Privacy policy
Data Protection Policy
1 Introduction and Contact Details of the Controller
1.1 We are pleased about your visit to our website and your interest in our services. We inform you here about the processing of your personal data when using our website. Personal data is all data with which you can be personally identified.
1.2 The controller of data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Abdelmounim Berzedjou, am stopper 142 a, 48329 Havixbeck, Germany. Tel: + 377607939066 Email: support@buylunava.com The controller of personal data processing is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.
2 Data Collection When Visiting Our Website
2.1 When you use our website for purely informational purposes, that is to say, if you do not register or provide us with any other information, we only collect the data that your browser transmits to our server (the "server log files"). Thus, when visiting our website, only the following data, which is technically necessary to display the website, is collected:
• The website visited
• The date and time of access to the site
• The amount (in bytes) of data sent
• The source/reference from which you came to our website
• The browser used
• The operating system
• The IP address used (if applicable: in anonymous form)
Processing is carried out in accordance with Article 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of the website. The data will not be passed on or used for any other purpose. We reserve the right, however, to check the server log files retrospectively if there are specific indications of illegal use.
2.2 This website uses SSL (Secure Socket Layer) or TLS (Transport Layer Security) encryption for security reasons and to protect the transmission of personal data and other confidential content (such as orders or inquiries). You can recognize an encrypted connection by the character string "https://" and/or the padlock symbol in the browser bar.
3 Hosting & Content Delivery Network
Shopify
For hosting our website and displaying the content of the pages, we use the system of the following provider: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland
The data is also transferred to: Shopify Inc, 150 Elgin St, Ottawa, ON K2P 1L4, Canada
All data collected on our website is processed on the provider's servers. We have concluded a processing agreement with the provider, which ensures the protection of the data of visitors to our site and prohibits unauthorized transfer to third parties.
In the case of data transfer to Canada, an adequate level of data protection is guaranteed by an adequacy decision of the European Commission.
4 Cookies
In order to make the visit to our website attractive and to enable the use of certain functions, we use cookies, i.e., small text files that are stored on your device. Some of these cookies are automatically deleted after the browser is closed ("session cookies"), others remain longer on your device and allow us to save page settings ("persistent cookies"). In the latter case, you can see the storage duration in the overview of the cookie settings of your web browser.
If personal data is also processed by some of the cookies we use, the processing is carried out in accordance with Article 6(1)(b) GDPR for the execution of the contract, or based on your consent in accordance with Article 6(1)(a) GDPR, or for the purpose of safeguarding our legitimate interest in the best possible functionality of the website and a user-friendly and effective design of the site visit in accordance with Article 6(1)(f) GDPR.
You can configure your browser to inform you about the setting of cookies and to decide individually on their acceptance or to exclude the acceptance of cookies in certain cases or generally.
Please note that if you do not accept cookies, the functionality of our website may be limited.
5 Contacting Us
Personal data is collected when contacting our services (e.g., via contact form or email). The data collected through the contact form can be seen from the respective form. This data is stored and used solely for the purpose of responding to your request and to establish contact as well as the associated technical administration. Data processing is carried out, if applicable, in accordance with Article 6(1)(f) GDPR on the basis of our legitimate interest in responding to your request.
Furthermore, if your contact aims at the conclusion of a contract, the processing of your data is carried out based on Article 6(1)(b) GDPR.
After the final processing of your request, i.e., if it can be inferred from the circumstances that the matter has been conclusively clarified and there are no legal storage obligations to the contrary, your data will be deleted immediately.
6 Use of Your Data for Direct Advertising
6.1 Subscription to Our Email Newsletter
If you subscribe to our newsletter, you will regularly receive information about our offers. The only mandatory information for sending the newsletter is your email address. The indication of other data is optional and will only be used to address you personally. We use the so-called "double opt-in" procedure for sending our newsletter. This means that you will only receive our newsletter by email if you have expressly consented to receive it. After receiving your consent, you will receive a confirmation email asking you to confirm your desire to receive future newsletters by clicking on a confirmation link.
In accordance with Article 6(1)(a) GDPR, by activating the confirmation link, you give us your consent to use your personal data. When registering for the newsletter, we store the IP address assigned by the Internet service provider (ISP) as well as the date and time of registration in order to trace any possible misuse of your email address at a later time. The data collected during the newsletter registration will be used exclusively for advertising purposes through the newsletter. You can unsubscribe at any time via the link provided in the newsletter or by sending a message to the controller mentioned above. After unsubscribing, your email address will be immediately deleted from our mailing list unless you have expressly consented to further use of your data or we reserve the right to use the data in a manner permitted by law and about which we inform you in this declaration.
