Data Protection

Privacy Policy – TÜV-certified data protection according to GDPR

1. Data controller

2. Purpose of data processing

• Contract processing: Delivery of products, invoicing, payment processing.
• Customer service: Handling inquiries, warranty claims, and returns.
• Market research: Analysis of usage behavior (without personal identification).

3. Types of processed data

• Name, address, email, phone number (for contract processing).
• Credit card data (securely entered via TÜV-certified PCI-DSS-compliant hotline ).

• IP address, browser type (for system administration, anonymized).
• Usage behavior on our website (to optimize the user interface).

4. Data sharing with third parties

• Financial institutions (e.g., PayPal, credit card providers) for payment processing.
• Logistics partners (e.g., DHL) for delivery.

• No sharing with advertisers or social media without written consent (GDPR Art. 7).

5. Storage location and security measures

• Storage in Germany: Servers are located in TÜV-certified data centers in Frankfurt.
• Security standards:
  • Encryption with AES-256 (ISO/IEC 27001 compliant).
  • Firewall protection, limited access authorization, and annual TÜV inspections.

6. Retention period

• Order data: 10 years (tax law).
• Customer contacts: 5 years after last contact.
• Usage behavior: 2 years (analytical purposes).

7. Your rights under GDPR

• Information about stored data (free within 7 days).
• Correction of incorrect data.
• Deletion of your data (unless legal retention obligations exist).
• Objection to data processing for marketing purposes.

8. Changes to the Privacy Policy