Privacy policy

1) Information about the collection of personal data and contact details of the person responsible

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following we inform you about the handling of your personal data when using our website. Personal data is all data with which you can be personally identified.

1.2 Responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Nora-Eilin Reinicke, Liegewiese - Das Familienbett, Hermann-Köhl-Str. 5, 06847 Dessau-Roßlau, Germany, phone: +49163 8795005, email: info@liegewiese.shop. The person responsible for the processing of personal data is the natural or legal person who alone or jointly with others decides on the purposes and means of the processing of personal data.

2) Data collection when visiting our website

2.1 When you use our website solely for informational purposes—that is, if you do not register or otherwise provide us with information—we collect only the data that your browser transmits to the website server (so-called “server log files”). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

The page you visited
Date and time of access
Amount of data transmitted in bytes
Source/referrer from which you accessed the page
Browser used
Operating system used
IP address used (if applicable: in anonymized form)

Processing is carried out in accordance with Article 6(1)(f) of the GDPR based on our legitimate interest in improving the stability and functionality of our website. The data is not disclosed or used for any other purpose. However, we reserve the right to review the server log files retrospectively should there be concrete indications of unlawful use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the “https://” prefix and the padlock icon in your browser’s address bar.

3) Hosting & Content Delivery Network

Shopify

We use the system provided by the following provider to host our website and display its content: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (“Shopify”)

Data is also transferred to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada

All data collected on our website is processed on the provider’s servers. We have entered into a data processing agreement with the provider that ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.

When data is transferred to Canada, an adequate level of data protection is guaranteed by an adequacy decision issued by the European Commission.

4) Cookies

To make your visit to our website more enjoyable and to enable the use of certain features, we use cookies—small text files that are stored on your device. Some of these cookies are automatically deleted when you close your browser (so-called “session cookies”), while others remain on your device for a longer period and allow page settings to be saved (so-called “persistent cookies”). In the latter case, you can find the storage duration in the overview of your web browser’s cookie settings.

If personal data is processed by individual cookies we use, such processing is carried out in accordance with Article 6(1)(b) of the GDPR either for the performance of a contract, in accordance with Article 6(1)(a) of the GDPR if consent has been given, or in accordance with Article 6(1)(f) of the GDPR to safeguard our legitimate interests in ensuring the best possible functionality of the website and a user-friendly and effective experience for visitors.

You can configure your browser to notify you when cookies are set and decide on a case-by-case basis whether to accept them, or to block the acceptance of cookies in specific cases or generally.

Please note that if you do not accept cookies, the functionality of our website may be limited.

5) Contact

5.1 Custom Review Reminder

Based solely on your explicit consent pursuant to Article 6(1)(a) of the GDPR, we use your email address to send you a one-time reminder to submit a review of your order. You may revoke your consent at any time by sending a message to the data controller.

5.2 When you contact us (e.g., via the contact form or email), personal data is processed—exclusively for the purpose of handling and responding to your inquiry and only to the extent necessary for that purpose.

The legal basis for processing this data is our legitimate interest in responding to your inquiry pursuant to Article 6(1)(f) of the GDPR. If your contact is aimed at entering into a contract, the additional legal basis for the processing is Article 6(1)(b) of the GDPR. Your data will be deleted when it is clear from the circumstances that the matter in question has been conclusively resolved and provided that no statutory retention obligations preclude this.

6) Comment function

When you use the comment feature on this website, in addition to your comment, information regarding the time the comment was posted and the username you selected will be stored and published on this website. Furthermore, your IP address will be logged and stored. This IP address is stored for security reasons and in the event that the data subject infringes the rights of third parties through a comment or posts illegal content. We need your email address to contact you in the event that a third party reports your published content as unlawful.

The legal basis for storing your data is Article 6(1)(b) and (f) of the GDPR. We reserve the right to delete comments if they are reported as unlawful by third parties.

7) Data processing when opening a customer account

In accordance with Article 6(1)(b) of the GDPR, personal data will continue to be collected and processed to the extent necessary if you provide it to us when opening a customer account. You can find out which data is required to open an account by referring to the input fields on the corresponding form on our website.

You may delete your customer account at any time by sending a message to the controller’s address listed above. After your customer account is deleted, your data will be deleted provided that all contracts concluded through the account have been fully settled, no statutory retention periods prevent this, and we no longer have a legitimate interest in continuing to store the data.

8) Use of Customer Data for Direct Marketing

8.1 Subscription to Our Email Newsletter

If you subscribe to our email newsletter, we will regularly send you information about our offers. The only required information for receiving the newsletter is your email address. Providing additional information is voluntary and is used to address you personally. We use the so-called double opt-in procedure to send the newsletter, which ensures that you will only receive the newsletter once you have explicitly confirmed your consent to receive them by clicking on a verification link sent to the email address you provided.

By activating the confirmation link, you grant us your consent to use your personal data in accordance with Article 6(1)(a) of the GDPR. In doing so, we store your IP address as recorded by your Internet Service Provider (ISP), as well as the date and time of registration, in order to be able to trace any potential misuse of your email address at a later date. The data we collect when you subscribe to the newsletter is used strictly for the intended purpose.

You can unsubscribe from the newsletter at any time by clicking the link provided in the newsletter or by sending a message to the data controller listed at the beginning of this notice. Once you have unsubscribed, your email address will be deleted immediately from our newsletter distribution list, unless you have expressly consented to the continued use of your data or we reserve the right to use your data for other purposes that are permitted by law and about which we inform you in this statement.