6.2 Cart Reminder Emails
If you interrupt your purchase on our website before completing the order, you may receive a one-time email reminder of the contents of your virtual shopping cart.
The only mandatory data for sending this reminder is your email address. The indication of other data is optional and will be used if necessary to address you personally. For sending emails, we use the so-called double opt-in procedure, which ensures that you will only receive a reminder if you have expressly confirmed your consent by clicking on a verification link sent to the specified email address.
By activating the verification link, you give us your consent to use your personal data in accordance with Article 6(1)(a) GDPR to send a cart reminder. For this purpose, we store your IP address as recorded by your Internet service provider (ISP) as well as the date and time of your registration in order to trace any possible misuse of your email address at a later time. The data collected during registration for our email alert service is used for a strictly limited purpose.
You can unsubscribe from cart reminders at any time by sending a message to the controller mentioned at the beginning. After unsubscribing, your email address will be immediately deleted from our mailing list unless you have expressly consented to further use of your data or we reserve the right to use the data in a manner permitted by law and about which we inform you in this declaration.
1 Introduction and Contact Details of the Controller
1.1 We are pleased about your visit to our website and your interest in our services. We inform you here about the processing of your personal data when using our website. Personal data is all data with which you can be personally identified.
1.2 The controller of data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Abdelmounim Berzedjou, am stopper 142 a, 48329 Havixbeck, Germany. Tel: + 377607939066 Email: support@buylunava.com The controller of personal data processing is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.
2 Data Collection When Visiting Our Website
2.1 When you use our website for purely informational purposes, that is to say, if you do not register or provide us with any other information, we only collect the data that your browser transmits to our server (the "server log files"). Thus, when visiting our website, only the following data, which is technically necessary to display the website, is collected:
• The website visited
• The date and time of access to the site
• The amount (in bytes) of data sent
• The source/reference from which you came to our website
• The browser used
• The operating system
• The IP address used (if applicable: in anonymous form)
Processing is carried out in accordance with Article 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of the website. The data will not be passed on or used for any other purpose. We reserve the right, however, to check the server log files retrospectively if there are specific indications of illegal use.
2.2 This website uses SSL (Secure Socket Layer) or TLS (Transport Layer Security) encryption for security reasons and to protect the transmission of personal data and other confidential content (such as orders or inquiries). You can recognize an encrypted connection by the character string "https://" and/or the padlock symbol in the browser bar.
3 Hosting & Content Delivery Network
Shopify
For hosting our website and displaying the content of the pages, we use the system of the following provider: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland
The data is also transferred to: Shopify Inc, 150 Elgin St, Ottawa, ON K2P 1L4, Canada
All data collected on our website is processed on the provider's servers. We have concluded a processing agreement with the provider, which ensures the protection of the data of visitors to our site and prohibits unauthorized transfer to third parties.
In the case of data transfer to Canada, an adequate level of data protection is guaranteed by an adequacy decision of the European Commission.
4 Cookies
In order to make the visit to our website attractive and to enable the use of certain functions, we use cookies, i.e., small text files that are stored on your device. Some of these cookies are automatically deleted after the browser is closed ("session cookies"), others remain longer on your device and allow us to save page settings ("persistent cookies"). In the latter case, you can see the storage duration in the overview of the cookie settings of your web browser.
If personal data is also processed by some of the cookies we use, the processing is carried out in accordance with Article 6(1)(b) GDPR for the execution of the contract, or based on your consent in accordance with Article 6(1)(a) GDPR, or for the purpose of safeguarding our legitimate interest in the best possible functionality of the website and a user-friendly and effective design of the site visit in accordance with Article 6(1)(f) GDPR.
You can configure your browser to inform you about the setting of cookies and to decide individually on their acceptance or to exclude the acceptance of cookies in certain cases or generally.
Please note that if you do not accept cookies, the functionality of our website may be limited.
5 Contacting Us
Personal data is collected when contacting our services (e.g., via contact form or email). The data collected through the contact form can be seen from the respective form. This data is stored and used solely for the purpose of responding to your request and to establish contact as well as the associated technical administration. Data processing is carried out, if applicable, in accordance with Article 6(1)(f) GDPR on the basis of our legitimate interest in responding to your request.
