account at any time by sending a message to the controller's address mentioned above. After deletion of your customer account, your data will be erased, provided all contracts concluded through it have been fully processed, no statutory retention periods apply, and we have no legitimate interest in continuing to store the data.

7) Use of Customer Data for Direct Marketing

7.1 Subscription to Our E-mail Newsletter

If you subscribe to our e-mail newsletter, we will regularly send you information about our offers. The only mandatory information required to send the newsletter is your e-mail address. Providing further data is voluntary and is used to address you personally. For the newsletter dispatch, we use the so-called double opt-in procedure, which ensures that you only receive the newsletter after you have expressly confirmed your consent to receive it by clicking a verification link sent to the specified e-mail address.

By activating the confirmation link, you give us your consent to the use of your personal data pursuant to Art. 6(1)(a) GDPR. We store the IP address registered by your Internet Service Provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later point in time. The data we collect when you subscribe to the newsletter is used strictly for that purpose.

You may unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending a corresponding message to the controller mentioned at the outset. After unsubscribing, your e-mail address will be deleted from our newsletter distribution list immediately, unless you have expressly consented to further use of your data or we reserve the right to use your data beyond this in ways that are permitted by law and about which we inform you in this policy.

7.2 Sending the E-mail Newsletter to Existing Customers

If you have provided us with your e-mail address when purchasing goods or services, we reserve the right to regularly send you offers by e-mail for similar goods or services to those already purchased from our range. For this, we do not need to obtain separate consent from you pursuant to Section 7(3) of the German Act Against Unfair Competition (UWG). The data processing is carried out solely on the basis of our legitimate interest in personalised direct marketing pursuant to Art. 6(1)(f) GDPR. If you have objected to the use of your e-mail address for this purpose from the outset, we will not send any e-mails.

You are entitled to object to the use of your e-mail address for the aforementioned advertising purposes at any time with future effect by notifying the controller named at the beginning. You will only incur transmission costs at the basic rate. Once we receive your objection, the use of your e-mail address for advertising purposes will be stopped immediately.

7.3 Klaviyo

The dispatch of our e-mail newsletters and other promotional e-mail communications is handled by the following provider: Klaviyo, Inc., 125 Summer St., Ste 600, Boston, MA 02110, USA.

On the basis of our legitimate interest in effective and user-friendly e-mail marketing, we transfer the data you provided upon registration to this provider pursuant to Art. 6(1)(f) GDPR so that the provider can send the e-mails on our behalf.

Subject to your express consent pursuant to Art. 6(1)(a) GDPR, the provider also carries out statistical analysis of the success of e-mail campaigns using web beacons or tracking pixels embedded in the sent e-mails, which can measure open rates and specific interactions with newsletter content. Device information (e.g. time of access, IP address, browser type and operating system) is also collected and analysed, but not merged with other data.

You may revoke your consent to e-mail tracking at any time with future effect.

We have concluded a data processing agreement with the provider that protects our site visitors' data and prohibits disclosure to third parties.

7.4 Shopify Email

The dispatch of our e-mail newsletters is handled by the following provider: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland. Data is also transferred to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada.

On the basis of our legitimate interest in effective and user-friendly newsletter marketing, we transfer the data you provided upon registration to this provider pursuant to Art. 6(1)(f) GDPR so that the provider can send the newsletter on our behalf.

Subject to your express consent pursuant to Art. 6(1)(a) GDPR, the provider also carries out statistical analysis of the success of newsletter campaigns using web beacons or tracking pixels embedded in the sent e-mails, which can measure open rates and specific interactions with newsletter content. Device information (e.g. time of access, IP address, browser type and operating system) is also collected and analysed, but not merged with other data.

You may revoke your consent to newsletter tracking at any time with future effect.

We have concluded a data processing agreement with the provider that protects our site visitors' data and prohibits disclosure to third parties.

For data transfers to Canada, an adequate level of data protection is guaranteed by an adequacy decision of the European Commission.

7.5 Product Availability Notifications by E-mail

For temporarily unavailable items, you can register to receive product availability notifications by e-mail. In this case, we will send you a one-time notification by e-mail about the availability of the item you selected. The only mandatory information required for sending this notification is your e-mail address. Providing further data is voluntary and may be used to address you personally. For the e-mail dispatch, we use the double opt-in procedure, which ensures that you only receive a notification after you have expressly confirmed your consent by clicking a verification link sent to the specified e-mail address.

By activating the confirmation link, you give us your consent to the use of your personal data pursuant to Art. 6(1)(a) GDPR. We store the IP address registered by your ISP as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later point in time. The data we collect when you subscribe to our e-mail notification service for product availability is used strictly for that purpose.

You may unsubscribe from availability notifications at any time by sending a corresponding message to the controller named at the outset. After unsubscribing, your e-mail address will be deleted from the relevant distribution list immediately, unless you have expressly consented to further use of your data or we reserve the right to use your data beyond this in ways that are permitted by law and about which we inform you in this policy.

