Privacy policy

Privacy Statement

Responsible for data processing:

Christiane Mauer
Wallwieserweg 23
85080 Gaimersheim

Email: mauerartworks@gmail.com

We are pleased about your interest in our online shop. The protection of your privacy is very important to us. Below, we inform you in detail about the handling of your data.


Access Data and Hosting

You can visit our website without providing any personal information. Each time a website is accessed, the web server automatically stores a so-called server log file, which contains, for example, the name of the requested file, your IP address, the date and time of the retrieval, the amount of data transferred, and the requesting provider (access data), and documents the retrieval. These access data are evaluated solely for the purpose of ensuring a trouble-free operation of the site and improving our offer. This serves to safeguard our predominant legitimate interests in a correct presentation of our offer in accordance with Art. 6(1) sentence 1 lit. f GDPR (German: DSGVO). All access data are deleted no later than seven days after the end of your visit to the site.

Hosting

Our service providers partially provide hosting and website presentation services on our behalf. Unless otherwise explained in this privacy policy, all access data and data collected in forms provided on this website are processed on the servers of our service providers. For questions about our service providers and the basis of our cooperation with them, please contact us via the contact methods described in this privacy policy.

Please note that our service providers may be located in countries outside the EU and EEA. For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on the European Commission’s standard data protection clauses. Additionally, the servers of our service providers are located in countries for which the European Commission has determined an adequate level of data protection by decision, such as Canada.


Data Processing for Contract Execution and Contact

We collect personal data when you voluntarily provide it to us in the course of your order or when contacting us (e.g., via contact form or email). Mandatory fields are marked as such, as we need the data in these cases for contract execution or to process your contact. Without this data, you cannot complete your order or send your request. The specific data collected is evident from the respective input forms.

We use the data you provide in accordance with Art. 6(1) sentence 1 lit. b GDPR for contract execution and processing your inquiries. Further information on data processing, particularly on data transfer to our service providers for order, payment, and shipping processing, can be found in the following sections of this privacy policy. After the contract is fully executed, your data will be restricted and deleted in accordance with Art. 6(1) sentence 1 lit. c GDPR, unless there are legal retention obligations, or you have expressly consented to further use of your data in accordance with Art. 6(1) sentence 1 lit. a GDPR, or we reserve the right to further data use permitted by law, which we inform you about in this statement.

Data Processing for Shipping Purposes

To fulfill the contract in accordance with Art. 6(1) sentence 1 lit. b GDPR, we transmit your data to the commissioned shipping service provider (DHL Paket GmbH) to the extent necessary for delivering the ordered goods.

Data Transfer to Shipping Service Providers for Shipping Notification

If you have given us your express consent during or after your order in accordance with Art. 6(1) sentence 1 lit. a GDPR, we will forward your email address and telephone number to the selected shipping service provider so that they can contact you before delivery to announce or arrange the delivery. You can revoke your consent at any time by informing us via the contact method described in this privacy policy or by contacting the shipping service provider directly at the contact address below. After revocation, we will delete the data you provided, unless you have expressly consented to further use of your data, or we reserve the right to further data use, which is legally permitted and about which we inform you in this statement.


Data Processing for Payment Processing

In processing payments in our online shop, we work with the following partners: technical service providers, credit institutions, and payment service providers.

Data Processing for Transaction Handling

Depending on the selected payment method, we forward the data necessary for processing the payment transaction to our technical service providers, who act as our data processors, or to the commissioned credit institutions or the selected payment service provider, to the extent necessary for processing the payment. This serves the contract execution in accordance with Art. 6(1) sentence 1 lit. b GDPR. In part, the payment service providers collect the data required for processing the payment themselves, e.g., on their own website or through a technical integration in the ordering process. The privacy policy of the respective payment service provider applies. For questions about our payment partners, payment processing, and the basis of our cooperation with them, please refer to the contact methods described in this privacy policy.

Data Processing for Fraud Prevention and Payment Optimization

We may provide our service providers with additional data, which they use along with the data necessary for processing the payment as our data processors for fraud prevention and optimizing our payment processes (e.g., invoicing, processing contested payments, supporting accounting). This serves our legitimate interests in fraud prevention and efficient payment management in accordance with Art. 6(1) sentence 1 lit. f GDPR.


Advertising via Email

Email Newsletter Subscription

If you sign up for our newsletter, we will use the data required for this purpose or the data you have separately provided to regularly send you our email newsletter based on your consent pursuant to Art. 6(1) sentence 1 lit. a GDPR. You can unsubscribe from the newsletter at any time either by sending a message to the contact option described below or via a dedicated link in the newsletter. After unsubscribing, we will delete your email address from the distribution list unless you have expressly consented to further use of your data pursuant to Art. 6(1) sentence 1 lit. a GDPR, or we reserve the right to use your data in a manner that is legally permissible and about which we inform you in this notice.



Cookies and Other Technologies

General Information

To make visiting our website attractive and enable the use of certain functions, we use various technologies, including so-called cookies. Cookies are small text files that are automatically stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e., after closing your browser (session cookies). Other cookies remain on your device and enable us to recognize your browser on your next visit (persistent cookies).