Furthermore, if your contact aims at the conclusion of a contract, the processing of your data is carried out based on Article 6(1)(b) GDPR.
After the final processing of your request, i.e., if it can be inferred from the circumstances that the matter has been conclusively clarified and there are no legal storage obligations to the contrary, your data will be deleted immediately.
6 Use of Your Data for Direct Advertising
6.1 Subscription to Our Email Newsletter
If you subscribe to our newsletter, you will regularly receive information about our offers. The only mandatory information for sending the newsletter is your email address. The indication of other data is optional and will only be used to address you personally. We use the so-called "double opt-in" procedure for sending our newsletter. This means that you will only receive our newsletter by email if you have expressly consented to receive it. After receiving your consent, you will receive a confirmation email asking you to confirm your desire to receive future newsletters by clicking on a confirmation link.
In accordance with Article 6(1)(a) GDPR, by activating the confirmation link, you give us your consent to use your personal data. When registering for the newsletter, we store the IP address assigned by the Internet service provider (ISP) as well as the date and time of registration in order to trace any possible misuse of your email address at a later time. The data collected during the newsletter registration will be used exclusively for advertising purposes through the newsletter. You can unsubscribe at any time via the link provided in the newsletter or by sending a message to the controller mentioned above. After unsubscribing, your email address will be immediately deleted from our mailing list unless you have expressly consented to further use of your data or we reserve the right to use the data in a manner permitted by law and about which we inform you in this declaration.
6.2 Cart Reminder Emails
If you interrupt your purchase on our website before completing the order, you may receive a one-time email reminder of the contents of your virtual shopping cart.
The only mandatory data for sending this reminder is your email address. The indication of other data is optional and will be used if necessary to address you personally. For sending emails, we use the so-called double opt-in procedure, which ensures that you will only receive a reminder if you have expressly confirmed your consent by clicking on a verification link sent to the specified email address.
By activating the verification link, you give us your consent to use your personal data in accordance with Article 6(1)(a) GDPR to send a cart reminder. For this purpose, we store your IP address as recorded by your Internet service provider (ISP) as well as the date and time of your registration in order to trace any possible misuse of your email address at a later time. The data collected during registration for our email alert service is used for a strictly limited purpose.
You can unsubscribe from cart reminders at any time by sending a message to the controller mentioned at the beginning. After unsubscribing, your email address will be immediately deleted from our mailing list unless you have expressly consented to further use of your data or we reserve the right to use the data in a manner permitted by law and about which we inform you in this declaration.
7 Data Processing for Order Handling
7.1 As part of the execution of the contract, the personal data we collect is transmitted to the transport company entrusted with the delivery only to the extent necessary for the delivery of the goods.
Insofar as we owe you updates for goods with digital elements or for digital products on the basis of a corresponding contract, we process the contact data you provided when ordering (name, address, email address) in order to personally inform you about upcoming updates within the scope of our legal information obligation pursuant to Article 6(1)(c) GDPR using an appropriate means of communication (e.g., by post or email). Your contact data is used strictly for the purpose of communicating updates that we owe and is processed by us for this purpose only to the extent necessary.
In the context of the payment processing of the goods, the data we collect is transmitted to the credit institution commissioned with the payment if this is also necessary for the payment of the order. If we use payment service providers, you will be explicitly informed about this below. The legal basis for the data transfer is Article 6(1)(b) GDPR.
7.2 In order to fulfill our contractual obligations towards our customers, we use external shipping service providers. In accordance with Article 6(1)(b) GDPR, we only pass on your name and delivery address to them for the purpose of delivering the goods.
7.1 As part of the execution of the contract, the personal data we collect is transmitted to the transport company entrusted with the delivery only to the extent necessary for the delivery of the goods.
Insofar as we owe you updates for goods with digital elements or for digital products on the basis of a corresponding contract, we process the contact data you provided when ordering (name, address, email address) in order to personally inform you about upcoming updates within the scope of our legal information obligation pursuant to Article 6(1)(c) GDPR using an appropriate means of communication (e.g., by post or email). Your contact data is used strictly for the purpose of communicating updates that we owe and is processed by us for this purpose only to the extent necessary.
In the context of the payment processing of the goods, the data we collect is transmitted to the credit institution commissioned with the payment if this is also necessary for the payment of the order. If we use payment service providers, you will be explicitly informed about this below. The legal basis for the data transfer is Article 6(1)(b) GDPR.
