Privacy policy

Data protection provisions -------------------- 1) Information about the collection of personal data and contact details of the person responsible 1.1 We are pleased that you are visiting our website and thank you for your interest. In the following we will inform you about how your personal data is handled when you use our website. In this context, personal data is all data that can be used to find out your identity.

1.2 The person responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Kateryna Lavrynenko, Reichengrundstraße 2a, 97846 Partenstein, Germany, Tel.: 1604555735, E-Mail: xkatronx@gmail.com The person responsible for processing is a natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data.

1.3 To secure and protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the person responsible for processing) on ​​this website, SSL or TLS encryption is used. An encrypted connection can be recognized by the character string "https://" and the lock symbol in the browser bar.

2) Data collection when visiting our website
If you use our website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:
- The website we visited
- Date and time of access
- Amount of data sent in bytes
- Source/reference from which you accessed the site
- Browser used
- Operating system used
- IP address used (if applicable: in anonymized form)
The processing takes place in accordance with Art. 6 Para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to subsequently check the server log files if there are concrete indications of illegal use.

3) Hosting & Content Delivery Network
Hosting by Shopify
We use the shop system of the service provider Shopify International Limited, Victoria Buildings, 2nd floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify"), for the purpose of hosting and displaying the online shop on the basis of processing on our behalf. All data collected on our website is processed on Shopify's servers. As part of the aforementioned services from Shopify, data can also be transmitted to Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc. or Shopify (USA) Inc. as part of further processing on behalf of Shopify. In the event that data is transmitted to Shopify Inc. in Canada, the appropriate level of data protection is guaranteed by the European Commission's adequacy decision. Further information on Shopify's data protection can be found on the following website: https://www.shopify.de/legal/datenschutz
Further processing on servers other than those mentioned above by Shopify only takes place within the scope stated below.

4) Cookies
In order to make visiting our website more attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your device. Some of these cookies are automatically deleted after closing the browser (so-called "session cookies"), while others remain on your device for longer and enable page settings to be saved (so-called "persistent cookies"). In the latter case, you can find out the storage period from the overview of your web browser's cookie settings.
If individual cookies we use also process personal data, the processing takes place in accordance with Art. 6 Para. 1 lit. b GDPR either to execute the contract, in accordance with Art. 6 Para. 1 lit. a GDPR in the event of consent being granted, or in accordance with Art. 6 Para. 1 lit. f GDPR to protect our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit.
You can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude the acceptance of cookies in certain cases or in general.
Please note that if you do not accept cookies, the functionality of our website may be limited.

5) Contacting us
5.1 - Tawk.to
On this website, anonymized data is collected and stored using technologies from tawk.to inc. 187 East Warm Springs Rd, SB298 Las Vegas, NV, 89119, USA, (www.tawk.to) for the purpose of web analysis and to operate the live chat system to answer live support requests. User profiles can be created from this anonymized data under a pseudonym. Cookies can be used for this purpose. Cookies are small text files that are stored locally in the cache of the website visitor's Internet browser. The cookies enable the Internet browser to be recognized.
The data collected using tawk.to technologies will not be used to personally identify the visitor to this website without the separate consent of the person concerned and will not be merged with personal data about the bearer of the pseudonym. To avoid the storage of tawk.to cookies, you can set your Internet browser so that no more cookies can be stored on your computer in the future or cookies that have already been stored are deleted. However, deactivating all cookies can mean that some functions on our website can no longer be carried out. You can object to the collection and storage of data for the purpose of creating a pseudonymized user profile at any time with effect for the future by sending us your objection informally by e-mail to the e-mail address stated in the imprint.
We have concluded a data processing agreement with tawk.to Inc., the provider of tawk.to, with which we oblige tawk.to Inc. to protect our customers' data and not to pass it on to third parties.
5.2 When you contact us (e.g. via contact form or e-mail), personal data is processed - exclusively for the purpose of processing and answering your request and only to the extent necessary for this purpose. The legal basis for processing this data is our legitimate interest in answering your request in accordance with Art. 6 (1) (f) GDPR. If your contact is aimed at a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR. Your data will be deleted if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention periods to the contrary.

