Privacy Policy

1) Information on the Collection of Personal Data and Contact Details of the Controller

1.1
We’re glad you’re visiting our website and appreciate your interest. This Privacy Policy explains how we handle your personal data when you use our website. “Personal data” means any information that can be used to identify you personally.

1.2
The party responsible for data processing on this website (the “Controller”) under the General Data Protection Regulation (GDPR) is:

The Controller is the natural or legal person who, alone or together with others, determines the purposes and means of processing personal data.

1.3
For security reasons, and to protect the transmission of personal data and other confidential content (such as orders or inquiries sent through the site), this website uses SSL or TLS encryption.
You can recognize an encrypted connection by the “https://” prefix and the lock icon in your browser’s address bar.

2) Data Collected When You Visit Our Website

When you use our website for informational purposes only—meaning you do not register or otherwise send us information—we only collect the data that your browser automatically transmits to our server (so-called “server log files”).

When you access our website, we collect the following data, which are technically necessary to display the website and ensure stability and security:

• The specific page(s) you visit on our website

• Date and time of access

• Amount of data transmitted (in bytes)

• Referrer URL (the page you came from)

• Browser type and version

• Operating system used

• IP address used (possibly in anonymized form)

Processing is based on our legitimate interest in improving the stability and functionality of our website, in accordance with Art. 6(1)(f) GDPR.

We do not share these data with third parties and do not use them for other purposes. However, we reserve the right to review server log files later if there are concrete indications of unlawful use.

3) Cookies

To make our website more user-friendly and to support certain functions, we use cookies on various pages. Cookies are small text files that are stored on your device.

• Session cookies are deleted after you close your browser.

• Persistent cookies remain on your device and allow us or our partners (third-party cookies) to recognize your browser on your next visit.

When cookies are set, they may collect certain user information—such as browser type, approximate location data, and IP address values—to a limited extent. Persistent cookies are automatically deleted after a defined period, which can vary by cookie.

Some cookies are used to simplify processes—for example, by remembering items in your shopping cart for a later visit.

Where cookies used by us process personal data, the legal basis is:

• Art. 6(1)(b) GDPR when necessary to perform a contract, or

• Art. 6(1)(f) GDPR when based on our legitimate interest in providing a functional, user-friendly, and efficient website experience.

We may also work with advertising partners to make our online offering more relevant and interesting. In that case, third-party cookies may be stored on your device when you visit our website. If we use such advertising partners, we will inform you separately below about those cookies and the scope of data collected.

You can configure your browser so that you:

• are informed when cookies are set,

• decide on a case-by-case basis whether to accept cookies, or

• generally refuse cookies (or certain types of cookies).

Instructions for managing cookies can be found in the help sections of most browsers:

• Internet Explorer:
  https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies

• Firefox:
  https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

• Chrome:
  https://support.google.com/chrome/answer/95647?hl=de&hlrm=en

• Safari:
  https://support.apple.com/kb/ph21411?locale=de_DE

• Opera:
  https://help.opera.com/en/latest/web-preferences/#cookies

If you do not accept cookies, some features of our website may not function correctly or may be limited.

4) Contact

When you contact us (for example, via contact form or email), we collect the personal data you provide. The specific data collected through the contact form are shown on the form itself.

We use these data solely to respond to your inquiry and handle related technical administration.

• The legal basis is our legitimate interest in responding to your request, in line with Art. 6(1)(f) GDPR.

• If your inquiry is aimed at entering into a contract, the legal basis is also Art. 6(1)(b) GDPR.

We delete your data once your inquiry has been fully resolved and no legal retention obligations prevent deletion.

5) Data Processing When Opening a Customer Account and for Contract Fulfillment

Under Art. 6(1)(b) GDPR, we collect and process personal data when you provide them to us for contract performance or to open a customer account. The specific data collected are shown in the respective input forms.

You can request deletion of your customer account at any time by contacting us at the address listed above.

We store and use the data you provide to fulfill your order or contract. After complete fulfillment of the contract or deletion of your customer account, your data will be blocked with respect to tax and commercial retention periods and deleted once those legal periods have expired—unless you have expressly consented to further use of your data, or we are legally permitted to continue processing your data, in which case we will inform you as needed.

6) Use of Your Data for Direct Marketing

6.1 Email newsletter subscription

If you subscribe to our email newsletter, we will regularly send you information about our offers. The only required field is your email address. Any additional information you provide is optional and used so we can address you personally.

