Privacy Policy

Your privacy is important to us. In accordance with Articles 13 and 14 of the General Data Protection Regulation (GDPR), we provide you with transparent information about how your data is processed on this website.

1. Data Controller

Buntbox GmbH
Ehestetter Weg 10
72458 Albstadt
Phone: +49 (0)7431 54 9999 0
Email: mail@buntbox.com
Contact Person: Simon Brodbeck (Managing Director)

2. Purposes and Legal Bases for Data Processing

  • Contract Performance (Art. 6(1)(b) GDPR): Processing your orders, delivering goods, and communicating regarding contract execution.
  • Consent (Art. 6(1)(a) GDPR): Sending newsletters and processing cookies for personalized advertising.
  • Legitimate Interest (Art. 6(1)(f) GDPR): Optimizing user experience, analysis, and security.
  • Legal Obligation (Art. 6(1)(c) GDPR): Compliance with tax and commercial retention requirements.

3. Data Collected

  • Anonymized IP address
  • Browser type and version
  • Duration of website visits
  • Information from contact forms (e.g., name, email address, message content)
  • Tracking data (e.g., Google Analytics, Google Ads, Facebook Pixel)

4. Data Retention Periods

We store personal data only as long as necessary for the specified purposes or as required by law:

  • Log data: 30 days
  • Customer data: 10 years (required by tax law)
  • Newsletter data: Until unsubscribed

5. Cookies and Consent

This website uses cookies to provide basic functionalities, improve user experience, and display personalized advertising. You can adjust your cookie settings at any time.

Details about each cookie and its purpose can be found in the cookie settings.

6. Data Sharing

We share your data with the following service providers:

  • Shipping providers: Deutsche Post, DHL, UPS
  • Newsletter service: Mailjet
  • Hosting: Plusserver (in Germany)
  • Dropbox for data exchange

Data transfers to third countries (e.g., the USA) occur only when using tools like Google Analytics or Dropbox. We ensure appropriate safeguards through standard contractual clauses.

7. Your Rights

Under GDPR, you have the following rights:

  • Right to access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restrict processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw your consent (Art. 7(3) GDPR)

To exercise your rights, contact us: mail@buntbox.com.

8. Automated Decision-Making

We do not conduct automated decision-making or profiling.

9. Security

Our website uses SSL encryption to protect your data during transmission.