6) Data processing when opening a customer account
In accordance with Art. 6 Paragraph 1 Letter b of GDPR, personal data will continue to be collected and processed to the extent required if you provide it to us when opening a customer account. You can find out which data is required to open an account in the input mask of the corresponding form on our website. You can delete your customer account at any time and can do so by sending a message to the above-mentioned address of the person responsible. After your customer account has been deleted, your data will be deleted provided that all contracts concluded through it have been fully processed, there are no statutory retention periods to the contrary and we have no legitimate interest in continuing to store it.

7) Comment function
As part of the comment function on this website, in addition to your comment, information about the time the comment was created and the commentator name you have chosen will be saved and published on this website. In addition, your IP address will be saved for security reasons in order to enable an assignment to the author in the event of illegal comments. Your email address will be saved so that we can contact you if a third party objects to your published content as being illegal.

8) Use of customer data for direct advertising
8.1 Registration for our email newsletter
If you register for our email newsletter, we will regularly send you information about our offers. The only mandatory information for sending the newsletter is your email address. Providing further data is voluntary and will be used to address you personally. We use the so-called double opt-in procedure to send newsletters, which ensures that you only receive newsletters once you have expressly confirmed your consent to receive the newsletter by clicking on a verification link sent to the email address provided.
By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6 Para. 1 lit. a GDPR.

8.2 - Newsletter dispatch via Klaviyo
Our email newsletters are sent via the technical service provider »Klaviyo«, 225 Franklin St, Boston, MA 02110, USA (http://www.klaviyo.com/), to whom we pass on the data you provided when registering for the newsletter. This transfer takes place in accordance with Art. 6 Para. 1 lit. f GDPR and serves our legitimate interest in using an advertising-effective, secure and user-friendly newsletter system. Please note that your data is usually transferred to a Klaviyo server in the USA and stored there.
Klaviyo uses this information to send newsletters on our behalf. Klaviyo does not use the data of our newsletter recipients to write to them itself or to pass them on to third parties.
To protect your data in the USA, we have a data processing agreement with Klaviyo in which Klaviyo undertakes to protect the data of our users, to process it on our behalf in accordance with its data protection regulations and, in particular, not to pass it on to third parties.
You can view Klaviyo's data protection regulations here: https://www.klaviyo.com/privacy

8.3 Product availability notification by email
For items that are temporarily unavailable, you can sign up to receive email product availability notifications. We will send you a one-time message by email about the availability of the item you have selected. The only mandatory information for sending this notification is your email address. Providing additional data is voluntary and may be used to address you personally. We use the so-called double opt-in procedure to send emails, which ensures that you only receive a notification once you have expressly confirmed your consent to this by clicking on a verification link sent to the email address provided.
By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6 Paragraph 1 Letter a of GDPR. We store your IP address entered by your Internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your email address at a later date. The data we collect when you register for our email notification service for product availability is used strictly for the intended purpose. You can unsubscribe from the availability notifications at any time by sending a corresponding message to the person responsible named above. After unsubscribing, your email address will be immediately deleted from our mailing list unless you have expressly consented to further use of your data or we reserve the right to use the data in any other way that is permitted by law and about which we will inform you in this declaration.

9) Data processing for order processing
9.1 To the extent necessary for contract processing for delivery and payment purposes, the personal data we collect will be passed on to the commissioned transport company and the commissioned credit institution in accordance with Art. 6 (1) (b) GDPR.
If we owe you updates for goods with digital elements or for digital products on the basis of a corresponding contract, we will process the contact details you provided when ordering (name, address, email address) in order to inform you personally about upcoming updates within the legally stipulated period by suitable communication channels (e.g. by post or email) within the scope of our statutory information obligations in accordance with Art. 6 (1) (c) GDPR. Your contact details will be used strictly for the purpose of notifications about updates owed by us and will only be processed by us for this purpose to the extent necessary for the respective information.
To process your order, we also work with the following service provider(s), who support us in whole or in part in the implementation of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.

9.2 Transfer of personal data to shipping service providers
- DHL
If the goods are delivered by the transport service provider DHL (DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn), we will pass on your email address to DHL in accordance with Art. 6 Para. 1 lit. a GDPR before the goods are delivered for the purpose of coordinating a delivery date or to notify the delivery, provided that you have given your express consent to this during the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to DHL for the purpose of delivery in accordance with Art. 6 Para. 1 lit. b GDPR. The data will only be passed on if this is necessary for the delivery of the goods. In this case, prior coordination of the delivery date with DHL or the delivery notification is not possible.
The consent can be revoked at any time with future effect to the person responsible named above or to the transport service provider DHL.

