Privacy Policy
1. Responsible and data protection officer
Responsible for the data processing on this website is:
Isabel Störmann
[Address]
[E-mail address]
Phone: [Phone number]
If you have appointed a data protection officer, insert his contact details here:
Data protection officer: [name, e-mail address, telephone if applicable]
2. General information and purpose of data processing
The protection of your personal data is very important to us. Personal data is information with which you can be personally identified (e.g. name, address, e-mail address, IP address).
We process your personal data exclusively within the legal framework and only for the purposes mentioned in this data protection declaration, e.g.:
Provision and operation of the website
Processing of contact requests
Implementation of contractual services
Analysis of user behavior to improve the website
Marketing measures (e.g. newsletter dispatch)
The processing takes place only in compliance with the relevant legal legal bases, in particular Art. 6 GDPR.
3. Collected data and processing methods
A) Server log files
Every time you access our website, the following data is automatically collected by the server (server log files):
Visited website / URL
Date and time of access
Amount of data transferred
Referrer (previoused page)
Browser type and version
Operating system
IP address (in anonymous form)
We store this data for a maximum of 7 days to ensure system security and error analysis. The legal basis for this is our legitimate interest (Art. 6 (1) (f) GDPR).
B) Cookies
Our website uses cookies. Cookies are small text files that are stored in the browser of your device.
Purpose: user-friendliness, session management, range measurement if necessary
Types: Necessary cookies, analysis and tracking cookies (possibly only after consent)
You can deactivate cookies using your browser settings. Please note that then not all functions of our website may be fully usable. Depending on the type of cookie, the legal basis is your consent (Art. 6 para. 1 lit. a DSGVO) or legitimate interest.
C) Contact form and user entries
If you use our contact form, we collect the following personal data:
Name
E-mail address
If necessary, other voluntary information (e.g. telephone number)
Content of your message
We use this data exclusively to answer your request. The legal basis is your consent or the fulfillment of pre-contractual measures (Art. 6 para. 1 lit. a and b GDPR).
D) Newsletter
If you subscribe to our newsletter, we process the following data:
Name
E-mail address
Shipping takes place only with express consent (double opt-in). You can revoke your consent at any time via the unsubscribe link in the newsletter.
E) Analysis and tracking tools
We use the following analysis tools on our website (please add individually):
Google Analytics with IP address anonymization
Matomo (if used)
Other services (Facebook Pixel, etc.)
These services collect user data in order to evaluate usage behavior and optimize the website. This only takes place after your consent (opt-in). The data protection declarations of the third-party providers can be found at the respective providers.
4. Transfer of data to third parties
In principle, we do not pass on personal data to third parties, except:
If this is necessary for the fulfillment of the contract (e.g. shipping service provider)
To fulfill legal obligations
You have previously consented
We perceive legitimate interests without violating the interests of those affected
A data transfer to third countries outside the EU only takes place if an adequate level of data protection is ensured, e.g. by means of standard contractual clauses.
5. Storage period and deletion of data
We only store your personal data for as long as this is necessary to fulfill the respective purpose or as long as there are legal retention periods. After the purpose is lost, the data will be deleted or anonymized immediately.
Exemplary storage periods:
Contact details: until completion of correspondence
Logfiles: max. 7 days
Invoice data: 10 years (statutory retention)
6. Rights of data subjects
You have the right:
In accordance with Art. 15 GDPR to obtain information about your stored personal data
In accordance with Art. 16 GDPR to immediately request correction of incorrect data
In accordance with Art. 17 GDPR, to request the deletion of your data, insofar as there are no legal retention obligations to the contrary
In accordance with Art. 18 GDPR to request restriction of processing
In accordance with Art. 20 GDPR to obtain data portability
To revoke your consent at any time in accordance with Art. 7 (3) GDPR without affecting the legality of the processing carried out until then
In accordance with Art. 77 GDPR to file a complaint with a supervisory authority (e.g. data protection authority of your federal state)
7. Security of data processing
We take reasonable technical and organizational measures (TOMs) to protect your data from loss, misuse or unauthorized access, including:
Encryption (e.g. TLS/SSL)
Access restrictions
Regular security checks
8. Integration of social media plugins and third-party services
We use social media plugins from providers such as Facebook, Twitter or Instagram on our pages to enable users to interact. Data is already transmitted to the respective providers during the visit, provided that there is no obligation to consent. Details and opt-out options can be found in the data protection declarations of the providers.
9. Update of the privacy policy
Our privacy policy can be adjusted at any time due to legal changes or extensions of the functions/technologies of our website. We recommend that you read them regularly.