7.6 Shopping Cart Reminders by E-mail

If you abandon your purchase before completing an order, you have the option of receiving a one-time e-mail reminder about the contents of your virtual shopping cart.

The only mandatory information required for sending this reminder is your e-mail address. Providing further data is voluntary and may be used to address you personally. For the e-mail dispatch, we use the double opt-in procedure, which ensures that you only receive a notification after you have expressly confirmed your consent by clicking a verification link sent to the specified e-mail address.

By activating the confirmation link, you give us your consent to the use of your personal data pursuant to Art. 6(1)(a) GDPR for the sending of a shopping cart reminder. We store the IP address registered by your ISP as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later point in time. The data collected when you subscribe to our e-mail notification service is used strictly for that purpose.

You may unsubscribe from shopping cart reminders at any time by sending a corresponding message to the controller named at the outset. After unsubscribing, your e-mail address will be deleted from the relevant distribution list immediately, unless you have expressly consented to further use of your data or we reserve the right to use your data beyond this in ways that are permitted by law and about which we inform you in this policy.

7.7 Advertising by Post

On the basis of our legitimate interest in personalised direct marketing, we reserve the right to store your first and last name, your postal address and — to the extent we have received additional information from you in the context of the contractual relationship — your title, academic degree, year of birth and professional, industry or business designation pursuant to Art. 6(1)(f) GDPR, and to use this data to send you interesting offers and information about our products by post.

You may object to the storage and use of your data for this purpose at any time.

8) Data Processing for Order Fulfilment

8.1 To the extent necessary for the fulfilment of the contract for delivery and payment purposes, the personal data we collect is transferred to the commissioned transport company and the commissioned credit institution pursuant to Art. 6(1)(b) GDPR.

If we owe you updates for goods with digital elements or digital products under a corresponding contract, we process the contact details you provided when placing the order in order to inform you personally in fulfilment of our statutory information obligations pursuant to Art. 6(1)(c) GDPR. Your contact details are used strictly for communications regarding updates we are obligated to provide and are only processed by us to the extent necessary for the respective notification.

For the processing of your order, we also work with the following service provider(s), who support us in whole or in part in the performance of concluded contracts. Certain personal data is transferred to these service providers in accordance with the following information.

8.2 In the event of an order for age-restricted goods, we ensure in accordance with applicable youth protection law that you have reached the minimum age required by law for the relevant goods. For this purpose, we use an age verification procedure with which we can ensure your personal identification (age check) and, if applicable, authentication. For this purpose, we use the Ident-Check service of DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn.

For the purpose of verifying the required minimum age, certain personal data is transferred to the above-mentioned service provider. This data processing is carried out pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interest — following a balancing of interests — in ensuring a youth-protection-compliant offering and in compliance with the statutory provisions on the protection of minors.

8.3 JTL

For order processing, we use the following provider: JTL-Software-GmbH, Rheinstr. 7, 41836 Hückelhoven, Germany.

Your name, address and, where applicable, further personal data are transferred to the provider exclusively for the purpose of processing the online order pursuant to Art. 6(1)(b) GDPR. Your data is only transferred to the extent actually necessary for processing the order.

8.4 Transfer of Personal Data to Shipping Service Providers

Deutsche Post

We use the following transport service provider: Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn, Germany.

We transfer your e-mail address and/or telephone number to the provider pursuant to Art. 6(1)(a) GDPR before delivery of the goods for the purpose of arranging a delivery date or providing delivery notification, provided you have given your express consent for this during the order process. Otherwise, we only transfer the recipient's name and delivery address to the provider for the purpose of delivery pursuant to Art. 6(1)(b) GDPR. In this case, prior arrangement of a delivery date with the provider or a delivery notification is not possible.

Consent may be revoked at any time with future effect vis-à-vis the controller named above or vis-à-vis the provider.

DHL

We use the following transport service provider: DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn, Germany.

Consent may be revoked at any time with future effect vis-à-vis the controller named above or vis-à-vis the provider.

8.5 Use of Payment Service Providers

Amazon Pay

One or more online payment methods of the following provider are available on this website: Amazon Payments Europe s.c.a., 38 avenue J.F. Kennedy, L-1855 Luxembourg.

If you select a payment method from the provider where you pay in advance (e.g. credit card payment), your payment data communicated during the order process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order are transferred to the provider pursuant to Art. 6(1)(b) GDPR. Your data is transferred in this case exclusively for the purpose of payment processing with the provider and only to the extent necessary for this.

Apple Pay

If you choose the "Apple Pay" payment method from Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, payment is processed via the "Apple Pay" function on your iOS, watchOS or macOS device by charging a payment card stored in "Apple Pay". Apple Pay uses security features integrated into your device's hardware and software to protect your transactions. To authorise a payment, you must enter a code you have previously set and verify via the "Face ID" or "Touch ID" function of your device.

