Cookies

Last updated: July 27, 2026.


1. Introduction to Cookies and Similar Technologies

1.1 Cookies may be used during your visit to our websites. Technically, these are so-called HTML cookies and similar software tools such as Web/DOM Storage or Local Shared Objects (so-called "flash cookies"), which we collectively refer to as "cookies".

1.2 Cookies are small files that are stored on your desktop, notebook, or mobile device during your visit to a website and are read later. This allows us, for example, to determine whether a connection has previously been established between the device and the websites and which language or other settings you prefer, to offer you certain functions, or to recognize your interests based on your online usage. Cookies may also contain personal data.

1.3 Consent management
We are committed to ensuring that you have control over the extent to which you share your data with us. Therefore, we only use cookies and similar technologies (with the exception of necessary cookies) after you have given us your explicit consent.

We use a Consent Management Tool that allows you to enable and disable cookies. Additionally, we give you the option to view and modify your decision, and to delete cookies that have already been placed. You can check and change your current browser's cookie settings using the methods below.
 

Browser

How to set up

Microsoft Edge

view

Chrome

view

Safari

view

FireFox

view


 
In addition, we provide information about which cookies or similar technologies we use, what information we automatically collect via the cookies or technologies, how we use this information, and whether we share this information with third parties.

1.4 We use the following types of cookies:

a.Strictly necessary cookies
These are cookies that are necessary for the essential operation of the Service, for example to identify users and prevent fraudulent use.

b.Analytical cookies
These cookies allow us to process statistical data about the use of our website, including recognizing the number of visitors and counting and viewing how visitors navigate the Service when using it. This enables us to improve the functioning of the Service, for example by ensuring that users can find what they are looking for on the Service more easily.

c.Marketing cookies
These cookies record your visit to our website, the pages you have visited, and the links you have followed. We use this information to better tailor our website, the advertisements displayed on it, and the marketing messages we send you to your interests. We may also share this information with third parties who provide a service to us for this purpose.
 

2. Detailed information on cookies we used

2.1 Overview of cookies and similar technologies by type


2.2 Detailed description about the cookies and similar technologies we use.

a.Shopify

Description and purpose
On our website, we use the Shopify service, provided by Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland. Shopify is a tool for creating and hosting websites. When you visit our website, Shopify collects your IP address and information about the device you are using and your browser. Shopify also analyzes visitor numbers, visitor sources, and customer behavior and generates user statistics. If you make a purchase on our website, Shopify also collects your name, email address, shipping and billing address, payment details, and other data relating to the purchase (e.g., phone number, sales volume, etc.). Shopify stores cookies in your browser for these analyses.

Legal basis
The legal basis for the processing of your personal data is your consent in accordance with Article 6(1)(a) of the GDPR. In addition, the processing also takes place on the basis of our legitimate interest in accordance with Article 6(1)(f). Our overriding legitimate interest is the attractive and user-friendly presentation of the content on our website.

Recipient
The recipient of your personal data is Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland. If you pay via credit card using Shopify Payments, your payment is processed by Shopify International Limited (and its technical partners, such as Stripe). 

Transfer to third countries
Although the Shopify service is provided to us by Shopify International Limited (Ireland), your personal data will be transferred to, stored, and processed in countries outside the European Economic Area (EEA). In particular, data is transferred to Shopify Inc. in Canada (the parent company) and to Shopify entities and third-party sub-processors (including Stripe, Inc. for payment processing via Shopify Payments) located in the United States and other global destinations.
For data transfers to Canada, we rely on the European Commission’s adequacy decision, which recognizes that Canada’s legal framework provides an adequate level of protection for personal data. For data transfers to the United States and other countries without an adequacy decision, Shopify ensures that appropriate safeguards are in place in accordance with Article 46 of the GDPR. This includes relying on the EU-U.S. Data Privacy Framework (DPF) for certified recipients, and/or executing the Standard Contractual Clauses (SCCs) approved by the European Commission, supplemented by necessary technical and organizational measures to secure the data.

Duration of data storage
The data will be deleted as soon as they are no longer needed for the purpose for which they were collected. Furthermore, the data will be deleted if you exercise your right to erasure in accordance with Article 17, paragraph 1, of the GDPR.

Cancellation
You have the right to withdraw your consent at any time, see Article 7, paragraph 3, first sentence of the GDPR. This can be done informally and without giving reasons, and the withdrawal has effect for the future. The withdrawal of consent does not affect the lawfulness of the processing that took place prior to the withdrawal. You can find more information on this above in our privacy policy under 'Rights of data subjects'.