8.2 Sending the Email Newsletter to Existing Customers

If you have provided us with your email address when purchasing goods or services, we reserve the right to periodically send you offers via email for goods or services from our product range that are similar to those you have already purchased. Pursuant to Section 7(3) of the German Unfair Competition Act (UWG), we are not required to obtain separate consent from you for this purpose. Data processing in this regard is based solely on our legitimate interest in personalized direct marketing pursuant to Article 6(1)(f) of the General Data Protection Regulation (GDPR). If you initially objected to the use of your email address for this purpose, we will not send you any emails.

You have the right to object to the use of your email address for the aforementioned promotional purposes at any time, with future effect, by notifying the data controller named at the beginning of this notice. You will only incur transmission costs in accordance with standard rates. Upon receipt of your objection, the use of your email address for promotional purposes will be discontinued immediately.

9) Data processing for Order Fulfillment

9.1 Submission of Image Files via Email for Order Fulfillment

On our website, we offer customers the option to request the personalization of products by submitting image files via email. The submitted image is used as a template for personalizing the selected product.

Using the email address provided on the website, the customer can send us one or more image files from the storage of the device being used. We then collect, store, and use the files transmitted in this manner exclusively for the production of the personalized product in accordance with the respective service description on our website. If the transmitted image files are shared with specific service providers for the production and fulfillment of the order, you will be explicitly informed of this in the following paragraphs. No further sharing of this information will take place. If the transmitted files or digital images contain personal data (in particular, images of identifiable individuals), all of the aforementioned processing operations are carried out exclusively for the purpose of fulfilling your online order in accordance with Article 6(1)(b) of the GDPR.

Once the order has been fully processed, the transmitted image files will be automatically and completely deleted.

9.2 To the extent necessary for the performance of the contract for delivery and payment purposes, the personal data we collect will be disclosed to the contracted shipping company and the contracted financial institution in accordance with Article 6(1)(b) of the GDPR.

If, based on a corresponding contract, we are obligated to provide updates for goods with digital elements or for digital products, we will process the contact information you provided when placing your order in order to personally inform you in accordance with our legal obligations to provide information under Article 6(1)(c) of the GDPR. Your contact information is used strictly for the specific purpose of communicating updates that we are obligated to provide and is processed by us for this purpose only to the extent necessary to provide the respective information.

To process your order, we also work with the following service provider(s), who assist us, in whole or in part, in fulfilling the contracts we have entered into. Certain personal data is transferred to these service providers in accordance with the following information.

9.3 To fulfill our contractual obligations to our customers, we work with external shipping partners. We disclose your name, your shipping address, and—to the extent necessary for delivery—your phone number to a shipping partner of our choice, solely for the purpose of delivering the goods, in accordance with Article 6(1)(b) of the GDPR.

9.4 Weitergabe personenbezogener Daten an Versanddienstleister

- Deutsche Post

Als Transportdienstleister nutzen wir den nachstehenden Anbieter: Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn, Deutschland

Wir geben Ihre E-Mail-Adresse und/oder Telefonnummer gemäß Art. 6 Abs. 1 lit. a DSGVO vor der Zustellung der Ware zum Zweck der Abstimmung eines Liefertermins bzw. zur Lieferankündigung an den Anbieter weiter, sofern Sie hierfür im Bestellprozess Ihre ausdrückliche Einwilligung erteilt haben. Anderenfalls geben wir zum Zwecke der Zustellung gemäß Art. 6 Abs. 1 lit. b DSGVO nur den Namen des Empfängers und die Lieferadresse an den Anbieter weiter. Die Weitergabe erfolgt nur, soweit dies für die Warenlieferung erforderlich ist. In diesem Fall ist eine vorherige Abstimmung des Liefertermins mit dem Anbieter bzw. die Lieferankündigung nicht möglich.

Die Einwilligung kann jederzeit mit Wirkung für die Zukunft gegenüber dem oben bezeichneten Verantwortlichen oder gegenüber dem Anbieter widerrufen werden.
- DHL

Als Transportdienstleister nutzen wir den nachstehenden Anbieter: DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn, Deutschland

We will disclose your email address and/or phone number to the provider in accordance with Article 6(1)(a) of the GDPR prior to delivery of the goods for the purpose of coordinating a delivery date or notifying you of the delivery, provided that you have given your express consent to this during the ordering process. Otherwise, for the purpose of delivery in accordance with Article 6(1)(b) of the GDPR, we will only disclose the recipient’s name and the delivery address to the provider. This disclosure is made only to the extent necessary for the delivery of the goods. In this case, it is not possible to coordinate the delivery date with the provider in advance or to provide a delivery notification.

You may revoke your consent at any time with future effect by contacting the controller named above or the provider.
- DHL Express

We use the following provider as our shipping service provider: DHL Express Germany GmbH, Heinrich-Brüning-Str. 5, 53113 Bonn, Germany

You may revoke your consent at any time with future effect by contacting the controller named above or the provider.
- DHL Express Austria

We use the following provider as our shipping service provider: DHL Express (Austria) GmbH, Am Europlatz 2 (Building G), 1120 Vienna, Austria

You may revoke your consent at any time with future effect by contacting the controller named above or the provider.
- DHL Freight

We use the following provider as our transportation service provider: DHL Freight GmbH, Godesberger Allee 102-104, 53175 Bonn, Germany

You may revoke your consent at any time with future effect by contacting the controller named above or the provider.
- DHL Austria

We use the following provider as our shipping service provider: DHL Paket (Austria) GmbH, Campus 21, Liebermannstrasse F08/401, 2345 Brunn am Gebirge
Austria

You may revoke your consent at any time with future effect by contacting the controller named above or the provider.
- DPD