For the purpose of payment processing, the information you provide during the order process along with information about your order is transmitted to Apple in encrypted form. Apple then re-encrypts this data with a developer-specific key before the data is transmitted to the payment service provider of the payment card stored in Apple Pay to process the payment. The encryption ensures that only the website through which the purchase was made can access the payment data. After payment is made, Apple sends your device account number and a transaction-specific, dynamic security code to the originating website to confirm payment success.

Where personal data is processed in the transmissions described, this is done solely for the purpose of payment processing pursuant to Art. 6(1)(b) GDPR.

Apple retains anonymised transaction data, including the approximate purchase amount, approximate date and time, and an indication of whether the transaction was completed successfully. Anonymisation completely prevents any identification of a person. Apple uses the anonymised data to improve "Apple Pay" and other Apple products and services.

If you use Apple Pay on an iPhone or Apple Watch to complete a purchase made via Safari on a Mac, the Mac and the authorisation device communicate via an encrypted channel on Apple's servers. Apple does not process or store any of this information in a format that could identify you. You can disable the option to use Apple Pay on your Mac in your iPhone settings under "Wallet & Apple Pay" by deactivating "Allow Payments on Mac".

Further privacy information about Apple Pay can be found at: https://support.apple.com/en-us/HT203027

giropay

One or more online payment methods of the following provider are available on this website: paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main, Germany.

Klarna

One or more online payment methods of the following provider are available on this website: Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden.

If you select a payment method where the provider pays in advance (e.g. purchase on account, instalment purchase or direct debit), you will also be asked during the order process to provide certain personal data (first and last name, street, house number, postcode, city, date of birth, e-mail address, telephone number and, if applicable, data for an alternative payment method).

To safeguard our legitimate interest in assessing the creditworthiness of our customers, this data is forwarded to the provider pursuant to Art. 6(1)(f) GDPR for the purpose of a credit check. The provider assesses, based on the personal data you have provided as well as further data (such as shopping cart, invoice amount, order history, payment history), whether the payment option you have selected can be granted in terms of payment and/or default risk.

For the decision in the context of the application review, in addition to provider-internal criteria, identity and creditworthiness information from the following credit agencies may also be included pursuant to Art. 6(1)(f) GDPR:https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies

The credit report may contain probability values (so-called score values). Where score values are included in the result of the credit report, they are based on a scientifically recognised mathematical-statistical procedure. Address data, among other things but not exclusively, is included in the calculation of score values.

You may object to this processing of your data at any time by sending a message to us or to the provider. However, the provider may still be entitled to process your personal data if this is necessary for the contractual payment processing.

PayPal

One or more online payment methods of the following provider are available on this website: PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg.

If you select a payment method from the provider where you pay in advance, your payment data communicated during the order process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order are transferred to the provider pursuant to Art. 6(1)(b) GDPR. Your data is transferred in this case exclusively for the purpose of payment processing with the provider and only to the extent necessary for this.

If you select a payment method where we pay in advance, you will also be asked during the order process to provide certain personal data (first and last name, street, house number, postcode, city, date of birth, e-mail address, telephone number and, if applicable, data for an alternative payment method).

To safeguard our legitimate interest in determining your creditworthiness in such cases, this data is forwarded to the provider pursuant to Art. 6(1)(f) GDPR for the purpose of a credit check. The provider assesses, based on the personal data you have provided as well as further data (such as shopping cart, invoice amount, order history, payment history), whether the payment option you have selected can be granted in terms of payment and/or default risk.

Shopify Payments

One or more online payment methods of the following provider are available on this website: Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland.

Sofortüberweisung (Instant Bank Transfer)

One or more online payment methods of the following provider are available on this website: Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden.

8.6 Electronic Withdrawal Function for Distance Contracts

Consumers who conclude contracts on this website for which a statutory right of withdrawal exists have the option of declaring their withdrawal via an electronic withdrawal function in accordance with the applicable withdrawal regulations.

For the provision of the electronic withdrawal function, we use a solution from the following provider: ECOMBEAT, Rubensgasse 9/7, Vienna, 1040, Austria.

When using the withdrawal function, in addition to information identifying the contract to be withdrawn from, further personal information such as the consumer's first and last name and e-mail address must be provided or confirmed.

This information is first collected by the provider on the basis of our legitimate interest in a user-friendly, stable and process-optimised solution pursuant to Art. 6(1)(f) GDPR, then used to confirm receipt of the withdrawal declaration on our behalf by e-mail, and finally transmitted to us. We then process the transmitted information for the proper handling of the withdrawal pursuant to Art. 6(1)(b) GDPR and Art. 6(1)(c) GDPR on the basis of our legal obligation to provide an electronic withdrawal function for paid consumer distance contracts.

The information collected by the provider is routinely deleted after the final processing of a withdrawal, provided no statutory retention obligations apply.

We have concluded a data processing agreement with the provider that protects data processed in the context of the withdrawal function and prohibits unauthorised disclosure to third parties.

