top of page

DATA PROTECTION

1) Introduction and Contact Details of the Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. Below we inform you about the handling of your personal data when using our website. Personal data means all data by which you can be personally identified.

1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:
Galina Kanunnikova c/o Online-Impressum.de #26386, FÉMINITÉ Fatale Mode, Europaring 90, 53757 Sankt Augustin, Germany, Tel.: +49 151 68463040, E-mail: info@feminite-fatale.com.
The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

2) Data Collection When Visiting Our Website

2.1 When you use our website for purely informational purposes – that is, if you do not register or otherwise transmit information to us – we only collect the data that your browser transmits to the server (“server log files”). When you access our website, we collect the following data, which is technically necessary for us to display the site to you:

  • The website visited

  • Date and time of access

  • Amount of data sent in bytes

  • Referrer/source from which you reached the site

  • Browser used

  • Operating system used

  • IP address used (possibly in anonymised form)

Processing takes place pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not disclosed or otherwise used. However, we reserve the right to check the server log files retrospectively if there are specific indications of unlawful use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or enquiries), this website uses SSL or TLS encryption. You can recognise an encrypted connection by the string “https://” and the lock symbol in your browser bar.

3) Hosting & Content Delivery Network

3.1 Amazon Web Services
For hosting our website and displaying page content, we use the services of Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98109, USA.
All data collected on our website is processed on the provider’s servers.
We have concluded a data-processing agreement with this provider to ensure the protection of visitors’ data and to prohibit unauthorised disclosure to third parties.
For transfers to the USA, the provider participates in the EU–U.S. Data Privacy Framework, which, based on an adequacy decision of the European Commission, ensures compliance with EU data-protection standards.

3.2 Wix
For hosting our website and displaying page content, we use the system of Wix HQ, 6350671, Nemal Tel Aviv St 40, Tel Aviv-Yafo, Israel.
Data is also transferred to Wix Inc., 500 Terry A. Francois Boulevard, San Francisco, California 94158, USA.
All data collected on our website is processed on the provider’s servers.
We have concluded a data-processing agreement with the provider, ensuring the protection of our visitors’ data and prohibiting unauthorised disclosure to third parties.
For transfers to the USA, the provider participates in the EU–U.S. Data Privacy Framework. For transfers to its location in Israel, an adequate level of data protection is ensured by an adequacy decision of the European Commission.

3.3 Google Cloud CDN
We use a content delivery network provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
This service enables us to deliver large media files such as graphics, page content or scripts more quickly via a network of regionally distributed servers.
Processing is carried out to safeguard our legitimate interest in improving the stability and functionality of our website (Art. 6(1)(f) GDPR).
Data may also be transferred to Google LLC, USA.
We have concluded a data-processing agreement with the provider to ensure protection of visitors’ data and to prohibit unauthorised disclosure.
For transfers to the USA, the provider participates in the EU–U.S. Data Privacy Framework.

4) Cookies

To make visiting our website attractive and to enable the use of certain functions, we use cookies – small text files stored on your device.
Some cookies are automatically deleted after you close your browser (“session cookies”), while others remain on your device for a longer period and allow site settings to be saved (“persistent cookies”). For the latter, you can find the storage duration in your browser’s cookie settings.

Where personal data is processed by cookies we use, the processing is carried out either under Art. 6(1)(b) GDPR for the performance of a contract, under Art. 6(1)(a) GDPR where consent has been given, or under Art. 6(1)(f) GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly, efficient design of the visit.

You can configure your browser so that you are informed about the setting of cookies, decide individually on their acceptance, or exclude acceptance for specific cases or in general.
Please note that if cookies are not accepted, the functionality of our website may be limited.

5) Contacting Us

5.1 Wix Chat
This website uses the live chat system provided by Wix HQ, 6350671, Nemal Tel Aviv St 40, Tel Aviv-Yafo, Israel.
The processing of personal data transmitted via the chat is carried out either in accordance with Art. 6(1)(b) GDPRbecause it is necessary for the initiation or performance of a contract, or pursuant to Art. 6(1)(f) GDPR based on our legitimate interest in providing effective support to visitors of our website.
Data transmitted in this way will, subject to statutory retention obligations, be erased once the matter has been conclusively resolved.