We use the following provider as our shipping service provider: DPD Deutschland GmbH, Wailandtstraße 1, 63741 Aschaffenburg, Germany

You may revoke your consent at any time with future effect by contacting the controller named above or the provider.
- DPD Austria

We use the following provider as our shipping service provider: DPD Direct Parcel Distribution Austria GmbH, Arbeitergasse 46, Leopoldsdorf 2333, Austria

You may revoke your consent at any time with future effect by contacting the controller named above or the provider.
- GEL Express

We use the following provider as our shipping service provider: GEL Express Logistik GmbH, Jakob-Kaiser-Str. 3, 47877 Willich

Consent may be revoked at any time with future effect by contacting the controller named above or the provider.
- Austrian Post

We use the following provider as our shipping service provider: Austrian Post Aktiengesellschaft, Rochusplatz 1, 1030 Vienna, Austria

Consent may be revoked at any time with future effect by contacting the controller named above or the provider.
- Post CH

We use the following provider as our shipping service provider: Post CH (Swiss Post AG, Switzerland, Wankdorfallee 4, 3030 Bern)

We will share your email address and/or phone number with the provider prior to delivery of the goods for the purpose of coordinating a delivery date or notifying you of the delivery, provided that you have given your express consent to this during the ordering process. Otherwise, for the purpose of delivery, we will only share the recipient’s name and the delivery address with the provider. This information is shared only to the extent necessary for the delivery of the goods. In this case, it is not possible to coordinate the delivery date with the provider in advance or to receive a delivery notification.
You may revoke your consent at any time with future effect by contacting the controller named above or the provider.

When data is transferred to the provider’s location, an adequate level of data protection is ensured by an adequacy decision of the European Commission.

9.5 Use of Payment Service Providers (Payment Services)

- Amazon Pay

This website offers one or more online payment methods from the following provider: Amazon Payments Europe s.c.a., 38 avenue J.F. Kennedy, L-1855 Luxembourg

If you select a payment method from this provider that requires you to pay in advance (such as credit card payment), your payment details provided during the ordering process (including name, address, bank and payment card information, currency, and transaction number), as well as information about the contents of your order, will be transferred to the provider in accordance with Article 6(1)(b) of the GDPR. In this case, your data is transferred exclusively for the purpose of processing the payment with the provider and only to the extent necessary for this purpose.

- Apple Pay

If you choose the “Apple Pay” payment method offered by Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, the payment will be processed via the “Apple Pay” feature on your iOS, watchOS, or macOS device by charging a payment card stored in “Apple Pay.” Apple Pay uses security features built into your device’s hardware and software to protect your transactions. To authorize a payment, you must enter a passcode you have previously set and verify your identity using your device’s “Face ID” or “Touch ID” feature.

For the purpose of processing the payment, the information you provided during the ordering process, along with details about your order, is transmitted to Apple in encrypted form. Apple then re-encrypts this data using a developer-specific key before transmitting it to the payment service provider associated with the payment card stored in Apple Pay to complete the transaction. The encryption ensures that only the website through which the purchase was made can access the payment data. After the payment has been made, Apple sends your device account number and a transaction-specific, dynamic security code to the originating website to confirm that the payment was successful.

To the extent that personal data is processed in connection with the transfers described above, such processing is carried out exclusively for the purpose of payment processing in accordance with Article 6(1)(b) of the GDPR.

Apple retains anonymized transaction data, including the approximate purchase amount, the approximate date and time, and whether the transaction was successfully completed. Anonymization completely precludes any link to an individual. Apple uses the anonymized data to improve “Apple Pay” and other Apple products and services.

When you use Apple Pay on your iPhone or Apple Watch to complete a purchase you initiated via Safari on your Mac, the Mac and the authorization device communicate via an encrypted channel through Apple’s servers. Apple does not process or store any of this information in a format that could be used to identify you. You can disable the ability to use Apple Pay on your Mac in your iPhone’s Settings. Go to “Wallet & Apple Pay” and turn off “Allow Payments on Mac.”

For more information on Apple Pay’s privacy policy, please visit the following website: https://support.apple.com/de-de/HT203027

- Bancontact

This website offers one or more online payment methods from the following provider: Bancontact Payconiq Company, Rue d’Arlon 82, 1040 Brussels, Belgium

If you select a payment method from this provider that requires you to pay in advance (such as a credit card payment), your payment details provided during the ordering process (including name, address, bank and payment card information, currency, and transaction number), as well as information about the contents of your order, will be shared with the provider in accordance with Article 6(1)(b) of the GDPR. In this case, your data is transferred exclusively for the purpose of processing the payment with the provider and only to the extent necessary for this purpose.

- Google Pay

If you choose the “Google Pay” payment method offered by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), payment processing will be handled via the “Google Pay” app on your mobile device—which must be running at least Android 4.4 (“KitKat”) and have NFC functionality—by charging a payment card stored in Google Pay or a payment method verified there (e.g., PayPal). To authorize a payment via Google Pay exceeding €25, you must first unlock your mobile device using the verification method you have set up (such as facial recognition, a password, a fingerprint, or a pattern).

For the purpose of processing payments, the information you provide during the ordering process, along with the details of your order, is shared with Google. Google then transmits your payment information stored in Google Pay—in the form of a one-time transaction number—to the originating website to verify that the payment has been made. This transaction number does not contain any information regarding the actual payment details of the payment method stored in Google Pay; rather, it is generated and transmitted as a numeric token valid for a single use. For all transactions via Google Pay, Google acts solely as an intermediary for processing the payment. The transaction is carried out exclusively between the user and the originating website by debiting the payment method stored in Google Pay.