9) Online Marketing

Google AdSense

This website uses Google AdSense, a web advertising service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google AdSense uses so-called cookies — text files stored on your computer that enable analysis of your use of the website. In addition, Google AdSense uses so-called "web beacons" (small invisible graphics) to record, collect and evaluate simple actions such as visitor traffic on the website. The information generated by the cookie and/or web beacon (including your IP address) about your use of this website is generally transferred to a Google server and stored there. This may also involve a transfer to servers of Google LLC in the USA.

Google uses this information to evaluate your usage behaviour in relation to AdSense adverts. The IP address transmitted by your browser in the context of Google AdSense is not merged with other Google data. The information collected by Google may be transferred to third parties if this is required by law and/or if third parties process this data on behalf of Google.

All processing described above, in particular reading information on the device used via cookies and/or web beacons, is only carried out if you have given us your express consent to do so pursuant to Art. 6(1)(a) GDPR. Without this consent, Google AdSense will not be used during your visit to the site.

You may revoke your consent at any time with future effect by deactivating this service in the "Cookie Consent Tool" provided on the website.

Further information on Google's privacy policy can be found here: https://business.safety.google/intl/de/privacy/ and https://www.google.de/policies/privacy/

10) Web Analytics Services

10.1 Google Analytics 4

This website uses Google Analytics 4, a web analytics service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), which enables analysis of your use of our website.

By default, when you visit the website, Google Analytics 4 sets cookies that are stored as small text fragments on your device and collect certain information. This information includes your IP address, which Google shortens by the last digits to preclude direct identification of a person.

The information is transmitted to Google's servers and further processed there. Transfers to Google LLC servers in the USA are also possible.

Google uses the collected information on our behalf to evaluate your use of the website, to compile reports on website activity for us, and to provide other services related to website use and internet use. The truncated IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. Data collected under Google Analytics 4 is stored for a period of two months and then deleted.

All processing described above, in particular the setting of cookies on the device used, is only carried out if you have given us your express consent pursuant to Art. 6(1)(a) GDPR.

Without your consent, Google Analytics 4 will not be used during your visit to the site. You may revoke your consent at any time with future effect. To exercise your right of revocation, please deactivate this service via the "Cookie Consent Tool" provided on the website.

We have concluded a data processing agreement with Google that ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

Further legal information on Google Analytics 4 can be found at https://business.safety.google/intl/de/privacy/, https://policies.google.com/privacy?hl=en and https://policies.google.com/technologies/partner-sites.

Demographic Features

Google Analytics 4 uses the special "demographic features" function and can use it to generate statistics that make statements about the age, gender and interests of site visitors. This is done by analysing advertising and information from third parties. This enables target groups to be identified for marketing activities. However, the collected data cannot be attributed to any specific person and will be deleted after a storage period of two months.

Google Signals

As an extension to Google Analytics 4, Google Signals may be used on this website to generate cross-device reports. If you have activated personalised ads and linked your devices to your Google account, Google may — subject to your consent to the use of Google Analytics pursuant to Art. 6(1)(a) GDPR — analyse your usage behaviour across devices and create database models, including cross-device conversions. We do not receive any personal data from Google, only statistics. If you wish to stop cross-device analysis, you can deactivate the "Personalised advertising" feature in your Google account settings by following the instructions at: https://support.google.com/My-Ad-Center-Help/answer/12155764?hl=en

Further information on Google Signals can be found at: https://support.google.com/analytics/answer/7532985?hl=en

User IDs

As an extension to Google Analytics 4, the "User IDs" feature may be used on this website. If you have consented to the use of Google Analytics 4 pursuant to Art. 6(1)(a) GDPR, have set up an account on this website and log in on different devices with this account, your activities, including conversions, may be analysed across devices.

10.2 Google Tag Manager

This website uses the "Google Tag Manager", a service of the following provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

The Google Tag Manager provides a technical basis for bundling various web applications, including tracking and analytics services, and calibrating, controlling and applying conditions to them via a unified interface. The Google Tag Manager itself does not store any information on users' devices or read any information from them. Nor does the service carry out independent data analyses. However, Google Tag Manager transmits your IP address to Google when you visit a page, where it may be stored. A transfer to servers of Google LLC in the USA is also possible.

This processing is only carried out if you have given us your express consent pursuant to Art. 6(1)(a) GDPR. Without this consent, Google Tag Manager will not be used during your visit to the site. You may revoke your consent at any time with future effect by deactivating this service in the "Cookie Consent Tool" provided on the website.

We have concluded a data processing agreement with the provider that ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

Further legal information on Google Tag Manager can be found at https://business.safety.google/intl/de/privacy/ and https://policies.google.com/privacy?hl=en.

10.3 Hotjar

This website uses the web analytics service of the following provider: Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta.

Using cookies and/or comparable technologies (tracking pixels, web beacons, algorithms for reading device and browser information), the service collects and stores pseudonymised visitor data, including information about the device used such as the IP address and browser information, in order to evaluate it for statistical analysis of user behaviour on our website and to create pseudonymised usage profiles. Among other things, this enables the evaluation of movement patterns (so-called heatmaps) that show the duration of page visits and interactions with page content (e.g. text inputs, scrolling, clicks and mouse-overs). Pseudonymisation fundamentally precludes direct identification of a person. The data is not merged with clear personal data collected in other ways.