Contractual and legal obligations
There is no contractual or legal obligation to provide the data.
Additional information on data protection
You can find more information about the processing of your personal data here: https://www.shopify.com/de/legal/datenschutz and 
https://stripe.com/privacyShopify payment

b.PayPal 

Description and purpose 
On our website, we offer the option to process payments via the PayPal service, provided by PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. When you choose to pay via PayPal, or when PayPal payment widgets are loaded on the checkout page, PayPal collects your IP address, information about the device you are using, and browser details. Furthermore, PayPal uses cookies and similar tracking technologies to process the payment transaction securely, maintain your active session status, verify your identity, and carry out essential risk management and fraud prevention measures.

Legal basis 
The legal basis for the processing of your personal data to execute the payment is the performance of a contract in accordance with Article 6(1)(b) of the GDPR. In addition, the processing of data for risk management and fraud prevention purposes takes place on the basis of our legitimate interest, as well as PayPal's legitimate interest, in accordance with Article 6(1)(f) of the GDPR. The storage and reading of strictly necessary cookies for the secure execution of the payment service is based on the applicable national ePrivacy regulations (e.g., § 25 (2) No. 2 of the German TDDDG).

Recipient 
The recipient of your personal data is PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. As an independent data controller for the payment process, PayPal may also share data with credit reference agencies to conduct credit checks, depending on the payment method selected (e.g., Pay Later).

Transfer to third countries
Your personal data may be transferred to third countries outside the European Economic Area (EEA), particularly to PayPal Inc. and its sub-processors in the United States. Such data transfers are secured by appropriate safeguards, such as the EU-U.S. Data Privacy Framework (DPF) or the Standard Contractual Clauses (SCCs) approved by the European Commission, ensuring a level of data protection that complies with the GDPR.

Duration of data storage 
The cookies used by PayPal are stored for varying durations. Session cookies are deleted as soon as you close your browser, while persistent cookies remain on your device for a specified period (typically to recognize your device for fraud prevention) or until you manually delete them. Your underlying transaction data will be retained by PayPal for as long as is strictly necessary to fulfill statutory commercial, financial, and tax-related retention obligations, we generally store these data for 10 years.

Cancellation 
Please note that the core processing of data required for the execution of the payment and mandatory fraud prevention is not based on consent and therefore cannot be canceled in this manner once a transaction is initiated.
Contractual and legal obligations 
There is no statutory obligation to provide the data. However, the provision of your data to PayPal is a contractual requirement if you select PayPal as your payment method. Without the provision of this data and the enabling of the associated strictly necessary cookies, the payment cannot be processed via this service.
Additional information on data protection You can find more information about the processing of your personal data and the specific cookies used by PayPal here: https://www.paypal.com/webapps/mpp/ua/privacy-full and https://www.paypal.com/webapps/mpp/ua/cookie-full

c.Klarna 

Description and purpose 
On our website, we offer the option to process payments via the services of Klarna, provided by Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden. When you select a Klarna payment method (e.g., Pay Later, Pay Now, or Financing) or interact with Klarna checkout widgets, Klarna collects your IP address, information about the device you are using, and browser details. Klarna uses cookies and similar tracking technologies to process the payment securely, verify your identity, perform credit and risk assessments (credit scoring), and carry out essential fraud prevention measures.

Legal basis 
The legal basis for processing your personal data to execute the payment transaction is the performance of a contract in accordance with Article 6(1)(b) of the GDPR. The processing of data for identity verification, credit assessment, and fraud prevention takes place on the basis of Klarna's legitimate interests in accordance with Article 6(1)(f) of the GDPR, as well as to comply with legal obligations (such as anti-money laundering regulations) under Article 6(1)(c) of the GDPR. The storage and reading of strictly necessary cookies for the secure execution of the payment and risk evaluation is based on the applicable national ePrivacy regulations (e.g., § 25 (2) No. 2 of the German TDDDG).

Recipient 
The recipient of your personal data is Klarna Bank AB (publ). As an independent data controller for the payment and credit evaluation process, Klarna may share your data with credit reference agencies (e.g., SCHUFA in Germany) to conduct identity checks and assess your creditworthiness.

