Privacy policy

Privacy Policy

for The German Gift Shop

Last updated: 28 April 2026

1. Controller

Nadine Rautenstrauch
The German Gift Shop
Schmetterlingsweg 5 1/2
86199 Augsburg
Germany

Email: hello@thegermangiftshop.com

2. General Information on Data Processing

We process personal data exclusively in accordance with legal requirements, in particular the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and other applicable data protection regulations.

Personal data means any information relating to an identified or identifiable natural person.

Please read this Privacy Policy carefully. By using our services, you agree to this Privacy Policy.

3. Hosting / Shop System / Technical Provision

Our online shop is operated via Shopify.

When you visit our shop, Shopify processes technical usage data, IP address, browser data, device information, and data required for order processing.

Further information:
https://www.shopify.com/legal/privacy

4. Server Log Files

When this website is accessed, the hosting provider or technical infrastructure automatically collects information in so-called server log files. This includes in particular:

  • IP address
  • date and time of access
  • browser type / browser version
  • operating system
  • referrer URL
  • accessed pages / files
  • access status

This processing is carried out to ensure the technical operation, system security, and error analysis on the basis of Art. 6 para. 1 lit. f GDPR.

5. Orders and Contract Processing

When an order is placed, we process in particular:

  • name
  • billing and shipping address
  • email address
  • telephone number, if provided
    order data
  • payment information
  • shipping information

The processing is carried out for the performance of pre-contractual measures and contract fulfilment pursuant to Art. 6 para. 1 lit. b GDPR.

6. Payment Service Providers

We use external payment providers to process payments.

Depending on the selected payment method, the necessary payment data will be transmitted to the respective provider.

This applies in particular to:

PayPal
https://www.paypal.com/de/webapps/mpp/ua/privacy-full

Shopify
https://www.shopify.com/legal/privacy

and, where applicable, other providers offered during checkout.

The processing is carried out pursuant to Art. 6 para. 1 lit. b GDPR.

7. Shipping Service Providers

To deliver your order, we pass on the necessary data to shipping companies.

This includes in particular:

  • name
  • shipping address
  • email address, if required
  • telephone number, if required

The processing is carried out pursuant to Art. 6 para. 1 lit. b GDPR.

8. Product Reviews / Judge.me

We use Judge.me to display and manage product reviews.

After a purchase, order data and email address may be used to invite you to submit a review or to display reviews in the shop.

The processing is carried out on the basis of our legitimate interest in transparent customer feedback and quality improvement pursuant to Art. 6 para. 1 lit. f GDPR.

Further information:
https://judge.me/privacy

9. Live Chat / Customer Communication

Where a live chat or messaging service, such as Shopify Inbox or comparable chat functions, is offered on this website, personal data may be processed when it is used, in particular:

  • name
  • email address
  • message content
  • technical usage data
  • time of the request

The processing is carried out to handle your request and for customer communication pursuant to Art. 6 para. 1 lit. b GDPR or Art. 6 para. 1 lit. f GDPR.

When using Shopify-based chat functions, Shopify’s privacy information also applies:
https://www.shopify.com/legal/privacy

10. Shopify Email / Newsletter

Where we use newsletters, product information, or email marketing via Shopify, we process in particular:

  • email address
  • name, if applicable
  • interaction data, such as opens and clicks
  • voluntarily provided information

Registration takes place — where legally required — using the double opt-in procedure.

The processing is carried out on the basis of your consent pursuant to Art. 6 para. 1 lit. a GDPR or our legitimate interest in customer communication pursuant to Art. 6 para. 1 lit. f GDPR, where legally permitted.

Further information:
https://www.shopify.com/legal/privacy

11. Sales via Agentic Storefronts / AI-Supported Sales Channels

We use Shopify functions through which products may additionally be displayed, recommended, or sold via digital sales channels, search systems, AI-supported shopping assistants, or chat-based purchasing environments, such as Agentic Storefronts.

In this context, product-related information such as product titles, prices, product images, variants, availability, or shipping information may be transmitted to technical partners or platforms.

If an order is placed, personal data will be processed for contract fulfilment.

Legal basis:

  • Art. 6 para. 1 lit. b GDPR
  • Art. 6 para. 1 lit. f GDPR

Further information:
https://www.shopify.com/legal/privacy
https://www.shopify.com/legal/terms-agentic-storefronts

12. Cookies / Tracking / Analytics

Our website may use cookies, similar technologies, as well as analytics and marketing tools.

Where legally required, this only takes place after your consent via the consent management tool used.

Legal basis:

  • Art. 6 para. 1 lit. a GDPR
  • Section 25 TTDSG

13. Google Services

We use Google services, in particular:

  • Google Analytics
  • Google Ads / Conversion Tracking
  • Google Merchant Center
  • YouTube embeds

Further information:
https://policies.google.com/privacy

14. Pinterest

We may use services provided by Pinterest.

Further information:
https://policy.pinterest.com/de/privacy-policy

15. Social Media Profiles

We maintain public profiles or business presences on the following platforms:

  • LinkedIn
  • Instagram
  • Facebook
  • X
  • YouTube

When you visit these profiles, the respective platform operators process personal data on their own responsibility.

Further information can be found in the privacy policies of the respective providers.

16. Contacting Us

When you contact us by email, form, or chat, we process your information in order to handle your request.

Legal basis:

  • Art. 6 para. 1 lit. b GDPR
  • Art. 6 para. 1 lit. f GDPR

17. International Data Transfers

When using external services, personal data may also be processed outside the European Union, in particular in the USA or Canada.

Where required, this is carried out on the basis of adequacy decisions or appropriate safeguards pursuant to Art. 44 et seq. GDPR.

18. Storage Period

We store personal data only for as long as this is necessary for contract processing, statutory retention obligations, or legitimate interests.

19. Your Rights

You have the right to:

  • access
  • rectification
  • erasure
  • restriction of processing
  • data portability
  • objection
  • withdrawal of consent given
  • lodge a complaint with a data protection supervisory authority

20. AI-Supported Visual Content

This website partly uses visual content created or edited with the help of modern design software or artificial intelligence.

This does not involve automated decision-making or profiling based on personal visitor data.

21. Changes to This Privacy Policy

We reserve the right to amend this Privacy Policy if this becomes necessary due to legal, technical, or organisational changes.