Privacy policy

Privacy Policy

Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide it will have no consequences. This only applies insofar as no other indication is made in the following processing operations.
“Personal data” means any information relating to an identified or identifiable natural person.

Server Log Files

You can visit our website without providing any personal information.

Each time you access our website, usage data is transmitted to us or our web hosting / IT service provider by your internet browser and stored in log data (so-called server log files). This stored data includes, for example, the name of the accessed page, date and time of access, IP address, amount of data transferred, and the requesting provider.

The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in ensuring the trouble-free operation of our website and improving our services.

Your data may be transferred to and processed in third countries outside the EU, particularly Canada and the USA. An adequacy decision by the EU Commission exists for Canada. For the USA, an adequacy decision exists in the form of the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to the EU Commission’s standard contractual clauses.

Contact

Controller

Please contact us if requested. The controller responsible for data processing is:
Fabio Arcangioli, Bunsenstraße 7, 67069 Ludwigshafen, Germany
Phone: +49 174 3831160
Email: esolocosamia@gmail.com

Customer-Initiated Contact by Email

If you contact us by email on your own initiative, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves the purpose of handling and responding to your inquiry.

If the contact serves the implementation of pre-contractual measures (e.g. consultation in case of purchase interest, preparation of an offer) or concerns an already concluded contract between you and us, this data processing is based on Art. 6 para. 1 lit. b GDPR.

If the contact is made for other reasons, the data processing is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in processing and responding to your request. In this case, you have the right to object at any time to this processing of personal data concerning you based on Art. 6 para. 1 lit. f GDPR for reasons arising from your particular situation.

We use your email address only to process your request. Your data will subsequently be deleted in compliance with legal retention periods unless you have consented to further processing and use.

Collection and Processing When Using the Contact Form

When using the contact form, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves the purpose of establishing contact.

If the contact serves the implementation of pre-contractual measures or concerns an existing contract, this processing is based on Art. 6 para. 1 lit. b GDPR.

If the contact is made for other reasons, processing is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in processing and responding to your inquiry. You have the right to object at any time to this processing for reasons arising from your particular situation.

Your email address is used solely to process your request. Your data will then be deleted in compliance with legal retention obligations unless you have consented to further processing.

Customer Account & Orders

Customer Account

When opening a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. Processing is based on Art. 6 para. 1 lit. a GDPR with your consent.

You may revoke your consent at any time by notifying us, without affecting the lawfulness of processing carried out before the revocation. Your customer account will then be deleted.

Collection, Processing and Transfer of Personal Data for Orders

When placing an order, we collect and process your personal data only as necessary to fulfill and process your order and handle your inquiries. Provision of the data is necessary for concluding the contract. Failure to provide it means no contract can be concluded. Processing is based on Art. 6 para. 1 lit. b GDPR.

Your data may be shared with shipping companies, dropshipping providers, payment service providers, order processing providers, and IT service providers. In all cases, we strictly observe legal requirements and limit data transfer to the minimum necessary.

Your data may also be transferred to third countries outside the EU, especially Canada and the USA. For Canada, an adequacy decision exists. For the USA, the TADPF applies. Shopify is not certified under the TADPF. Transfers are based on contractual obligations comparable to EU standard contractual clauses.

Reviews & Advertising

Data Collection When Submitting a Comment or Review

When commenting or reviewing an article or post, we collect your personal data (name, email address, comment text) only to the extent provided by you. The processing serves the purpose of enabling comments/reviews and displaying them.

By submitting the comment/review, you consent to processing the transmitted data. Processing is based on Art. 6 para. 1 lit. a GDPR with your consent.

You may revoke your consent at any time. Your personal data will then be deleted.

When your comment/review is published, only the name you provide will be published.

Use of Email Address for Sending Newsletters

We use your email address independently of contract processing exclusively for our own advertising purposes for newsletter distribution, provided you have expressly consented. Processing is based on Art. 6 para. 1 lit. a GDPR.

You may revoke your consent at any time via the unsubscribe link in the newsletter or by notifying us. Your email address will then be removed from the distribution list.

Use of Klaviyo

We use the service of Klaviyo Inc. (125 Summer St Floor 7, Boston, MA 02111, USA) for newsletter distribution as part of order processing.

The information provided during newsletter registration (email address and, if applicable, first and last name) is transmitted to Klaviyo. The data processing serves the purpose of newsletter distribution and statistical evaluation.

To evaluate newsletter campaigns, newsletters contain a 1x1 pixel graphic (tracking pixel) or tracking link. This allows us to determine whether you opened the newsletter and clicked integrated links.