If personal data is processed in connection with the transmissions described above, such processing is carried out exclusively for the purpose of payment processing in accordance with Article 6(1)(b) of the GDPR.

Google reserves the right to collect, store, and analyze certain transaction-specific information for every transaction made through Google Pay. This includes the date, time, and amount of the transaction; the merchant’s location and description; a description of the goods or services purchased provided by the merchant; photos you have attached to the transaction, the name and email address of the seller and buyer or the sender and recipient, the payment method used, your description of the reason for the transaction, and, if applicable, the offer associated with the transaction.

According to Google, this processing is carried out exclusively in accordance with Article 6(1)(f) of the GDPR on the basis of a legitimate interest in proper accounting, the verification of transaction data, and the optimization and maintenance of the Google Pay service.

Google also reserves the right to combine the processed transaction data with additional information that is collected and stored by Google when you use other Google services.

The Google Pay Terms of Service can be found here: https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=googlepaytos&ldl=de

For more information on data protection with Google Pay, please visit the following website: https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de

- PayPal

This website offers one or more online payment methods from the following provider: PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg

If you select a payment method from this provider that requires you to pay in advance, your payment details provided during the ordering process (including name, address, bank and payment card information, currency, and transaction number), as well as information about the contents of your order, will be shared with the provider in accordance with Article 6(1)(b) of the GDPR. In this case, your data is transferred exclusively for the purpose of processing the payment with the provider and only to the extent necessary for this purpose.

If you select a payment method where we pay in advance, you will also be asked during the ordering process to provide certain personal data (first and last name, street, house number, ZIP code, city, date of birth, email address, phone number, and, if applicable, details regarding an alternative payment method).

In order to safeguard our legitimate interest in determining your creditworthiness in such cases, we will forward this data to the provider in accordance with Article 6(1)(f) of the GDPR for the purpose of a credit check. Based on the personal data you have provided, as well as additional data (such as your shopping cart, invoice amount, order history, and payment history), the provider assesses whether the payment option you have selected can be granted in light of the risks of non-payment and/or bad debt.

You may object to this processing of your data at any time by sending a message to us or to the provider. However, the provider may still be entitled to process your personal data if this is necessary for the contractual processing of payments.

- Shopify Payments

This website offers one or more online payment methods from the following provider: Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland

If you select a payment method from this provider that requires you to pay in advance (such as credit card payment), your payment details provided during the ordering process (including name, address, bank and payment card information, currency, and transaction number), as well as information about the contents of your order, will be shared with the provider in accordance with Article 6(1)(b) of the GDPR. In this case, your data is transferred exclusively for the purpose of processing the payment with the provider and only to the extent necessary for this purpose.

9.6 Credit Check

If we provide goods or services on credit (e.g., delivery on account), we reserve the right to conduct a credit check based on mathematical and statistical methods in order to protect our legitimate interest in determining our customers’ solvency. We transfer the personal data required for a credit check to the following service provider in accordance with Article 6(1)(f) of the GDPR:

Bürgel Crif

The credit report may contain probability values (so-called “score” values). To the extent that score values are included in the credit report’s results, they are based on a scientifically recognized mathematical and statistical method. The calculation of the score values includes, among other things but not exclusively, address data. We use the result of the credit check—specifically, the statistical probability of default—to decide whether to establish, carry out, or terminate a contractual relationship.
You may object to this processing of your data at any time by sending a message to the data controller or to the aforementioned credit bureau. However, we may still be entitled to process your personal data if this is necessary for the contractual processing of payments.

9.7 Electronic Cancellation Function for Distance Sales Contracts

Consumers who enter into contracts on this website that are subject to a statutory right of cancellation have the option to exercise their right of cancellation via an electronic cancellation function in accordance with the applicable cancellation provisions.

To provide the electronic cancellation function, we use a solution from the following provider: 401layers UG (limited liability), Dorothea-Erxleben-Straße 1a, 40721, Hilden, Germany.

When using the cancellation function, in addition to information identifying the contract to be canceled, other personal information—such as the consumer’s first and last name and email address—must be provided or confirmed.

This information is first collected by the provider based on our legitimate interest in a user-friendly, stable, and process-optimized solution in accordance with Article 6(1)(f) of the GDPR; it is then used to confirm receipt of the notice of withdrawal on our behalf via email; and finally, it is transmitted to us. We subsequently process the transmitted information to properly handle the cancellation in accordance with Article 6(1)(b) and Article 6(1)(c) of the GDPR, based on our legal obligation to provide an electronic cancellation function for paid consumer distance sales contracts.

The information collected by the provider is routinely deleted after the withdrawal request has been fully processed, provided that there are no legal retention requirements to the contrary.

We have entered into a data processing agreement with the provider that protects data processed in connection with the withdrawal function and prohibits unauthorized disclosure to third parties.

10) Online Marketing

Google AdSense

This website uses Google AdSense, a web advertising service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google AdSense uses so-called cookies, which are text files stored on your computer that enable an analysis of your use of the website. In addition, Google AdSense also uses so-called “web beacons” (small, invisible graphics) to collect information; these allow simple actions, such as visitor traffic on the website, to be recorded, collected, and analyzed. The information generated by the cookie and/or web beacon (including your IP address) regarding your use of this website is generally transmitted to a Google server and stored there. This may also involve a transfer to the servers of Google LLC in the United States.

Google uses the information obtained in this way to analyze your usage behavior with regard to AdSense ads. The IP address transmitted by your browser as part of Google AdSense is not combined with other data held by Google. The information collected by Google may be transferred to third parties if required by law and/or if third parties process this data on Google’s behalf.
All processing described above—in particular, the collection of information from the device you are using via cookies and/or web beacons—will only take place if you have given us your explicit consent in accordance with Article 6(1)(a) of the GDPR. Without this consent, Google AdSense will not be used during your visit to the site.