We use a double opt-in process:

• First, you sign up for the newsletter.

• Then we send a confirmation email asking you to click a link to confirm that you want to receive the newsletter.

By clicking the confirmation link, you consent to the use of your personal data for newsletter purposes, consistent with Art. 6(1)(a) GDPR.

When you subscribe, we also store:

• the IP address assigned to you by your internet service provider at the time of registration, and

• the date and time of registration.

This helps us trace and address any misuse of your email address.

We use the data collected during newsletter registration exclusively to send the newsletter.

You can unsubscribe at any time via the link in the newsletter or by contacting the controller listed at the beginning of this policy. After you unsubscribe, your email address will be promptly removed from our newsletter distribution list unless you have expressly consented to further use of your data or we are legally allowed to process your data for other purposes, as explained in this policy.

6.2 Email marketing to existing customers

If you have provided your email address to us when purchasing goods or services, we may use it to send you email offers for similar goods or services from our range. We do not require separate consent for this.

The legal basis is our legitimate interest in personalized direct marketing, in line with Art. 6(1)(f) GDPR.

If you initially objected to this use, we will not send such emails. You can object at any time to the future use of your email address for marketing purposes by contacting the controller listed at the beginning. You will only be charged standard transmission costs.

Once we receive your objection, we will stop using your email address for marketing.

7) Data Processing for Order Handling

7.1 Shipping and payment

We share the personal data we collect during order processing with the shipping company responsible for delivering your order if this is necessary for delivery.

We also share your payment data with the financial institution handling the payment, as far as needed for payment processing. If we use additional payment service providers, they are listed below.

The legal basis is Art. 6(1)(b) GDPR (contract performance).

7.2 Use of payment service providers

PayPal
If you pay via PayPal, credit card via PayPal, direct debit via PayPal, or—where offered—“Pay upon invoice” or “installment payment” via PayPal, we share your payment data with:

PayPal (Europe) S.à r.l. et Cie, S.C.A.
22–24 Boulevard Royal,
L-2449 Luxembourg (“PayPal”)

This transfer occurs under Art. 6(1)(b) GDPR and only to the extent necessary for payment processing.

For payment methods such as credit card, direct debit, purchase on account, or installment payment via PayPal, PayPal may perform a credit check. For this purpose, PayPal may transfer your payment data to credit agencies based on its legitimate interest in determining your ability to pay (Art. 6(1)(f) GDPR).

The result (including score values) can influence PayPal’s decision to offer or deny specific payment methods. These score values are calculated using recognized mathematical-statistical procedures and may incorporate address data.

You can find detailed information on data protection and the credit agencies used in PayPal’s Privacy Policy:
https://www.paypal.com/de/webapps/mpp/ua/privacy-full

You can object to this processing at any time by contacting PayPal. However, PayPal may still be allowed to process your data if this is necessary for contractual payment processing.

SOFORT (Klarna Group)
If you choose “SOFORT” as a payment method, payment is processed via:

SOFORT GmbH
Theresienhöhe 12
80339 Munich, Germany (“SOFORT”)

We share the information you provide during the order process, along with order details, with SOFORT in accordance with Art. 6(1)(b) GDPR.

SOFORT GmbH is part of the Klarna Group:

Klarna Bank AB (publ)
Sveavägen 46
11134 Stockholm, Sweden

Your data are shared solely for payment processing with SOFORT and only to the extent necessary.

More information on SOFORT’s privacy practices is available here:
https://www.klarna.com/sofort/datenschutz

8) Review Reminder Emails

Internal review reminders (no external review platform)

If you have expressly consented under Art. 6(1)(a) GDPR, we may use your email address once to send you a reminder to review your order within our internal review system.

You may withdraw your consent at any time by contacting the controller responsible for data processing.

9) Use of Social Media: Social Plugins

Note on customs/import duties

Special customs clearance charges and/or import duties are not included in our prices and are the customer’s responsibility.

9.1 Facebook plugins with “Shariff” solution

Our website uses social plugins (“plugins”) for the Facebook social network, operated by:

Facebook Inc.
1 Hacker Way
Menlo Park, CA 94025, USA (“Facebook”)

To better protect your data, these buttons are not fully integrated as plugins. Instead, they are embedded as simple HTML links (using the “Shariff” solution).

