top of page

Privacy Policy

PRIVACY POLICY

1) INTRODUCTION AND CONTACT DETAILS OF THE DATA CONTROLLER

1.1
We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about the handling of your personal data when using our website. Personal data includes all data that can personally identify you.

1.2
The data controller for processing personal data on this website, as defined by the General Data Protection Regulation (GDPR), is:
Rebis, Pillauer Str. 78, 22047 Hamburg, Germany.
The controller of personal data is the natural or legal person who determines the purposes and means of processing personal data, either alone or jointly with others.

1.3
This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller). You can recognize an encrypted connection by the string "https://" and the lock icon in your browser bar.

2) DATA COLLECTION WHEN VISITING OUR WEBSITE

When using our website for informational purposes only, meaning if you do not register or otherwise provide information, we collect only the data that your browser transmits to our server ("server log files"). When you access our website, we collect the following data, which is technically necessary to display the website:

  • Website visited

  • Date and time of access

  • Amount of data sent in bytes

  • Source/reference from which you accessed the page

  • Browser used

  • Operating system used

  • IP address used (if necessary: anonymized)

Processing is carried out in accordance with Article 6(1)(f) GDPR, based on our legitimate interest in improving the stability and functionality of our website. The data will not be shared or used in any other way. However, we reserve the right to review server log files subsequently if specific indications of unlawful use arise.

3) HOSTING AND CONTENT DELIVERY NETWORK

All data collected on our website is processed on the servers of the provider. We have entered into a data processing agreement with the provider to ensure the protection of our visitors' data and to prohibit unauthorized sharing with third parties.

3.1
In cases of data transfer to Canada, an adequate level of data protection is ensured by an adequacy decision of the European Commission.

For data transfers to the USA, the provider relies on the European Commission’s standard contractual clauses to ensure compliance with the European data protection level.

3.2 Cloudflare
We use a content delivery network provided by:
Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA.

This service enables us to deliver large media files such as graphics, page content, or scripts faster via a network of regionally distributed servers. Processing is carried out in accordance with Article 6(1)(f) GDPR, based on our legitimate interest in improving the stability and functionality of our website.

We have entered into a data processing agreement with the provider to ensure the protection of our visitors' data and to prohibit unauthorized sharing with third parties.

For data transfers to the USA, the provider relies on the European Commission’s standard contractual clauses to ensure compliance with the European data protection level.

4) COOKIES

To make our website more attractive and enable the use of specific functions, we use cookies—small text files stored on your device. Some cookies are automatically deleted when you close your browser (“session cookies”), while others remain longer to store settings (“persistent cookies”). You can find the storage duration in your browser's cookie settings.

When cookies process personal data, the processing is based on:

  • Article 6(1)(b) GDPR: Necessary for contract performance.

  • Article 6(1)(a) GDPR: Based on your consent.

  • Article 6(1)(f) GDPR: Legitimate interest in optimal website functionality and user-friendly design.

You can configure your browser to notify you about cookie settings, allow cookies individually, block certain cookies, or disable them altogether. Note that disabling cookies may limit the website's functionality.

5) CONTACTING US

When you contact us (e.g., via contact form or email), personal data is processed solely to respond to your inquiry and only to the extent necessary.

The legal basis for processing these data is our legitimate interest in responding to your inquiry under Article 6(1)(f) GDPR. If your contact aims to conclude a contract, the additional legal basis for processing is Article 6(1)(b) GDPR.
Your data will be deleted when it is clear that the matter has been conclusively resolved and provided no legal retention obligations apply.

6) DATA PROCESSING WHEN CREATING A CUSTOMER ACCOUNT

Under Article 6(1)(b) GDPR, personal data will be collected and processed to the extent necessary when you provide them while creating a customer account. The required data fields for account creation can be found in the relevant form on our website.

You can delete your customer account at any time by sending a message to the contact details provided. Once your account is deleted, your data will be erased unless it is still needed for fulfilling contractual obligations, subject to legal retention periods, or if we have a legitimate interest in retaining the data.

7) USE OF CUSTOMER DATA FOR DIRECT ADVERTISING

7.1 Signing Up for Our Email Newsletter

If you sign up for our email newsletter, we will send you regular updates about our offers. Providing your email address is sufficient for this purpose. Other data is optional and used to personalize the newsletter.

We use the double opt-in method to ensure you receive the newsletter only after explicitly confirming your consent via a verification link sent to your email address. By activating the confirmation link, you consent to the use of your data as described in Article 6(1)(a) GDPR.
You can unsubscribe at any time via the link in the newsletter or by contacting us directly. After unsubscribing, your email address will be deleted from the newsletter distribution list unless you have explicitly consented to further use of your data or a legal exception applies.

7.2 Shopping Cart Reminder Emails

If you abandon your shopping cart without completing a purchase, we may send you a one-time reminder email, provided you consent via the double opt-in process. This email will serve to remind you of the items in your cart.
The legal basis for this is your explicit consent under Article 6(1)(a) GDPR.

8) DATA PROCESSING FOR ORDER PROCESSING

8.1 Image Uploads for Personalized Products

On our website, customers can upload image files via email to request personalized products. These files are used exclusively for producing the requested product and are processed under Article 6(1)(b) GDPR.
After the order is fulfilled, the files are automatically and completely deleted unless further storage is required by legal obligations.

8.2 Sharing Data with Service Providers

To fulfill contracts (e.g., for shipping and payment processing), we share necessary data with third-party service providers under Article 6(1)(b) GDPR.

8.3 Fulfillment Providers

We work with fulfillment providers like Billbee GmbH (Arolser Str. 10, 34477 Twistetal, Germany) to process orders. Data sharing is limited to what is necessary for fulfilling your order.

9) ONLINE MARKETING

Facebook Pixel

Our website uses the "Facebook Pixel" service by Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland). This tool helps analyze user behavior and optimize ad targeting.
Processing occurs only with your explicit consent under Article 6(1)(a) GDPR, which can be revoked at any time. Data may be transferred to Meta servers in the USA based on standard contractual clauses ensuring GDPR compliance.

10) WEB ANALYTICS

Google Analytics

We use Google Analytics (provided by Google Ireland Limited) to analyze website usage and improve our services.
IP anonymization is enabled, so only anonymized data is processed. Legal basis: Article 6(1)(f) GDPR for legitimate interest in website optimization.

You can opt out by installing the browser add-on available at Google Tools.

11) RETARGETING AND REMARKETING

Pinterest Conversion Tracking

We use Pinterest’s conversion tracking technology to evaluate the success of ad campaigns. Data processing occurs only with your explicit consent under Article 6(1)(a) GDPR.

12) RIGHTS OF THE DATA SUBJECT

You have the following rights regarding your personal data:

  • Access: Article 15 GDPR

  • Rectification: Article 16 GDPR

  • Erasure: Article 17 GDPR

  • Restriction of processing: Article 18 GDPR

  • Data portability: Article 20 GDPR

  • Withdrawal of consent: Article 7(3) GDPR

  • Lodging complaints: Article 77 GDPR

You also have the right to object to data processing under Article 21 GDPR, particularly for direct marketing purposes.

13) DURATION OF DATA STORAGE

The duration of data storage is based on the legal requirements, the purpose of processing, and your consent. Once data is no longer needed or your consent is withdrawn, it will be deleted unless legal obligations require further storage.

bottom of page