Additionally, pseudonymised user profiles may be created for statistical analysis of user behaviour using cookies. These do not serve to personally identify you and are not merged with other datasets. Where such information is personal data, processing is based on Art. 6(1)(f) GDPR (legitimate interest in statistical analysis for optimisation purposes).
You can prevent the use of cookies via browser settings, though this may restrict the functionality of the site.

Data is also transferred to Wix Inc., 500 Terry A. Francois Boulevard, San Francisco, California 94158, USA.
We have concluded a data-processing agreement with the provider to protect visitors’ data and to prevent unauthorised disclosure.
For transfers to the USA, the provider participates in the EU–U.S. Data Privacy Framework. For transfers to Israel, an adequate level of protection is ensured by an adequacy decision of the European Commission.

5.2 WhatsApp Business
You can contact us via the WhatsApp messaging service provided by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
We use the business version of WhatsApp.

If you contact us on WhatsApp in connection with a specific business transaction (e.g., a purchase), we store and use the mobile phone number you use on WhatsApp and—if provided—your first and last name, pursuant to Art. 6(1)(b) GDPR, to process and respond to your enquiry. On the same legal basis, we may ask you via WhatsApp to provide additional details (order number, customer number, address or e-mail address) to link your request to a particular transaction.

If you use our WhatsApp contact for general enquiries (e.g., about services, availability or our website), we store and use the mobile phone number you use on WhatsApp and—if provided—your first and last name, pursuant to Art. 6(1)(f) GDPR, based on our legitimate interest in efficiently providing the requested information.

Your data will only be used to respond to your enquiry via WhatsApp and will not be disclosed to third parties.
Please note that WhatsApp Business has access to the address book of the mobile device we use for this purpose and automatically transmits stored phone numbers to a server of Meta Platforms Inc. in the USA.
For our WhatsApp Business account, we use a device whose address book contains only the WhatsApp contact data of people who have contacted us via WhatsApp. This ensures that every person whose contact details are stored has, at the latest when first using the app, consented to this transfer in accordance with Art. 6(1)(a) GDPR by accepting WhatsApp’s terms of use. Data of people who do not use WhatsApp or who have not contacted us is not transmitted.

For details on data collection and processing by WhatsApp, as well as your rights and settings for protecting your privacy, please refer to WhatsApp’s Privacy Policy: https://www.whatsapp.com/legal/?eea=1#privacy-policy.
We have concluded a data-processing agreement with the provider. Data may be transferred to Meta Platforms Inc. servers in the USA; the provider participates in the EU–U.S. Data Privacy Framework.

5.3 Contact Form or E-mail
When you contact us (e.g., via contact form or e-mail), your personal data will be processed solely for the purpose of handling and responding to your enquiry and only to the extent necessary.
The legal basis is our legitimate interest in answering your request (Art. 6(1)(f) GDPR). If your enquiry is aimed at concluding a contract, an additional legal basis is Art. 6(1)(b) GDPR.
Your data will be deleted once it is clear from the circumstances that the relevant matter has been conclusively resolved, provided there are no statutory retention obligations.

6) Data Processing When Creating a Customer Account

According to Art. 6(1)(b) GDPR, personal data will continue to be collected and processed as necessary if you provide it to us when opening a customer account.
The data required for opening an account can be seen in the input mask of the corresponding form on our website.

You can delete your customer account at any time by sending a message to the controller mentioned above.
After deletion of your customer account, your data will be erased provided that all contracts concluded through it have been fully processed, there are no statutory retention periods to the contrary, and we have no legitimate interest in further storage.

