PRIVACY POLICY

1. Introduction and contact details of the controller

1.1

We are pleased that you are visiting our website and thank you for your interest. In this Privacy Policy we inform you about how we handle your personal data when you use our website. Personal data means any information that can be used to personally identify you.

1.2

The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:

Martin Wamsler
Christinenstr. 21
10119 Berlin
Germany

Phone: +49 (0)177 8086828
Email: hello@bearfoot.de

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

2. Data collection when visiting our website

2.1 Server log files

When you use our website for informational purposes only, meaning that you do not register, place an order or otherwise submit information to us, we only collect data that your browser automatically transmits to our server.

When accessing our website the following data may be collected:

  • visited website

  • date and time of access

  • amount of data transmitted

  • referrer URL

  • browser type

  • operating system

  • IP address

Processing is carried out pursuant to Article 6(1)(f) GDPR based on our legitimate interest in ensuring the stability and security of our website.

2.2 SSL/TLS encryption

For security reasons this website uses SSL or TLS encryption to protect the transmission of personal data and other confidential information.

You can recognize an encrypted connection by the https:// prefix in the browser address bar.

3. Hosting and content delivery

3.1 Shopify

Our online shop is hosted using the platform provided by

Shopify International Limited
Victoria Buildings
1-2 Haddington Road
Dublin 4
Ireland

Data may also be processed by affiliated Shopify entities located in Canada and the United States.

All data collected on our website is processed on Shopify servers. Shopify processes data on our behalf under applicable data protection agreements.

Where data is transferred outside the European Economic Area appropriate safeguards such as standard contractual clauses or adequacy decisions apply.

3.2 Content Delivery Network

We use a content delivery network provided by

BunnyWay d.o.o.
Cesta komandanta Staneta 4A
1215 Medvode
Slovenia

The CDN allows faster delivery of website content and improves the stability and performance of our website.

The legal basis is Article 6(1)(f) GDPR based on our legitimate interest in secure and efficient website operation.

4. Cookies

Our website uses cookies and similar technologies.

Cookies are small text files stored on your device that allow certain features of the website to function and improve your browsing experience.

Some cookies are necessary for the operation of the website while others are used for analytics or marketing purposes.

Where cookies are not technically required they will only be used with your consent pursuant to Article 6(1)(a) GDPR.

You can manage your cookie settings through the cookie consent tool on our website or through your browser settings.

5. Contacting us

If you contact us for example by email or contact form we process the personal data you provide solely to handle and respond to your request.

The legal basis for this processing is Article 6(1)(f) GDPR.

If the contact relates to a contract the legal basis is also Article 6(1)(b) GDPR.

Your data will be deleted once the request has been fully resolved unless statutory retention obligations apply.

6. Customer accounts

If you create a customer account on our website we process the personal data necessary to provide the account and manage your orders.

The legal basis is Article 6(1)(b) GDPR.

You may request deletion of your account at any time by contacting us. After deletion the data will be removed unless legal retention obligations apply.

7. Email marketing

7.1 Newsletter

If you subscribe to our newsletter we use your email address to send information about products offers and updates.

The legal basis for this processing is your consent pursuant to Article 6(1)(a) GDPR.

You may unsubscribe at any time by using the unsubscribe link in the email.

7.2 Product availability notifications

If you register for a back-in-stock notification we will send a single email once the product becomes available again.

The legal basis for this processing is your consent pursuant to Article 6(1)(a) GDPR.

7.3 Cart reminders

If you begin a purchase but do not complete your order we may send a reminder regarding your shopping cart where permitted by applicable law.

You may opt out at any time.

8. Data processing for order fulfillment

To process your order we collect personal data such as

  • name

  • billing address

  • shipping address

  • email address

  • phone number

  • payment details

  • order information

The legal basis is Article 6(1)(b) GDPR.

8.1 Fulfillment and logistics partners

Because our store serves customers in the United States we work with fulfillment and logistics partners located in the United States who store our products and ship orders to customers.

For this purpose necessary personal data such as name shipping address and order information may be shared with these partners.

8.2 Shipping carriers

For delivery your data may be shared with shipping carriers or parcel services operating in the United States in order to deliver your order and provide shipment updates.

9. Payment services

To process payments we use third-party payment providers.

Depending on the payment method your payment information may be processed by providers such as:

  • PayPal

  • Apple Pay

  • Google Pay

  • Amazon Pay

  • credit card providers

Payment processing occurs according to the privacy policies of the respective provider.

10. Analytics and marketing tools

10.1 Google Tag Manager

We use Google Tag Manager provided by

Google Ireland Limited
Gordon House
Barrow Street
Dublin
Ireland

This service helps us manage website tags and services.

10.2 Meta Pixel

We use Meta Pixel provided by

Meta Platforms Ireland Limited
4 Grand Canal Square
Dublin
Ireland

This allows us to measure the effectiveness of advertising and display relevant advertisements.

Where legally required this service is only activated after user consent.

11. Embedded content

11.1 YouTube

Our website may display videos from YouTube which is operated by Google Ireland Limited.

When you view these videos data such as your IP address may be transmitted to Google.

11.2 Google Maps

Our website may use Google Maps to display maps and location information.

When using this service your IP address may be transmitted to Google servers.

12. Accounting and administrative services

We use external service providers to support accounting bookkeeping and administrative processes.

Processing is based on our legal obligations and legitimate interests in efficient business operations.

13. Cookie consent tool

Our website uses a cookie consent tool that allows users to manage their cookie preferences.

This tool ensures that non-essential cookies are only used after obtaining user consent.

14. Your rights under GDPR

Where GDPR applies you have the following rights:

  • right of access

  • right to rectification

  • right to erasure

  • right to restriction of processing

  • right to data portability

  • right to withdraw consent

  • right to lodge a complaint with a supervisory authority

You also have the right to object to processing based on legitimate interests including processing for direct marketing.

15. Additional privacy rights for US residents

Depending on your state of residence in the United States you may have additional privacy rights under applicable state laws including for example the California Consumer Privacy Act (CCPA) or California Privacy Rights Act (CPRA).

These rights may include:

  • the right to request access to personal information collected about you

  • the right to request deletion of personal information

  • the right to request correction of inaccurate personal information

  • the right to opt out of certain data sharing practices

  • the right not to be discriminated against for exercising privacy rights

To exercise any of these rights please contact us using the contact details listed above.

16. Data retention

Personal data will only be stored for as long as necessary for the purposes for which it was collected or as required by applicable law.

After the retention period expires personal data will be deleted unless continued storage is legally required.