7.2 In order to fulfill our contractual obligations towards our customers, we use external shipping service providers. In accordance with Article 6(1)(b) GDPR, we only pass on your name and delivery address to them for the purpose of delivering the goods.
8 Retargeting, Remarketing, and Advertising Recommendations
8.1 Meta Pixel with Extended Data Matching
As part of our online offering, we use the "Meta Pixel" service of the following provider in extended data matching mode: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland ("Meta").
When a user clicks on an ad placed by us on Facebook or Instagram, a parameter is added to the URL of our linked page using the Meta Pixel. This URL parameter is then stored in the user's browser via a cookie placed by our linked website. This cookie also collects specific customer data, such as the email address, which we collect on our website related to the Facebook or Instagram ad during actions such as a purchase, account login, or registration (extended data matching). The cookie is then read and allows data transmission, including specific customer data, to Meta.
We use Meta Pixel with extended data matching to make our Facebook and/or Instagram ads more effective and to ensure they match users' interests or show specific characteristics (e.g., interest in specific topics or products based on visited websites) that we transmit to Meta ("Custom Audiences").
We also analyze the effectiveness of our advertisements by tracking whether users were redirected to our website after clicking an ad (conversion). Compared to the standard Meta Pixel, the extended data matching function helps us better measure our advertising campaigns by recording more attributed conversions.
All transmitted data is stored and processed by Meta and can be associated with the respective user profile, allowing Meta to use the data for its own advertising purposes according to Meta’s data policy (https://www.facebook.com/about/privacy/). Meta and its partners may display ads on and off Facebook.
All processing activities described above, including setting cookies to read device information, are only carried out if you have given your explicit consent in accordance with Article 6(1)(a) GDPR. You can revoke your consent at any time by deactivating this service in the "Cookie-Consent-Tool" on the website.
We have signed a data processing agreement with the provider that ensures the protection of visitor data and prohibits unauthorized disclosure to third parties.
Information collected by Meta is generally transmitted to a Meta server and stored there; this may also involve transmission to Meta Platforms Inc. servers in the USA. For data transfers to the USA, the provider complies with the EU-U.S. Data Privacy Framework, ensuring a level of data protection equivalent to EU standards based on the European Commission’s adequacy decision.
8.2 TikTok Pixel
This website uses the conversion tracking technology of the following provider: TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland
If you accessed our site via an ad from this provider, the success of the ad may be tracked using cookies and/or comparable technologies (tracking pixels, web beacons, pings, or HTTP requests).
This tracking technology may read device and browser-related information, including your IP address, to record and evaluate user actions we predefined (e.g., purchases, leads, site searches, product page views). This allows us to compile statistics on user behavior to optimize our offerings.
All processing described above, particularly the use of cookies for reading terminal device information, only occurs if you have given explicit consent per Article 6(1)(a) GDPR. You may revoke your consent at any time via the cookie consent tool.
We have signed a data processing agreement with the provider to ensure the protection of data and prohibit unauthorized third-party access.
9 Page Features
Instagram
Our website implements plugins from the following social network: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
These plugins allow direct interaction with content on the social network.
To enhance data protection, the plugins are initially deactivated via a "2-click" or "Shariff" solution. This means no data is transmitted to the provider when loading our website unless you activate the plugin.
Only when you activate the plugin and thereby consent to data transmission in accordance with Article 6(1)(a) GDPR, will your browser establish a direct connection with the provider’s servers. Information such as your IP address, browser details, and visited pages is transmitted. The provider may process this further.
If you are logged into your account on the provider’s network, your interactions may be published and shown to your contacts.
You can revoke your consent at any time by deactivating the plugin. However, this does not affect data already transmitted.
We have concluded a data processing agreement with the provider. For data transfers to the USA, the provider complies with the EU-U.S. Data Privacy Framework.
TrustPilot
Graphical elements from the following provider are integrated to show external customer reviews or a quality label: Trustpilot A/S, Pilestræde 58, 1112 Copenhagen, Denmark
When a page with these elements is loaded, your browser connects to the provider’s servers and transmits some browser data, including your IP address.
If personal data is processed, it is based on Article 6(1)(f) GDPR, justified by our interest in marketing and attractive website presentation.
9.1 FontAwesome
This site uses web fonts from FontAwesome (Fonticons, Inc., 710 Blackhorn Dr, Carl Junction, MO 64834, USA) for consistent font presentation. When visiting the site, your browser connects to FontAwesome’s servers, possibly transferring personal data (e.g., IP address) to the USA.
