Privacy Policy

PRIVACY POLICY

1) Information About the Collection of Personal Data and Contact Details of the Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. This Privacy Policy informs you about the collection, use, and processing of your personal data when using our website. Personal data is any information that can personally identify you.

1.2 The controller for data processing on this website, within the meaning of the General Data Protection Regulation (GDPR), is Winston & Wolfe. The controller is the natural or legal person who determines the purposes and means of processing personal data.

1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries). You can recognize an encrypted connection by the "https://" and the lock icon in your browser’s address bar.

2) Data Collection When Visiting Our Website

When using our website for informational purposes only, we collect only the data that your browser transmits to our server (server log files). This includes:

• Visited pages

• Date and time of access

• Amount of data sent

• Source/referrer

• Browser type

• Operating system

• IP address (possibly anonymized)

Processing is based on Art. 6(1)(f) GDPR, our legitimate interest in ensuring the stability and functionality of our website.

3) Cookies

We use cookies to make your visit more attractive and enable the use of certain features. Some cookies are deleted after closing your browser (session cookies), while others remain (persistent cookies). Cookies may collect data like browser and location information or IP addresses.

Cookies help store user preferences and simplify future interactions (e.g., remembering your shopping cart). If cookies process personal data, this is based on Art. 6(1)(b) GDPR or Art. 6(1)(f) GDPR.

You can configure your browser to inform you about cookie settings and selectively allow or deny them. Disabling cookies may limit website functionality.

Useful links for cookie management:

• Chrome

• Firefox

• Safari

• Opera

• Internet Explorer

4) Contacting Us

When you contact us (e.g., via contact form or email), we collect the data you provide. This data is used only to respond to your inquiry and for related administrative purposes.

Processing is based on Art. 6(1)(f) GDPR. If your inquiry relates to a contract, Art. 6(1)(b) GDPR applies. Data is deleted after final resolution unless required by law.

5) Customer Account & Contract Processing

When opening a customer account or placing an order, we collect personal data as shown in the input forms. This data is used to process contracts per Art. 6(1)(b) GDPR.

You may request account deletion at any time. Data will be deleted after the contract is fulfilled and legal retention periods have expired.

6) Use of Data for Direct Marketing

6.1 Email Newsletter We send newsletters only if you’ve opted in via double opt-in confirmation. Data is used solely for this purpose. You may unsubscribe anytime.

6.2 Newsletter for Existing Customers If you’ve provided your email during a purchase, we may send info about similar products. You may opt out anytime. This is based on our legitimate interest under Art. 6(1)(f) GDPR.

7) Order Processing

7.1 We share your data with shipping and payment providers as necessary to fulfill your order (Art. 6(1)(b) GDPR).

7.2 Payment Services

• PayPal: Data may be shared with PayPal and credit bureaus under Art. 6(1)(b) and (f) GDPR. Privacy Policy

• SOFORT/Klarna: Data is shared with Klarna Group to process payments. Privacy Policy

8) Review Requests

With your consent (Art. 6(1)(a) GDPR), we may send a one-time request for feedback. You can withdraw your consent anytime.

9) Use of Social Media Plugins

We use "Shariff"-style social plugins to prevent automatic data transfer. When clicking on a plugin (e.g., Facebook, Instagram, Google+), a new window opens to the platform.

• Facebook Privacy

• Instagram Privacy

• Google Privacy

10) Online Marketing

10.1 DoubleClick by Google Uses cookies for ad personalization and conversion tracking. Processing is based on Art. 6(1)(f) GDPR. More Info

10.2 Google AdWords Conversion Tracking We use this to measure ad effectiveness. A unique cookie is set when an ad is clicked. Opt-Out Plugin

11) Web Analytics

We use Google Analytics with IP anonymization (_anonymizeIp()). Data is processed under Art. 6(1)(f) GDPR. You can opt out here:

• Google Analytics Opt-Out

Cross-device tracking may be used with anonymized User-ID. You can disable it across all devices.

12) Retargeting/Remarketing

12.1 Facebook Pixel With consent (Art. 6(1)(a) GDPR), Facebook can track ad effectiveness. Only users aged 13+ can consent. Facebook Privacy

12.2 Google AdWords Remarketing Used for interest-based ads via Google. Cookies may be set unless disabled. Ad Settings

13) Your Rights

You have the right to:

• Access your data (Art. 15)

• Correct data (Art. 16)

• Delete data (Art. 17)

• Restrict processing (Art. 18)

• Be informed of recipients (Art. 19)

• Data portability (Art. 20)

• Withdraw consent (Art. 7(3))

• Lodge a complaint (Art. 77)

Right to Object (Art. 21): You can object to processing based on legitimate interest or for direct marketing at any time.

14) Data Retention Period

Data is retained according to legal retention periods (e.g., tax/commercial law). After expiration, it is deleted unless needed for contract fulfillment or legal defense.