Transfer to third countries 
Your personal data is primarily processed within the European Economic Area (EEA). If Klarna transfers data to a third country outside the EEA (e.g., to sub-processors in the US), such transfers are secured by appropriate safeguards, such as the EU-U.S. Data Privacy Framework (DPF) or the Standard Contractual Clauses (SCCs) approved by the European Commission, ensuring a level of data protection that complies with the GDPR.

Duration of data storage
The cookies used by Klarna are stored for varying durations. Session cookies are deleted as soon as you close your browser, while persistent cookies used for fraud prevention and device recognition remain on your device for a specified period or until you manually delete them. Your underlying transaction and credit data are retained by Klarna for as long as is strictly necessary to fulfill statutory commercial, financial, and anti-money laundering retention obligations, we generally store these data for 10 years.

Cancellation 
Please note that the core cookie placement and data processing required for the execution of the payment contract, credit assessment, and mandatory fraud prevention do not rely on consent and therefore cannot be canceled in this manner once you initiate a transaction via Klarna.

Contractual and legal obligations 
There is no statutory obligation for you to provide the data to us. However, the provision of your data and the enabling of the associated strictly necessary cookies is a contractual requirement if you wish to use Klarna as your payment method. Without this data, Klarna cannot perform the necessary credit checks or process the payment securely.

Additional information on data protection 
You can find more information about the processing of your personal data and the specific cookies used by Klarna here: https://www.klarna.com/international/privacy-policy/ and https://www.klarna.com/international/cookies/

d.Meta-Pixel

Description and purpose
To understand your user behavior, we use the so-called Meta Pixel from Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. This is an analytics tool that measures the effectiveness of advertisements. It is a piece of code for your website that allows us to measure, optimize, and build target audiences for advertising campaigns. Conversion tracking enables us to track which actions people take on various devices (including mobile phones, tablets, and desktop computers) after seeing our Facebook ads. By creating a Meta Pixel and adding it to our pages where conversions occur (for example, the purchase confirmation page), we can identify which individuals convert as a result of our Facebook ads. The pixel further monitors the actions people take after clicking on our ads. We can determine which device our customers used to view the ad and which devices they ultimately used to complete the conversion. According to Facebook, the collected data includes the following:

Meta uses the following cookies:


 
Extensive matching  
Advertisers can optionally enable the enhanced matching feature of the metapixel by sending encrypted information, such as an email address or phone number, to Facebook. Advertisers can send one or more of the following matching identifiers: email address, phone number, first name, last name, city, province/state, postal code, date of birth, or gender.

Legal basis 
The legal basis for the processing of your personal data is Article 6, paragraph 1, point (a), of the GDPR.

Recipient 
The recipient of your personal data is and Meta Platforms Ireland Limited (Merrion Road, Dublin 4, D04 X2K5, Ireland) and Meta Platforms Inc. (1 Hacker Way, Menlo Park, California 94025, USA).

Transfer to third countries 
Personal data is transferred to the US. This transfer is subject to appropriate safeguards in accordance with Article 46 of the GDPR. We have entered into standard contractual clauses with the data importer in accordance with Article 46(2)(c) of the GDPR. Furthermore, we are aware of our responsibility and will, where necessary, take additional measures to protect the rights and freedoms of natural persons and to ensure the protection of personal data.

Duration of data storage
The data will be deleted as soon as they are no longer needed for the purpose for which they were collected. Furthermore, the data will be deleted if you exercise your right to erasure in accordance with Article 17, paragraph 1, of the GDPR.

Cancellation
You have the right to withdraw your consent at any time, see Article 7, paragraph 3, first sentence of the GDPR. This can be done informally and without giving reasons, and the withdrawal has effect for the future. The withdrawal of consent does not affect the lawfulness of the processing that took place prior to the withdrawal. You can find more information on this above in our privacy policy under 'Rights of data subjects'.
Additional information on data protection You can find more information about the Meta Pixel here:
https://de-de.facebook.com/business/help/742478679120153?id=1205376682832142

e.Google Analytics

Description and purpose 
Google Analytics is a web analytics service provided by Google Ireland Limited, Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (" Google ") which tracks and shares website traffic.
Google Analytics uses so-called tracking pixels and cookies. The information generated by a cookie about your use of this website is usually transmitted to a Google server in the United States and stored there. By activating IP anonymization, your IP address is shortened by Google within the European Economic Area beforehand and is therefore not fully transmitted to a Google server in the United States. Only in exceptional cases is the full IP address transmitted to a Google server in the United States and shortened there.
On our behalf, Google will use this information to evaluate your use of the website, compile reports on website activity, and provide us with other services relating to the analysis of your website activity and internet usage. The IP address transmitted by your browser within the framework of Google Analytics is not merged with other data from Google.
Google Analytics uses the following cookies:


 
Legal basis 
The legal basis for the processing of your personal data is Article 6, paragraph 1, point (a), of the GDPR.

