Personal data (hereinafter mostly referred to as “data”) will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its content and the services offered there.

With the following privacy policy, we would like to inform you in particular about the nature, scope, purpose, duration, and legal basis of the processing of personal data, to the extent that we, either alone or jointly with others, decide on the purpose and means of processing. Furthermore, we will inform you below about the third-party components we use for optimization purposes and to improve the quality of use, to the extent that this involves third parties processing data under their own responsibility.

I. Information about the data controller

Corina Ebbinger
Königswiesenweg 45
93051 Regensburg
Germany

II. Rights of users and data subjects

With regard to the data processing described in more detail below, users and data subjects have the right to:

  • Confirmation whether personal data concerning them is being processed, information about the processed data, further information about the data processing, and copies of the data (see Article 15 DS-GVO);
  • Rectification or completion of inaccurate or incomplete data (see Article 16 DS-GVO);
  • Erasure of personal data concerning them without undue delay (see Article 17 DS-GVO) or, if further processing is necessary according to Article 17(3) DS-GVO, restriction of processing in accordance with Article 18 DS-GVO;
  • Receipt of the personal data concerning them and provided by them, and the right to transmit such data to other controllers/providers (see Article 20 DS-GVO);
  • Objection to the processing of personal data concerning them (see Article 21 DS-GVO);
  • Lodging a complaint with a supervisory authority if they consider that the processing of personal data relating to them infringes data protection regulations (see Article 77 DS-GVO).

Furthermore, the provider is obliged to inform all recipients to whom data has been disclosed by the provider about any rectification or erasure of data or restriction of processing carried out in accordance with Articles 16, 17(1), 18 DS-GVO. However, this obligation does not apply if such notification is impossible or involves disproportionate effort. Notwithstanding the above, the user has the right to information about these recipients.

III. Information on Data Processing

Your data processed when using our website will be deleted or blocked as soon as the purpose of storage ceases to apply, there are no legal retention obligations preventing deletion, and no contradictory statements are made regarding individual processing procedures below.

Server Data

For technical reasons, particularly to ensure a secure and stable website, data is transmitted to us or to our web hosting provider by your internet browser. These so-called server log files include the type and version of your internet browser, the operating system, the website from which you accessed our website (referrer URL), the website(s) of our website that you visit, the date and time of each access, and the IP address of the internet connection from which our website is accessed.

These collected data are temporarily stored, but not together with other data about you.

This storage is based on Art. 6(1)(f) GDPR. Our legitimate interest lies in the improvement, stability, functionality, and security of our website.

The data will be deleted at the latest after seven days, unless further storage is required for evidentiary purposes. In such cases, the data will be excluded from deletion until the respective incident has been finally clarified.

Cookies

Means and Purpose of Processing

Like many other websites, we use “cookies.” Cookies are small text files that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. This allows us to obtain certain data, such as IP address, browser used, and operating system.

Cookies cannot be used to launch programs or transmit viruses to a computer. The information contained in cookies helps us to facilitate navigation and display our web pages correctly.

Under no circumstances will the data we collect be disclosed to third parties or linked to personal data without your consent. However, third parties may create and process essential or non-essential cookies with your consent. Information on all cookies is provided in the next section.

Internet browsers are configured by default to accept cookies. In general, you can disable the use of cookies at any time through your browser settings. Please use the help functions of your internet browser to learn how to change these settings. Please note that certain features of our website may not function properly if you have disabled the use of cookies.

Storage Duration and Cookies Used

If you allow us to use cookies through your browser settings or consent, the following cookies may be used on our website:

CookieValidity/Storage DurationPurpose
woocommerce_cart_hashsessionHelps WooCommerce determine when cart contents/data changes.
woocommerce_items_in_cartsessionHelps WooCommerce determine when cart contents/data changes.
wp_woocommerce_session_2 daysContains a unique code for each customer so that it knows where to find the cart data in the database for each customer.
woocommerce_recently_viewedsessionPowers the Recent Viewed Products widget.
store_notice*sessionAllows customers to dismiss the Store Notice.
wordpress_sec_*15 daysProvides protection against hackers, stores account details.
wordpress_logged_in_*15 daysStores logged in user.
wfwaf-authcookie*1 daySecurely set or restrict access to the website for users based on their capability level.
Cookies used on this website

To the extent that these cookies may also involve personal data, we will inform you accordingly.

You can delete individual cookies or the entire cookie inventory through your browser settings. In addition, you can obtain information and instructions on how to delete these cookies or block their storage in advance. Depending on your browser provider, you will find the necessary information on their website.

Third Party Services

Theprintspace

For fulfilling your purchases of art prints, we use the service theprintspace of Printspace Studios Limited, 74 Kingsland Road, London, E2 8DL. This service allows us to offer you customizable products that are printed and shipped by theprintspace. If you purchase a product, your order and shipping information will be forwarded to theprintspace in order to process your order. Your data will be processed according to the privacy policy of theprintspace.

We have a legitimate interest in using PayPal, according to Art. 6 (1) (f) GDPR, which consists in offering our products. You can object to the processing of your data on the basis of our legitimate interest at any time pursuant to the requirements of Art. 21 GDPR. To do this, please contact us using the details given in the legal notice.

PayPal

For processing payments, we use the PayPal service from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (“PayPal”), 22-24 Boulevard Royal, L-2449 Luxembourg. This service allows us to offer you a variety of payment methods. If you use a PayPal service, PayPal will collect information about the transaction and further information related to the transaction, such as the amount sent or requested, the amount paid for the products or services, information about the trader, including details of the payment sources used for the transaction, device information, technical usage data and location data.

If you have a PayPal account, PayPal can connect the data sent to your account, even across devices. In principle, we have no influence on this data processing. PayPal is therefore responsible for this data processing.

Details on the data collected and information about how PayPal processes the collected data can be found in PayPal’s privacy statement: https://www.paypal.com/uk/webapps/mpp/ua/privacy-full

This also includes information on banking regulations for customers in the EEA and Switzerland.

With some PayPal services, PayPal makes an advance payment, thus incurring a credit risk. PayPal therefore reserves the right to carry out a credit check for payment methods by credit card and direct debit. For this purpose, PayPal transmits your information (name, address, date of birth, bank account details) to credit agencies. PayPal uses the result of the credit check with regard to the statistical probability of payment default in order to make a decision on providing the respective payment methods. The credit check may contain probability values (so-called score values). Where score values affect the result of the credit check, they are based on a scientifically recognised mathematical and statistical process.

Further data protection information, including the credit agencies used, can also be found in the PayPal privacy statement: https://www.paypal.com/uk/webapps/mpp/ua/privacy-full

We have a legitimate interest in using PayPal, according to Art. 6 (1) (f) GDPR, which consists in offering a variety of payment methods as simple as possible via one service, so there is no need to instruct a separate service provider for each payment method. This also reduces the number of recipients of your data. You can object to the processing of your data on the basis of our legitimate interest at any time pursuant to the requirements of Art. 21 GDPR. To do this, please contact us using the details given in the legal notice.

SSL Encryption

To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g., SSL) via HTTPS.

Changes to Our Privacy Policy

We reserve the right to adapt this privacy policy to ensure that it always complies with current legal requirements or to implement changes to our services in the privacy policy, such as introducing new services. The new privacy policy will apply to your next visit.

Contacting the Data Protection Officer

If you have any questions regarding data protection, please contact us via email at shop@corina-ebbinger.de.

This privacy policy was created with the assistance of the privacy policy generators provided by activeMind AG (Version #2019-04-10) and the law firm Weiß & Partner.