Privacy Policy
For any inquiries related to data protection, the data controller can be contacted via:
Email: [email protected] or the Contact Form.
1. Data Subject Rights
Data subjects are entitled to exercise the following rights in accordance with applicable data protection laws:
- Right of Access: To obtain confirmation as to whether personal data concerning them is processed, and to access such data along with information regarding its origin, processing purpose, and recipients.
- Right to Data Portability: To receive personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.
- Right to Rectification: To request correction of inaccurate or incomplete personal data.
- Right to Erasure: To request deletion of personal data when retention is no longer necessary or when processing is unlawful.
- Right to Restriction of Processing: To request limitation of processing under specified conditions.
- Right to Object: To object to processing based on legitimate interests or for direct marketing purposes.
- Right to Withdraw Consent: To withdraw consent at any time where processing is consent-based, without affecting the lawfulness of processing before withdrawal.
- Right to Lodge a Complaint: To file complaints with the competent supervisory authority.
2. Visitor Data Collection
We collect limited technical data (web browser, operating system, IP address and Internet Service Provider domain) to ensure stable, secure, and efficient website operation based on legitimate interests; access is restricted to authorized technical personnel, and data is retained only as long as necessary under applicable laws.
3. Use of Cloudflare CDN
Cloudflare is utilized to enhance website performance, security, and accessibility. Cloudflare processes IP addresses and device information in accordance with its Privacy Policy. The legal basis for this processing is legitimate interest.
4. CAPTCHA Security
CAPTCHA technology is employed to prevent automated abuse of the website by processing IP addresses and interaction data. Processing is conducted internally based on legitimate interest and data is deleted immediately after verification.
5. Social Media Interaction
Engagement with our official social media accounts may involve processing of personal data by the respective platforms (including name, email address, IP address, and user behavior). Processing is conducted on the basis of user consent and legitimate interest to improve communication and service provision.
6. Newsletter Subscription
Email addresses (and optionally names or other provided information) are collected solely to distribute newsletters. Processing is based on user consent. Subscribers may withdraw consent or unsubscribe at any time via provided links or by contacting us directly.
7. Contact Forms
Personal data such as name, email address, and message content is collected via contact forms to respond to inquiries. The legal basis is legitimate interest or pre-contractual necessity. Data is retained for up to six months after resolution or as required by law.
8. User Accounts
Creation of user accounts requires personal data including name, email address, and password. Processing is based on user consent. Data is retained for the duration of the account's existence and subsequently in accordance with legal retention periods.
9. Payment Processing
Payment service providers such as PayPal and Stripe process transaction details including payment method, amount, and IP address to facilitate secure transactions. The legal basis is legitimate interest. Users are referred to the providers' respective privacy policies:
10. Cookies
Functional and optional cookies are used to enhance usability. Functional cookies are essential for website operation; optional cookies improve user experience. Cookie data is processed internally only. Users may manage or delete cookies through browser settings. The cookie table below provides detailed information about the cookies we use and their purposes.
| Name | Type | Required | Expiration | Description |
|---|---|---|---|---|
| session | Functional | Yes | Session | This cookie is temporary and expires when the browser is closed. It is essential for managing the user's session and ensuring proper website functionality and does not require prior consent. |
| visit | Functional | Yes | 30 days | This cookie stores the date and time (ISO 8601) of the website visit to support essential functions such as session management and connection stability. It is necessary for the secure and reliable operation of the website and is processed based on legitimate interest, not requiring prior consent. |
| source | Functional | Yes | 30 days | This cookie stores the full URL of the referring page and is used exclusively for essential security purposes, such as detecting and preventing malicious activity and unauthorized access. It helps protect the website's integrity without tracking personal behavior beyond security functions. Its use is based on our legitimate interest in ensuring a secure service and is therefore classified as a functional cookie not requiring prior consent. |
| captcha | Functional | Yes | 30 days | This cookie supports CAPTCHA functionality by verifying that the visitor is human and preventing repeated CAPTCHA challenges during the same visit. It is essential for website security and does not require prior consent. |
| lang | Functional | Yes | 30 days | This cookie stores the user's language preference to display the website in the chosen language on subsequent visits. It is essential for providing a consistent user experience, not requiring prior consent. |
11. Statistical Data Analysis
Anonymized metrics such as page views, session duration, and clicks are analyzed to improve services. Processing is based on legitimate interest and data is stored for up to twelve months.
12. California Consumer Privacy Act (CCPA)
For residents of California, the following applies:
- Categories of data collected: Identifiers, purchase history, browsing data, location, and inferred data.
- Purposes: Service improvement, communication, marketing analysis, and legal compliance.
- Data sharing: Shared solely with third-party service providers; no sale of personal data.
- Rights: Access, deletion, nondiscrimination, and opting out of data sales.
To exercise these rights, please contact [email protected].
13. Canadian Personal Information Protection and Electronic Documents Act (PIPEDA)
For residents of Canada, the following applies:
- Data collected: Contact information, demographic data, and website usage data.
- Purposes: Service improvement, communication, personalization, and compliance.
- Disclosure: To service providers, legal authorities, or in connection with business transfers.
- Rights: Access, correction, deletion, and restriction of processing.
Data is retained only as long as necessary or as required by law.
14. Security Measures, Updates, and Contact Information
- Encryption: SSL/HTTPS protocols are used to secure data transmission.
- Policy Modifications: Updates to this privacy policy may be made to comply with legal or operational requirements. Significant changes will be communicated accordingly.
- Contact for Data Protection: Questions or concerns may be addressed to the Data Protection team via the contact information provided above.