Privacy Policy
**Privacy Policy**
---
**1) Information on the Collection of Personal Data and Contact Details of the Controller**
1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data is any data by which you can be personally identified.
1.2 The responsible party for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Seiha Heng, KATAAB, Marienburger Str. 8, 10405 Berlin, Germany, Tel.: +4915204678005, Email: info@kataabwerkstatt.de. The controller responsible for the processing of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.
1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller). You can recognize an encrypted connection by the character sequence "https://" and the lock symbol in your browser line.
---
**2) Data Collection When Visiting Our Website**
When using our website purely for informational purposes, that is, if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to our server (so-called "server log files"). When you access our website, we collect the following data necessary to display the website:
- The website visited
- Date and time of access
- Amount of data sent in bytes
- Source/reference from which you accessed the page
- Browser used
- Operating system used
- IP address used (possibly anonymized)
Processing is carried out in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of our website. This data will not be disclosed or otherwise used. However, we reserve the right to check the server log files subsequently if there are specific indications of illegal use.
---
**3) Hosting & Content Delivery Network**
**Hosting via Wix**
We use the Wix HQ website builder system, Nemal Tel Aviv St 40, Tel Aviv-Yafo, Israel (“Wix”) for hosting and displaying the website on the basis of processing on our behalf. All data collected on our website is processed on Wix’s servers. For cases where data is transferred to Wix in Israel, an adequate level of data protection is ensured by an adequacy decision of the European Commission. For more information on Wix's privacy policy, please visit: https://de.wix.com/about/privacy
Further data processing on servers other than those mentioned above by Wix only occurs within the scope specified below.
---
**4) Cookies**
To make our website attractive to visitors and enable certain functions, we use cookies—small text files stored on your device. Some cookies are automatically deleted after closing your browser (session cookies), while others remain longer on your device and enable page settings (persistent cookies). For details on the storage duration, refer to the cookie settings of your web browser.
If personal data is processed through cookies, it is done either according to Art. 6(1)(b) GDPR for contract execution, based on consent per Art. 6(1)(a) GDPR, or Art. 6(1)(f) GDPR for our legitimate interest in the optimal functionality of the website.
You can configure your browser to inform you about cookie settings and allow or reject them individually. Note that rejecting cookies may limit the functionality of our website.
---
**5) Contact**
**5.1 - Wix Chat**
This website collects and stores anonymized data with technologies from Wix HQ, Nemal Tel Aviv St 40, Tel Aviv-Yafo, Israel (“Wix”) for web analysis and to operate the live chat system for live support requests. Anonymized user profiles can be created under a pseudonym using cookies. If this data is considered personal, processing is based on our legitimate interest in effective customer support and statistical analysis to optimize the website according to Art. 6(1)(f) GDPR.
The data collected by Wix technologies is not used to personally identify visitors to this website without explicit consent. You may prevent Wix cookies by setting your browser to block them. Further information on Wix's privacy policy can be found at: https://de.wix.com/about/privacy
**5.2 Contacting Us**
When contacting us (e.g., via contact form or email), personal data is only processed to the extent necessary to handle your request. The legal basis for this data processing is our legitimate interest in responding to your request per Art. 6(1)(f) GDPR.
---
**6) Comment Function**
When you use the comment function on this website, your comment, the time of comment creation, and the chosen username will be stored and published. Your IP address is also stored for security reasons to allow the identification of the author if illegal content is posted.
---
**7) Data Processing for Order Fulfillment**
**7.1 Uploading Image Files via Email**
On our website, customers can order product personalization by sending image files via email. Submitted images are used solely for creating the personalized product as per our service description. Files containing personal data (e.g., identifiable individuals) are processed solely to complete your online order under Art. 6(1)(b) GDPR and are deleted after the order is complete.
**7.2 Data Sharing for Payment and Shipping**
To fulfill contracts, personal data collected is shared with the assigned shipping provider and payment institution, where required, based on Art. 6(1)(b) GDPR. For payments involving PayPal and Stripe, further data processing details can be found in the respective privacy policies of these providers.
---
**8) Online Marketing**
**Facebook Pixel**
Our website uses the "Facebook Pixel" for creating custom audiences and tracking ad conversions. Data collected via Facebook Pixel helps us serve targeted ads to visitors who have shown interest in our website. Facebook may store and process this data to deliver ads on and off Facebook. Data is processed with explicit consent in line with Art. 6(1)(a) GDPR.
---
**9) Web Analytics**
**Google Analytics**
This website uses Google (Universal) Analytics for web analysis, employing cookies to evaluate website usage. Processing occurs under Art. 6(1)(a) GDPR with user consent. For data transferred to Google in the USA, Google uses Standard Contractual Clauses to ensure data protection.
---
**10) Tools and Other Services**
This website uses a Cookie Consent Tool to manage user permissions for cookies and cookie-based applications. This tool prevents cookies from being stored unless the user consents. Data processing related to cookies may also occur to ensure compliance with GDPR.
---
**11) Data Subject Rights**
Under GDPR, you have rights regarding your personal data, including access, rectification, erasure, restriction of processing, and objection to processing. If you believe your data protection rights have been breached, you have the right to file a complaint with a supervisory authority.
**11.2 Right to Object**
You may object to the processing of your data based on legitimate interests for future purposes at any time if reasons related to your particular situation apply.
---
**12) Duration of Storage**
Personal data storage duration is based on the respective legal basis, processing purpose, and statutory retention period. Data processed based on consent will be stored until consent is withdrawn. Data processed for contract purposes will be retained as required by legal retention periods or until no longer necessary.