Privacy Policy

Nicole’s Foundry

1. INFORMATION ABOUT DATA COLLECTION AND RESPONSIBLE PARTY

1.1 We appreciate your visit to our website and your interest in Nicole’s Foundry. This Privacy Policy explains how we collect, use, and protect your personal data when you use our website. Personal data refers to any information that can be used to identify you personally.

1.2 The data controller responsible for processing personal data on this website under the General Data Protection Regulation (GDPR) is Nicole’s Foundry. The data controller determines the purposes and methods of processing personal data, either independently or together with others.

1.3 For security purposes and to protect the transmission of confidential content, this website uses SSL or TLS encryption. You can recognize an encrypted connection by the “https://” prefix in your browser’s address bar and the lock symbol.

No automated decision-making or profiling that produces legal effects or significantly affects you, as described in Article 22 GDPR, takes place on this website.

2. DATA COLLECTION WHEN VISITING OUR WEBSITE

When you browse our website for informational purposes only and do not register or submit information, we collect only the data that your browser automatically transmits to our server. This data is collected in so-called server log files and includes:

  • Visited webpages

  • Date and time of access

  • Amount of data transferred

  • Referring source

  • Browser type

  • Operating system

  • IP address (anonymized where applicable)

This data is processed in accordance with Article 6(1)(f) GDPR based on our legitimate interest in ensuring the stability and functionality of our website. The data is not merged with other data sources. We reserve the right to review this data if there are concrete indications of unlawful use.

3. COOKIES

To improve usability and provide certain functions, our website uses cookies. Cookies are small text files stored on your device.

Some cookies are deleted automatically when you close your browser (session cookies). Others remain on your device to recognize your browser on subsequent visits (persistent cookies).

Cookies may collect information such as browser type, location data, and IP addresses. Persistent cookies are automatically deleted after a defined period.

Certain cookies are necessary to enable features such as saving items in your shopping cart. If cookies process personal data, this is done either under Article 6(1)(b) GDPR for contract fulfillment or Article 6(1)(f) GDPR based on our legitimate interest in providing a smooth and user-friendly experience.

We may also work with advertising partners who place cookies on your device. You will be informed separately if this applies.

You can configure your browser to notify you about cookie usage, accept or reject cookies, or disable them entirely. Please note that restricting cookies may limit website functionality.

Upon your first visit, you will be asked for consent to non-essential cookies via a cookie banner. You can adjust your preferences at any time.

4. CONTACTING US

If you contact us via email or a contact form, personal data will be collected as required to respond to your inquiry. This data is used exclusively to communicate with you and manage your request.

The legal basis for this processing is Article 6(1)(f) GDPR. If your inquiry relates to a contract, Article 6(1)(b) GDPR applies. Your data will be deleted once your request has been fully handled, unless legal retention obligations apply.

5. CUSTOMER ACCOUNTS AND CONTRACT PROCESSING

When you create a customer account or place an order, personal data is collected in accordance with Article 6(1)(b) GDPR for contract execution.

You may request deletion of your customer account at any time. After completion of the contract or deletion of your account, your data will be restricted and deleted following statutory retention periods, unless further lawful use applies.

6. DIRECT MARKETING COMMUNICATIONS

6.1 Newsletter Subscription

If you subscribe to our newsletter, we will send you information about products and offers. Only your email address is required.

We use a double opt-in procedure. After registration, you will receive a confirmation email. By confirming, you consent to the processing of your data under Article 6(1)(a) GDPR.

You may unsubscribe at any time via the link in the newsletter or by contacting us. Your email address will then be removed unless legal grounds permit further use.

6.2 Marketing Emails to Existing Customers

If you provided your email during a purchase, we may send you offers for similar products based on Article 6(1)(f) GDPR. You can object at any time, and we will immediately stop sending such emails.

7. ORDER AND PAYMENT PROCESSING

7.1 Shipping and Payment Data

Your personal data is shared with shipping providers and payment institutions only to the extent necessary to fulfill your order under Article 6(1)(b) GDPR.

7.2 Payment Providers

PayPal
Payments via PayPal are processed by PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg. PayPal may conduct credit checks as permitted by law. For details, please refer to PayPal’s privacy policy.

SOFORT
Payments via SOFORT are processed by SOFORT GmbH, part of Klarna Group. Information is transferred solely for payment processing purposes.

8. REVIEW REMINDERS

With your explicit consent, we may send a one-time email reminder asking you to review your purchase. You may withdraw your consent at any time by contacting us.

9. SOCIAL MEDIA PLUGINS

Our website uses privacy-friendly social media buttons for Facebook, Google+, and Instagram via the Shariff solution. These buttons do not transmit data until you actively click them.

Further information on data processing can be found in the respective platform’s privacy policies.

10. ONLINE MARKETING AND ANALYTICS

We use Google services such as DoubleClick, Google Ads Conversion Tracking, Google Analytics (with IP anonymization), Facebook Pixel, and remarketing tools in compliance with GDPR requirements.

You can manage or disable cookies and tracking via browser settings or available opt-out tools.

11. DATA SUBJECT RIGHTS

You have the right to:

  • Access your data (Art. 15 GDPR)

  • Rectification (Art. 16 GDPR)

  • Erasure (Art. 17 GDPR)

  • Restriction of processing (Art. 18 GDPR)

  • Notification (Art. 19 GDPR)

  • Data portability (Art. 20 GDPR)

  • Withdraw consent (Art. 7(3) GDPR)

  • Lodge a complaint with a supervisory authority (Art. 77 GDPR)

You may also object to processing based on legitimate interest or direct marketing at any time.

12. DATA RETENTION

Personal data is stored only as long as required by legal retention obligations or legitimate business purposes and is deleted once no longer necessary.

13. CONTACT

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:

info@nicoles-foundry.com