Privacy policy

Data protection

Unless otherwise stated below, the provision of your personal data is neither required by law nor contractually, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide it has no consequences. This only applies if no other information is provided during subsequent processing operations.
“Personal data” means any information relating to an identified or identifiable natural person.

Your data may be transferred to third countries outside the EU, in particular Canada and the USA, and processed there. There is an adequacy decision from the EU Commission for Canada. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not TADPF certified. This data transfer takes place on the basis of contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.

Contact

Responsible person
Contact us if you wish. The person responsible for data processing is: Peter Höschl, Beuchaer Str. 4, 74392 Freudental Germany, +49 7143 401 48 00, info@ministry-of-nutrition.de

Initiative contact from the customer via email
If you initiate business contact with us via email, we will only collect your personal data (name, email address, message text) to the extent provided by you. The data processing serves to process and answer your contact request.
If the contact serves to carry out pre-contractual measures (e.g. advice if you are interested in buying, preparing an offer) or concerns a contract that has already been concluded between you and us, this data processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Article 6 Paragraph 1 Letter f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right, for reasons arising from your particular situation, to object at any time to this processing of your personal data based on Article 6 Paragraph 1 Letter f of the GDPR.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.

Use of Zendesk as a Support and Ticketing System
To process customer and support inquiries efficiently, we use the service “Zendesk” provided by Zendesk, Inc., 989 Market Street, San Francisco, CA 94103, USA. For users within the EU, the contractual relationship is generally handled through Zendesk International Ltd., 55 Charlemont Place, Saint Kevin’s, Dublin, D02 F985, Ireland.

Zendesk acts as a processor within the meaning of Art. 28 GDPR. We have concluded a data processing agreement with Zendesk to ensure GDPR-compliant data handling. In the context of the support process, the following data may be processed:

• Names, contact details (e.g., email address),
• Communication content (e.g., text messages, emails),
• Technical data (e.g., browser information, IP address),
• Customer-related data such as order information, insofar as this is necessary for processing the inquiry.

Data processing is carried out for the performance of our contractual relationship or for taking steps prior to entering into a contract (Art. 6(1)(b) GDPR), as well as based on our legitimate interest in efficiently organizing our customer service (Art. 6(1)(f) GDPR).

Zendesk may also process data outside the EU/EEA. In such cases, appropriate safeguards pursuant to Art. 44 et seq. GDPR are applied, such as standard contractual clauses and additional technical and organizational measures.

The data will be deleted as soon as it is no longer required for handling the inquiry and no statutory retention obligations apply. Further information on data protection at Zendesk can be found at: https://www.zendesk.com/company/agreements-and-terms/privacy-notice/

Collection and processing when using the contact form
When you use the contact form, we only collect your personal data (name, email address, message text) to the extent provided by you. The data processing serves the purpose of establishing contact.
If the contact serves to carry out pre-contractual measures (e.g. advice if you are interested in buying, preparing an offer) or concerns a contract that has already been concluded between you and us, this data processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Article 6 Paragraph 1 Letter f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right, for reasons arising from your particular situation, to object at any time to this processing of your personal data based on Article 6 Paragraph 1 Letter f of the GDPR.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.

WhatsApp Business
If you contact us for business via WhatsApp, we use the WhatsApp Business version of WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “WhatsApp”). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and answer your contact request. For this purpose, we collect and process your mobile phone number stored on WhatsApp, your name if provided, and other data to the extent provided by you. For the service, we use a mobile device whose address book only stores data from users who have contacted us via WhatsApp. Personal data will not be passed on to WhatsApp without you having already given your consent to WhatsApp.
Your data will be transmitted by WhatsApp to Meta Platforms Inc. servers in the USA. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. has certified itself according to the TADPF and is therefore committed to complying with European data protection principles. If the contact serves to carry out pre-contractual measures (e.g. advice if you are interested in buying, preparing an offer) or concerns a contract that has already been concluded between you and us, this data processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR for our overriding legitimate interest in providing quick and easy contact and in answering your request. In this case, you have the right, for reasons arising from your particular situation, to object at any time to this processing of your personal data based on Article 6 Paragraph 1 Letter f of the GDPR.
We only use your personal data to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Further information on terms of use and data protection when using WhatsApp can be found athttps://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy .

