Responsible: Gema Cebrian
1. Introduction
Thank you for visiting our website. This Privacy Policy explains how we handle your personal data. “Personal data” means any information that can identify you.
The controller responsible for data processing on this website is:
Gema Cebrian
Email: info@gemacebrian.com
Address: Eschenweg 2, 61440 Oberursel
2. Data We Collect When You Visit Our Website
When you browse the website, we automatically collect technical data such as:
- pages visited
- date and time of access
- amount of data sent
- browser and operating system
- referring website
- IP address (anonymized where possible)
This is needed to ensure the website works correctly (Art. 6(1)(f) GDPR).
3. Hosting
Our website is hosted on servers within the European Union. All data collected through the website is processed on these servers. We have a data processing agreement in place to protect your information.
4. Contacting Us
If you contact us by email or contact form, we use your data only to reply to your request.
Legal basis: our legitimate interest (Art. 6(1)(f) GDPR) or contract-related purposes (Art. 6(1)(b) GDPR).
We delete your message once your inquiry is resolved unless legal obligations require longer storage.
5. Customer Accounts
If you open a customer account, we collect only the data necessary to create and manage your account (Art. 6(1)(b) GDPR).
You may request deletion of your account at any time.
6. Orders and Payments
To process your order, we share your data with delivery services and payment providers, but only when necessary (Art. 6(1)(b) GDPR).
Payment providers we may use include:
- PayPal
- Stripe
(each provider processes your payment data according to its own Privacy Policy and may perform credit checks when needed).
7. Your Rights
Under the GDPR, you have the right to:
- access your data
- correct your data
- delete your data
- restrict or object to processing
- data portability
- withdraw consent at any time
- file a complaint with a data protection authority
You can contact us to exercise any of these rights.
8. Data Storage
We store your data only as long as necessary:
- Based on consent: until you withdraw it
- For orders: until legal retention periods end
- For legitimate interests: until you object
- For marketing: until you opt out
Once data is no longer needed, it is deleted.