All processing described above, in particular reading or storing information on the device used, is only carried out if you have given us your express consent pursuant to Art. 6(1)(a) GDPR. You may revoke your consent at any time with future effect by deactivating this service in the "Cookie Consent Tool" provided on the website.

We have concluded a data processing agreement with the provider that ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

10.4 Shopify Analytics

This website uses the web analytics service of the following provider: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland. Data is also transferred to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada.

We have concluded a data processing agreement with the provider that protects our site visitors' data and prohibits disclosure to third parties.

For data transfers to Canada, an adequate level of data protection is guaranteed by an adequacy decision of the European Commission.

11) Retargeting / Remarketing and Conversion Tracking

11.1 Meta Pixel

Within our online offering, we use the service "Meta Pixel" of the following provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland ("Meta").

When a user clicks on an advertisement placed by us on Facebook and/or Instagram, the URL of our linked page is extended with a parameter using the "Meta Pixel". This URL parameter is then entered into the user's browser via a cookie set by our linked page itself after the redirect.

This enables Meta, on the one hand, to identify visitors to our online offering as a target group for the display of advertisements (so-called "ads"). Accordingly, we use the service to show the Facebook and/or Instagram ads placed by us only to users who have also shown an interest in our online offering or who exhibit certain characteristics (e.g. interests in certain topics or products, determined on the basis of websites visited) that we transmit to Meta (so-called "Custom Audiences").

On the other hand, the "Meta Pixel" can be used to track whether users are redirected to our website after clicking on an advertisement and what actions they take there (so-called "conversion tracking").

The data collected is anonymous to us, meaning we cannot draw any conclusions about the identity of users. However, the data is stored and processed by Meta, so a connection to the respective user profile is possible and Meta may use the data for its own advertising purposes.

All processing described above, in particular the setting of cookies to read information on the device used, is only carried out if you have given us your express consent pursuant to Art. 6(1)(a) GDPR. You may revoke your consent at any time with future effect by deactivating this service in the "Cookie Consent Tool" provided on the website.

We have concluded a data processing agreement with the provider that ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

The information generated by Meta is generally transferred to a Meta server and stored there; in this context, a transfer to servers of Meta Platforms Inc. in the USA may also occur.

11.2 Google Ads Remarketing

This website uses retargeting technology of the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

For this purpose, Google sets a cookie in your device's browser, which automatically enables interest-based advertising using a pseudonymous cookie ID based on the pages you have visited. Further data processing only takes place if you have agreed with Google that your internet and app browsing history is linked to your Google account and information from your Google account is used to personalise the ads you see on the web. If in that case you are logged into Google while visiting our website, Google uses your data together with Google Analytics data to create and define audience lists for cross-device remarketing. For this purpose, your personal data is temporarily linked by Google with Google Analytics data to form target groups. In the context of using Google Ads Remarketing, personal data may also be transferred to servers of Google LLC in the USA.

All processing described above, in particular the setting of cookies to read information on the device used, is only carried out if you have given us your express consent pursuant to Art. 6(1)(a) GDPR. Without this consent, retargeting technology will not be used during your visit to the site.

You may revoke your consent at any time with future effect by deactivating this service in the "Cookie Consent Tool" provided on the website.

Details on processing initiated by Google and Google's handling of data from websites can be found here: https://policies.google.com/technologies/partner-sites

Further information on Google's privacy policy can be found here: https://business.safety.google/intl/de/privacy/ and https://www.google.de/policies/privacy/

11.3 Google Ads Conversion Tracking

This website uses the online advertising programme "Google Ads" and, within Google Ads, the conversion tracking of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). We use Google Ads to draw attention to our attractive offers on external websites using advertising media (so-called Google AdWords). We can determine how successful individual advertising measures are in relation to the advertising campaign data. Our aim is to show you advertising that is relevant to you, to make our website more interesting for you, and to achieve a fair calculation of advertising costs.

The conversion tracking cookie is set when a user clicks on a Google Ads advert. Cookies are small text files stored on your device. These cookies generally expire after 30 days and are not used for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognise that the user clicked on the advert and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies therefore cannot be tracked across the websites of Google Ads customers. The information obtained via the conversion cookie is used to generate conversion statistics for Google Ads customers who have opted for conversion tracking. Customers find out the total number of users who clicked on their advert and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that could be used to personally identify users. In the context of using Google Ads, personal data may also be transferred to servers of Google LLC in the USA.

Details on processing initiated by Google Ads Conversion Tracking and Google's handling of data from websites can be found here: https://policies.google.com/technologies/partner-sites

You can also permanently object to the setting of cookies by Google Ads Conversion Tracking by downloading and installing the browser plug-in available from Google at the following link: https://support.google.com/My-Ad-Center-Help/answer/12155656?hl=en

Please note that certain functions of this website may not be available or may only be available to a limited extent if you have disabled the use of cookies.