9.3 Use of payment service providers (payment services)
- Klarna
If you select a Klarna payment service, payment processing will be carried out via Klarna Bank AB (publ), https://www.klarna.com/de/, Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter "Klarna"). In order to enable payment processing, your personal data (first and last name, street, house number, postcode, city, gender, email address, telephone number and IP address) as well as data related to the order (e.g. invoice amount, item, delivery method) will be passed on to Klarna for the purpose of identity and credit checks, provided that you have expressly consented to this in accordance with Art. 6 Para. 1 lit. a GDPR as part of the ordering process. You can see here which credit agencies your data can be forwarded to:
https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies

The credit report may contain probability values ​​(so-called score values). If score values ​​are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values ​​includes, among other things, but not exclusively, address data. Klarna uses the information received about the statistical probability of a payment default to make a balanced decision about the establishment, implementation or termination of the contractual relationship.
You can revoke your consent at any time by sending a message to the person responsible for data processing or to Klarna. However, Klarna may still be entitled to process your personal data if this is necessary for the contractual payment processing.
Your personal information will be treated in accordance with the applicable data protection regulations and in accordance with the information in Klarna's data protection regulations for data subjects based in Germany https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy
or for data subjects based in Austria https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy
.- Shopify Payments
We use the payment service provider "Shopify Payments", 3rd Floor, Europa House, Harcourt Building, Harcourt Street, Dublin 2. If you choose a payment method offered by the payment service provider Shopify Payments, payment processing will be carried out by the technical service provider Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we pass on the information you provided during the ordering process along with information about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency and transaction number) in accordance with Art. 6 Para. 1 lit. b GDPR. Your data will be passed on exclusively for the purpose of payment processing with Stripe Payments Europe Ltd. and only to the extent that it is necessary for this purpose. You can find more information about Shopify Payments' data protection at the following internet address: https://www.shopify.com/legal/privacy.
Data protection information about Stripe Payments Europe Ltd. can be found here: https://stripe.com/de/privacy
- SOFORT
If you select the payment method "SOFORT", the payment will be processed via the payment service provider SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter "SOFORT"), to whom we will pass on the information you provided during the ordering process, along with the information about your order, in accordance with Art. 6 Para. 1 lit. b GDPR. Sofort GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). Your data will be passed on exclusively for the purpose of payment processing with the payment service provider SOFORT and only to the extent that it is necessary for this purpose. You can find further information about SOFORT's data protection provisions at the following internet address: https://www.klarna.com/sofort/datenschutz.
- Stripe
If you choose a payment method from the payment service provider Stripe, payment processing will be carried out via the payment service provider Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we will pass on the information you provided during the ordering process, along with information about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency and transaction number) in accordance with Art. 6 Paragraph 1 Letter b of GDPR. Further information on Stripe's data protection can be found at the URL https://stripe.com/de/privacy#translation.
Stripe reserves the right to carry out a credit check based on mathematical-statistical procedures in order to protect the legitimate interest in determining the user's ability to pay. Stripe may transmit the personal data necessary for a credit check and received during payment processing to selected credit agencies, which Stripe will disclose to users upon request. The credit report may contain probability values ​​(so-called score values). If score values ​​are included in the result of the credit report, these are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values ​​includes, among other things, but not exclusively, address data. Stripe uses the result of the credit check in relation to the statistical probability of default for the purpose of deciding on the right to use the selected payment method.
You can object to this processing of your data at any time by sending a message to Stripe or the commissioned credit agencies.
However, Stripe may still be entitled to process your personal data if this is necessary for the contractual payment processing.

10) Online marketing
Facebook Pixel for creating custom audiences (with Cookie Consent Tool)
Our online offering uses the so-called "Facebook Pixel" of the social network Facebook, which is operated by Meta Platforms Ireland Limited, 4 Grand Canal Quare, Dublin 2, Ireland ("Facebook").
If a user clicks on an advertisement placed by us that is displayed on Facebook, an addition is added to the URL of our linked page by Facebook Pixel. If our page allows data to be shared with Facebook via Pixel, this URL parameter is written into the user's browser via a cookie that our linked page itself sets. This cookie is then read by Facebook Pixel and enables the data to be forwarded to Facebook.

