Privacy Policy

1. Responsible and data protection officer

Responsible for the data processing on this website is:

Isabel Störmann

[Address]

[E-mail address]

Phone: [Phone number]

If you have appointed a data protection officer, insert his contact details here:

Data protection officer: [name, e-mail address, telephone if applicable]

2. General information and purpose of data processing

The protection of your personal data is very important to us. Personal data is information with which you can be personally identified (e.g. name, address, e-mail address, IP address).

We process your personal data exclusively within the legal framework and only for the purposes mentioned in this data protection declaration, e.g.:

Provision and operation of the website

Processing of contact requests

Implementation of contractual services

Analysis of user behavior to improve the website

Marketing measures (e.g. newsletter dispatch)

The processing takes place only in compliance with the relevant legal legal bases, in particular Art. 6 GDPR.

3. Collected data and processing methods

A) Server log files

Every time you access our website, the following data is automatically collected by the server (server log files):

Visited website / URL

Date and time of access

Amount of data transferred

Referrer (previoused page)

Browser type and version

Operating system

IP address (in anonymous form)

We store this data for a maximum of 7 days to ensure system security and error analysis. The legal basis for this is our legitimate interest (Art. 6 (1) (f) GDPR).

B) Cookies

Our website uses cookies. Cookies are small text files that are stored in the browser of your device.

Purpose: user-friendliness, session management, range measurement if necessary

Types: Necessary cookies, analysis and tracking cookies (possibly only after consent)

You can deactivate cookies using your browser settings. Please note that then not all functions of our website may be fully usable. Depending on the type of cookie, the legal basis is your consent (Art. 6 para. 1 lit. a DSGVO) or legitimate interest.

C) Contact form and user entries

If you use our contact form, we collect the following personal data:

Name

E-mail address

If necessary, other voluntary information (e.g. telephone number)

Content of your message

We use this data exclusively to answer your request. The legal basis is your consent or the fulfillment of pre-contractual measures (Art. 6 para. 1 lit. a and b GDPR).

D) Newsletter

If you subscribe to our newsletter, we process the following data:

Name

E-mail address

Shipping takes place only with express consent (double opt-in). You can revoke your consent at any time via the unsubscribe link in the newsletter.

E) Analysis and tracking tools

We use the following analysis tools on our website (please add individually):

Google Analytics with IP address anonymization

Matomo (if used)

Other services (Facebook Pixel, etc.)

These services collect user data in order to evaluate usage behavior and optimize the website. This only takes place after your consent (opt-in). The data protection declarations of the third-party providers can be found at the respective providers.

4. Transfer of data to third parties

In principle, we do not pass on personal data to third parties, except:

If this is necessary for the fulfillment of the contract (e.g. shipping service provider)

To fulfill legal obligations

You have previously consented

We perceive legitimate interests without violating the interests of those affected

A data transfer to third countries outside the EU only takes place if an adequate level of data protection is ensured, e.g. by means of standard contractual clauses.

5. Storage period and deletion of data

We only store your personal data for as long as this is necessary to fulfill the respective purpose or as long as there are legal retention periods. After the purpose is lost, the data will be deleted or anonymized immediately.

Exemplary storage periods:

Contact details: until completion of correspondence

Logfiles: max. 7 days

Invoice data: 10 years (statutory retention)

6. Rights of data subjects

You have the right:

In accordance with Art. 15 GDPR to obtain information about your stored personal data

In accordance with Art. 16 GDPR to immediately request correction of incorrect data

In accordance with Art. 17 GDPR, to request the deletion of your data, insofar as there are no legal retention obligations to the contrary

In accordance with Art. 18 GDPR to request restriction of processing

In accordance with Art. 20 GDPR to obtain data portability

To revoke your consent at any time in accordance with Art. 7 (3) GDPR without affecting the legality of the processing carried out until then

In accordance with Art. 77 GDPR to file a complaint with a supervisory authority (e.g. data protection authority of your federal state)

7. Security of data processing

We take reasonable technical and organizational measures (TOMs) to protect your data from loss, misuse or unauthorized access, including:

Encryption (e.g. TLS/SSL)

Access restrictions

Regular security checks

8. Integration of social media plugins and third-party services

We use social media plugins from providers such as Facebook, Twitter or Instagram on our pages to enable users to interact. Data is already transmitted to the respective providers during the visit, provided that there is no obligation to consent. Details and opt-out options can be found in the data protection declarations of the providers.

9. Update of the privacy policy

Our privacy policy can be adjusted at any time due to legal changes or extensions of the functions/technologies of our website. We recommend that you read them regularly.