7) Use of Customer Data for Direct Marketing

7.1 Subscribing to Our E-mail Newsletter
If you subscribe to our e-mail newsletter, we will regularly send you information about our offers.
The only mandatory information for receiving the newsletter is your e-mail address; providing other data is voluntary and used to address you personally.
We use the so-called double opt-in procedure to ensure that you only receive newsletters once you have explicitly confirmed your consent by clicking a verification link sent to the e-mail address you provided.

By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6(1)(a) GDPR.
We also store your IP address provided by your Internet service provider (ISP) as well as the date and time of registration, in order to trace any misuse of your e-mail address.
The data collected when registering for the newsletter is used exclusively for the purpose described.

You can unsubscribe at any time via the link provided in the newsletter or by sending a corresponding message to the controller named above.
After unsubscribing, your e-mail address will be promptly removed from our newsletter distribution list, unless you have expressly consented to further use of your data or we reserve the right to use your data in a way permitted by law, about which we inform you in this privacy notice.

7.2 Sending E-mail Newsletters to Existing Customers
If you have provided us with your e-mail address when purchasing goods or services, we reserve the right to send you regular offers for similar goods or services from our range via e-mail.
According to Section 7(3) UWG (German Unfair Competition Act), we do not need separate consent from you for this.
Processing is based solely on our legitimate interest in personalised direct advertising under Art. 6(1)(f) GDPR.
If you initially objected to the use of your e-mail address for this purpose, no e-mails will be sent.
You may object to the use of your e-mail address for advertising purposes at any time with effect for the future by notifying the controller.
You will only incur transmission costs according to basic rates. After receipt of your objection, the use of your e-mail address for advertising purposes will stop immediately.

7.3 Stock Availability Notifications by E-mail
For temporarily unavailable items, you can register to receive e-mail stock availability notifications. We will send you a one-time message about the availability of the item you selected.
The only required information is your e-mail address; other data is optional and may be used to address you personally.
We use the double opt-in procedure to ensure you only receive a notification once you have confirmed it via a verification link sent to the e-mail address provided.

By activating the confirmation link, you give us consent to use your personal data pursuant to Art. 6(1)(a) GDPR. We store your IP address and the date and time of registration to trace any misuse of your e-mail address.
The data collected for stock notifications is used strictly for this purpose.

You can unsubscribe at any time by sending a message to the controller named above. After unsubscribing, your e-mail address will be removed from our mailing list, unless you have expressly consented to further use of your data or we reserve the right to use it in a way permitted by law.

7.4 Shopping Cart Reminder by E-mail
If you leave our shop before completing your order, you may receive a one-time reminder by e-mail about the contents of your virtual shopping cart.
The only mandatory detail for sending this reminder is your e-mail address; other data is voluntary and may be used to address you personally.
We use the double opt-in procedure so that you only receive a reminder after confirming it through a verification link sent to your e-mail address.

By activating the confirmation link, you give us consent pursuant to Art. 6(1)(a) GDPR to send the shopping cart reminder.
We store your IP address and the date and time of registration in order to track any misuse of your e-mail address.
The data collected for our shopping cart reminder is used strictly for this purpose.

You can unsubscribe at any time by sending a message to the controller named above. After unsubscribing, your e-mail address will be deleted from our mailing list unless you have expressly agreed to further use of your data or we reserve the right to use it in a way permitted by law.

8) Data Processing for Order Handling

8.1 General Information
Where necessary for the execution of the contract for delivery and payment purposes, the personal data we collect will be passed on to the transport company entrusted with delivery and the financial institution entrusted with payment, pursuant to Art. 6(1)(b) GDPR.

If we owe you updates for goods with digital elements or for digital products under a contract, we will process the contact details you provided during the order to inform you personally in accordance with our statutory information obligations under Art. 6(1)(c) GDPR. Your contact details will be used strictly for the purpose of communicating about such updates and only to the extent required.

For order processing, we also cooperate with the service provider(s) listed below. Certain personal data is transmitted to them as described.