In this context, personal data such as IP address, browser type, device information, and access time may be collected. Usage profiles may be created under a pseudonym. The collected data is not used to personally identify you.

Data is usually transferred to servers in the USA. Klaviyo is certified under the TADPF.

Further information:

Payment Service Providers & Credit Checks

Use of PayPal Express

We use the PayPal Express payment service provided by PayPal (Europe) S.à.r.l. et Cie, S.C.A., Luxembourg.

Processing serves the purpose of offering payment via PayPal Express. To integrate this payment service, PayPal collects and processes data such as IP address, device type, operating system, browser type, and location when the website is accessed.

Cookies may be used for browser recognition.

Processing is based on Art. 6 para. 1 lit. f GDPR due to our legitimate interest in offering customer-oriented payment options.

When selecting and using PayPal Express, payment data required for processing is transmitted to PayPal pursuant to Art. 6 para. 1 lit. b GDPR.

Further information is available in PayPal’s privacy policy.

Use of PayPal Check-Out

We use PayPal Check-Out services. When selecting payment via PayPal, credit card via PayPal, direct debit via PayPal, or “Pay Later” via PayPal, payment-related data is transmitted to PayPal for contract fulfillment pursuant to Art. 6 para. 1 lit. b GDPR.

Cookies may also be stored for browser recognition.

Credit Checks via PayPal

For certain payment methods, PayPal may conduct credit checks using mathematical-statistical procedures and credit agencies.

This serves the purpose of assessing creditworthiness and preventing payment defaults pursuant to Art. 6 para. 1 lit. f GDPR.

Third-Party Providers

When paying through third-party providers, payment data may be transferred to providers such as:

  • SOFORT (SOFORT GmbH, Munich, Germany)
  • giropay (Paydirekt GmbH, Frankfurt am Main, Germany)

Invoice Purchase via PayPal

For invoice payments, data is transferred to Ratepay GmbH (Berlin, Germany), which may conduct credit checks.

Further information:

Use of Klarna Payment Options

We use Klarna Bank AB (publ), Stockholm, Sweden.

When selecting Klarna payment options, payment-related data is transferred to Klarna for contract fulfillment pursuant to Art. 6 para. 1 lit. b GDPR.

Cookies may be stored for browser recognition.

Klarna Credit Checks

For payment methods such as invoice purchase, direct debit, or installment financing, Klarna may conduct identity and credit checks using credit agencies.

The processing serves the purpose of assessing creditworthiness and preventing payment defaults pursuant to Art. 6 para. 1 lit. f GDPR.

Further information:

Use of SOFORT

We use SOFORT GmbH (part of Klarna Group) for payment processing.

Necessary payment data is transferred to SOFORT pursuant to Art. 6 para. 1 lit. b GDPR.

Further information:

Cookies

Our website uses cookies. Cookies are small text files stored in the user’s browser or computer system.

You have full control over the use of cookies through your browser settings. Stored cookies can be deleted at any time. However, disabling cookies may limit website functionality.

Browser instructions:

Technically Necessary Cookies

We use technically necessary cookies to make our website more user-friendly, effective, and secure.

Processing is based on §25 para. 2 TDDDG and Art. 6 para. 1 lit. f GDPR.

Use of GDPR Legal Cookie

We use the consent management tool GDPR Legal Cookie by beeclever GmbH, Koblenz, Germany.

The tool serves to obtain and document consent for data processing and cookies.

Collected information may include anonymized IP address, consent timestamp, URL, encrypted key, and consent status.

Processing is based on Art. 6 para. 1 lit. c GDPR.

Further information:

Rights of Data Subjects & Storage Duration

Storage Duration

After complete contract processing, data is initially stored for the warranty period and then in accordance with statutory retention periods under tax and commercial law before deletion, unless you have consented to further processing.

Rights of the Data Subject

Under Arts. 15–20 GDPR, you have the following rights:

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restriction of processing
  • Right to data portability

You also have the right under Art. 21 para. 1 GDPR to object to processing based on Art. 6 para. 1 lit. f GDPR and to processing for direct marketing purposes.

Right to Lodge a Complaint

Under Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe your personal data is being processed unlawfully.

Responsible supervisory authority:

State Commissioner for Data Protection and Freedom of Information Rhineland-Palatinate
Postfach 30 40
55020 Mainz, Germany
Phone: +49 6131 89200
Email: poststelle@datenschutz.rlp.de

Right to Object

If processing of personal data is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR, you have the right to object at any time for reasons arising from your particular situation.

After objection, processing of the affected data will cease unless compelling legitimate grounds for processing can be demonstrated.

Last updated: 29 November 2023