PRIVACY POLICY

Amy Walker Privacy Policy

This policy outlines how Amy Walker handles your personal data when you use our website, ensuring full compliance with the General Data Protection Regulation (GDPR).

1. Information on Data Controller and Security

  • 1.1 Introduction: We appreciate your visit and inform you below about the handling of your personal data, which includes all data that can personally identify you.

  • 1.2 Data Controller: The entity responsible for processing personal data on this website, in the context of the GDPR, is Amy Walker. The data controller determines the purposes and means of processing personal data.

  • 1.3 Security Measures: This website uses SSL or TLS encryption for security and to protect the transmission of personal and confidential content (e.g., orders or inquiries). You can recognize an encrypted connection by the "https://" in the browser’s address bar.

2. Data Collection When Visiting Our Website

When using our website for informational purposes only (without registration or data entry), we collect data transmitted by your browser ("server log files"):

  • Data Collected: Our visited website, date and time of access, amount of data sent in bytes, source/reference, browser used, operating system used, and IP address (anonymized where necessary).

  • Legal Basis: Processing is carried out in accordance with Art. 6 (1) lit. f GDPR, based on our legitimate interest in improving the stability and functionality of our website. The data is not otherwise disclosed, but we reserve the right to review it if unlawful use is indicated.

3. Cookies

To enhance your visit and enable certain functions, we use cookies (small text files stored on your device).

  • Some cookies are deleted after you close your browser (session cookies); others remain to recognize your browser (persistent cookies/third-party cookies).

  • Legal Basis: If cookies process personal data, processing is based on Art. 6 (1) lit. b GDPR (contract execution) or Art. 6 (1) lit. f GDPR (legitimate interest in optimal website functionality).

  • Control: You can configure your browser to manage cookies, but disabling them may limit website functionality.

4. Contact

When you contact us (e.g., via form or email), personal data collected (evident from the form) is stored and used solely to respond to your inquiry and for related technical administration.

  • Legal Basis: Our legitimate interest in responding to your request (Art. 6 (1) lit. f GDPR). If your inquiry aims at contract conclusion, Art. 6 (1) lit. b GDPR serves as an additional legal basis.

  • Data Deletion: Your data will be deleted once your inquiry has been processed, provided no legal storage obligations exist.

5. Data Processing for Customer Account Creation and Contract Execution

Personal data is collected when provided for contract execution or customer account creation.

  • Legal Basis: Processing is in accordance with Art. 6 (1) lit. b GDPR.

  • Control: You can delete your customer account anytime. After contract execution or account deletion, your data is restricted and deleted after applicable retention periods, unless you have consented to further use.

6. Use of Your Data for Direct Marketing

  • 6.1 Newsletter Subscription: We require your email address and use the double opt-in procedure. By activating the confirmation link, you consent to processing per Art. 6 (1) lit. a GDPR. You may unsubscribe at any time.

  • 6.2 Newsletters to Existing Customers: If you provided your email during a purchase, we may send promotional emails about similar products based on our legitimate interest in personalized marketing (Art. 6 (1) lit. f GDPR). You can object to this use anytime.

7. Data Processing for Order Handling

  • 7.1 Sharing Data: We share personal data with shipping companies for delivery and payment data with the payment provider, as necessary to fulfill contractual obligations.

  • 7.2 Payment Service Providers (Legal Basis: Art. 6 (1) lit. b GDPR):

    • PayPal: Payment data is transferred to PayPal (Europe) S.à r.l. et Cie, S.C.A. PayPal may conduct credit checks.

    • SOFORT: The transaction is processed through SOFORT GmbH (part of Klarna Group).

8. Review Reminders

If you have consented during or after your order, we may send a one-time review reminder via email. This is processed per Art. 6 (1) lit. a GDPR, and you can revoke consent anytime.

9. Social Media Integration

  • 9.1 Shariff Solution: We use "Shariff" buttons for social media (Facebook, Google+, and Instagram). These are embedded as HTML links, meaning no data is transmitted unless you actively click them.

  • These platforms comply with the "Privacy Shield" framework.

10. Online Marketing (Google Tools)

  • 10.1 DoubleClick by Google: Used to serve relevant ads and track conversions. Processing is based on our legitimate interest (Art. 6 (1) lit. f GDPR). You can object by deactivating cookies for conversion tracking in your browser settings.

  • 10.2 Google AdWords Conversion Tracking: Used to generate conversion statistics (total users who clicked an ad). Storage of cookies is based on Art. 6 (1) lit. f GDPR. You can object by deactivating the Google conversion tracking cookie via browser settings.

  • 10.3 Google Analytics: Used for web analysis using cookies. Storage is based on Art. 6 (1) lit. f GDPR.

    • IP Anonymization: We activate this feature, truncating your IP address within the EU/EEA before transmission.

    • Control: You can prevent cookie storage via browser settings, use the browser plugin at https://tools.google.com/dlpage/gaoptout?hl=en, or click the opt-out link on our website: [Disable Google Analytics].

    • Data Processing Agreement: We have an agreement with Google and implement strict data protection requirements.

    • Demographic Features: We use this function based on anonymous data from interest-based advertising. You can disable this via your Google account ad settings.

11. Web Analysis Services (Universal Analytics)

  • This section confirms the use of Google Analytics, using the _anonymizeIp() extension to ensure processing is based on our legitimate interest (Art. 6 (1) lit. f GDPR) in statistical user analysis.

  • Cross-Device Analysis: Google Analytics is used for cross-device analysis via an anonymous User-ID. You can object to this by disabling Google Analytics on all systems you use.

12. Retargeting / Remarketing / Reference Advertising

  • Facebook Custom Audience (Pixel): Tracks user behavior after viewing Facebook ads, based on your explicit consent (Art. 6 (1) lit. a GDPR). You can disable cookies on your computer via browser settings or the Digital Advertising Alliance website: https://www.aboutads.info/choices/.

  • Google AdWords Remarketing: Enables interest-based advertising based on visited pages. Processing is based on our legitimate interest (Art. 6 (1) lit. f GDPR).

13. Google AdWords Remarketing

  • This section reiterates the use of Google AdWords Remarketing, placing a cookie in your browser for interest-based advertising based on Art. 6 (1) lit. f GDPR. Further processing occurs only with your consent to link browsing history with your Google account.

14. Third-Party Tracking Technologies

We may use other third-party tracking technologies to analyze user behavior, optimize our services, and provide better advertisements.

15. User Consent and Control (Your Rights)

  • Control: Users maintain control over data collection via browser settings, opt-out mechanisms, and privacy tools provided by third-party services.

  • GDPR Rights: You have the Right of Access, Right to Rectification, Right to Erasure, Right to Restriction of Processing, Right to Data Portability, Right to Object, and the Right to Withdraw Consent.

  • Commitment: We are committed to protecting user privacy while optimizing our digital services.