We use such technologies that are essential for the use of certain functions of our website (e.g., shopping cart functions). Through these technologies, IP address, time of visit, device and browser information, and information about your use of our website (e.g., information about the content of the shopping cart) are collected and processed. This serves our legitimate interests in an optimized presentation of our offer in accordance with Art. 6(1) sentence 1 lit. f GDPR. Additionally, we use technologies to fulfill our legal obligations (e.g., to prove consent to the processing of your personal data) and for web analysis and online marketing.

If you have consented to the use of technologies in accordance with Art. 6(1) sentence 1 lit. a GDPR, you can revoke your consent at any time by informing us via the contact method described in this privacy policy.


Use of Cookies and Other Technologies for Web Analysis and Advertising Purposes

To the extent that you have given your consent in accordance with Art. 6(1) sentence 1 lit. a GDPR, we use the following cookies and other technologies from third-party providers on our website. After the purpose ceases to exist and the end of the use of the respective technology by us, the data collected in this context will be deleted. You can revoke your consent at any time with effect for the future.

 

Social Media

Social Plugins from Instagram, Pinterest

Our website uses social plugins from social networks. These are integrated into our website as HTML links. If you click on one of the icons, the website of the respective social network opens in a new browser window. There you can, for example, press the Like or Share button.

Online Presence on Instagram, Pinterest

We use social media platforms to communicate with our customers, prospects, and users and to inform them about our services. We would like to point out that user data may be processed outside the European Economic Area. This can pose risks to users, as, for example, enforcing their rights might be more difficult. We would like to point out that US providers certified under the Privacy Shield have committed to complying with EU data protection standards.

In general, user data is also processed for market research and advertising purposes. For example, usage profiles can be created based on user behavior and the resulting interests of the users. These usage profiles can be used to place advertisements within and outside the platforms that presumably correspond to the users’ interests. For these purposes, cookies are usually stored on the users' devices, through which the usage behavior and interests of the users are recorded. Moreover, data may also be stored in the usage profiles, regardless of the devices used, especially if the users are members of the respective platforms and logged in.

The processing of users' personal data is based on our legitimate interests in effective information and communication with users in accordance with Art. 6(1) lit. f GDPR. If users are asked by the respective platform providers for consent to the described data processing, the legal basis of the processing is Art. 6(1) lit. a, Art. 7 GDPR. For a detailed description of the respective processing operations and the opt-out options, we refer to the information linked below from the platform providers (see below).

We would like to point out that the most effective way to assert requests for information and the exercise of user rights is directly with the platform providers. Only the providers have access to the users' data and can take appropriate measures and provide information. If you need further assistance, you can contact us.

Instagram

Within our online offering, functions and contents of the Instagram service, offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA, can be integrated. These can include, for example, content such as images, videos, or texts and buttons with which users can share content of this online offering within Instagram. If the users are members of the Instagram platform, Instagram can assign the access to the aforementioned content and functions to the users' profiles there. Instagram's privacy policy: http://instagram.com/about/legal/privacy/

Pinterest

Within our online offering, functions and contents of the Pinterest service, offered by Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA, can be integrated. These can include, for example, content such as images, videos, or texts and buttons with which users can share content of this online offering within Pinterest. If the users are members of the Pinterest platform, Pinterest can assign the access to the aforementioned content and functions to the users' profiles there. Pinterest's privacy policy: https://about.pinterest.com/en/privacy-policy.

Your Rights

As a data subject, you have the following rights:

  • Right of access: According to Art. 15 GDPR, you have the right to request information about your personal data processed by us to the extent described therein.
  • Right to rectification: According to Art. 16 GDPR, you have the right to demand the immediate correction of incorrect or completion of your personal data stored by us.
  • Right to erasure: According to Art. 17 GDPR, you have the right to request the deletion of your personal data stored by us, unless further processing is necessary:
    •   For exercising the right of freedom of expression and information;
    •   For compliance with a legal obligation;
    •   For reasons of public interest; or
    •   For the establishment, exercise, or defense of legal claims.
  • Right to restriction of processing: According to Art. 18 GDPR, you have the right to request the restriction of processing of your personal data if:
    •   The accuracy of the data is contested by you;
    •   The processing is unlawful, but you oppose the erasure of the data;
    •   We no longer need the data, but you require it for the establishment, exercise, or defense of legal claims; or
    •   You have objected to processing in accordance with Art. 21 GDPR.
  • Right to data portability: According to Art. 20 GDPR, you have the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request the transfer to another controller.
  • Right to lodge a complaint with a supervisory authority: According to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority. Typically, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.
  • Right to Withdraw Consent: You have the right to withdraw consent granted to us at any time with effect for the future.
  • Right to Object: You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6(1) lit. e or f GDPR, including profiling based on those provisions. If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing; this also applies to profiling to the extent that it is related to such direct marketing.

Contact Information 

For questions regarding the collection, processing, or use of your personal data, for information, correction, restriction or deletion of data, as well as the withdrawal of consent granted or objection to a specific data use, please contact us directly using the contact details provided in our legal notice.