Privacy Policy

Privacy Policy

1) Introduction and Contact Details of the Data Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about the handling of your personal data when using our website. Personal data is any data that can be used to identify you personally.

1.2 The data controller for the processing of personal data on this website within the meaning of the General Data Protection Regulation (GDPR) is Elvir Sofic, Am Mittergwendt 20/27, 3430 Tulln an der Donau, Austria, Tel.: +436769507082, Email: elvir.sofic94@gmail.com. The data controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.

2) Data Collection When Visiting Our Website

2.1 When using our website for informational purposes only, i.e., if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data, which is technically necessary for us to display the website:

  • Our visited website
  • Date and time of access
  • Amount of data transmitted in bytes
  • Source/reference from which you accessed the page
  • Used browser
  • Used operating system
  • Used IP address (possibly in anonymized form)

The processing is carried out in accordance with Art. 6 (1) (f) GDPR based on our legitimate interest in improving the stability and functionality of our website. Data is not transferred or used otherwise. However, we reserve the right to review the server log files retrospectively if there are concrete indications of unlawful use.

2.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the data controller). You can recognize an encrypted connection by the "https://" prefix and the lock symbol in your browser’s address bar.

3) Hosting & Content Delivery Network

Shopify

For hosting our website and displaying the site content, we use the system of the following provider: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify")

Data is also transmitted to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada

All data collected on our website is processed on the provider's servers. We have signed a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

For data transmission to Canada, an adequate level of data protection is ensured by an adequacy decision of the European Commission.

4) Cookies

To make visiting our website attractive and to enable the use of certain functions, we use cookies, i.e., small text files that are stored on your device. Some cookies are automatically deleted after closing the browser (so-called "session cookies"), while others remain on your device longer and allow saving of site settings (so-called "persistent cookies"). In the latter case, you can find the storage duration in the overview of the cookie settings of your web browser.

If individual cookies we use also process personal data, the processing is carried out in accordance with Art. 6 (1) (b) GDPR either for the performance of the contract, according to Art. 6 (1) (a) GDPR in case of consent, or according to Art. 6 (1) (f) GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the site visit.

You can configure your browser to be informed about the setting of cookies and decide individually on their acceptance or exclude the acceptance of cookies for certain cases or generally.

Please note that if cookies are not accepted, the functionality of our website may be limited.

5) Contacting Us

In the context of contacting us (e.g., via contact form or email), personal data will be processed solely for the purpose of handling and responding to your request and only to the extent necessary.

The legal basis for the processing of this data is our legitimate interest in answering your request in accordance with Art. 6 (1) (f) GDPR. If your contact is aimed at a contract, the additional legal basis for the processing is Art. 6 (1) (b) GDPR. Your data will be deleted when it is clear from the circumstances that the matter in question has been conclusively resolved and provided that there are no legal retention obligations.

6) Comment Function

In the context of the comment function on this website, alongside your comment, information on the time of creation of the comment and the chosen commentator's name will be stored and published on this website. Furthermore, your IP address will be logged and stored. This storage of the IP address is for security reasons and in case the person concerned violates the rights of third parties or posts illegal content through a comment. We need your email address to contact you if a third party should complain about your published content as illegal.

The legal bases for the storage of your data are Art. 6 (1) (b) and (f) GDPR. We reserve the right to delete comments if they are objected to as illegal by third parties.

7) Use of Customer Data for Direct Advertising

7.1 Subscription to Our Email Newsletter

If you subscribe to our email newsletter, we will regularly send you information about our offers. The mandatory information for sending the newsletter is only your email address. Providing additional data is voluntary and is used to address you personally. For sending the newsletter, we use the so-called double opt-in procedure, which ensures that you only receive newsletters if you have explicitly confirmed your consent to receive the newsletter by clicking on a verification link sent to the provided email address.

By activating the confirmation link, you consent to the use of your personal data in accordance with Art. 6 (1) (a) GDPR. We also store the IP address registered by the Internet Service Provider (ISP) as well as the date and time of registration to trace any possible misuse of your email address at a later time. The data collected when you subscribe to the newsletter will be used strictly for its intended purpose.

You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending a corresponding message to the data controller mentioned above. After unsubscribing, your email address will be promptly removed from our newsletter distribution list unless you have explicitly agreed to further use of your data or we reserve the right to further use of data that is legally permitted and about which we inform you in this statement.

7.2 Klaviyo

The sending of our email newsletters is done via the following provider: Klaviyo, 225 Franklin St, Boston, MA 02110, USA

Based on our legitimate interest in effective and user-friendly newsletter marketing, we share the data you provided during the newsletter registration with this provider according to Art. 6 (1) (f) GDPR to enable them to handle the newsletter dispatch on our behalf.