You may revoke your consent at any time with future effect by deactivating this service in the “Cookie Consent Tool” provided on the website.

For data transfers to the United States, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with European data protection standards based on an adequacy decision by the European Commission.

Further information on Google’s privacy policies is available here: https://business.safety.google/intl/de/privacy/ und https://www.google.de/policies/privacy/

11) Web Analytics Service

11.1 Google Analytics 4

This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), which enables an analysis of your use of our website.

By default, when you visit the website, Google Analytics 4 sets cookies, which are small text files stored on your device and collect certain information. This information includes your IP address, although Google truncates the last few digits to prevent direct identification of individuals.

The information is transmitted to Google’s servers and processed there. This may also involve transfers to Google LLC, which is headquartered in the United States.

Google uses the collected information on our behalf to evaluate your use of the website, compile reports on website activity for us, and provide other services related to website and internet usage. The truncated IP address transmitted by your browser as part of Google Analytics is not combined with other data held by Google. The data collected through the use of Google Analytics 4 is stored for a period of two months and then deleted.

All processing described above, in particular the placement of cookies on the device you are using, takes place only if you have given us your explicit consent in accordance with Art. 6(1)(a) of the GDPR.
Without your consent, Google Analytics 4 will not be used during your visit to the site. You may revoke your consent at any time with future effect. To exercise your right of revocation, please disable this service using the “Cookie Consent Tool” provided on the website.

We have entered into a data processing agreement with Google that ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.

Further legal information regarding Google Analytics 4 can be found at https://business.safety.google/intl/de/privacy/, https://policies.google.com/privacy?hl=de&gl=de, and at https://policies.google.com/technologies/partner-sites

Demographic Characteristics
Google Analytics 4 uses the special “demographic characteristics” feature and can use it to generate statistics that provide insights into the age, gender, and interests of website visitors. This is done by analyzing advertising and information from third-party providers. This allows target groups to be identified for marketing activities. However, the collected data cannot be attributed to any specific individual and is deleted after being stored for a period of two months.

Google Signals
As an extension of Google Analytics 4, Google Signals may be used on this website to generate cross-device reports. If you have enabled personalized ads and linked your devices to your Google Account, Google may—subject to your consent to the use of Google Analytics pursuant to Art. 6(1)(a) of the GDPR—analyze your usage behavior across devices and create database models, including those related to cross-device conversions. We do not receive any personal data from Google, only statistics. If you wish to stop cross-device analysis, you can disable the “Personalized Ads” feature in your Google Account settings. To do so, follow the instructions on this page: https://support.google.com/My-Ad-Center-Help/answer/12155764?hl=de
For more information about Google Signals, please visit the following link: https://support.google.com/analytics/answer/7532985?hl=de

UserIDs
As an extension to Google Analytics 4, the “UserIDs” feature may be used on this website. If you have consented to the use of Google Analytics 4 in accordance with Art. 6(1)(a) of the GDPR, have created an account on this website, and sign in to that account on various devices, your activities—including conversions—may be analyzed across devices.

Collection of Data Provided by Users
To improve the analysis results for users whose contact information we have received in the context of business or business-like relationships, we use the “Collection of Data Provided by Users” feature.
Subject to your express consent pursuant to Art. 6(1)(a) of the GDPR, we transmit one or more files containing aggregated customer data related to you (primarily email address and phone number) electronically to Google as part of this feature. Google does not have access to plaintext data; instead, it automatically encrypts the information in the customer files during the transmission process using a special algorithm. Google can then use the encrypted information solely to associate it with existing Google accounts that the data subjects have set up.
This processing serves to refine measurement data, improves cross-device user tracking, and enables the integration of analytics results into Google Ads’ ad personalization and conversion tracking features.
You may revoke your consent at any time with future effect. Further information on Google’s data protection measures regarding the transfer of customer data can be found here: https://support.google.com/google-ads/answer/6334160?hl=de&ref_topic=10550182

For data transfers to the U.S., the provider has joined the EU-U.S. Data Privacy Framework, which ensures compliance with European data protection standards based on an adequacy decision by the European Commission.

11.2 Klar!

This website uses the web analytics service provided by the following provider: Klar Insights GmbH, Marktstr. 18, 80802 Munich, Germany

Using cookies and/or comparable technologies (tracking pixels, web beacons, algorithms for reading device and browser information), the service collects and stores pseudonymized visitor data, including information about the device used—such as the IP address and browser information—in order to evaluate it for statistical analyses of usage behavior on our website and to create pseudonymized usage profiles. Among other things, this enables the analysis of navigation patterns (so-called heat maps), which show the duration of page visits as well as interactions with page content (e.g., text entries, scrolling, clicks, and mouse-overs). Pseudonymization fundamentally precludes direct personal identification. No merging takes place with personally identifiable data collected by other means.

All processing described above—in particular, the retrieval or storage of information on the device you are using—will only take place if you have given us your explicit consent in accordance with Article 6(1)(a) of the GDPR. You may revoke your consent at any time with future effect by deactivating this service in the “Cookie Consent Tool” provided on the website.

We have entered into a data processing agreement with the provider that ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.

11.3 Microsoft Clarity

This website uses the web analytics service provided by the following provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA

Using cookies and/or similar technologies (tracking pixels, web beacons, algorithms for reading device and browser information), the service collects and stores pseudonymized visitor data, including information about the device used—such as the IP address and browser information—in order to evaluate it for statistical analyses of usage behavior on our website and to create pseudonymized usage profiles. Among other things, this enables the analysis of navigation patterns (so-called heat maps), which show the duration of page visits as well as interactions with page content (e.g., text entries, scrolling, clicks, and mouse-overs). Pseudonymization fundamentally precludes direct personal identification. No merging takes place with personally identifiable data collected about you by other means.

