Privacy Policy

Responsible party / operator of the website

Solomia Madalina Bednarsky
Hohenrainweg 22 B, 77767 Appenweier, Germany
E-mail: info@solomias.de

1. General Information & Mandatory Disclosures

This privacy policy informs you about the type, scope, and purpose of the processing of personal data on www.solomias.de. The person named above is responsible within the meaning of the GDPR.

2. Data Collected & Purpose of Processing

We process personal data in the following cases:

Order processing: Name, delivery address, billing address, email address, telephone number, payment information. Legal basis: Art. 6 para. 1 lit. b GDPR (contract performance).

Customer account/registration: Email address, password, and, if applicable, purchase history. Legal basis: Art. 6 para. 1 lit. b GDPR (performance of a contract).

Shipping service provider: Transmission of the delivery address for delivery purposes. Legal basis: Art. 6 para. 1 lit. b GDPR (performance of a contract).

Payment processing: Online payments via Shopify Payments in cooperation with Deutsche Bank, including credit cards (Visa, Mastercard, Maestro), PayPal, Apple Pay, Google Pay and other digital payment methods. Legal basis: Art. 6 para. 1 lit. b GDPR (performance of a contract).

Marketing/Newsletter: Only with explicit consent; Legal basis: Art. 6 para. 1 lit. a GDPR. Withdrawal possible at any time.

Analysis/Tracking: IP address (anonymized), browser type, time, pages requested — Google Analytics, Facebook Pixel & TikTok Pixel are only activated with your explicit consent. Legal basis: Art. 6 para. 1 lit. a GDPR (consent).

3. Cookies & Tracking

Our website uses cookies. Necessary cookies for the operation of the website (e.g., shopping cart, login) are set automatically (legal basis: Art. 6 para. 1 lit. f GDPR - legitimate interest). Marketing and analytics cookies (Google Analytics, Facebook Pixel, TikTok Pixel) are only set after explicit consent via our cookie banner. You can withdraw your consent at any time via the cookie settings at the bottom of this page.

4. Google Analytics, Facebook Pixel & TikTok Pixel

Google Analytics 4: We use Google Analytics with activated IP anonymization to analyze user behavior. Legal basis: Consent (Art. 6 para. 1 lit. a GDPR). A data processing agreement (DPA) has been concluded with Google. Data transfer to the USA is based on the EU Standard Contractual Clauses.

Facebook Pixel: Used for analyzing advertising campaigns and remarketing, only with consent. Legal basis: Art. 6 para. 1 lit. a GDPR. A data processing agreement has been concluded with Meta Platforms Ireland Limited.

TikTok Pixel: Used for analyzing advertising campaigns and remarketing on TikTok, only with your consent. Legal basis: Art. 6 para. 1 lit. a GDPR. A data processing agreement has been concluded with TikTok Technology Limited (Ireland). Data transfer to the USA is based on the EU Standard Contractual Clauses.

5. Disclosure to third parties / data processors (data processing agreements)

We only share data to the extent necessary for contract processing or as required by law:

  • Shopify Inc.: Hosting & shop platform (servers in the EU/USA, data processing agreement in place)
  • Shopify Payments / Deutsche Bank: Payment processing (data processing agreement in place)
  • Shipping providers: DHL, Hermes, DPD or other logistics partners for delivery (data processing agreements in place)
  • Google (Analytics): Web analytics (data processing agreement in place)
  • Meta/Facebook (Pixel): Marketing analysis (data processing agreement in place)
  • TikTok (Pixel): Marketing analysis (data processing agreement in place)

All of the aforementioned service providers have concluded data processing agreements in accordance with Article 28 GDPR.

6. Storage duration

Personal data will only be stored for as long as it is necessary for the purposes for which it was collected or as required by law.

  • Order data: 10 years (tax law retention obligation according to §147 AO, §257 HGB)
  • Customer account: Until deleted by the customer or after 3 years of inactivity
  • Newsletter: Until consent is withdrawn
  • Cookies/Tracking: Maximum 24 months (Google Analytics), 180 days (Facebook Pixel), 180 days (TikTok Pixel)

7. Rights of those affected

You have the following rights under the GDPR:

  • Information (Art. 15 GDPR): What data we store about you
  • Rectification (Art. 16 GDPR): Correction of incorrect data
  • Erasure (Art. 17 GDPR): "Right to be forgotten"
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR): Your data in machine-readable format
  • Withdrawal of consent (Art. 7 para. 3 GDPR): Possible at any time.
  • Objection (Art. 21 GDPR): To processing based on legitimate interest

For inquiries, please contact: info@solomias.de

You also have the right to lodge a complaint with the relevant data protection supervisory authority:
State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
Lautenschlagerstraße 20, 70173 Stuttgart
www.baden-wuerttemberg.datenschutz.de

8. Data security

We take appropriate technical and organizational measures to protect your data:

  • TLS/SSL encryption for all data transmissions
  • Access controls and authorization concepts
  • Regular security updates
  • Encrypted backups
  • PCI-DSS compliant payment processing via Shopify Payments

9. Minors

Our services are aimed at adults. Individuals under the age of 16 may not submit personal data without the consent of their legal guardians.

10. SSL/TLS encryption

This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential information. You can recognize an encrypted connection by the fact that the browser's address bar changes from "http://" to "https://" and by the padlock icon in your browser's address bar.

11. Changes to this Privacy Policy

We reserve the right to amend this privacy policy in the event of changes to the law or our services. The current version can always be found on this page.

As of November 2025