Privacy Policy

Privacy Policy

  1. Introduction and contact details of the responsible person
    1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about how your personal data is processed when you use our website. Personal data is any data that can be used to personally identify you.

1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:
Email: support@thekatharina.com . The data controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

  1. Data collection when visiting our website

2.1 If you use our website for informational purposes only, i.e., if you do not register or otherwise provide us with information, we only collect data that your browser transmits to the website's server (so-called "server log files"). When you access our website, we collect the following data, which is technically necessary to display the website to you:

  • The visited website
  • Date and time of access
  • Amount of data sent in bytes
  • Source/reference from which you accessed this page
  • Browser used
  • Operating system used
  • IP address used (possibly in anonymized form)

The processing is carried out in accordance with Article 6(1)(f) of the GDPR, based on our legitimate interest in improving the stability and functionality of our website. The data will not be shared or used for any other purpose. However, we reserve the right to subsequently review the server log files if there are concrete indications of unlawful use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the responsible person), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the string "https://" and the padlock symbol in your browser's address bar.

  1. Hosting & Content Delivery Network

Shopify

We use the system of the following provider to host our website and display the content of the page: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (“Shopify”).

Data will also be transferred to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada.
All data collected on our website is processed on the provider's servers. We have concluded a data processing agreement with the provider, which guarantees the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.
When data is transferred to the USA, an adequate level of data protection is ensured by an adequacy decision of the European Commission.

  1. Cookies
    To make your visit to our website more enjoyable and to enable the use of certain features, we use cookies, which are small text files stored on your device. Some of these cookies are automatically deleted after you close your browser (so-called "session cookies"), while others remain on your device for a longer period and allow us to save your website settings (so-called "persistent cookies"). In the latter case, you can find the storage duration in your web browser's cookie settings.
    If personal data is also processed through individual cookies that we use, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR either for the performance of the contract or in accordance with Art. 6 para. 1 lit. f GDPR to protect our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the website visit.
    You can configure your browser to notify you about the setting of cookies and to decide individually whether to accept them or to exclude the acceptance of cookies in certain cases or in general.

Please note that the functionality of our website may be limited if you do not accept cookies.

  1. Contact us
    When you contact us (e.g. via a contact form or by email), personal data will be processed – exclusively for the purpose of processing and responding to your request and only to the extent necessary for this purpose.

The legal basis for processing this data is our legitimate interest in responding to your inquiry in accordance with Article 6(1)(f) GDPR. If your contact relates to a contract, the additional legal basis for processing is Article 6(1)(b) GDPR. Your data will be deleted when it is clear from the circumstances that the matter has been resolved and there are no legal retention obligations to the contrary.

  1. Comment function
    When you use the comment function on this website, information about the time your comment was posted and the name you chose for your comment will be stored and published on this website. Your IP address will also be logged and stored.
    Your IP address is stored for security reasons and in case of a violation of third-party rights or the publication of illegal content through a submitted comment. We need your email address to contact you if a third party complains that your published content is illegal.

The legal basis for storing your data is Article 6, paragraph 1, letters b and f of the GDPR. We reserve the right to delete comments if they are objected to as unlawful by third parties.

  1. Use of customer data for direct marketing
    7.1 Registration for our email newsletter

By subscribing to our email newsletter, we will regularly send you information about our offers. The only mandatory information required to send the newsletter is your email address. Any other information is voluntary and helps us to personalize our communications with you.
For sending the newsletter, we use the so-called double opt-in procedure, which ensures that you only receive the newsletter if you have expressly confirmed your consent to receive the newsletter by clicking on a confirmation link in the email sent to your specified email address.
By activating the confirmation link, you give us your consent to use your personal data in accordance with Article 6 (1) (a) GDPR. We store the IP address entered by your internet service provider (ISP) as well as the date and time of registration in order to be able to trace any subsequent misuse of your email address. The data collected during newsletter registration will be used strictly for this purpose.
You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending a message to the responsible person named at the beginning. Once you have unsubscribed, your email address will be immediately deleted from our mailing list, unless you have expressly consented to further use of your data or we reserve the right to use your data beyond this scope, which is permitted by law and about which we inform you in this statement.

7.2 GoDaddy

Our email newsletters are sent via this provider: Go Daddy Operating Co LLC, 14455 North Hayden Road, Suite 226, Scottsdale, AZ 85260, USA.

Based on our legitimate interest in effective and user-friendly newsletter marketing, we pass on the data you provided when registering for the newsletter to this provider in accordance with Article 6 (1) (f) GDPR so that they can send the newsletter on our behalf.

Subject to your explicit consent in accordance with Article 6(1)(a) of the GDPR, the provider also conducts a statistical evaluation of the success of newsletter campaigns using web beacons or tracking pixels in the sent emails, whereby open rates and specific interactions with the newsletter content can be measured. Device-specific information (e.g., access time, IP address, browser type, and operating system) is also collected and evaluated, but not combined with other data sets.

You can withdraw your consent to newsletter tracking at any time with effect for the future.

We have concluded a data processing agreement with the provider, which protects the data of our website visitors and prohibits its transfer to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with European data protection standards on the basis of an adequacy decision by the European Commission.

7.3 Klaviyo

Our email newsletters are sent via this provider: Klaviyo, Inc., 125 Summer St., Ste 600, Boston, MA 02110, USA.

Based on our legitimate interest in effective and user-friendly newsletter marketing, we pass on the data you provided when registering for the newsletter to this provider in accordance with Article 6 (1) (f) GDPR so that they can send the newsletter on our behalf.