This privacy policy is intended to inform you as a user of this webshop (hereinafter referred to as the "Website") about the nature, scope, and purpose of the collection and use of personal data by me, the webshop operator, utoppa GmbH (referred to as "Utoppa" hereinafter).

We take your privacy very seriously and treat your personal data confidentially and in accordance with legal regulations. As changes to this privacy policy may be made due to new technologies and continuous development of this website, we recommend reviewing this policy regularly.

Personal data includes individual details about the personal or material circumstances of an identified or identifiable natural person. This includes information such as your real name, address, telephone number, and date of birth (if provided). Definitions of the terms used in this privacy policy (e.g., "personal data" or "processing") can also be found in Article 4 of the General Data Protection Regulation (GDPR).

Controller:
Nico Albrecht and Maximilian Sänger, Managing Directors of utoppa GmbH
Industriestr. 22
65366 Geisenheim, Germany
E-mail: contact@utoppa.com

If you have questions regarding data protection concerning our webshop, you may contact us at the above address or email.

 

Collection and Storage of Personal Data, and Nature and Purpose of Use

Visiting the Website

When accessing our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a log file. The following information is collected without your input and stored until automated deletion:

This data is anonymized and stored in accordance with the German Telemedia Act (TMG). The creation of personal user profiles is excluded. These data are deleted or anonymized after the connection ends.

We process this data for the following purposes:

The legal basis for this data processing is Article 6(1)(f) GDPR. Our legitimate interest arises from the purposes listed above. Under no circumstances do we use the collected data to draw conclusions about your person.

In addition, we use cookies and analytics services when you visit our website. Detailed explanations can be found in sections 4 and 5 of this privacy policy.

Newsletter

We offer the option to subscribe to our newsletter. After registration, we regularly inform you via email about updates and remind you of items left in your shopping cart or incomplete purchases.

For newsletter registration, a valid email address is required. Verification occurs through a registration email containing a confirmation link.

When subscribing to the newsletter, we process your email address based on your consent (Article 6(1)(a) GDPR). You can unsubscribe at any time via the link in the received emails or by sending an email to contact@utoppa.com.

Google Web Fonts

To ensure a consistent and appealing presentation of fonts, this website uses Web Fonts provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google").

Your browser downloads the required Web Fonts into its cache to display text and fonts correctly. To do this, the browser connects to Google’s servers, providing Google with information about your IP address and that our website was accessed.

The use of Google Web Fonts is based on our legitimate interest in a uniform and attractive presentation of our online offerings (Article 6(1)(f) GDPR).

If your browser does not support Web Fonts, a standard font from your computer will be used.

For more information about Google Web Fonts, visit:

Contact Form

If you have any questions, you can reach out to us via the contact form provided on the website. To do so, the following details are required:

  • A valid email address
  • First and last name
  • Category, country, and subject of your inquiry

These details allow us to identify the sender of the inquiry and respond appropriately, ensuring accurate and efficient processing. This is especially necessary as many of our customers rely on timely responses for professional purposes.

The data processing for contacting us is based on your voluntary consent as per Article 6(1)(a) GDPR. You may revoke this consent at any time by sending a simple email to contact@utoppa.com. The legality of data processing conducted before the revocation remains unaffected.

The personal data collected through the contact form will be deleted after your inquiry has been processed.

Email Contact

If you contact us via email, we store your information to process the inquiry and address any follow-up questions. Additional personal data will only be stored and used with your consent or if it is legally permissible without specific consent.

Product Reviews

When you submit a product review, your data will be stored, and your review will be published on our website. We also share your data with the software used to process the review. By submitting a product review, you consent to this.

You can request the deletion of your review and associated personal data at any time.

Data Sharing

We do not share your personal data with third parties except in the following cases:

  1. Explicit Consent: When you have expressly consented as per Article 6(1)(a) GDPR.
  2. Legal Claims: When necessary for asserting, exercising, or defending legal claims and no overriding interest opposes the disclosure as per Article 6(1)(f) GDPR.
  3. Legal Obligations: When required by law under Article 6(1)(c) GDPR.
  4. Contract Execution: When necessary for fulfilling contractual obligations as per Article 6(1)(b) GDPR.