Customer account orders

Customer account
When you open a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. Processing is carried out on the basis of Article 6 Paragraph 1 Letter a GDPR with your consent. You can revoke your consent at any time by notifying us, without this affecting the lawfulness of the processing carried out based on your consent before its revocation. Your customer account will then be deleted.

Your data may be transferred to third countries outside the EU, in particular Canada and the USA, and processed there. There is an adequacy decision from the EU Commission for Canada. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not TADPF certified. This data transfer takes place on the basis of contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.

Reviews advertising


Data collection when writing a comment or rating
When you comment on/rate an article or post, we only collect your personal data (name, email address, comment text) to the extent provided by you. The processing serves the purpose of enabling comments/ratings and displaying comments/ratings.

By submitting the comment/review, you consent to the processing of the transmitted data. Processing is carried out on the basis of Article 6 Paragraph 1 Letter a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the lawfulness of the processing carried out based on your consent before its revocation. Your personal data will then be deleted.

When your comment/review is published, the name and email address you provided will be published.

In addition, when you submit a comment/rating, your IP address will be stored for the purpose of preventing misuse of the comment or rating function and ensuring the security of our information technology systems. By submitting the comment/review, you consent to the processing of the transmitted data. Processing is carried out on the basis of Article 6 Paragraph 1 Letter a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the lawfulness of the processing carried out based on your consent before its revocation. Your IP address will then be deleted.

Use of the email address to send newsletters
Regardless of the contract processing, we use your email address exclusively for our own advertising purposes to send newsletters, provided you have expressly agreed to this. Processing is carried out on the basis of Article 6 Paragraph 1 Letter a GDPR with your consent. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on your consent before its revocation. You can unsubscribe from the newsletter at any time using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the distribution list.

Your data will be passed on to a service provider for email marketing as part of order processing. It will not be passed on to other third parties.

Klaviyo
We have integrated Klaviyo on this website. The provider is Klaviyo Inc., 125 Summer Street, Floor 6, Boston, MA, 02110, USA (hereinafter Klaviyo).

Klaviyo is a marketing automation tool for sending emails, SMS, push notifications and collecting customer reviews for eCommerce retailers.

For this purpose, Klaviyo stores your consent to email marketing. In particular, the following data may be processed: name, telephone number, email address, address data, IP address, device identification, usage data (such as interactions between a user and Klaviyo's online system, website or email , browser used, operating system used, referrer URL).

The use of Klaviyo is based on Article 6 Paragraph 1 Letter a GDPR and Section 25 Paragraph 1 TTDSG. Consent can be revoked at any time.

Further details can be found in the provider's privacy policy at https://www.klaviyo.com/legal/privacy .

The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt00000012uf9AAA&status=Active

The provider applies standard contractual clauses for the transfer of personal data to third countries. Details can be found here: https://www.klaviyo.com/legal/data-processing-agreement .

Order processing

We have concluded an order processing contract (AVV) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that we only process the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

Merchandise management

Use of an external merchandise management system
We use an inventory management system to process the contract as part of order processing. For this purpose, your personal data collected as part of the order will be sent to
plentysystems AG, Johanna-Waescher-Straße 7, 34131 KasselShopify Inc., 151 O'Connor Street, Ground floor, Ottawa, ON, K2P 2L8, Canada
transmitted.

The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR.