8.2 Transfer of Personal Data to Shipping Service Providers

  • DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn, Germany

  • DPD Deutschland GmbH, Wailandtstraße 1, 63741 Aschaffenburg, Germany

  • Hermes Logistik Gruppe Deutschland GmbH, Essener Straße 89, 22419 Hamburg, Germany

  • United Parcel Service Deutschland Inc. & Co. OHG, Görlitzer Straße 1, 41460 Neuss, Germany

We may pass on your e-mail address and/or telephone number before delivery to allow the provider to coordinate a delivery date or notify you of delivery (Art. 6(1)(a) GDPR), provided you have expressly consented during checkout.
Otherwise, we will only pass on the recipient’s name and delivery address pursuant to Art. 6(1)(b) GDPR, where this is necessary for delivering the goods. In this case, it is not possible to arrange a delivery date in advance or send a delivery notification.
Consent may be withdrawn at any time with effect for the future by contacting the controller or the provider.

8.3 Use of Payment Service Providers (Payment Services)
We use one or more of the following payment providers. Where you select a prepayment method (e.g., credit card), your payment data (name, address, bank/card details, currency, transaction number) as well as details of your order are transmitted to the provider pursuant to Art. 6(1)(b) GDPR, solely for payment processing and only as far as necessary.

Where you select a payment option in which the provider makes an advance (e.g., invoice or instalment purchase, or direct debit), you will also be asked during checkout to provide personal information (name, address, date of birth, e-mail address, phone number, possibly details of an alternative payment method).
To safeguard our legitimate interest in assessing customers’ creditworthiness, this data may be transmitted to the provider for a credit check under Art. 6(1)(f) GDPR.

Depending on the provider, credit information may include probability values (“scores”) based on a scientifically recognised mathematical-statistical procedure, which may include (among other things) address data.
You may object to this processing at any time by contacting us or the provider; however, the provider may still be entitled to process your data where necessary for proper payment handling.

Payment providers described:

  • Apple Pay

  • Billie GmbH

  • giropay (paydirekt GmbH)

  • Google Pay

  • Klarna

  • Mollie

  • PayPal / PayPal Checkout

  • Sofortüberweisung (Klarna Bank AB)

  • Stripe

  • Wix Payments

(All details about each provider, their addresses, legal basis, and transfer rules correspond to the German original and have been translated accordingly.)

9) Web Analytics Services

9.1 Google Tag Manager
This website uses the “Google Tag Manager”, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
The Google Tag Manager provides a technical framework that allows us to bundle various web applications – including tracking and analytics tools – and calibrate, control, and link them via a single user interface.
The Tag Manager itself does not store or read any information on users’ devices and does not perform any independent analysis of data. However, when a page is loaded, your IP address may be transmitted to Google and stored there; data may also be transferred to servers of Google LLC in the USA.

This processing is carried out only if you have given us your explicit consent under Art. 6(1)(a) GDPR. Without consent, Google Tag Manager will not be used during your visit. You can revoke your consent at any time with future effect by disabling this service in the cookie-consent tool provided on the website.

We have concluded a data-processing agreement with the provider to protect visitors’ data and prevent unauthorised disclosure.
For transfers to the USA, the provider participates in the EU–U.S. Data Privacy Framework, which ensures an adequate level of protection.

Further information: https://business.safety.google/intl/de/privacy/ and https://policies.google.com/privacy?hl=en.

9.2 Wix Analytics
This website uses the web analytics service provided by Wix HQ, 6350671, Nemal Tel Aviv St 40, Tel Aviv-Yafo, Israel.
By means of cookies and/or similar technologies (tracking pixels, web beacons, algorithms for reading device and browser data), the service collects and stores pseudonymised visitor data – including information about the device used, such as IP address and browser information – to evaluate them for statistical analyses of user behaviour and to create pseudonymised usage profiles.
For example, it is possible to analyse movement patterns (“heatmaps”), the duration of visits, and interactions with page content (text entries, scrolling, clicks, and mouse-overs).
Pseudonymisation generally prevents direct attribution to a person. Data is not combined with other clear data collected about you.

All of the above processing, in particular reading or storing information on the device used, is carried out only if you have given us explicit consent under Art. 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future by disabling this service in the cookie-consent tool on the site.