All processing described above, in particular the reading or storage of information on the device you are using, is carried out only if you have given us your explicit consent in accordance with Article 6(1)(a) of the GDPR. You may revoke your consent at any time with future effect by deactivating this service in the “Cookie Consent Tool” provided on the website.

We have entered into a data processing agreement with the provider that ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.

11.4 Shopify Analytics

This website uses the web analytics service provided by the following provider: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland

Data is also transferred to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada

We have entered into a data processing agreement with the provider that protects the data of our website visitors and prohibits the disclosure of such data to third parties.

When data is transferred to Canada, an adequate level of data protection is ensured by an adequacy decision issued by the European Commission.

12) Retargeting/ Remarketing & Conversion tracking

12.1 Meta Pixel with Extended Data Matching

Within our online platform, we use the “Meta Pixel” service from the following provider in extended data matching mode: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Meta”)

If a user clicks on an advertisement we have placed on Facebook or Instagram, “Meta Pixel” adds a parameter to the URL of our linked page. After the user is redirected, this URL parameter is then stored in the user’s browser via a cookie set by our linked page itself. In addition, this cookie collects specific customer data—such as the email address—that we collect on our website linked to the Facebook or Instagram ad during processes such as purchase transactions, account logins, or registrations (extended data matching). The cookie is then read, enabling the transmission of the data—including the specific customer data—to Meta.

We use “Meta Pixel” with extended data matching to make our advertisements (so-called “Ads”) on Facebook and/or Instagram more effective and to ensure that they align with users’ interests or exhibit certain characteristics (e.g., interests in specific topics or products, as determined by the websites visited), which we transmit to Meta (so-called “Custom Audiences”).

In addition, we analyze the effectiveness of our ads by tracking whether users were redirected to our website after clicking on an ad (conversion). Compared to the standard version of “Meta Pixel,” the extended data matching feature helps us better measure the effectiveness of our advertising campaigns by capturing more attributed conversions.

All transmitted data is stored and processed by Meta, enabling it to be associated with the respective user profile and allowing Meta to use the data for its own advertising purposes in accordance with Meta’s Data Use Guidelines (https://www.facebook.com/about/privacy/). The data may enable Meta and its partners to serve ads on and off Facebook.

All processing described above, in particular the setting of cookies to read information from the device you are using, is carried out only if you have given us your explicit consent in accordance with Article 6(1)(a) of the GDPR. You may revoke your consent at any time with future effect by deactivating this service in the “Cookie Consent Tool” provided on the website.

We have entered into a data processing agreement with the provider that ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.

The information generated by Meta is generally transferred to a Meta server and stored there; in this context, it may also be transferred to servers operated by Meta Platforms Inc. in the United States.

12.2 Google Ads Remarketing

This website uses retargeting technology from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

To this end, Google places a cookie in your device’s browser that automatically enables interest-based advertising using a pseudonymous cookie ID and based on the pages you have visited. Any further data processing takes place only if you have consented to Google linking your web and app browsing history to your Google Account and using information from your Google Account to personalize the ads you see on the web. In this case, if you are logged into Google while visiting our website, Google uses your data in conjunction with Google Analytics data to create and define audience lists for cross-device remarketing. To do this, Google temporarily links your personal data with Google Analytics data to form audiences. As part of the use of Google Ads Remarketing, personal data may also be transferred to the servers of Google LLC in the United States.

All processing described above—in particular, the setting of cookies to read information from the device you are using—will only take place if you have given us your explicit consent in accordance with Article 6(1)(a) of the GDPR. Without this consent, retargeting technology will not be used during your visit to our website.

Details on the processing initiated by Google and Google’s handling of data from websites can be found here: https://policies.google.com/technologies/partner-sites

Further information on Google’s privacy policy can be found here: https://business.safety.google/intl/de/privacy/ and https://www.google.de/policies/privacy/

12.3 Google Ads Conversion Tracking

This website uses the online advertising program “Google Ads” and, as part of Google Ads, conversion tracking provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

We use Google Ads to draw attention to our attractive offers on external websites through advertising (so-called Google AdWords). Based on the data from the advertising campaigns, we can determine how successful the individual advertising measures are. Our goal is to show you advertisements that are of interest to you, to make our website more interesting for you, and to ensure a fair calculation of the advertising costs incurred.

The conversion tracking cookie is set when a user clicks on a Google Ads ad. Cookies are small text files that are stored on your device. These cookies typically expire after 30 days and are not used to identify you personally. If the user visits certain pages on this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to that page. Each Google Ads customer receives a different cookie. Cookies cannot therefore be tracked across the websites of Google Ads customers. The information collected using the conversion cookie is used to generate conversion statistics for Google Ads customers who have opted for conversion tracking. Customers are informed of the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.

When using Google Ads, personal data may also be transferred to the servers of Google LLC in the United States.

Details regarding the data processing triggered by Google Ads conversion tracking and Google’s handling of website data can be found here: https://policies.google.com/technologies/partner-sites

All processing described above—in particular, the setting of cookies to read information from the device you are using—will only be carried out if you have given us your explicit consent in accordance with Article 6(1)(a) of the GDPR. You may revoke your consent at any time with future effect by deactivating this service in the “Cookie Consent Tool” provided on the website.