This processing only occurs if you have consented under Article 6(1)(a) GDPR. You can revoke this at any time via the cookie consent tool.
More info: https://fontawesome.com/privacy
9.2 Google Web Fonts
For uniform font display, we use Google Web Fonts (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 ESW5, Ireland). Your browser loads the fonts from Google’s servers, transmitting data such as your IP address.
This data is only processed if you’ve provided consent (Art. 6(1)(a) GDPR). You can revoke this via the cookie tool.
For transfers to the USA, Google complies with the EU-U.S. Data Privacy Framework.
More info: https://business.safety.google/intl/fr/privacy/
10 Tools and Miscellaneous
We use a "cookie consent tool" to obtain valid user consent for cookies and cookie-based applications. This tool appears as an interactive interface on page load.
Only upon consent are the related services loaded. The tool stores your cookie preferences. If personal data (e.g., IP address) is processed, this is based on Article 6(1)(f) GDPR and Article 6(1)(c) GDPR.
We have signed a data processing agreement with the tool provider.
11 Data Subject Rights
You have the following rights under the GDPR:
• Right of access (Art. 15)
• Right to rectification (Art. 16)
• Right to erasure ("right to be forgotten", Art. 17)
• Right to restriction of processing (Art. 18)
• Right to notification (Art. 19)
• Right to data portability (Art. 20)
• Right to withdraw consent (Art. 7(3))
• Right to lodge a complaint (Art. 77)
11.2 Right to Object
If we process your personal data based on compelling legitimate interests, you may object at any time for reasons arising from your particular situation.
If you object, the processing stops unless we can demonstrate compelling legitimate grounds overriding your interests, rights, and freedoms or if processing serves legal claims.
If your data is processed for direct marketing purposes, you may object at any time. Your data will no longer be used for such purposes if you object.
12 Retention Period of Personal Data
Retention depends on the legal basis, processing purpose, and legal obligations.
If based on consent (Art. 6(1)(a) GDPR), data is retained until revoked.
If based on legal requirements (Art. 6(1)(b)), data is deleted after the legal retention period unless needed for contract fulfillment.
If based on legitimate interest (Art. 6(1)(f)), data is kept until objection unless we demonstrate overriding interests or legal claims.
If used for direct marketing under Art. 6(1)(f), data is retained until objection under Art. 21(2) GDPR.
8.1 Meta Pixel with Extended Data Matching
As part of our online offering, we use the "Meta Pixel" service of the following provider in extended data matching mode: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland ("Meta").
When a user clicks on an ad placed by us on Facebook or Instagram, a parameter is added to the URL of our linked page using the Meta Pixel. This URL parameter is then stored in the user's browser via a cookie placed by our linked website. This cookie also collects specific customer data, such as the email address, which we collect on our website related to the Facebook or Instagram ad during actions such as a purchase, account login, or registration (extended data matching). The cookie is then read and allows data transmission, including specific customer data, to Meta.
We use Meta Pixel with extended data matching to make our Facebook and/or Instagram ads more effective and to ensure they match users' interests or show specific characteristics (e.g., interest in specific topics or products based on visited websites) that we transmit to Meta ("Custom Audiences").
We also analyze the effectiveness of our advertisements by tracking whether users were redirected to our website after clicking an ad (conversion). Compared to the standard Meta Pixel, the extended data matching function helps us better measure our advertising campaigns by recording more attributed conversions.
All transmitted data is stored and processed by Meta and can be associated with the respective user profile, allowing Meta to use the data for its own advertising purposes according to Meta’s data policy (https://www.facebook.com/about/privacy/). Meta and its partners may display ads on and off Facebook.
All processing activities described above, including setting cookies to read device information, are only carried out if you have given your explicit consent in accordance with Article 6(1)(a) GDPR. You can revoke your consent at any time by deactivating this service in the "Cookie-Consent-Tool" on the website.
We have signed a data processing agreement with the provider that ensures the protection of visitor data and prohibits unauthorized disclosure to third parties.
Information collected by Meta is generally transmitted to a Meta server and stored there; this may also involve transmission to Meta Platforms Inc. servers in the USA. For data transfers to the USA, the provider complies with the EU-U.S. Data Privacy Framework, ensuring a level of data protection equivalent to EU standards based on the European Commission’s adequacy decision.
8.2 TikTok Pixel
This website uses the conversion tracking technology of the following provider: TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland
If you accessed our site via an ad from this provider, the success of the ad may be tracked using cookies and/or comparable technologies (tracking pixels, web beacons, pings, or HTTP requests).
