Justin Zitt portrait

Privacy Policy

This Privacy Policy explains how personal data is collected, processed, and used when visiting the website and placing orders through the Justin Zitt Online Shop.
Read policy Back to shop

Legal

Information on the processing of personal data.

The protection of personal data matters. This Privacy Policy outlines what data may be collected in connection with the website, the shop, and order processing.

Website: Justin Zitt Online Shop
Language version: English
Status: Privacy Policy for website and shop use
Note: This file should be adapted to the real hosting setup, analytics tools, cookie setup, and seller identity before going live.

1. Controller

The controller responsible for the processing of personal data in connection with this website and online shop is the operator of the Justin Zitt Online Shop. The full legal identity and contact details of the responsible person or entity should be provided in the legal notice or imprint available on this website.

If a dedicated data protection contact person exists, their contact details should also be stated there.

2. General Information

Personal data means any information relating to an identified or identifiable natural person. This may include, for example, name, postal address, email address, phone number, IP address, order details, and communication content.

Personal data is processed only where a legal basis exists, in particular for the performance of a contract, for compliance with legal obligations, on the basis of legitimate interests, or on the basis of consent where required.

3. Hosting and Website Access

When visiting this website, certain technical information may be processed automatically in server log files. This may include the IP address, date and time of access, browser type and browser version, operating system, referrer URL, and the pages accessed.

Such processing is generally necessary to ensure the technical operation, stability, and security of the website. The legal basis is the legitimate interest in providing a functioning and secure website.

If third-party hosting providers are used, data may be processed on their systems to the extent necessary for hosting and website delivery.

4. Shop and Order Processing

When a customer places an order through the online shop, the personal data entered during checkout is processed in order to handle the order and prepare the invoicing and shipping process.

This data may include:

  • First name and last name
  • Email address
  • Phone number, if provided
  • Street address, postal code, city, and country
  • Ordered items, quantities, shipping costs, and order totals
  • Customer comments submitted with the order
  • Technical order and timestamp information

The legal basis for this processing is the performance of pre-contractual measures and the performance of the purchase contract. Additional processing may also be required to comply with tax, commercial, and accounting obligations.

Order data may be stored internally, for example in email systems and connected administrative tools such as spreadsheets or order management processes, insofar as this is necessary for order handling.

5. Contact Requests

If a user contacts the website operator by email or through other contact channels, the personal data transmitted in that context is processed for the purpose of handling the request and any follow-up communication.

The legal basis is either the performance of pre-contractual measures, if the inquiry is related to a possible contractual relationship, or the legitimate interest in responding to inquiries properly.

6. Email Communication

In connection with an order, the customer may receive transactional emails, such as order confirmations, invoice-related messages, or order status communication. These emails are necessary for processing the contractual relationship.

The seller or operator of the shop may also receive order notification emails containing the customer and order details necessary to fulfill the order.

The legal basis for this processing is the performance of the contract and, where applicable, compliance with legal obligations.

7. Cookies and Similar Technologies

This website may use cookies or similar technologies that are technically necessary for the operation of the site or for the functioning of the online shop, such as cart storage and language or interface handling.

If additional cookies are used, for example for analytics, embedded third-party services, or marketing, they should be described separately here together with the relevant legal basis and, where required, the consent mechanism.

If a cookie banner or consent tool is used, its exact setup should correspond to the actual services active on the site. Half-baked cookie setups are a fantastic way to create legal nonsense, so this part should match reality exactly.

8. Disclosure to Third Parties

Personal data is disclosed to third parties only to the extent necessary for contract performance, legal compliance, technical operation, or where another legal basis applies.

Depending on the actual setup, recipients may include:

  • Hosting providers
  • Email service providers
  • Shipping providers
  • Tax or accounting service providers
  • Technical service providers used for order handling or website functionality

If personal data is transferred to processors, this is done within the framework of applicable data processing agreements where required.

9. Storage Period

Personal data is stored only for as long as necessary for the relevant purposes, in particular for order processing, customer communication, and compliance with legal retention obligations.

Data relevant under commercial or tax law may need to be retained for the legally prescribed retention periods. Once the respective purpose no longer applies and no retention obligation exists, the data is deleted or its processing is restricted in accordance with legal requirements.

10. Rights of Data Subjects

Data subjects may have the following rights under applicable data protection law:

  • Right of access to the personal data stored about them
  • Right to rectification of inaccurate or incomplete data
  • Right to erasure, where legal requirements are met
  • Right to restriction of processing
  • Right to data portability, where applicable
  • Right to object to processing based on legitimate interests
  • Right to withdraw consent at any time, where processing is based on consent
  • Right to lodge a complaint with a supervisory authority

Requests relating to these rights may be submitted using the contact details provided in the legal notice or privacy contact information on the website.

11. Security Measures

Appropriate technical and organizational measures are taken to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or unauthorized access.

Nevertheless, no transmission of data over the internet can be guaranteed to be completely secure. The website operator therefore cannot guarantee absolute security in every case, even though reasonable protective measures are used.

12. Changes to this Policy

This Privacy Policy may be updated from time to time in order to reflect legal, technical, or operational changes. The version published on this website at the time of use shall apply.

Important: Before publishing this page, the real controller details, hosting setup, email workflow, cookie usage, analytics tools, and any third-party integrations should be inserted correctly. Privacy policies are not decorative text blocks. They have to match what the site actually does.