We have concluded a data-processing agreement with the provider to protect visitors’ data and prevent unauthorised disclosure.
For transfers to Israel, an adequate level of protection is ensured by an adequacy decision of the European Commission.

10) Website Features

10.1 Facebook Connect
We provide a single sign-on feature from Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Data may also be transferred to Meta Platforms Inc., USA.
If you have an account with the provider, you can use your account details to register or create a user account on our site.

When visiting this page, a direct connection may be established between your browser and the provider’s servers – even if you don’t have an account or are not logged in. The provider then receives information that you visited our site (including your IP address). These data are not used to personally identify you and are not shared with third parties.
Processing is based on Art. 6(1)(f) GDPR, our legitimate interest in a user-friendly, interactive online presence.

If you click the login button to register with your account data, the provider will transfer, with your express consent (Art. 6(1)(a) GDPR), the public profile information stored in your account (user ID, name, address, e-mail, age, gender) to us.
We store and use the data transmitted to set up a user account (salutation, first name, last name, address, country, e-mail, date of birth), provided you have released them to the provider. Conversely, data (e.g., browsing or purchasing behaviour) may be transferred from us to your provider account with your consent.

Consent can be withdrawn at any time with effect for the future.
For transfers to the USA, the provider participates in the EU–U.S. Data Privacy Framework.

10.2 Google Sign-In
We provide a single sign-on feature from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
Data may also be transferred to Google LLC, USA.
If you have an account with Google, you can log in to create a user account or register on our website.

When visiting the page, a direct connection may be established between your browser and Google’s servers, even if you are not logged in. Google then receives information that you visited our site (including your IP). These data are not used to personally identify you or shared with third parties.
Processing takes place on the basis of Art. 6(1)(f) GDPR (legitimate interest in a user-friendly and interactive online presence).

If you press the login button, Google will transfer, with your explicit consent (Art. 6(1)(a) GDPR), the public profile data stored in your account (user ID, name, address, e-mail, age, gender) to us.
We store and use the transmitted data to set up a user account (salutation, first and last name, address, country, e-mail, date of birth), provided you have shared it with Google. Conversely, data (e.g., browsing or purchasing behaviour) may be transferred from us to your Google account with your consent.

Consent can be revoked at any time.
For transfers to the USA, Google participates in the EU–U.S. Data Privacy Framework.
More info: Google Privacy & Security.

10.3 FontAwesome
To ensure a uniform presentation of fonts, this site uses web fonts from Fonticons, Inc., 710 Blackhorn Dr, Carl Junction, MO 64834, USA.
When you call up a page, your browser loads the necessary web fonts into its cache and establishes a direct connection to the provider’s servers, transmitting certain browser information, including your IP address.
Processing takes place only if you have given explicit consent (Art. 6(1)(a) GDPR). Consent can be revoked at any time via the cookie-consent tool. If your browser does not support web fonts, a default font from your computer will be used.
Data transfers to the USA rely on the EU Commission’s Standard Contractual Clauses.

10.4 Fonts.com
This site uses web fonts from Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, MA 01801, USA.
When a page is loaded, your browser fetches the required fonts into its cache and connects directly to the provider’s servers, transmitting certain browser data, including your IP.
Processing only occurs if you have given explicit consent (Art. 6(1)(a) GDPR). You can revoke it at any time via the cookie-consent tool.

10.5 Google Web Fonts
This site uses web fonts from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
When you load a page, your browser retrieves the required fonts and connects directly to Google’s servers, transmitting certain browser information, including your IP. Data may also be transferred to Google LLC, USA.
Processing occurs only if you have granted explicit consent (Art. 6(1)(a) GDPR). If your browser does not support web fonts, a default font will be used.
For transfers to the USA, Google participates in the EU–U.S. Data Privacy Framework.

10.6 MyFonts
This site uses web fonts from Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, MA 01801, USA.
When a page is loaded, your browser downloads the necessary fonts and establishes a connection to the provider’s servers, transmitting certain browser information, including your IP address.
Processing occurs only if you have granted explicit consent (Art. 6(1)(a) GDPR). Consent may be withdrawn at any time via the cookie tool.