This tracking technology may read device and browser-related information, including your IP address, to record and evaluate user actions we predefined (e.g., purchases, leads, site searches, product page views). This allows us to compile statistics on user behavior to optimize our offerings.
All processing described above, particularly the use of cookies for reading terminal device information, only occurs if you have given explicit consent per Article 6(1)(a) GDPR. You may revoke your consent at any time via the cookie consent tool.
We have signed a data processing agreement with the provider to ensure the protection of data and prohibit unauthorized third-party access.
9 Page Features
Our website implements plugins from the following social network: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
These plugins allow direct interaction with content on the social network.
To enhance data protection, the plugins are initially deactivated via a "2-click" or "Shariff" solution. This means no data is transmitted to the provider when loading our website unless you activate the plugin.
Only when you activate the plugin and thereby consent to data transmission in accordance with Article 6(1)(a) GDPR, will your browser establish a direct connection with the provider’s servers. Information such as your IP address, browser details, and visited pages is transmitted. The provider may process this further.
If you are logged into your account on the provider’s network, your interactions may be published and shown to your contacts.
You can revoke your consent at any time by deactivating the plugin. However, this does not affect data already transmitted.
We have concluded a data processing agreement with the provider. For data transfers to the USA, the provider complies with the EU-U.S. Data Privacy Framework.
TrustPilot
Graphical elements from the following provider are integrated to show external customer reviews or a quality label: Trustpilot A/S, Pilestræde 58, 1112 Copenhagen, Denmark
When a page with these elements is loaded, your browser connects to the provider’s servers and transmits some browser data, including your IP address.
If personal data is processed, it is based on Article 6(1)(f) GDPR, justified by our interest in marketing and attractive website presentation.
9.1 FontAwesome
This site uses web fonts from FontAwesome (Fonticons, Inc., 710 Blackhorn Dr, Carl Junction, MO 64834, USA) for consistent font presentation. When visiting the site, your browser connects to FontAwesome’s servers, possibly transferring personal data (e.g., IP address) to the USA.
This processing only occurs if you have consented under Article 6(1)(a) GDPR. You can revoke this at any time via the cookie consent tool.
More info: https://fontawesome.com/privacy
9.2 Google Web Fonts
For uniform font display, we use Google Web Fonts (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 ESW5, Ireland). Your browser loads the fonts from Google’s servers, transmitting data such as your IP address.
This data is only processed if you’ve provided consent (Art. 6(1)(a) GDPR). You can revoke this via the cookie tool.
For transfers to the USA, Google complies with the EU-U.S. Data Privacy Framework.
More info: https://business.safety.google/intl/fr/privacy/
10 Tools and Miscellaneous
We use a "cookie consent tool" to obtain valid user consent for cookies and cookie-based applications. This tool appears as an interactive interface on page load.
Only upon consent are the related services loaded. The tool stores your cookie preferences. If personal data (e.g., IP address) is processed, this is based on Article 6(1)(f) GDPR and Article 6(1)(c) GDPR.
We have signed a data processing agreement with the tool provider.
11 Data Subject Rights
You have the following rights under the GDPR:
• Right of access (Art. 15)
• Right to rectification (Art. 16)
• Right to erasure ("right to be forgotten", Art. 17)
• Right to restriction of processing (Art. 18)
• Right to notification (Art. 19)
• Right to data portability (Art. 20)
• Right to withdraw consent (Art. 7(3))
• Right to lodge a complaint (Art. 77)
11.2 Right to Object
If we process your personal data based on compelling legitimate interests, you may object at any time for reasons arising from your particular situation.
If you object, the processing stops unless we can demonstrate compelling legitimate grounds overriding your interests, rights, and freedoms or if processing serves legal claims.
If your data is processed for direct marketing purposes, you may object at any time. Your data will no longer be used for such purposes if you object.
12 Retention Period of Personal Data
Retention depends on the legal basis, processing purpose, and legal obligations.
If based on consent (Art. 6(1)(a) GDPR), data is retained until revoked.
If based on legal requirements (Art. 6(1)(b)), data is deleted after the legal retention period unless needed for contract fulfillment.
If based on legitimate interest (Art. 6(1)(f)), data is kept until objection unless we demonstrate overriding interests or legal claims.
If used for direct marketing under Art. 6(1)(f), data is retained until objection under Art. 21(2) GDPR.