Privacy policy

1) Introduction and Contact Details of the Data Controller

1.1

We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about how your personal data is handled when using our website. Personal data refers to all data with which you can be personally identified.

1.2

The data controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:

Tejaswi Appalarowthu
SiLQ Blumme
Traunreuter Straße 5
81549 Munich
Germany
Phone: +49 15145725276
Email: info@silqblumme.com

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.

2) Data Collection When Visiting Our Website

2.1 Server Log Files

When you use our website for informational purposes only (i.e., without registering or submitting information), we only collect the data that your browser transmits to our server (“server log files”). These include:

  • Visited website
  • Date and time of access
  • Amount of data sent (in bytes)
  • Referring URL
  • Browser used
  • Operating system used
  • IP address (possibly anonymized)

Processing is carried out in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of our website. This data will not be shared or used otherwise. However, we reserve the right to review the server log files retrospectively if there are concrete indications of unlawful use.

2.2 SSL / TLS Encryption

This website uses SSL or TLS encryption for security and to protect confidential content such as orders or inquiries. You can recognize an encrypted connection by “https://” and the lock symbol in your browser bar.

3) Hosting & Content Delivery Network

3.1 Shopify

We use the system of the following provider to host our website and display content:

Shopify International Limited
Victoria Buildings, 2nd Floor
1–2 Haddington Road
Dublin 4, D04 XN32, Ireland

Data is also transferred to:
Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada

All data collected on our website is processed on the provider’s servers. We have concluded a data processing agreement with the provider to ensure data protection and prevent unauthorized disclosure to third parties.

For data transfers to Canada, an adequate level of data protection is ensured by an adequacy decision of the European Commission.

3.2 Cloudflare

We use a Content Delivery Network (CDN) from:

Cloudflare Inc.
101 Townsend St., San Francisco, CA 94107, USA

This service helps to deliver large media files and website content faster via a distributed server network. Processing is based on our legitimate interest under Art. 6(1)(f) GDPR to improve website stability and performance.

Cloudflare participates in the EU-US Data Privacy Framework, ensuring an adequate level of data protection.

4) Cookies

We use cookies to make our website more user-friendly and to enable certain functions. Cookies are small text files stored on your device.

  • Session cookies are deleted when you close your browser.
  • Persistent cookies remain stored for a longer period and save your settings.

If personal data is processed through cookies, this is done on the basis of:

  • Art. 6(1)(b) GDPR (contract performance)
  • Art. 6(1)(a) GDPR (consent)
  • Art. 6(1)(f) GDPR (legitimate interest)

You can configure your browser to notify you about cookies and allow or block them individually. If cookies are disabled, the functionality of the website may be restricted.

5) Contacting Us

When contacting us via contact form or email, personal data is processed solely for handling your request.

Legal basis:

  • Art. 6(1)(f) GDPR (legitimate interest in responding)
  • Art. 6(1)(b) GDPR if related to a contract

Your data will be deleted after the final resolution of your inquiry unless legal retention obligations apply.

6) Data Processing for Order Fulfillment

6.1

For shipping and payment purposes, your personal data will be forwarded to the relevant service providers under Art. 6(1)(b) GDPR.

If digital updates are legally required, we will use your contact data under Art. 6(1)(c) GDPR solely to notify you of such updates.

6.2 Payment Service Providers

Apple Pay

Payments via Apple Pay are processed by Apple Distribution International, Cork, Ireland. Transactions are protected using Face ID, Touch ID, or a passcode. Data is encrypted and used only for payment processing under Art. 6(1)(b) GDPR.

Apple stores anonymized transaction data to improve its services.

More information:
https://support.apple.com/de-de/HT203027

Google Pay

Google Pay is operated by Google Ireland Limited, Dublin, Ireland. Payments over €25 require device authentication. Google processes transaction data under Art. 6(1)(b) and Art. 6(1)(f) GDPR.

Terms:
https://payments.google.com
Privacy Policy:
https://payments.google.com/payments/apis-secure/get_legal_document

PayPal

Provider:
PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg

Your payment data is transferred for processing under Art. 6(1)(b) GDPR. For certain payment types, PayPal may perform a credit check under Art. 6(1)(f) GDPR.

Shopify Payments

Provider:
Shopify International Limited, Dublin, Ireland

Your payment data is processed exclusively for payment handling under Art. 6(1)(b) GDPR.

7) Web Analytics – Shopify Analytics

Shopify Analytics uses cookies and tracking technologies to create pseudonymized usage statistics, including heatmaps and interaction tracking.

Processing only takes place with your explicit consent in accordance with Art. 6(1)(a) GDPR via the cookie consent tool.

Data transfers to Canada are safeguarded by an EU adequacy decision.

8) Rights of the Data Subject

You have the following rights under GDPR:

  • Right of access (Art. 15)
  • Right to rectification (Art. 16)
  • Right to erasure (Art. 17)
  • Right to restriction of processing (Art. 18)
  • Right to notification (Art. 19)
  • Right to data portability (Art. 20)
  • Right to withdraw consent (Art. 7(3))
  • Right to lodge a complaint (Art. 77)

8.2 Right to Object

If your data is processed based on legitimate interests, you may object at any time for reasons related to your particular situation.

If you object to processing for direct marketing, your data will no longer be used for that purpose.

9) Duration of Storage of Personal Data

  • Data processed based on consent is stored until consent is withdrawn.
  • Data processed for contractual purposes is stored in accordance with statutory retention requirements.
  • Data processed under legitimate interest is stored until objection is raised.
  • Marketing data is deleted once an objection is made.

Unless stated otherwise, personal data is deleted once it is no longer required for its original purpose.


Note: This English translation is provided for convenience only. The German version of our legal texts is the legally binding version. In case of discrepancies, the German text shall prevail.