Payment service provider credit report

Using PayPal Express
We use the PayPal Express payment service from PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the PayPal Express payment service. In order to integrate this payment service, it is necessary for PayPal to collect, store and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when you access the website. Cookies can also be used for this purpose. The cookies enable your browser to be recognized.
Your personal data is processed on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offer of various payment methods. You have the right to object to this processing of personal data concerning you at any time for reasons relating to your particular situation.
By selecting and using PayPal Express, the data required for payment processing will be transmitted to PayPal in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR. Further information on data processing when using the PayPal Express payment service can be found in the associated data protection declaration at www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS .

Using PayPal Check-Out
We use the PayPal Check-Out payment service from PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or “Pay later” via PayPal, the data required for payment processing will be transmitted to PayPal in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR.

Cookies can be stored here, which enable your browser to be recognized. The resulting data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offer of different payment methods. You have the right to object to this processing of personal data concerning you at any time for reasons relating to your particular situation.

Credit card via PayPal, direct debit via PayPal & “Pay later” via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or “Pay later” via PayPal, PayPal reserves the right, if necessary, to obtain credit information based on mathematical and statistical methods using credit agencies. For this purpose, PayPal sends the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of non-payment to make a balanced decision about the establishment, implementation or termination of the contractual relationship. The credit report can contain probability values (score values) that are calculated on the basis of scientifically recognized mathematical-statistical methods and whose calculation includes, among other things, address data. Your concerns will be considered in accordance with the statutory provisions. The data processing serves the purpose of checking your creditworthiness to initiate a contract. The processing is carried out on the basis of Article 6 Paragraph 1 Letter f of the GDPR due to our overriding legitimate interest in protecting against non-payment if PayPal makes advance payments.
For reasons arising from your particular situation, you have the right to object at any time to this processing of your personal data based on Article 6 Paragraph 1 Letter f of the GDPR by notifying PayPal. The provision of the data is necessary for the conclusion of the contract with the payment method you require. Failure to provide this means that the contract cannot be concluded using the payment method you have chosen.

Third Party
If you pay using a third-party payment method, the data required to process the payment will be transmitted to PayPal. This processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR. To carry out this payment method, PayPal may then pass on the data to the respective provider. This processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR. Local third parties can be, for example:

• Sofort (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany)
• giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main)

Purchase on account via PayPal
When paying via the purchase invoice payment method, the data required for payment processing is first transmitted to PayPal. To carry out this payment method, PayPal will then transmit the data to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR. Ratepay may carry out a credit report based on mathematical-statistical procedures (probability or score values) using credit agencies according to the process described above. The data processing serves the purpose of checking your creditworthiness to initiate a contract. The processing is carried out on the basis of Article 6 Paragraph 1 Letter f of the GDPR due to our overriding legitimate interest in protecting against non-payment if Ratepay makes advance payments. Further information on data protection and which credit agencies use Ratpay can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/ .

Further information on data processing when using PayPal can be found in the associated data protection declaration at https://www.paypal.com/de/webapps/mpp/ua/privacy-full .

Use of Amazon Payments
We use the Amazon Payments payment service from Amazon Payments Europe sca (38 avenue John F. Kennedy, L-1855 Luxembourg; “Amazon Payments”) on our website.
The data processing serves the purpose of being able to offer you payment via the Amazon Payments payment service.
In order to integrate this payment service, it is necessary for Amazon Payments to collect, store and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when you access the website. Cookies can also be used for this purpose. The cookies enable your browser to be recognized.
Your personal data is processed on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offer of various payment methods. You have the right to object to this processing of personal data concerning you at any time for reasons relating to your particular situation.
By selecting and using “Amazon Payments”, the data required for payment processing will be transmitted to Amazon Payments in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR.
Further information on data processing when using the Amazon Payments payment service can be found in the associated data protection declaration at: https://pay.amazon.com/de/help/201212490

Advertising tracking analysis

Use of Google Analytics 4
We use the web analysis service Google Analytics from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves the purpose of analyzing this website and its visitors as well as for marketing and advertising purposes. For this purpose, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator.
The following information can be collected, among other things: IP address, date and time of page access, click path, information about the browser you use and the device you use, pages visited, referrer URL (website through which you visit our website). website), location data, purchasing activities. Your data may be linked by Google with other data, such as your search history, your personal accounts, your usage data from other devices and any other data that Google has about you.

