Privacy policy
1) Introduction and Contact Details of the Data Controller
1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we provide information on how your personal data is handled when using our website. Personal data includes all data that can be used to personally identify you.
1.2 The data controller for processing data on this website, within the meaning of the General Data Protection Regulation (GDPR), is D. Hildermann, Luisa-Viktoria, Elsa-Brändström-Str. 67, 55124 Mainz, Germany, Tel.: +49 6131 950 8899, Fax: +49 6131 950 8897, Email: art.luisa.viktoria@gmail.com. The data controller is the natural or legal person who determines the purposes and means of processing personal data, either alone or jointly with others.
2) Data Collection When Visiting Our Website
2.1 When you visit our website for informational purposes only, meaning you do not register or otherwise transmit information to us, we collect only the data that your browser transmits to our server (so-called "server log files"). When you access our website, the following data is collected, which is technically necessary to display the website:
- Website visited
- Date and time of access
- Amount of data sent in bytes
- Source/referral from which you accessed the page
- Browser used
- Operating system used
- IP address (if applicable: anonymized)
The processing is carried out pursuant to Art. 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of our website. The data is neither transferred to third parties nor otherwise used. However, we reserve the right to review the server log files retrospectively if specific indications of unlawful use arise.
2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the data controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the string "https://" and the lock symbol in your browser's address bar.
3) Hosting & Content Delivery Network
Shopify
We use the services of the following provider for hosting our website and presenting the content: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify").
Data is also transmitted to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada; Shopify Data Processing (USA) Inc.; Shopify Payments (USA) Inc.; or Shopify (USA) Inc.
All data collected on our website is processed on the provider's servers. We have entered into a data processing agreement with the provider to ensure the protection of our visitors' data and to prohibit unauthorized disclosure to third parties.
For data transfers to Canada, an adequate level of data protection is ensured by an adequacy decision of the European Commission.
For data transfers to the USA, the provider relies on the European Commission’s standard contractual clauses to ensure compliance with European data protection standards.
4) Cookies
To make visiting our website attractive and to enable certain functions, we use cookies, which are small text files stored on your device. Some cookies are deleted automatically after closing the browser ("session cookies"), while others remain on your device to allow us to recognize your browser on your next visit ("persistent cookies"). You can find the storage duration in the cookie settings of your web browser.
If personal data is processed through cookies, this occurs based on Art. 6(1)(b) GDPR for contract performance, Art. 6(1)(a) GDPR in the case of granted consent, or Art. 6(1)(f) GDPR to protect our legitimate interest in the best possible functionality of the website and a customer-friendly and effective website visit.
You can configure your browser to inform you about the setting of cookies and decide individually whether to accept them, or exclude the acceptance of cookies for certain cases or generally. Please note that disabling cookies may limit the functionality of our website.
5) Contacting Us
When contacting us (e.g., via a contact form or email), personal data is processed exclusively to the extent necessary to handle and respond to your inquiry.
The legal basis for processing these data is our legitimate interest in responding to your request pursuant to Art. 6(1)(f) GDPR. If your inquiry aims to conclude a contract, Art. 6(1)(b) GDPR serves as an additional legal basis. Your data will be deleted once the matter is resolved, provided there are no statutory retention requirements.
6) Comment Function
When using the comment function on this website, information about the time the comment was created, the commenter's chosen name, and, if necessary, the email address and IP address are stored and published alongside the comment. This storage serves security purposes, e.g., if a comment violates the rights of third parties or contains unlawful content.
The legal basis for storing this data is Art. 6(1)(b) and (f) GDPR. Comments may be deleted if third parties deem them unlawful.
7) Use of Customer Data for Direct Marketing
Newsletter Subscription
When you subscribe to our email newsletter, we send you regular information about our offers. Only your email address is required. Providing additional data is optional and allows us to address you personally. Subscription uses the double opt-in method, ensuring you receive newsletters only after confirming your subscription via a link sent to your email.
By confirming the subscription, you consent to the use of your data according to Art. 6(1)(a) GDPR. You can revoke your consent at any time via the unsubscribe link in the newsletter. Your data will be deleted unless further processing is legally permissible.
8) Data Processing for Order Fulfillment
We process personal data necessary for delivery and payment under Art. 6(1)(b) GDPR. Data is shared with shipping providers and payment processors only as necessary for these purposes.
For more details, feel free to ask!
