Privacy Policy
1. Personal Data Controller
The controller of personal data is Hahn & Sohn or the operating entity specified in the order or contact information.
Contact for GDPR matters: info@hahn-sohn.eu
2. What Data We Process
We process only the necessary data:
When placing an order:
-
first and last name
-
address (billing and delivery)
-
phone, email
-
details of the ordered goods
-
payment metadata (without card numbers)
When submitting a claim / service request / inquiry:
-
contact details
-
content of the message
-
attachments (photos, documents)
Technical data:
-
IP address
-
cookies
-
device and browser data
3. Purposes of Processing
-
order processing, delivery, and payment
-
customer support, service, claims
-
accounting
-
improving website functionality
-
system security
4. Legal Bases for Processing
-
performance of a contract
-
legal obligation (taxes, accounting)
-
legitimate interest (security)
-
user consent (cookies, newsletter)
5. Data Retention
-
order-related data: according to legal requirements (typically 5–10 years)
-
service & claims: for the duration of processing and archiving as required by law
-
cookies: according to technical settings
6. Data Sharing
Only with entities necessary for the operation of the e-shop:
-
carriers
-
payment gateways
-
hosting providers
-
accounting and system partners
We do not sell personal data.
7. Data Transfer Outside the EU
If a technical solution requires transfer outside the EU, it is ensured using SCC (Standard Contractual Clauses) according to GDPR.
8. Customer Rights
-
access to personal data
-
rectification
-
erasure
-
restriction of processing
-
data portability
-
objection
-
complaint to a supervisory authority in their EU country
Contact: info@hahn-sohn.eu
9. Data Security
We protect data using technical and organisational measures against misuse, loss, or unauthorised access.
10. Document Updates
This document may be updated. The current version is always available on the website.