PRIVACY POLICY

1. Information on the Collection of Personal Data and Contact Details of the Data Controller
1.1. We are pleased that you are visiting our website and thank you for your interest. This section explains how we handle your personal data when you use our website. Personal data is any information that can personally identify you.

1.2. The data controller responsible for this website under the GDPR is:
Aemmi GmbH
Nordplatz 2, 48149 Münster, Germany
Email: office@ae-mmi.com

1.3. For security and to protect data transmission (e.g., orders or inquiries), this website uses SSL/TLS encryption. Encrypted connections are indicated by “https://” and a lock symbol in your browser.

2. Data Collection When Visiting Our Website
When using our website for informational purposes only, we collect only the data that your browser transmits to our server (so-called “server log files”), including:

• Visited website

• Date and time of access

• Amount of data sent in bytes

• Source/referrer

• Browser used

• Operating system used

• IP address (possibly anonymized)

This data is processed based on our legitimate interest in improving website stability and functionality (Art. 6(1)(f) GDPR). Data is not shared with third parties unless there are indications of unlawful use.

3. Cookies
We use cookies to enhance website functionality and your browsing experience. Session cookies are deleted after closing the browser; persistent cookies remain to recognize your device on future visits. Cookies may store browser and location data or IP addresses.

Some cookies help simplify processes (e.g., remembering your shopping cart). If personal data is processed via cookies, processing is based on Art. 6(1)(b) GDPR (contract execution) or Art. 6(1)(f) GDPR (legitimate interest in website functionality).

Third-party cookies may be used for advertising purposes. You can configure your browser to accept or block cookies; instructions are in your browser’s help menu.

Links for major browsers:

• Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies

• Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

• Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647

• Safari: https://support.apple.com/kb/ph21411?locale=de_DE

• Opera: http://help.opera.com/Windows/10.20/de/cookies.html

Note: Some website functions may be limited if cookies are disabled.

4. Contact
When contacting us (via form or email), personal data is collected to respond to your inquiry and for technical administration. Legal basis: Art. 6(1)(f) GDPR. If your inquiry aims to conclude a contract, Art. 6(1)(b) GDPR applies. Data is deleted after processing unless legal retention obligations exist.

5. Customer Accounts and Contract Execution
Personal data provided to open a customer account or for contract execution is processed under Art. 6(1)(b) GDPR. Data can be deleted at any time by contacting us. After contract completion or account deletion, data is blocked and deleted according to legal retention periods unless further use is consented or legally allowed.

6. Direct Marketing

6.1. Newsletter Subscription
By subscribing, you receive information on offers. Mandatory: email address. Optional additional data is used for personal addressing. Double opt-in ensures consent. You can unsubscribe anytime via the newsletter link or contacting us.

7. Data Processing for Order Handling

7.1. Order Fulfillment
We work with service providers to fulfill contracts. Personal data may be shared with delivery companies or payment providers only as necessary. Legal basis: Art. 6(1)(b) GDPR.

7.2. Order Processing Service Providers

• Sendcloud: Sendcloud GmbH, Fürstenrieder Str. 70, 80686 Munich. Data shared only for order processing. Privacy: sendcloud.de

7.3. Payment Service Providers

• PayPal: Payment information is shared with PayPal (Europe) S.a.r.l. et Cie, Luxembourg. Credit checks may occur based on legitimate interest (Art. 6(1)(f) GDPR). Privacy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

• Shopify Payments: Payment data is shared with Shopify Payments, Shopify Inc., Ottawa, Canada, for order fulfillment and payment processing. Privacy: https://www.shopify.com/legal/privacy

8. Social Media Plugins

• Instagram: Plugins connect directly to Instagram servers. IP and browsing info may be transmitted. If logged in, your visit may be linked to your Instagram account. Privacy: https://help.instagram.com/155833707900388/

9. Online Marketing

• Google AdSense: Uses cookies and web beacons for usage analysis. Data may be transmitted to servers in the USA. Privacy: http://www.google.de/policies/privacy/

• Google AdWords Conversion Tracking: Measures ad clicks and conversions anonymously. Opt-out possible via browser settings.

10. Rights of Data Subjects
Under GDPR, you have rights to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), notification (Art. 19), data portability (Art. 20), withdrawal of consent (Art. 7(3)), and lodging complaints (Art. 77).

Right to Object: You may object to data processing based on legitimate interest or for direct marketing at any time. Processing stops unless overriding grounds exist or processing is required to exercise legal claims.

11. Data Retention
Data is stored according to legal retention periods (e.g., commercial or tax law). After expiration, data is deleted unless required for contract fulfillment or a legitimate interest remains.