Google's privacy policy can be found here: https://business.safety.google/intl/de/privacy/ and https://www.google.de/policies/privacy/

11.4 Google Marketing Platform

This website uses the online marketing tool Google Marketing Platform operated by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("GMP").

GMP uses cookies to show users relevant advertisements, to improve campaign performance reports, or to prevent a user from seeing the same advertisements multiple times. Using a cookie ID, Google records which advertisements are displayed in which browser and can thus prevent them from being displayed multiple times. In addition, GMP can use cookie IDs to record so-called conversions related to advertisement requests. This is the case, for example, when a user sees a GMP advertisement and later visits the advertiser's website using the same browser and makes a purchase there. According to Google, GMP cookies do not contain any personal information.

Due to the marketing tools used, your browser automatically establishes a direct connection to Google's server.

We have no influence over the scope and further use of the data collected by Google through the use of this tool and therefore inform you to the best of our knowledge as follows: By integrating GMP, Google receives the information that you have accessed the relevant part of our website or clicked on one of our adverts. If you are registered with a Google service, Google can link the visit to your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider will obtain and store your IP address. In the context of using GMP, personal data may also be transferred to servers of Google LLC in the USA.

The privacy policy of GMP by Google can be found here: https://business.safety.google/intl/de/privacy/ and https://www.google.de/policies/privacy/

11.5 TikTok Pixel

This website uses the conversion tracking technology of the following provider: TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland.

If you have accessed our website via an advertisement on the provider's domain, cookies and/or comparable technologies (tracking pixels, web beacons, pings or HTTP requests) may be used to track the success of the advertisement.

For this purpose, the tracking technology reads certain device and browser information, which may include your IP address, in order to record and evaluate user actions predefined by us (e.g. completed transactions, leads, search queries on the website, views of product pages). This enables statistics to be created about user behaviour on our website after being redirected from an advertisement, which we use to optimise our offering.

We have concluded a data processing agreement with the provider that ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

12) Website Functionality

12.1 Facebook Plugins

Plugins of the social network of the following provider are used on our website: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

These plugins enable direct interactions with content on the social network.

To enhance the protection of your data when you visit our website, the plugins are initially deactivated and integrated into the page using a so-called "2-click" or "Shariff" solution.

This integration ensures that when you access a page of our website that contains such plugins, no connection is yet established with the provider's servers.

Only when you activate the plugins and thereby give your consent to data transfer pursuant to Art. 6(1)(a) GDPR does your browser establish a direct connection to the provider's servers. Regardless of whether you are logged into an existing user profile, certain information about your device (including your IP address), your browser and your browsing history is transmitted to the provider and may be further processed there.

If you are logged into an existing user profile on the provider's social network, information about interactions carried out via the plugins will also be published there and shown to your contacts.

You may revoke your consent at any time by deactivating the activated plugin by clicking on it again. However, the revocation does not affect data that has already been transferred to the provider.

Data may also be transferred to: Meta Platforms Inc., USA.

We have concluded a data processing agreement with the provider that ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

12.2 Instagram Plugins

Plugins of the social network of the following provider are used on our website: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

These plugins enable direct interactions with content on the social network.

To enhance the protection of your data when you visit our website, the plugins are initially deactivated and integrated into the page using a so-called "2-click" or "Shariff" solution.

This integration ensures that when you access a page of our website that contains such plugins, no connection is yet established with the provider's servers.

If you are logged into an existing user profile on the provider's social network, information about interactions carried out via the plugins will also be published there and shown to your contacts.

You may revoke your consent at any time by deactivating the activated plugin by clicking on it again. However, the revocation does not affect data that has already been transferred to the provider.

Data may also be transferred to: Meta Platforms Inc., USA.

We have concluded a data processing agreement with the provider that ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

12.3 Pinterest Plugins

Plugins of the social network of the following provider are used on our website: Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.

These plugins enable direct interactions with content on the social network.

To enhance the protection of your data when you visit our website, the plugins are initially deactivated and integrated into the page using a so-called "2-click" or "Shariff" solution.

This integration ensures that when you access a page of our website that contains such plugins, no connection is yet established with the provider's servers.

If you are logged into an existing user profile on the provider's social network, information about interactions carried out via the plugins will also be published there and shown to your contacts.

You may revoke your consent at any time by deactivating the activated plugin by clicking on it again. However, the revocation does not affect data that has already been transferred to the provider.

Data may also be transferred to: Pinterest Inc., USA.

We have concluded a data processing agreement with the provider that ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

For data transfers to the USA, the provider relies on the European Commission's standard contractual clauses, which are intended to ensure compliance with the European level of data protection.

12.4 Trusted Shops Trustbadge

Graphic elements of the following provider are integrated on our website to display external customer reviews and/or an externally awarded quality mark: Trusted Shops AG, Subbelrather Str. 15C, 50823 Cologne, Germany.