This means that when you visit a page on our website containing such buttons, no connection is made to Facebook’s servers. Only if you click a button will a new browser window open and load Facebook, where you can interact with its plugins (after logging in, if necessary).

Facebook Inc. is certified under the EU–US Privacy Shield, which helps ensure an adequate level of data protection according to EU standards.

For details on data collection, processing, use, and your rights and settings to protect your privacy, see Facebook’s Privacy Policy:
https://www.facebook.com/policy.php

9.2 Google+ plugins with “Shariff” solution

Our website uses social plugins (“plugins”) from the Google+ social network, provided by:

Google LLC
1600 Amphitheatre Parkway
Mountain View, CA 94043, USA (“Google”)

Again, these buttons are embedded as HTML links under the “Shariff” solution. No connection to Google’s servers is made when you simply load our pages. Only if you click a button will a new browser window open and load Google+, where you can interact with plugins (after logging in, if necessary).

Google LLC is certified under the EU–US Privacy Shield.

More details on data handling and your privacy rights are available in Google’s Privacy Policy:
https://www.google.com/intl/de/policies/privacy/

9.3 Instagram plugin with “Shariff” solution

Our website uses social plugins (“plugins”) from Instagram, provided by:

Instagram LLC
1601 Willow Rd
Menlo Park, CA 94025, USA (“Instagram”)

As with the other services, these buttons are implemented as HTML links under the “Shariff” solution. No connection with Instagram’s servers is made just by loading a page. Only when you click a button will a new browser window open and load Instagram, where you can interact with the platform (after logging in, if necessary).

Instagram LLC is certified under the EU–US Privacy Shield.

For more information on data collection, processing, use, and your options to protect your privacy, see Instagram’s privacy information:
https://help.instagram.com/155833707900388/

10) Online Marketing

10.1 DoubleClick by Google

This website uses the DoubleClick online marketing tool by:

Google LLC
1600 Amphitheatre Parkway
Mountain View, CA 94043, USA (“DoubleClick”)

DoubleClick uses cookies to:

• display ads that are relevant to users,

• improve reporting on campaign performance, and

• avoid repeatedly showing the same ad to the same user.

Using a cookie ID, Google tracks which ads are shown in which browser and can prevent multiple identical impressions.

Processing is based on our legitimate interest in effectively marketing our website, in line with Art. 6(1)(f) GDPR.

DoubleClick can also use cookie IDs to record conversions—i.e., when a user sees a DoubleClick ad, later visits the advertiser’s website, and makes a purchase. According to Google, DoubleClick cookies do not contain personal information.

Because of these tools, your browser automatically establishes a direct connection to Google’s servers. We have no control over the scope or further use of the data collected by Google. According to current knowledge:

• Google learns that you accessed certain parts of our website or clicked one of our ads.

• If you are logged into a Google service, Google can associate the visit with your account.

• Even if you are not logged in or registered, Google may still learn and store your IP address.

If you do not want to participate in this tracking, you can disable conversion cookies by configuring your browser to block cookies from www.googleadservices.com:
https://www.google.de/settings/ads

(Keep in mind this setting will be reset if you delete your cookies.)

You can also visit the Digital Advertising Alliance at http://www.aboutads.info to learn more about cookies and manage ad settings. Finally, you can configure your browser to notify you when cookies are set and decide individually whether to accept them, or to block cookies in certain cases or entirely.

If you do not accept cookies, some functions of our website may not work properly.

Google LLC is certified under the EU–US Privacy Shield, providing an EU-level standard of data protection.

More information on DoubleClick’s privacy practices is available here:
https://www.google.de/policies/privacy/

10.2 Google AdWords Conversion Tracking

Our website uses the Google AdWords online advertising program and, within it, Conversion Tracking from:

Google LLC
1600 Amphitheatre Parkway
Mountain View, CA 94043, USA (“Google”)

We use Google AdWords to highlight our offers on external websites using ads. Based on campaign data, we can determine how effective our ads are. Our goal is to show you relevant ads, make our website more engaging, and achieve a fair cost-benefit ratio for our advertising spend.

When you click an ad delivered by Google, a cookie for conversion tracking is placed on your device. These cookies usually expire after 30 days and are not used to personally identify you. If you visit certain pages on our website while the cookie is active, Google and we can detect that you clicked the ad and were redirected to that page.

Each AdWords customer receives a different cookie, so cookies cannot be tracked across the websites of different customers.