You can also permanently opt out of the use of cookies by Google Ads Conversion Tracking by downloading and installing the Google browser plug-in available at the following link:
https://support.google.com/My-Ad-Center-Help/answer/12155656?hl=de

In order to deliver advertising that is even more tailored to the interests of users whose data we have received in the context of business or business-like relationships, we use a customer matching feature within Google Ads. To do this, we electronically transmit one or more files containing aggregated customer data (primarily email addresses and phone numbers) to Google. Google does not have access to plaintext data; instead, it automatically encrypts the information in the customer files during the transmission process using a special algorithm. Google can then use the encrypted information solely to associate it with existing Google accounts that the data subjects have created. This enables the delivery of personalized advertising across all Google services linked to the respective Google account.

Customer data is transferred to Google only if you have given us your explicit consent to do so in accordance with Art. 6(1)(a) of the GDPR. You may revoke this consent at any time with future effect. Further information on Google’s data protection measures regarding the customer matching feature can be found here: https://support.google.com/google-ads/answer/6334160?hl=de&ref_topic=10550182
Google’s privacy policies can be viewed here: https://business.safety.google/intl/de/privacy/ and https://www.google.de/policies/privacy/

12.4 Google Marketing Platform

This website uses the online marketing tool Google Marketing Platform, provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“GMP”).

GMP uses cookies to display ads relevant to users, to improve campaign performance reports, or to prevent a user from seeing the same ads multiple times. Using a cookie ID, Google tracks which ads are displayed in which browser and can thus prevent them from being shown multiple times. In addition, GMP can use cookie IDs to track so-called conversions related to ad requests. This is the case, for example, when a user sees a GMP ad and later, while using the same browser, visits the advertiser’s website and makes a purchase through that website. According to Google, GMP cookies do not contain any personally identifiable information.
Due to the marketing tools used, your browser automatically establishes a direct connection to Google’s server.

We have no control over the scope and further use of the data collected by Google through the use of this tool and therefore provide you with the following information based on our current understanding: By integrating GMP, Google receives information that you have accessed the relevant section of our website or clicked on one of our ads. If you are registered with a Google service, Google may associate your visit with your account. Even if you are not registered with Google or are not logged in, it is possible that the provider may obtain and store your IP address. In connection with the use of GMP, personal data may also be transferred to the servers of Google LLC in the United States.

All processing described above—in particular, the setting of cookies to read information from the device you are using—will only take place if you have given us your explicit consent in accordance with Article 6(1)(a) of the GDPR. You may revoke your consent at any time with future effect by deactivating this service in the “Cookie Consent Tool” provided on the website.

For data transfers to the United States, the provider has adhered to the EU-US Data Privacy Framework, which ensures compliance with European data protection standards based on an adequacy decision by the European Commission.

You can find GMP by Google’s privacy policy here: https://business.safety.google/intl/de/privacy/ and https://www.google.de/policies/privacy/

13) Site Functionalities

13.1 Facebook Plugins

Our website uses plugins from the social network operated by the following provider: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

These plugins enable direct interactions with content on the social network.

To enhance the protection of your data when you visit our website, the plugins are initially deactivated and integrated into the page using a so-called “2-click” or “Shariff” solution.

This integration ensures that when you visit a page on our website that contains such plugins, no connection is established with the provider’s servers.

Only when you activate the plugins—and thereby give your consent to the data transfer in accordance with Article 6(1)(a) of the GDPR—does your browser establish a direct connection to the provider’s servers. In doing so, regardless of whether you are logged into an existing user profile, certain information about the device you are using (including your IP address), your browser, and your browsing history is transmitted to the provider and may be further processed there.

If you are logged into an existing user profile on the provider’s social network, information about interactions carried out via the plugins will also be published there and displayed to your contacts.
You can revoke your consent at any time by deactivating the activated plugin by clicking on it again. However, the revocation has no effect on data that has already been transferred to the provider.

Data may also be transferred to: Meta Platforms Inc., USA

We have entered into a data processing agreement with the provider that ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.

13.2 Instagram Plugins

Our website uses plugins from the social network of the following provider: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

These plugins enable direct interactions with content on the social network.

To enhance the protection of your data when you visit our website, the plugins are initially deactivated and integrated into the page using a so-called “2-click” or “Shariff” solution.

This integration ensures that when you access a page on our website that contains such plugins, no connection is yet established with the provider’s servers.

Only when you activate the plugins—and thereby give your consent to the data transfer in accordance with Article 6(1)(a) of the GDPR—does your browser establish a direct connection to the provider’s servers. In this process, regardless of whether you are logged into an existing user profile, certain information about the device you are using (including your IP address), your browser, and your browsing history is transmitted to the provider and may be further processed there.

If you are logged into an existing user profile on the provider’s social network, information about interactions carried out via the plugins will also be published there and displayed to your contacts.
You can revoke your consent at any time by clicking on the plugin again to deactivate it. However, this revocation does not affect data that has already been transferred to the provider.

Data may also be transferred to: Meta Platforms Inc., USA

We have entered into a data processing agreement with the provider that ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.

13.3 Pinterest Plugins

Our website uses plugins from the social network operated by the following provider: Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland

These plugins enable direct interaction with content on the social network.

To enhance the protection of your data when you visit our website, the plugins are initially deactivated and integrated into the page using a so-called “2-click” or “Shariff” solution.

This integration ensures that when you access a page on our website that contains such plugins, no connection is yet established with the provider’s servers.

Only when you activate the plugins—and thereby give your consent to the data transfer in accordance with Article 6(1)(a) of the GDPR—will your browser establish a direct connection to the provider’s servers. In this process, regardless of whether you are logged into an existing user profile, certain information about the device you are using (including your IP address), your browser, and your browsing history is transmitted to the provider and may be further processed there.

