Privacy policy
Privacy Policy
1. Introduction and Contact Details of the Controller
1.1 We are pleased that you are visiting our website and thank you for your interest. Below we inform you about how your personal data is handled when using our website. Personal data is any information by which you can be personally identified.
1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:
Dmitrij Filenko, Dmitrij Filenko Black Forest AI Design, Georg-Wagner-Str. 32, 72202 Nagold, Germany,
Tel.: +49 176 23835058,
Email: serviceflagsshop@gmail.com.
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.
2. Data Collection When Visiting Our Website
2.1 When you use our website for informational purposes only, i.e. if you do not register or otherwise submit information to us, we only collect data that your browser transmits to our server (so-called “server log files”). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:
-
Website visited
-
Date and time at the moment of access
-
Amount of data sent in bytes
-
Source/reference from which you reached the page
-
Browser used
-
Operating system used
-
IP address used (in anonymized form)
Processing is carried out in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The IP address is anonymized before storage (e.g. by masking the last digits), so that personal identification is no longer possible. The data is automatically deleted after 7 days unless longer storage is required to investigate unlawful use. The data will not be passed on or used for other purposes.
2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the “https://” string and the lock symbol in your browser line.
3. Cookies
3.1 To make visiting our website attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your device. We distinguish between technically necessary cookies (e.g. for shopping cart and login) and non-essential cookies (e.g. for analytics or marketing).
Technically necessary cookies: These cookies are required for the basic functions of the website (e.g. session cookies). They are automatically deleted after closing the browser. The legal basis is Art. 6(1)(b) GDPR (performance of a contract) or Art. 6(1)(f) GDPR (legitimate interest in providing the website).
Non-essential cookies: These cookies (e.g. analytics cookies from Printify or third parties) are only used with your explicit consent in accordance with Art. 6(1)(a) GDPR. Some of them remain on your device for a longer period (persistent cookies), for example to save user settings.
3.2 We use a cookie consent tool to obtain your consent for non-essential cookies. When you first visit our website, you can decide which cookie categories you wish to allow (e.g. “Essential”, “Statistics”, “Marketing”). You can withdraw or adjust your consent at any time via the “Cookie Settings” link at the bottom of the page.
3.3 Examples of cookies used:
-
printify_session: Purpose: session management for Printify integration, Storage duration: until end of session.
-
_ga (Google Analytics, if used): Purpose: analysis of user behavior, Storage duration: 2 years (only with consent).
You can configure your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or exclude acceptance of cookies in general. If cookies are not accepted, the functionality of our website may be limited.
4. Contacting Us
When you contact us (e.g. via contact form or email), we process personal data exclusively for handling your request and only to the extent necessary for that purpose. The legal basis is Art. 6(1)(f) GDPR (legitimate interest) or, if related to contract initiation, Art. 6(1)(b) GDPR. Your data will be deleted 3 months after final processing, unless statutory retention obligations prevent deletion.
5. Data Processing When Opening a Customer Account
In accordance with Art. 6(1)(b) GDPR, we collect and process personal data (e.g. name, email, address) that you provide when opening a customer account. The required data can be seen in the input form on our website. You can delete your account at any time by sending a message to serviceflagsshop@gmail.com. After deletion, your data will be removed unless contracts are still pending or statutory retention periods apply.
6. Use of Customer Data for Direct Advertising
If you subscribe to our email newsletter, we will regularly send you information about our offers. The only mandatory information is your email address; further data (e.g. name) is voluntary. We use the double opt-in procedure: you will only receive newsletters after confirming a verification link. The legal basis is your consent in accordance with Art. 6(1)(a) GDPR. We store the IP address as well as the date and time of registration for verification purposes. You can unsubscribe from the newsletter at any time using the unsubscribe link or by sending a message to serviceflagsshop@gmail.com. Your email address will then be deleted immediately unless further consent exists.
7. Data Processing for Order Fulfillment
7.1 For contract processing, we pass on your data (name, address) to the commissioned shipping company and, if applicable, the payment institution in accordance with Art. 6(1)(b) GDPR.
7.2 Printify
We use the service Printify, Inc., 108 West 13th Street, Wilmington, DE 19801, USA, for order fulfillment. Your name, address, and, if applicable, other personal data are transferred to Printify exclusively for the purpose of processing your order in accordance with Art. 6(1)(b) GDPR. Data is transferred to the USA on the basis of the European Commission’s Standard Contractual Clauses (SCCs). In addition, Printify implements technical and organizational measures (e.g. encryption) to protect your data against unauthorized access, especially by US authorities. Further information can be found in Printify’s privacy policy: https://printify.com/privacy-policy/
7.3 Use of Payment Service Providers
PayPal: If payment is made via PayPal (PayPal (Europe) S.à r.l. et Cie, S.C.A., 22–24 Boulevard Royal, L-2449 Luxembourg), we pass on your payment data (name, address, payment details) for payment processing in accordance with Art. 6(1)(b) GDPR. In the case of credit checks (e.g. “Pay Later”), this is done in accordance with Art. 6(1)(f) GDPR. You can object to processing, but PayPal may still be entitled to process the data if required for payment handling. Details: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
8. Tools and Miscellaneous
8.1 Cookie Consent Tool
This website uses a cookie consent tool to obtain your consent for cookies and cookie-based applications that require consent. You can define your preferences on your first visit and adjust them at any time via “Cookie Settings”. The legal basis is Art. 6(1)(c) GDPR (legal obligation under the TTDSG).