Cookies

We use cookies to enhance your browsing experience. Cookies are small files stored on your device that do not harm your hardware or contain malicious software.

Types of Cookies We Use

  1. Session Cookies: Automatically deleted when you leave the website; they help recognize pages you’ve visited.
  2. Temporary Cookies: Stored for a specific period, these remember your settings and inputs for a more personalized experience.
  3. Statistical Cookies: Used for analyzing website usage and optimizing our offerings.

These cookies are processed in accordance with Article 6(1)(f) GDPR, serving our legitimate interests in providing a better user experience.

Most browsers accept cookies automatically. However, you can configure your browser to disable cookies or notify you when cookies are being placed. Disabling cookies may limit some website functionalities.

Ai Trillion Marketing Tool

We use Ai Trillion, provided by INTELLI AI TRILLION TECHNOLOGIES PRIVATE LIMITED, to manage newsletters, customer information, and product recommendations.

  • Purpose: Personalizing user experiences, analyzing website behavior, and automating marketing communications.
  • Stored Data: Data such as email addresses, entered form data, and IP addresses are processed and stored on servers in the US, Canada, and India.

Data is stored until you unsubscribe or request deletion. To opt out, contact us or Ai Trillion directly.

Google Analytics

Our website uses Google Analytics, a web analytics service by Google Inc., to improve usability and optimize our offerings.

Data Collected:

  • Browser type/version
  • Operating system
  • Referrer URL
  • IP address (anonymized via IP masking)
  • Access time

Google Analytics uses cookies to analyze website traffic and user behavior. The data may also support remarketing campaigns.

Your Rights:

You can:

  • Prevent cookie installation via browser settings.
  • Use a browser add-on to disable data collection: Google Analytics Opt-Out.
  • Set an opt-out cookie on mobile devices by clicking the opt-out link on our website.

For more details, refer to Google’s Privacy Policy.

Social Media and Video Links

Social Media Links

Our website contains links to Facebook, Twitter, YouTube, and Vimeo. Clicking these links redirects you to their respective platforms. The providers of these services are responsible for their data privacy practices.

YouTube Integration

We use plugins from YouTube, operated by Google. Visiting a YouTube-integrated page establishes a connection with YouTube servers, sharing your browsing data.

To prevent YouTube from linking your browsing behavior to your profile, log out of your YouTube account.

For more information, visit YouTube's Privacy Policy.

Collection of Customer Data

When registering an account or placing an order, we collect the following data:

  • Account Creation:

    • First and last name
    • Email address

  • Order Processing:

    • Billing and delivery addresses
    • Payment details
    • Phone number

This data is necessary for fulfilling your orders and managing your account

Your customer account will also automatically be assigned a customer number.
We require your phone number to pass it on to logistics companies such as DHL/DPD/UPS. These companies need your phone number to contact you regarding the delivery. More information about DPD can be found under Point 10 of this Privacy Policy.

The data you provide during registration and when placing orders in the online shop will be used for the following purposes:

Customer Account

When creating a customer account, we collect your personal data as specified during registration. This data processing aims to enhance your shopping experience and simplify order processing. Processing is based on Article 6(1)(a) GDPR with your consent. You may revoke your consent at any time by notifying us, without affecting the legality of processing carried out prior to the revocation. Your customer account will then be deleted.

Collection, Processing, and Sharing of Personal Data During Orders

When you place an order, we collect and process your personal data only to the extent necessary for fulfilling and processing your order and handling your inquiries. Providing data is required for concluding the contract. Failure to provide the data means that no contract can be concluded. Processing is based on Article 6(1)(b) GDPR and is necessary for the performance of a contract with you. Your data may be shared, for example, with the shipping company you select, payment service providers, service providers for order processing, and IT service providers. In all cases, we strictly adhere to legal requirements, and the scope of data transfer is limited to a minimum.