When you access a page of our website that contains such graphic elements, your browser establishes a direct connection to the provider's servers in order to load the elements properly. Certain browser information, including your IP address, is transmitted to the provider in this process.

Where personal data is also processed in this context, this is done pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interest in the optimal marketing of our offering and the attractive presentation of our website.

In the event of an online order with us, further processing may take place.

Depending on your express consent pursuant to Art. 6(1)(a) GDPR, your order information (order total, order number and, if applicable, product purchased) and your e-mail address are transmitted to the provider in encrypted form via the Trustbadge after an order is completed, in order to check whether you are already registered for the provider's services (in particular the "Buyer Protection") and, if applicable, to enable a new registration.

If an existing registration is identified, or in the event of a new registration with the provider for its services (in particular Buyer Protection), your order information (order total, order number, product purchased) and your e-mail address are transmitted to the provider and further processed by them on the basis of the contractual agreement with the provider pursuant to Art. 6(1)(b) GDPR in order to provide the services (in particular Buyer Protection).

We are jointly responsible with the provider for the processing described above pursuant to Art. 26 GDPR. The joint controller agreement can be viewed here: https://help.etrusted.com/hc/de/articles/23970817960082

12.5 Google Maps

This website uses an online map service from the following provider: Google Maps (API) by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

Google Maps is a web service for displaying interactive maps to present geographic information visually. This service is used to show you our location and to make it easier for you to find us.

When you access those sub-pages of ours in which the Google Maps map is embedded, information about your use of our website (such as your IP address) is transmitted to Google's servers and stored there; in this context, a transfer to servers of Google LLC in the USA may also occur. This happens regardless of whether Google provides a user account through which you are logged in or whether a user account exists. If you are logged into Google, your data will be directly associated with your account. If you do not want your data to be associated with your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them.

The collection, storage and evaluation are carried out pursuant to Art. 6(1)(f) GDPR on the basis of Google's legitimate interest in displaying personalised advertising, conducting market research and/or designing Google websites to meet demand. You have the right to object to the creation of these user profiles, and to exercise this right you must contact Google. If you do not agree to the future transmission of your data to Google in the context of using Google Maps, you also have the option of completely deactivating Google Maps' web service by turning off the JavaScript application in your browser. Google Maps and therefore also the map display on this website can then no longer be used.

Where legally required, we have obtained your consent pursuant to Art. 6(1)(a) GDPR for the processing of your data described above. You may revoke your consent at any time with future effect by following the objection procedure described above.

Further information on Google's privacy policy can be found here: https://business.safety.google/intl/de/privacy/

12.6 Adobe Fonts (Typekit)

This site uses so-called web fonts provided by the following provider for the uniform display of typefaces: Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA.

When you access a page, your browser loads the required web fonts into its cache in order to display texts and typefaces correctly, and establishes a direct connection to the provider's servers. Certain browser information, including your IP address, is transmitted to the provider in this process.

The processing of personal data in the course of establishing a connection with the provider of the web fonts is only carried out if you have given us your express consent pursuant to Art. 6(1)(a) GDPR. You may revoke your consent at any time with future effect by deactivating this service via the "Cookie Consent Tool" provided on the website. If your browser does not support web fonts, a default font from your computer will be used.

12.7 Google Web Fonts

This site uses so-called web fonts provided by the following provider for the uniform display of typefaces: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

Data may also be transferred to: Google LLC, USA.

Further information on Google's privacy policy can be found here: https://business.safety.google/intl/de/privacy/

12.8 ShopSync for Shopify

This website uses the Shopify app "ShopSync" by ShopSync LLC, PO Box 252, Jefferson City, TN 37760, USA.

ShopSync is used to synchronise the newsletter service "Mailchimp" with our Shopify account, so that on the one hand, updates to Mailchimp e-mail lists (e.g. an opt-out by a newsletter recipient) are automatically reflected in Shopify, and on the other hand, new contact data generated via contracts concluded on Shopify is automatically transferred to Mailchimp e-mail lists.

In the first case, data processing is carried out pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interest in the effective and cross-system maintenance of advertising recipient records and the efficient observance of legally significant status changes.

In the second case, exclusively on the basis of the user's express consent pursuant to Art. 6(1)(a) GDPR, after a contract is concluded on Shopify, the user's first and last name, address and e-mail address, together with transaction-related information (purchase amount, time and date of purchase), are transferred by ShopSync to Mailchimp for inclusion in the Mailchimp list.

Data transferred in this way is not stored or retained by ShopSync after synchronisation. All information synchronised between Shopify and Mailchimp is transmitted using SSL (Secure Socket Layer) technology, and all transferred information remains encrypted during the synchronisation process.

The synchronisation process requires the transmission of information via a secure connection to servers hosted by Amazon Web Services in the USA.

Further data protection information on ShopSync can be found here: https://www.shop-sync.com/privacy-policy

13) Tools and Miscellaneous

13.1 DATEV

For handling our accounting, we use the service of the following cloud-based accounting software provider: DATEV eG, Paumgartnerstr. 6-14, 90429 Nuremberg, Germany.