Recipient 
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Where applicable, Google LLC and Google group companies/sub-processors may also process personal data in connection with hosting, support, security, and international data transfers. Google generally acts as a processor for standard Google Analytics processing; if specific data-sharing settings are enabled, Google may process shared data as an independent controller.

Transfer to third countries 
Personal data is transferred to the United States. This transfer is subject to appropriate safeguards in accordance with Article 46 of the GDPR. We have concluded standard contractual clauses with the data importer for this purpose. Furthermore, we are aware of our responsibility and will, where necessary, take additional measures to protect the rights and freedoms of natural persons and to ensure the protection of personal data.

Duration of data storage 
The retention period is the time span during which the collected data is stored for the processing purposes. The data must be deleted as soon as it is no longer needed for the stated processing purposes. The retention period depends on the type of data stored. Each user can choose how long Google Analytics retains data before it is automatically deleted.

Cancellation 
You have the right to withdraw your consent at any time, see Article 7, paragraph 3, first sentence of the GDPR. This can be done informally and without giving reasons, and the withdrawal has effect for the future. The withdrawal of consent does not affect the lawfulness of the processing that took place prior to the withdrawal. You can find more information on this above in our privacy policy under 'Rights of data subjects'.

Additional information on data protection 
You can find more information about the processing of your personal data here: 
https://support.google.com/analytics/answer/6004245?hl=de https://policies.google.com/privacy?hl=de&gl=de .
https://policies.google.com/technologies/cookies?hl=en

f.Google Ads

Description and purpose 
Google Ads is an advertising and tracking service offered by Google. Google uses cookies and other technologies for advertising, including displaying and playing ads, personalizing ads, limiting the frequency used to show you an ad, blocking ads you no longer want to see, and measuring the effectiveness of ads.

With your permission, a direct connection to Google's server is automatically established. By integrating the Floodlight tag, Google receives information that you have accessed the relevant part of our website or clicked on one of our advertisements.

In addition, the Floodlight tags used enable us to determine whether you perform certain actions on our website after viewing or clicking on one of our display/video advertisements on another platform (conversion tracking). Google uses this cookie to gain insight into the content you have viewed on our website in order to send you targeted advertising later.

Google Ads processes the following information: Online identifiers (including cookie identifiers), Internet Protocol (IP) addresses and device identifiers, location data, customer-assigned identifiers and names, email addresses, phone numbers, and addresses where enabled. 

Google Ads uses the following cookies:


 
Legal basis 
The legal basis for the processing of your personal data is consent in accordance with Article 6, paragraph 1, letter a) of the GDPR.

Recipient 
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Depending on the user location and the specific Google Ads, conversion measurement, remarketing, or data-sharing functions used, Google LLC and other Google affiliates may also receive or process personal data. For certain advertising and measurement functions, Google may process personal data as an independent controller; for processor services, Google processes data on our behalf under applicable data processing terms.

Transfer to third countries 
Personal data is transferred to the US (server location). This transfer is subject to appropriate safeguards in accordance with Article 46 of the GDPR. We have entered into standard contractual clauses with the data importer in accordance with Article 46(2)(c) of the GDPR. Furthermore, we are aware of our responsibility and take additional measures where necessary to protect the rights and freedoms of natural persons and to ensure the protection of personal data.

Duration of data storage 
The data will be deleted as soon as they are no longer needed for the purpose for which they were collected. Furthermore, the data will be deleted if you exercise your right to erasure in accordance with Article 17, paragraph 1, of the GDPR. Remarketing cookies have a retention period of up to 540 days.

Cancellation 
You have the right to withdraw your consent at any time, see Article 7, paragraph 3, first sentence of the GDPR. This can be done informally and without giving reasons, and the withdrawal has effect for the future. The withdrawal of consent does not affect the lawfulness of the processing that took place prior to the withdrawal. You can find more information on this above in our privacy policy under 'Rights of data subjects'.

Additional information on data protection 
You can find more information about the processing of your personal data here: www.google.com/policies/privacy/
In addition, you can find information about how Google as a company handles personal data in a business context on Google's Business Data Responsibility Site:
https://business.safety.google/privacy/ .