Your data may also be transferred to Canada. The European Commission has adopted an adequacy decision for data transfers to Canada.

If you choose not to provide additional, voluntary personal data, the functionality of the uttopa.com service may be restricted. You can edit or delete your profile in your customer account at any time. The data will then be automatically removed from our system. To ensure the secure transmission of data, it is transferred via a secure SSL connection.

Payment Provider "PayPal"

On our website, we offer payment via PayPal. This payment service is provided by PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg ("PayPal"). When you select payment via PayPal, the payment data you provide will be transmitted to PayPal.
The data transfer to PayPal is based on Article 6(1)(a) GDPR (consent) and Article 6(1)(b) GDPR (processing for the performance of a contract). You can revoke your consent for data processing at any time. A revocation does not affect the legality of prior data processing activities.

Shopify Payments

We use the payment service provider "Shopify Payments," 3rd Floor, Europa House, Harcourt Building, Harcourt Street, Dublin 2. If you choose a payment method provided by Shopify Payments, the payment will be processed via the technical service provider Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland.
The information you provide during the order process, including order information (name, address, account number, sort code, credit card number if applicable, invoice amount, currency, and transaction number), will be shared with Stripe Payments Europe Ltd. in accordance with Article 6(1)(b) GDPR. The data transfer is solely for payment processing and only as necessary. Further information about Shopify Payments' privacy practices can be found here: https://www.shopify.com/legal/privacy.
Stripe Payments Europe Ltd.'s privacy policy is available at https://stripe.com/de/privacy.

Use of Personal Data with Klarna Payment Options

To offer Klarna payment options, we may share personal data such as contact and order details with Klarna. This enables Klarna to assess whether you qualify for its payment options and tailor them to your needs. General information about Klarna is available at https://www.klarna.com/de/.
Klarna processes your personal data in accordance with applicable privacy laws and as described in its privacy policy at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy.

Logistics Companies (DHL)

To fulfill your order, we work with the following service provider, which partially or fully assists us in executing contracts:
The personal data we collect will be shared with the shipping company responsible for delivery, as required for delivering the goods. In case of a complaint, your device may be forwarded to a service partner. Data sharing occurs to fulfill contractual or legal obligations under the purchase agreement (Article 6(1)(b) GDPR) and for our legitimate interest in efficient error identification and resolution (Article 6(1)(f) GDPR).

Your payment data will be shared with the bank or payment institution responsible for processing payments, as necessary. When payment service providers are used, we explicitly inform you below.

The legal basis for data sharing is Article 6(1)(b) GDPR. For fulfilling contractual obligations to our customers, we collaborate with external shipping partners. We share your name and delivery address exclusively for shipping purposes under Article 6(1)(b) GDPR.
The goods are delivered by DHL (Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn), DPD, or UPS. For freight shipments, your email address and phone number will also be shared before delivery, in accordance with Article 6(1)(f) GDPR, to coordinate delivery appointments or notify you of delivery.

Sharing with Other Third Parties

Finally, we may share your data with third parties or government agencies in compliance with existing privacy laws under Article 6(1)(c) and (f) GDPR if legally required to do so by administrative or judicial order, or if permitted to pursue criminal prosecution or enforce our rights and claims.

Rights of Data Subjects

You have the right:

Right to Object

You can object to data processing based on legitimate interests under Article 6(1)(f) GDPR if there are reasons related to your particular situation or if it concerns direct marketing. In the latter case, you have an absolute right to object, which we will honor without further justification.

To exercise your right to revoke or object, simply email us at contact@utoppa.com.

Data Security

During website visits, we use SSL (Secure Socket Layer) technology with the highest encryption supported by your browser, typically 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology. Encrypted pages can be identified by a lock or key symbol in the browser's status bar.

Additionally, we use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. These measures are continuously improved in line with technological developments.

Updates and Changes to This Privacy Policy

This Privacy Policy is effective as of June 2024.

Due to the development of our website and services or changes in legal or regulatory requirements, this Privacy Policy may need to be updated. The current Privacy Policy can be accessed and printed at any time on our website.