The provider processes incoming and outgoing invoices and, if applicable, the bank transactions of our company in order to automatically record invoices, match them to transactions and use them to generate financial accounting in a partially automated process.

Where personal data is also processed in this context, this is done on the basis of our legitimate interest in the efficient organisation and documentation of our business processes pursuant to Art. 6(1)(f) GDPR.

13.2 Lexware Office

For handling our accounting, we use the service of the following cloud-based accounting software provider: Haufe-Lexware GmbH & Co. KG, Munzinger Straße 9, 79111 Freiburg, Germany.

13.3 sevDesk

For handling our accounting, we use the service of the following cloud-based accounting software provider: sevDesk GmbH, Hauptstraße 115, 77652 Offenburg, Germany.

We have concluded a data processing agreement with the provider that ensures the protection of our customers' data and prohibits unauthorised disclosure to third parties.

Where personal data is also processed in this context, this is done on the basis of our legal obligation to maintain proper accounts pursuant to Art. 6(1)(c) GDPR.

13.4 Cookie Consent Tool

This website uses a so-called "Cookie Consent Tool" to obtain effective user consent for cookies requiring consent and cookie-based applications. The "Cookie Consent Tool" is displayed to users when the page is accessed in the form of an interactive user interface, through which consent for certain cookies and/or cookie-based applications can be granted by ticking the corresponding box. By using the tool, all cookies/services requiring consent are only loaded if the respective user has granted the corresponding consent by ticking the box. This ensures that cookies of this type are only set on the respective user's device if consent has been given.

The tool sets technically necessary cookies to save your cookie preferences. In principle, no personal user data is processed in this context.

In individual cases where personal data (such as an IP address) is processed for the purpose of storing, assigning or logging cookie settings, this is done pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and therefore in the legally compliant design of our website.

A further legal basis for processing is Art. 6(1)(c) GDPR. As the controller, we are subject to a legal obligation to make the use of technically unnecessary cookies conditional on the respective user's consent.

Where necessary, we have concluded a data processing agreement with the provider that ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

Further information about the operator and the configuration options of the Cookie Consent Tool can be found directly in the corresponding user interface on our website.

14) Rights of the Data Subject

14.1 Under applicable data protection law, you are entitled to the following data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, with reference being made to the cited legal basis for the respective conditions for exercising these rights:

Right of access pursuant to Art. 15 GDPR
Right to rectification pursuant to Art. 16 GDPR
Right to erasure pursuant to Art. 17 GDPR
Right to restriction of processing pursuant to Art. 18 GDPR
Right to notification pursuant to Art. 19 GDPR
Right to data portability pursuant to Art. 20 GDPR
Right to withdraw consent given pursuant to Art. 7(3) GDPR
Right to lodge a complaint pursuant to Art. 77 GDPR

14.2 RIGHT TO OBJECT

WHERE WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST FOLLOWING A BALANCING OF INTERESTS, YOU HAVE THE RIGHT TO OBJECT TO SUCH PROCESSING AT ANY TIME WITH FUTURE EFFECT ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE DATA IN QUESTION. HOWEVER, FURTHER PROCESSING REMAINS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS.

WHERE YOUR PERSONAL DATA IS PROCESSED BY US FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING. YOU MAY EXERCISE THE OBJECTION AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE DATA IN QUESTION FOR DIRECT MARKETING PURPOSES.

15) Duration of Storage of Personal Data

The duration of storage of personal data is determined by the respective legal basis, the purpose of processing and — where applicable — additionally by the respective statutory retention period (e.g. commercial and tax law retention periods).

Where personal data is processed on the basis of express consent pursuant to Art. 6(1)(a) GDPR, the data in question is stored until you withdraw your consent.

Where statutory retention periods exist for data processed in the context of contractual or quasi-contractual obligations on the basis of Art. 6(1)(b) GDPR, this data is routinely deleted after the retention periods expire, provided it is no longer required for the performance or initiation of a contract and we have no legitimate interest in continuing to store it.

Where personal data is processed on the basis of Art. 6(1)(f) GDPR, this data is stored until you exercise your right to object pursuant to Art. 21(1) GDPR, unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.

Where personal data is processed for the purpose of direct marketing on the basis of Art. 6(1)(f) GDPR, this data is stored until you exercise your right to object pursuant to Art. 21(2) GDPR.

Unless otherwise indicated by the other information in this policy regarding specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

Copyright notice: This privacy policy was created by the specialist lawyers of IT-Recht Kanzlei and is protected by copyright (https://www.it-recht-kanzlei.de)

As of: 09 June 2026, 13:38:47

PRICE ADVANTAGE AND ALL UPDATES FOR YOU!

Sign up for our newsletter - get all the latest news about your favorite items and receive 5% off your first order!

*Sign up for our free newsletter and receive a 5% discount code. By signing up, you agree to receive our newsletter and the processing of your data in accordance with our privacy policy . You can unsubscribe at any time.