The information collected using conversion cookies is used to compile conversion statistics for AdWords customers who use conversion tracking. These customers learn how many users clicked their ad and were redirected to a page with a conversion tag. They do not receive data that personally identifies users.

If you do not want to participate in tracking, you can disable the conversion cookie in your browser settings. You will then not be included in conversion statistics.

We use Google AdWords based on our legitimate interest in targeted advertising, in line with Art. 6(1)(f) GDPR.

Google LLC is certified under the EU–US Privacy Shield.

For more information on Google’s data practices, see:
https://www.google.de/policies/privacy/

You can also permanently disable cookies for ad personalization by installing the browser plugin available here:
https://www.google.com/settings/ads/plugin?hl=de

If you disable cookies, certain functions of our website may be limited.

11) Web Analytics

Google (Universal) Analytics

This website uses Google Analytics, a web analytics service from:

Google LLC
1600 Amphitheatre Parkway
Mountain View, CA 94043, USA (“Google”)

Google Analytics uses cookies to analyze how you use the website.

The information generated by the cookie about your use of this website (including your shortened IP address) is usually transmitted to a Google server in the USA and stored there.

This website uses Google Analytics with IP anonymization (_anonymizeIp()), which ensures that IP addresses are shortened within EU member states or other EEA states before transmission. This prevents a direct personal reference. In exceptional cases only, the full IP address is transmitted to a Google server in the USA and shortened there.

In those exceptional cases, processing takes place in line with Art. 6(1)(f) GDPR, based on our legitimate interest in statistically analyzing user behavior for optimization and marketing purposes.

On our behalf, Google uses this information to:

• evaluate your use of the website,

• compile reports on website activity, and

• provide other services related to website and internet usage.

The IP address transmitted by your browser within Google Analytics is not merged with other Google data.

You can prevent cookies from being stored by adjusting your browser settings. However, this may limit your ability to use some features of the website.

You can also prevent Google from collecting and processing data related to your use of the website (including your IP address) by installing the browser plugin available here:
https://tools.google.com/dlpage/gaoptout?hl=de

Alternatively—especially on mobile devices—you can set an opt-out cookie by following Google’s instructions at the same link. This opt-out cookie prevents future tracking by Google Analytics within this website, in the browser in which it is set. If you delete your cookies, you’ll need to set the opt-out cookie again.

Google LLC is certified under the EU–US Privacy Shield.

This website may also use Google Analytics’ User-ID feature to conduct cross-device analysis of visitor behavior. When you first visit a page, you may be assigned a unique, persistent, anonymized ID that can be used across devices. This allows interaction data from different devices and sessions to be associated with a single (still anonymous) user profile.

You can object to data collection and storage via the User-ID at any time for the future by disabling Google Analytics on all systems you use (for example, on different browsers or mobile devices).

More information on Universal Analytics is available here:
https://support.google.com/analytics/answer/2838718?hl=de&ref_topic=6010376

12) Retargeting / Remarketing / Referral Advertising

Facebook Custom Audience via Pixel

This website uses the “Facebook Pixel” from:

Facebook Inc.
1 Hacker Way
Menlo Park, CA 94025, USA (“Facebook”)

With your explicit consent, the Facebook Pixel allows us to track user behavior after users have seen or clicked a Facebook ad. This helps us measure the effectiveness of Facebook ads for statistical and market research purposes and improve future advertising.

The data we receive are anonymous and do not allow us to identify individual users. However, Facebook may link this information to a specific user profile and use it for its own advertising purposes in accordance with Facebook’s Data Policy:
https://www.facebook.com/about/privacy/

This may allow Facebook and its partners to display ads on and off Facebook. A cookie may also be stored on your device for these purposes.

Processing based on the Facebook Pixel takes place only with your express consent under Art. 6(1)(a) GDPR.

Consent to use the Facebook Pixel may only be given by users who are at least 13 years old. If you are younger, please ask your parent or legal guardian for permission.

Facebook Inc. is certified under the EU–US Privacy Shield.

You can disable cookies in your browser settings so that no cookies are stored on your device, or existing cookies are deleted. However, disabling all cookies may limit the functionality of our website.

You can also deactivate cookies from third-party providers such as Facebook via the Digital Advertising Alliance site:
https://www.aboutads.info/choices/

Google AdWords Remarketing

Our website uses the features of Google AdWords Remarketing to advertise this website in Google search results and on third-party websites. This service is provided by:

Google LLC
1600 Amphitheatre Parkway
Mountain View, CA 94043, USA (“Google”)

For this purpose, Google sets a cookie in your browser that, using a pseudonymous cookie ID and based on the pages you visit, enables interest-based advertising.

