Privacy Policy

1. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

2. General Information on Data Processing

We take the protection of your personal data very seriously.

Personal data is any information relating to an identified or identifiable natural person.

We process personal data exclusively in accordance with applicable data protection regulations (GDPR, BDSG, TDDDG).

3. Hosting

This website is hosted by the following provider:

When visiting the website, the following data is automatically processed:

• IP address
• Date and time of access
• Browser type and version
• Operating system
• Referrer URL

This data is technically required to provide the website.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure and stable website operation)

Data processing agreement: A data processing agreement pursuant to Art. 28 GDPR has been concluded with the hosting provider.

4. Content Management System

We use the following system to manage content:

Sanity

Sanity may process technical and content-related data necessary for displaying the website.

Legal basis: Art. 6(1)(f) GDPR

5. Payment Processing

We use the following service for payment processing:

Stripe

During the ordering process, personal data is transmitted to Stripe, in particular:

• Name
• Billing information
• Payment data
• Email address

Stripe may transfer data to third countries (especially the USA). In such cases, appropriate safeguards pursuant to Art. 46 GDPR (Standard Contractual Clauses) are in place.

https://stripe.com/de/privacy

Legal basis: Art. 6(1)(b) GDPR (contract performance)

6. Email Communication

Resend

• Email address
• Name (if provided)
• Message content

Art. 6(1)(b) GDPR (contract)

Art. 6(1)(f) GDPR (legitimate interest in communication)

7. Consent Management (Cookies)

Usercentrics

• Consent status
• Time of consent
• Browser/device information (technically required)

Art. 6(1)(c) GDPR (legal obligation)

8. Cookies

This website uses cookies.

Cookies are small text files stored on your device.

• technically necessary cookies
• functional cookies (only with consent)
• analytics/marketing cookies (only with consent via consent tool)

Art. 6(1)(f) GDPR (necessary)

Art. 6(1)(a) GDPR (consent)

§ 25(1) TDDDG (access to end device)

9. Server Log Files

The hosting provider automatically collects and stores information in server log files.

This data is not merged with other data sources.

10. Contact

When contacting us by email or form, the provided data is processed to handle the request.

Art. 6(1)(b) GDPR (pre-contractual measures)

Art. 6(1)(f) GDPR (legitimate interest)

11. Data Processing for Orders

We process personal data for contract fulfillment in the context of orders.

• Name
• Address
• Email address
• Order data

Art. 6(1)(b) GDPR

12. Data Disclosure

Data is only shared with service providers necessary for contract fulfillment:

• Payment service providers (Stripe)
• Hosting (Vercel)
• Email service (Resend)

Data is only shared to the extent necessary.

13. Data Transfers to Third Countries

If personal data is processed in third countries (e.g. USA), this is based on:

EU Standard Contractual Clauses (Art. 46 GDPR)

Adequacy decisions (if available)

14. Data Retention

Personal data is stored only as long as necessary for the respective purposes or as required by statutory retention periods.

15. Data Subject Rights

• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object (Art. 21 GDPR)
• Right to withdraw consent (Art. 7(3) GDPR)

16. Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority.

17. Data Security

We use technical and organizational measures to protect personal data against loss, manipulation, or unauthorized access.

18. Currency of Information

This privacy policy is currently valid and may be updated when necessary.