English
Deutsch

Privacy Policy

Last updated: 24.01.2026

1. Controller

Gesa Jansen Kampstraße 34 22113 Oststeinbek, Germany Email: hello@bygesa.de

2. General Information on Data Processing

We only process personal data to the extent necessary to provide a functional website and our content and services. Processing is carried out in accordance with the GDPR, in particular Article 6(1).

3. Hosting

Our website is hosted by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. When you visit our website, the server automatically collects technical data (IP address, browser type, operating system, time of access). This data is technically necessary to deliver the website and is not merged with other data sources.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the secure provision of the website).

More information: https://www.hetzner.com/legal/privacy-policy

4. Customer Account and Orders

A customer account is required to place an order. We process:

  • Name
  • Email address
  • Password (stored encrypted)
  • Order history

This data is necessary for contract fulfillment. Legal basis: Art. 6(1)(b) GDPR.

Data is deleted as soon as it is no longer required for contract processing and no statutory retention obligations apply (e.g. tax law up to 10 years).

5. Payment Providers

PayPal

For payments via PayPal, data is transmitted to PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg. This includes payment amount and transaction data. Legal basis: Art. 6(1)(b) GDPR.

Privacy policy: https://www.paypal.com/webapps/mpp/ua/privacy-full

Stripe

For payments via Stripe, data is transmitted to Stripe Payments Europe, Ltd., Dublin, Ireland. Legal basis: Art. 6(1)(b) GDPR.

Privacy policy: https://stripe.com/privacy

6. Newsletter

If you subscribe to our newsletter, we process your email address for delivery. The newsletter is sent via Postmark (Wildbit LLC, USA). We have a data processing agreement with Postmark, and data transfer to the USA is based on standard contractual clauses.

Legal basis: Art. 6(1)(a) GDPR (consent). You may withdraw your consent at any time, e.g. via the unsubscribe link in the newsletter.

Privacy policy: https://postmarkapp.com/privacy-policy

7. Cookies and Session Data

Our website uses technically necessary cookies for session management (e.g. login). These cookies are required for the operation of the website and cannot be disabled.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest).

We do not use tracking or analytics cookies.

8. Affiliate Links

Our website contains affiliate links. When you click on such a link, the respective provider may set cookies to track the referral. We have no control over this third-party data processing. Our cookie banner informs about the use of affiliate links.

9. Reviews

When you submit a review, we store your name (or pseudonym) and the review text. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in displaying customer opinions).

10. Your Rights

You have the right to:

  • Access your stored data (Art. 15 GDPR)
  • Rectification of inaccurate data (Art. 16 GDPR)
  • Erasure of your data (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Object to processing (Art. 21 GDPR)
  • Withdraw consent (Art. 7(3) GDPR)

To exercise your rights, contact: hello@bygesa.de

11. Right to Complain

You have the right to lodge a complaint with a data protection supervisory authority. The responsible authority is that of your place of residence or the authority responsible for us:

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein (ULD) Holstenstraße 98 24103 Kiel, Germany https://www.datenschutzzentrum.de

This site contains affiliate links. Clicking these links may result in cookies being set by third parties. More in our privacy policy.