With the help of the Facebook Pixel, Facebook is able to determine the visitors to our online offering as a target group for the display of advertisements (so-called "Facebook Ads"). Accordingly, we use the Facebook pixel to only display the Facebook ads we place to Facebook users who have also shown an interest in our online offering or who have certain characteristics (e.g. interests in certain topics or products determined based on the websites visited) that we transmit to Facebook (so-called "custom audiences"). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interests of users and do not appear annoying. This allows us to further evaluate the effectiveness of Facebook ads for statistical and market research purposes by tracking whether users were redirected to our website after clicking on a Facebook ad (so-called "conversion").
The data collected is anonymous to us, so it does not allow us to draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook data usage policy (https://www.facebook.com/about/privacy/). The data can enable Facebook and its partners to place advertisements on and outside of Facebook.

The data processing associated with the use of the Facebook pixel only takes place if you have given your express consent in accordance with Art. 6 Paragraph 1 Letter a of GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the "Cookie Consent Tool" provided on the website.

11) Tools and Others
Cookie Consent Tool
This website uses a so-called "Cookie Consent Tool" to obtain effective user consent for cookies and cookie-based applications that require consent. The "Cookie Consent Tool" is displayed to users when they visit the page in the form of an interactive user interface on which consent for certain cookies and/or cookie-based applications can be given by ticking the boxes. By using the tool, all cookies/services that require consent are only loaded if the respective user gives their consent by ticking the boxes. This ensures that such cookies are only placed on the user's respective device if consent has been given.
The tool uses technically necessary cookies to save your cookie preferences. Personal user data is generally not processed.
If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning or logging cookie settings, this is done in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website.
Another legal basis for the processing is Art. 6 (1) (c) GDPR. As the responsible party, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.

12) Rights of the data subject
12.1 The applicable data protection law grants you the following data subject rights (rights to information and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the legal basis stated for the respective conditions for exercising them:
- Right to information in accordance with Art. 15 GDPR;
- Right to rectification in accordance with Art. 16 GDPR;
- Right to erasure in accordance with Art. 17 GDPR;
- Right to restriction of processing in accordance with Art. 18 GDPR;
- Right to information in accordance with Art. 19 GDPR;
- Right to data portability in accordance with Art. 20 GDPR;
- Right to withdraw consent granted in accordance with Art. 7 Para. 3 GDPR;
- Right to lodge a complaint in accordance with Art. 77 GDPR.
12.2 RIGHT TO OBJECT
IF WE PROCESS YOUR PERSONAL DATA BASED ON OUR OVERRIDING LEGITIMATE INTEREST AS PART OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, WITH EFFECT FOR THE FUTURE.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA IN QUESTION. HOWEVER, WE RESERVE THE RIGHT TO FURTHER PROCESSING IF WE CAN PROVE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES THE ASSERTION, EXERCISE OR DEFENSE OF LEGAL CLAIMS.
IF WE PROCESS YOUR PERSONAL DATA IN ORDER TO CARRY OUT DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.
IF YOU EXERCISE YOUR RIGHT OF OBJECTION, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.
You can find further information about the operator and the setting options of the cookie consent tool directly in the corresponding user interface on our website.

13) Duration of storage of personal data
The duration of storage of personal data is determined by the respective legal basis, the purpose of processing and - if applicable - also by the respective statutory retention period (e.g. retention periods under commercial and tax law).
When processing personal data on the basis of an express consent in accordance with Art. 6 Para. 1 lit. a GDPR, this data is stored until the data subject revokes his or her consent.
If there are statutory retention periods for data that are processed within the framework of legal or quasi-legal obligations on the basis of Art. 6 Para. 1 lit. b GDPR, this data is routinely deleted after the retention periods have expired, provided that it is no longer required to fulfill or initiate a contract and/or we have no legitimate interest in continuing to store it.
When processing personal data on the basis of Art. 6 (1) (f) GDPR, these data will be stored until the data subject exercises his or her right of objection in accordance with Art. 21 (1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.