10.7 Google reCAPTCHA
We use the CAPTCHA service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
Data may also be transferred to Google LLC, USA.
For styling the CAPTCHA window, Google Fonts are used but no further data is transmitted beyond what is needed for reCAPTCHA’s functionality.

The service checks whether an entry is made by a human or by automated processing, blocking spam, DDoS attacks, and similar harmful access. To ensure an action is performed by a human, the provider collects the IP address, browser and OS type, date and duration of the visit, and transmits them to Google’s servers. Cookies may be used.

If cookies are involved, they are set only with your explicit consent (Art. 6(1)(a) GDPR). Consent can be withdrawn at any time via the cookie tool. Where processing occurs without cookies, it is based on our legitimate interest in preventing abuse and spam (Art. 6(1)(f) GDPR).
We have concluded a data-processing agreement with Google. For transfers to the USA, Google participates in the EU–U.S. Data Privacy Framework.

11) Tools and Miscellaneous

Cookie Consent Tool
This website uses a so-called “cookie consent tool” to obtain valid user consent for cookies and cookie-based applications requiring consent.
When you visit our pages, the tool is displayed as an interactive interface where you can give consent for certain cookies and/or cookie-based applications by ticking checkboxes.

The tool ensures that consent-based cookies/services are only loaded if you have given the respective consent.
Technically necessary cookies are set by the tool to store your preferences. Personal data is generally not processed for this purpose.

If, in individual cases, processing of personal data (such as your IP address) is required to save, assign, or log cookie settings, this is carried out in accordance with Art. 6(1)(f) GDPR, based on our legitimate interest in legally compliant, user-specific, and user-friendly consent management and thus in a legally compliant design of our online presence.
Another legal basis is Art. 6(1)(c) GDPR, since we are legally obliged as controllers to make the use of technically unnecessary cookies dependent on the respective user’s consent.

Where necessary, we have concluded a data-processing agreement with the provider to ensure the protection of visitors’ data and to prevent unauthorised disclosure.
For more information about the operator and settings of the cookie consent tool, please refer to the relevant interface on our website.

12) Rights of the Data Subject

12.1 Under applicable data-protection law, you have the following rights with respect to the processing of your personal data by the controller (subject to the conditions set out in the respective legal provisions):

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to notification (Art. 19 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to withdraw consent (Art. 7(3) GDPR)

  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

12.2 Right to Object
IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO SUCH PROCESSING ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, WITH EFFECT FOR THE FUTURE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE DATA CONCERNED. HOWEVER, FURTHER PROCESSING REMAINS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR IF THE PROCESSING SERVES TO ASSERT, EXERCISE, OR DEFEND LEGAL CLAIMS.

IF WE PROCESS YOUR PERSONAL DATA FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH ADVERTISING.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING YOUR PERSONAL DATA FOR DIRECT MARKETING PURPOSES.

13) Duration of Storage of Personal Data

The period for which personal data is stored is determined by the respective legal basis, the processing purpose, and—if applicable—the statutory retention period (e.g., commercial and tax retention periods).

Where data is processed on the basis of explicit consent (Art. 6(1)(a) GDPR), the data will be stored until you withdraw your consent.
If statutory retention periods exist for data processed on the basis of Art. 6(1)(b) GDPR (contractual or pre-contractual obligations), such data will be routinely deleted after the retention period has expired, unless they are still needed for contract performance or initiation or unless we have a legitimate interest in continued storage.

Where personal data is processed on the basis of Art. 6(1)(f) GDPR, such data will be stored until you exercise your right to object under Art. 21(1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or unless the processing serves the establishment, exercise, or defence of legal claims.

For data processed for direct marketing purposes under Art. 6(1)(f) GDPR, the data will be stored until you exercise your right to object under Art. 21(2) GDPR.

Unless otherwise specified in this statement, personal data will be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

bottom of page