If you are logged into an existing user profile on the provider’s social network, information about interactions carried out via the plugins will also be published there and displayed to your contacts.
You can revoke your consent at any time by deactivating the plugin by clicking on it again. However, this revocation has no effect on data that has already been transmitted to the provider.

Data may also be transmitted to: Pinterest Inc., USA

We have entered into a data processing agreement with the provider that ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.

For the transfer of data to the United States, the provider relies on the European Commission’s Standard Contractual Clauses, which are intended to ensure compliance with European data protection standards.

13.4 Google Customer Reviews (formerly the Google Certified Merchant Program)

We partner with Google as part of the “Google Customer Reviews” program. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). This program allows us to collect customer reviews from users of our website. After making a purchase on our website, you will be asked if you would like to participate in an email survey from Google.

If you provide your consent in accordance with Art. 6(1)(a) of the GDPR, we will transmit your email address to Google. You will receive an email from Google Customer Reviews asking you to rate your shopping experience on our website. The review you submit will then be aggregated with our other reviews and displayed in our Google Customer Reviews logo as well as in our Merchant Center dashboard. Your review will also be used for Google Merchant Reviews. As part of the use of Google Customer Reviews, personal data may also be transferred to the servers of Google LLC in the United States.

You may revoke your consent at any time by sending a message to the data controller or to Google.

Further information on Google’s privacy policy can be found here: https://business.safety.google/intl/de/privacy/

14) Tools and Miscellaneous

14.1 Lexware Office

For accounting purposes, we use the cloud-based accounting software service provided by the following vendor: Haufe-Lexware GmbH & Co. KG, Munzinger Straße 9, 79111 Freiburg, Germany

The service provider processes our company’s incoming and outgoing invoices, as well as bank transactions where applicable, in order to automatically capture invoices, match them to transactions, and use this data to prepare financial accounting records through a semi-automated process.

To the extent that personal data is processed in this context, such processing is based on our legitimate interest in the efficient organization and documentation of our business processes pursuant to Article 6(1)(f) of the GDPR.

14.2 Cookie Consent Tool

This website uses a so-called “cookie consent tool” to obtain valid user consent for cookies and cookie-based applications that require consent. The “Cookie Consent Tool” is displayed to users when they visit the page in the form of an interactive user interface, where they can grant consent for specific cookies and/or cookie-based applications by checking the appropriate boxes. When the tool is used, all cookies and services requiring consent are loaded only if the respective user grants the corresponding consent by checking the appropriate boxes. This ensures that such cookies are set on the user’s device only if consent has been granted.

The tool sets technically necessary cookies to save your cookie preferences. Personal user data is generally not processed in this context.

If, in individual cases, the storage, assigning, or logging cookie settings does result in the processing of personal data (such as the IP address), this is done in accordance with Article 6(1)(f) of the GDPR based on our legitimate interest in legally compliant, user-specific, and user-friendly consent management for cookies and, consequently, in the legally compliant design of our website.

Another legal basis for the processing is Article 6(1)(c) of the GDPR. As the data controller, we are subject to the legal obligation to make the use of technically non-essential cookies contingent upon the user’s consent.

Where necessary, we have entered into a data processing agreement with the provider that ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.

Further information about the operator and the settings options for the cookie consent tool can be found directly in the corresponding user interface on our website.

15) Rights of the data subject

15.1 Applicable data protection law grants you the following data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data; please refer to the cited legal basis for the respective conditions for exercising these rights:

Right of access pursuant to Art. 15 GDPR;
Right to rectification pursuant to Art. 16 GDPR;
Right to erasure pursuant to Art. 17 GDPR;
Right to restriction of processing pursuant to Art. 18 GDPR;
Right to be informed pursuant to Art. 19 GDPR;
Right to data portability pursuant to Art. 20 GDPR;
Right to withdraw consent pursuant to Art. 7(3) GDPR;
Right to lodge a complaint pursuant to Article 77 of the GDPR.

15.2 RIGHT TO OBJECT

IF WE PROCESS YOUR PERSONAL DATA AS PART OF A BALANCING OF INTERESTS BASED ON OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO SUCH PROCESSING WITH EFFECT FOR THE FUTURE ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE RELEVANT DATA. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS NECESSARY FOR THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS.

IF WE PROCESS YOUR PERSONAL DATA FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH MARKETING. YOU MAY EXERCISE THIS RIGHT AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE RELEVANT DATA FOR DIRECT MARKETING PURPOSES.

16) Duration of storage of personal data

The retention period for personal data is determined based on the respective legal basis, the purpose of processing, and—where applicable—the applicable statutory retention period (e.g., retention periods under commercial and tax law).

When processing personal data based on explicit consent pursuant to Article 6(1)(a) of the GDPR, the data in question will be stored until you withdraw your consent.

If statutory retention periods apply to data processed in connection with contractual or quasi-contractual obligations pursuant to Article 6(1)(b) of the GDPR, such data will be routinely deleted upon expiration of the retention periods, provided that it is no longer necessary for the performance of a contract or for entering into a contract and/or we no longer have a legitimate interest in continuing to store it.

When processing personal data on the basis of Article 6(1)(f) of the GDPR, this data will be stored until you exercise your right to object under Article 21(1) of the GDPR, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims.

When processing personal data for the purpose of direct marketing pursuant to Article 6(1)(f) of the GDPR, this data will be stored until you exercise your right to object under Article 21(2) of the GDPR.

Unless otherwise specified in the other information in this statement regarding specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

Status: 06/18/2026, 12:10:06 am