Processing is based on our legitimate interest in optimal marketing of our website, consistent with Art. 6(1)(f) GDPR.

Further data processing by Google occurs only if you have agreed that your web and app browsing history may be linked to your Google account and that information from your Google account may be used to personalize ads you see on the web.

If you are logged into Google while visiting our website and you have given this consent, Google uses your data—together with Google Analytics data—to create and define target groups for cross-device remarketing. Your personal data are temporarily linked to Google Analytics data for this purpose.

You can permanently disable cookies for personalized advertising by installing the browser plugin available here:
https://www.google.com/settings/ads/onweb/

Alternatively, you can manage cookies via the Digital Advertising Alliance:
http://www.aboutads.info

You can also configure your browser to notify you when cookies are set and decide individually whether to accept them or block them. If you do not accept cookies, some website functions may be limited.

Google LLC is certified under the EU–US Privacy Shield.

More information on Google’s advertising and privacy practices can be found here:
https://www.google.com/policies/technologies/ads/

13) Your Rights as a Data Subject

Under applicable data protection law, particularly the GDPR, you have the following rights regarding your personal data processed by us:

• Right of access (Art. 15 GDPR)
  You have the right to obtain confirmation of whether we process your personal data and, if so, access to those data and information such as:

  • purposes of processing,
  • categories of data,
  • recipients or categories of recipients,
  • planned storage period or criteria for determining it,
  • existence of rights to rectification, erasure, restriction, objection,
  • right to lodge a complaint with a supervisory authority,
  • where the data come from (if not collected from you directly),
  • existence of automated decision-making, including profiling, and meaningful information about the logic involved and consequences, and
  • safeguards in place if data are transferred to third countries (Art. 46 GDPR).

• Right to rectification (Art. 16 GDPR)
  You have the right to request correction of inaccurate personal data and completion of incomplete data stored by us.

• Right to erasure (Art. 17 GDPR)
  You have the right to request deletion of your personal data where the conditions of Art. 17(1) GDPR are met. This right may not apply if processing is necessary, for example, for exercising freedom of expression and information, for fulfilling a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims.

• Right to restriction of processing (Art. 18 GDPR)
  You may request restriction of processing of your personal data if:

  • you contest the accuracy of the data (for a period allowing us to verify it),

  • processing is unlawful but you oppose deletion and request restriction instead,

  • we no longer need the data for processing but you need them for legal claims, or

  • you have objected to processing based on legitimate interests, pending verification of whether our interests override yours.

• Right to notification (Art. 19 GDPR)
  If you have asserted your right to rectification, erasure, or restriction of processing, we are obligated to inform all recipients to whom your personal data have been disclosed about the correction or deletion of the data or restriction of processing, unless this proves impossible or involves disproportionate effort. You have the right to be informed about these recipients.

• Right to data portability (Art. 20 GDPR)
  You have the right to receive the personal data you provided to us in a structured, commonly used, and machine-readable format, and to transmit those data to another controller where technically feasible.

• Right to withdraw consent (Art. 7(3) GDPR)
  You may withdraw a consent you previously gave at any time, effective for the future. After withdrawal, we will stop processing the affected data unless we can rely on another legal basis. The lawfulness of processing carried out prior to withdrawal remains unaffected.

• Right to lodge a complaint (Art. 77 GDPR)
  If you believe that processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence, your place of work, or the place of the alleged infringement.

13.2 Right to Object

Right to object based on legitimate interests
If we process your personal data on the basis of our legitimate interests (Art. 6(1)(f) GDPR), you have the right to object at any time, on grounds relating to your particular situation, to such processing with effect for the future.

If you object, we will stop processing your data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or if the processing is required for the establishment, exercise, or defense of legal claims.

Right to object to direct marketing
If we process your personal data for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing.

If you exercise this right, we will stop processing your personal data for direct marketing.

You may exercise your right to object by contacting us using the details provided at the beginning of this policy.

14) Duration of Storage of Personal Data

We store personal data for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law (for example, tax or commercial retention periods).

Once the relevant retention period expires, the corresponding data are routinely deleted, provided they are no longer needed for contract fulfillment, contract initiation, or other legitimate interests, and there is no other legal basis for continued storage.