GDPR
Privacy Policy
​
1. Responsible for Data Processing
Matthias Lauche
Klewergarten 12, 30449 Hannover
sayhello(at)matthiaslauche.com
2. General Information on Data Processing
We take the protection of your personal data very seriously. Your data is processed in accordance with the applicable data protection laws (in particular the GDPR) as well as this Privacy Policy.
​
Note on Processing by Wix.com:
Our website is hosted on the platform Wix.com Ltd. (40 Namal Tel Aviv St., Tel Aviv 6350671, Israel). Wix.com provides hosting and other functions for websites. The processing of your data by Wix is carried out in accordance with the GDPR, as Israel is recognized by the EU Commission as a country providing an adequate level of data protection. We have concluded a data processing agreement with Wix in accordance with Art. 28 GDPR. Further information on data processing by Wix can be found in Wix’s Privacy Policy.
3. Collection and Storage of Personal Data, as well as the
Nature and Purpose of its Use
a. Visiting the Website
When you visit our website, we automatically collect information in server log files that your browser transmits. This includes:
​
· IP address
· Date and time of the request
· Time zone difference to Greenwich Mean Time (GMT)
· Content of the request
· Access status/HTTP status code
· Transferred data volume
· Website from which the request comes
· Browser
· Operating system and its interface
· Language and version of the browser software
​
This data is used exclusively to ensure the smooth operation of the website and to improve our offering. The legal basis is Art. 6 (1) S. 1 lit. f GDPR.
b. Use of the Online Shop
When you order in our online shop, we process the following personal data:
​
First name, last name
Billing and shipping address
Email address
Optional phone number
Payment data
​
Data processing takes place to fulfill the contract (Art. 6 (1) lit. b GDPR).
​
Creation of a Customer Account
You have the option to create a customer account on our website to facilitate the purchasing process. When registering and using the customer account, we process the following personal data:
​
· First name, last name
· Email address
· Password (stored encrypted)
· Order history
​
The processing of this data is based on Art. 6 (1) lit. b GDPR, as creating and using a customer account serves to fulfill the contract.
​
Deletion of Customer Account
You can delete your customer account at any time by sending us a corresponding request or using the function in your account. Please note that we must adhere to statutory retention periods before all your data can be fully deleted.
c. Use of Contact Forms
When you contact us through a contact form on our website, we collect the following data:
​
· First name, last name
· Email address
· Message text
​
Purpose of processing: We use this data exclusively to process your request and for the associated technical administration. Legal basis: Processing is carried out depending on the type of request based on Art. 6 (1) lit. b GDPR (contract fulfillment or pre-contractual measures) or Art. 6 (1) lit. f GDPR
(legitimate interest in answering inquiries).
​
Storage duration:
The data transmitted via the contact form is deleted after the request is processed unless there are statutory retention obligations.
d. Payment Processing through Third Parties
For payment processing, we use external service providers. Your payment data is transmitted to the respective provider. Transmission is carried out based on Art. 6 (1) lit. b GDPR for contract fulfillment.
The following payment service providers are used:
​
· Wix Payments
· PayPal
· Stripe
· SumUp
· iDEAL (via Stripe)
· Klarna
· Online bank transfer via Klarna (via Stripe and Wix Payments)
· Alipay (via Stripe)
· Bankful
· Splitit
· Mollie
· Sezzle
· Payabl.
· Coingate
· Apple Pay
· Google Pay
​
Please consider the respective privacy policies of the providers.
e. Use of Google Analytics
This website uses Google Analytics, a web analytics service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Google Analytics uses cookies that enable the analysis of your use of the website.
​
Legal basis: Your consent in accordance with Art. 6 (1) lit. a GDPR.
​
Data transfer to the US: Google is certified under the EU-US Data Privacy Framework. Further information can be found in Google’s Privacy Policy.
You can prevent the storage of cookies by adjusting your browser settings.
f. Linking to Instagram
Our website contains links to Instagram (Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA). Clicking on Instagram links will transmit data to Instagram.
Please review Instagram’s Privacy Policy.
g. Use of Google Fonts
On our website, we use Google Fonts, a service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA), to display fonts. When retrieving Google Fonts, your IP address is transmitted to a server operated by Google and may be stored in the US. Legal basis: The use of Google Fonts is based on Art. 6 (1) lit. f GDPR. Our legitimate interest lies in maintaining a consistent and appealing presentation of our website. Data transfer to the US: Google is certified under the EU-US Data Privacy Framework. Further information on Google’s data processing can be found in Google’s Privacy Policy.
​
Alternative to direct integration:
To better protect your data, we are considering the option to store Google Fonts locally on our web server and deliver them directly, which would eliminate the connection to Google servers and the transmission of personal data (e.g., your IP address) to Google.
4. Cookies
We use cookies to make visiting our website more user-friendly. These are small text files that your browser automatically creates and stores on your device.
Legal basis: Essential Cookies: Art. 6 (1) lit. f GDPR Cookies for Analysis and Marketing: Your consent in accordance with Art. 6 (1) lit. a GDPR
Cookie settings: You can change or withdraw your cookie settings at any time.
5. Your Rights as a Data Subject
You have the following rights:
​
· Right of access (Art. 15 GDPR)
· Right to rectification (Art. 16 GDPR)
· Right to erasure (Art. 17 GDPR)
· Right to restriction of processing (Art. 18 GDPR)
· Right to data portability (Art. 20 GDPR)
· Right to object to processing (Art. 21 GDPR)
​
To exercise these rights, you can contact us at any time.
6. Changes to the Privacy Policy
We reserve the right to update this Privacy Policy to adapt it to changed legal or technical requirements.
​
Last Update: 18.12.2024