The IP address is previously shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area.

The processing of your personal data takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on your consent before its revocation.

The information generated in this way about your use of this website is usually transmitted to a Google server in the USA and stored there. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore obliged to comply with European data protection principles. Both Google and US government authorities have access to your data.

Further information on terms of use and data protection can be found at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/privacy?hl=de&gl=de .

How to use Shopify statistics
We use the statistics and analysis functions of Shopify International Ltd. on our website. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") as part of order processing. Shopify is an affiliated company of Shopify Inc. (151 O'Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The data processing serves the purpose of analyzing this website and its visitors. For this purpose, data is stored for marketing and optimization purposes and made available in reports, analyzes and statistics. The following device information is collected and processed, among other things: information about the web browser, the IP address, the time zone and some of the cookies that are installed on your device. When you navigate the website, information about the websites or products you visit, the referrer URL (the website from which you accessed our website), and information about how you interact with the website are also collected. This uses technologies such as cookies, web beacons, tags and pixels (electronic files that collect information about how you navigate the website).
Your data may be transferred to third countries outside the EU, in particular Canada and the USA, and processed there. There is an adequacy decision from the EU Commission for Canada. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not TADPF certified. This data transfer takes place on the basis of contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.
The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Article 6 Paragraph 1 Letter a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on your consent before its revocation.
You can find more information about data protection at Shopify at https://www.shopify.com/de/legal/datenschutz , information about the order processing contract at https://www.shopify.com/de/legal/dpa and information about the cookies used at https://www.shopify.com/de/legal/cookies .

Plug-ins and others

Decify
We use the web analysis service Decify on our website or parts of our website to collect so-called zero-party data, i.e. information that is explicitly and voluntarily provided by our website visitors. Decify is a web analysis service provided by Decify GmbH in Munich, Germany. Decify GmbH acts for us as a data processor on the basis of a data processing agreement in accordance with Art. 28 GDPR. Decify enables an analysis of the perception and use of the website by its visitors, as well as their preferences, intentions, and more. Decify collects data from surveys and user interviews and also user interactions, such as starting and submitting a survey, as well as browser and device information, such as the visitor's IP address, device type, screen resolution, user agent configuration (user agent string) and language setting. In addition, e-mail addresses and order numbers are transmitted. The data collected is used to evaluate and optimize the website and advertising/marketing measures. In addition, website visitors are assigned a "universally unique identifier" (UUID), which Decify can use to identify returning users of our website - without linking them to their personal data. The UUID is used, for example, to prevent a survey from being shown to the same website visitor more than once. Personal data may be transferred to third countries that do not offer an adequate level of data protection. In this case, it is ensured that appropriate safeguards are provided for such a transfer to ensure an adequate level of data protection. We will provide proof of these appropriate safeguards on request. The legal basis for the use of Decify is our legitimate interest pursuant to Art. 6 (1) lit. f) GDPR in a needs-based design of the website and in the evaluation and optimization of our marketing measures.

BON Loyalty
BON Loyalty may collect and process certain data in order to provide services, such as:

From customers: basic information stored in Shopify Admin (e.g. first name, last name, email) to track points and rewards.

From website visitors: device/browser info, cookies, log files, etc.

Sharing: with service providers like Google Analytics, CustomerIO, and Freshdesk, only to improve service and support.

Storage & transfer: data is processed on servers in the U.S.

Rights: both merchants and customers can request access, correction, or deletion of their data at any time.

We use BON Loyalty to manage our loyalty program. BON Loyalty may process limited customer data (such as name and email) to provide rewards and support. For more details, please see BON Loyalty’s Privacy Policy at https://bonloyalty.com/privacy-policy/

Judge.me
We use the service Judge.me to collect and manage product reviews. The provider is Judge.me Ltd, 86-90 Paul Street, London EC2A 4NE, United Kingdom.