Subject to your explicit consent according to Art. 6 (1) (a) GDPR, the provider also performs a statistical evaluation of newsletter campaigns using web beacons or tracking pixels in the sent emails, which can measure open rates and specific interactions with the newsletter contents. Device information (e.g., time of access, IP address, browser type, and operating system) is also collected and evaluated, but not combined with other data sets.

You can withdraw your consent to newsletter tracking at any time with effect for the future.

We have signed a data processing agreement with the provider that protects our website visitors' data and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures the adherence to European data protection standards based on an adequacy decision by the European Commission.

8) Data Processing for Order Fulfillment

8.1 As far as necessary for the contract fulfillment for delivery and payment purposes, the personal data we collect will be shared with the commissioned transport company and the commissioned bank according to Art. 6 (1) (b) GDPR.

If we owe you updates for goods with digital elements or digital products based on a corresponding contract, we process the contact details (name, address, email address) provided during the order to inform you personally about upcoming updates within the legally required period in accordance with Art. 6 (1) (c) GDPR. Your contact details will be used strictly for communication about updates we owe and will be processed only to the extent necessary for the respective information.

To fulfill our contractual obligations to our customers, we also work with the following service providers who support us in the execution of contracts. Certain personal data is transmitted to these service providers as described below.

8.2 To fulfill our contractual obligations to our customers, we work with external shipping partners. We provide your name and delivery address and, if necessary for the delivery, your phone number to a selected shipping partner solely for the purpose of delivering the goods according to Art. 6 (1) (b) GDPR.

8.3 Use of Payment Service Providers (Payment Services)

  • Amazon Pay

On this website, one or more online payment methods of the following provider are available: Amazon Payments Europe s.c.a., 38 avenue J.F. Kennedy, L-1855 Luxembourg

If you choose a payment method from the provider where you make an advance payment (e.g., credit card payment), your payment data provided during the order process (including name, address, bank and card information, currency, and transaction number) as well as information about the content of your order will be forwarded to this provider according to Art. 6 (1) (b) GDPR.

  • Google Pay

On this website, you can also choose the payment method Google Pay, which is offered by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. If you select this payment method, your payment data will be processed by Google Pay, including name, address, payment information, and transaction number, according to Art. 6 (1) (b) GDPR.

  • PayPal

If you choose PayPal as the payment option, payment processing will be handled by PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. The payment processing is carried out in accordance with Art. 6 (1) (b) GDPR. If you choose this payment method, PayPal will process your payment data (including name, address, bank and card details, transaction information) and process the payment.

  • Shopify Payments

This website uses the payment service Shopify Payments. Payments are processed via the provider Shopify Payments, operated by Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada. Personal data will be processed in accordance with Art. 6 (1) (b) GDPR.

  • SOFORT

If you select "SOFORT" as the payment method, the payment will be processed by SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany. Personal data required for processing the payment (including bank details, transaction information) will be forwarded to SOFORT in accordance with Art. 6 (1) (b) GDPR.

9) Retargeting/Remarketing and Conversion Tracking

9.1 This website uses the Facebook pixel of Meta Platforms Inc. and the TikTok pixel of TikTok Technology Limited. These technologies allow us to track the behavior of users after they have been redirected to our website via advertisements on social media platforms. This helps us measure the effectiveness of our advertisements and improve our marketing strategies.

  • Meta Pixel

The Meta Pixel is operated by Meta Platforms Inc., 1601 Willow Road, Menlo Park, CA 94025, USA. If you have given your consent, this pixel tracks your visit and the pages you view. This allows us to target our advertisements on Facebook more accurately and measure their effectiveness. You can prevent the collection of data by adjusting your Facebook ad settings or using your browser’s settings to block cookies.

  • TikTok Pixel

The TikTok Pixel is operated by TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, Ireland. The pixel allows us to track user actions on our website after interacting with TikTok ads. This helps us improve our advertising strategies on TikTok. You can control TikTok's data collection by adjusting your privacy settings in the TikTok app or by blocking cookies in your browser.

10) Site Functionalities

Endereco

To ensure accurate address details, we use the service Endereco from Endereco Ltd, 45-49 Frensham Road, London, UK. This service allows us to validate and correct addresses provided by users. The data provided is processed by Endereco in accordance with Art. 6 (1) (f) GDPR to ensure accurate address data for our customers.

11) Rights of the Data Subject

You have the right to request information about the personal data we hold about you, to request the correction or deletion of this data, to request restriction of processing, to object to processing, and to data portability. If you believe that the processing of your data violates data protection laws or that your data protection rights have been violated, you can file a complaint with the relevant supervisory authority.

12) Duration of Data Storage

The duration of the storage of personal data depends on the respective purpose of processing and the legal requirements. Data will be deleted when it is no longer required for the purpose for which it was collected, unless there are legal obligations to retain it.