Judge.me processes personal data on behalf of the shop operator to provide and manage review functions. The following data may be processed in particular:

Name and email address of the reviewer

Order and product information

Review content (text, star rating)

Technical data such as IP address, browser information, timestamps

Processing is based on our legitimate interest pursuant to Art. 6(1)(f) GDPR in providing transparent customer feedback and improving our offerings.

Judge.me acts as a data processor in accordance with Art. 28 GDPR. A corresponding data processing agreement is in place.

Data is processed on servers of Amazon Web Services (AWS) and Heroku, including outside the EU. Appropriate safeguards (e.g. Standard Contractual Clauses) are in place to ensure an adequate level of data protection.

Further information can be found in Judge.me’s privacy policy at:
https://judge.me/privacy

Use of Google Maps
On our website we use the function for embedding GoogleMaps maps from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland, "Google").
The function enables the visual representation of geographical information and interactive maps. Google also collects, processes and uses data from visitors to the websites when they access the pages in which Google Maps maps are integrated.
Your data may also be transmitted to the USA. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself according to the TADPF and is therefore obliged to comply with European data protection principles.
The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Article 6 Paragraph 1 Letter a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on your consent before its revocation.
Further information on how Google collects and uses data can be found in Google's data protection information at https://www.google.com/privacypolicy.html . There you also have the opportunity to change your settings in the data protection center so that you can manage and protect your data processed by Google.

Use of YouTube
We use the function for embedding YouTube videos from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube") on our website. YouTube is a partnership with Google LLC (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; “Google”) affiliated company.
The function displays videos stored on YouTube in an iFrame on the website. The “Extended data protection mode” option is activated. This means that YouTube does not store any information about website visitors. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transferred to the USA. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself according to the TADPF and is therefore obliged to comply with European data protection principles.
The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Article 6 Paragraph 1 Letter a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on your consent before its revocation.
Further information on the collection and use of data by YouTube and Google, your rights in this regard and options for protecting your privacy can be found in YouTube's data protection information at https://www.youtube.com/t/privacy .

Supplement to the Privacy Policy

Some services help us better understand the browsing habits of our visitors or how they interact with our website. We use the following partners on our site (this is not a complete list):

Shopify Stats
Host: fonts.shopifycdn.com

Shopify Stats
Host: cdn.shopify.com

Shopify
Host: shop.app

Amazon AWS
Host: d31wum4217462x.cloudfront.net

Judge.me
Host: cdn1.judge.me

Rights of those affected and storage period

Duration of storage
After the contract has been fully processed, the data will initially be stored for the duration of the warranty period, then taking into account statutory retention periods, in particular tax and commercial law, and then deleted after the deadline has expired, unless you have agreed to further processing and use.

Rights of the data subject
If the legal requirements are met, you are entitled to the following rights in accordance with Articles 15 to 20 of the GDPR: right to information, to correction, to deletion, to restriction of processing, to data portability.
In addition, according to Art. 21 Para. 1 GDPR, you have the right to object to processing based on Art. 6 Para. 1 f GDPR, as well as to processing for the purpose of direct advertising.

Right to lodge a complaint with the supervisory authority
According to Art. 77 GDPR, you have the right to complain to the supervisory authority if you believe that your personal data is not being processed lawfully.

You can lodge a complaint with, among other things, the supervisory authority responsible for us, which you can reach using the following contact details:

State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
Königstrasse 10 a
70173 Stuttgart
Tel.: +49 711 6155410
Fax: +49 711 61554115
Email: poststelle@lfdi.bwl.de

Right to object
If the personal data processing listed here is based on our legitimate interest in accordance with Article 6 Paragraph 1 Letter f of the GDPR, you have the right to object to this processing at any time with future effect for reasons arising from your particular situation.
After an objection has been made, the processing of the data concerned will be terminated unless we can demonstrate compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.

Last updated: 29/09/25