Privacy policy

Privacy Policy

1) Information on the Collection of Personal Data and Contact Details of the Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data means any data by which you can be personally identified.

1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is PÉROLAS UG (limited liability), Pforzheimer Str. 35, 75223 Niefern-Öschelbronn, Germany, Tel.: –, E-mail: info@perolas.de. The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

2) Data Collection When Visiting Our Website

When you use our website purely for informational purposes, i.e., if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to our server (so-called “server log files”). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:

  • The website visited

  • Date and time of access

  • Amount of data transmitted in bytes

  • Source/reference from which you accessed the site

  • Browser used

  • Operating system used

  • IP address used (where applicable, in anonymized form)

Processing is carried out pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be transferred or used in any other way. However, we reserve the right to subsequently check the server log files if there are specific indications of unlawful use.

3) Hosting & Content Delivery Network

Shopify

We use the services of the following provider for hosting our website and displaying the site’s content: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (“Shopify”).

Data may also be transferred to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada.

All data collected on our website is processed on the provider’s servers. We have concluded a data processing agreement with the provider, ensuring the protection of our site visitors’ data and prohibiting unauthorized disclosure to third parties.

For data transfers to Canada, an adequate level of data protection is ensured by an adequacy decision of the European Commission.

4) Cookies

To make our website attractive and to enable certain functions, we use cookies, which are small text files stored on your device. Some of the cookies we use are deleted after the end of your browser session (so-called “session cookies”), while others remain on your device and allow us or our partner companies (cookies from third parties) to recognize your browser on your next visit (so-called “persistent cookies”).

If cookies are set, they collect and process certain user information such as browser and location data, as well as IP address values, to the extent necessary. Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie.

Where individual cookies we use also process personal data, processing takes place pursuant to Art. 6(1)(b) GDPR for contract performance, pursuant to Art. 6(1)(a) GDPR in the event of consent, or pursuant to Art. 6(1)(f) GDPR for safeguarding our legitimate interests in the best possible functionality of the website and a user-friendly design of the site visit.

You can configure your browser settings so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude the acceptance of cookies in certain cases or generally. Each browser differs in how it manages cookie settings. This is described in the help menu of each browser.

Please note that if cookies are not accepted, the functionality of our website may be limited.

5) Contacting Us

When you contact us (e.g., via contact form or e-mail), personal data will be collected. This data is stored and used exclusively for the purpose of responding to your request or for establishing contact and the related technical administration.

The legal basis for processing this data is our legitimate interest in responding to your request pursuant to Art. 6(1)(f) GDPR. If your request is aimed at concluding a contract, an additional legal basis for processing is Art. 6(1)(b) GDPR. Your data will be deleted after final processing of your inquiry, provided that no legal retention obligations exist.

6) Data Processing When Opening a Customer Account and for Contract Processing

Pursuant to Art. 6(1)(b) GDPR, personal data is collected and processed when you provide it to us for the performance of a contract or when opening a customer account. The types of data collected can be seen from the respective input forms. Your customer account can be deleted at any time by sending a message to the controller. We store and use the data you provide for contract performance. After complete fulfillment of the contract or deletion of your customer account, your data will be blocked with regard to retention periods under tax and commercial law and deleted after their expiry, unless you have expressly consented to further use of your data or a legally permitted further data use on our part has been reserved.

7) Use of Customer Data for Direct Marketing

7.1 Registration for Our E-mail Newsletter

If you register for our e-mail newsletter, we will regularly send you information about our offers. Mandatory information for sending the newsletter is only your e-mail address. Providing further data is voluntary and will be used to address you personally.

The legal basis for processing your data for the newsletter is your consent pursuant to Art. 6(1)(a) GDPR. You may revoke your consent at any time by unsubscribing. Each newsletter contains a corresponding link for this purpose.

7.2 Newsletter Distribution via Shopify Email

Our e-mail newsletters are sent via “Shopify Email”, a service of Shopify International Limited. Data (e.g., your e-mail address) is stored on Shopify’s servers for sending the newsletter. We have concluded a data processing agreement with Shopify.

8) Data Processing for Order Handling

8.1 For processing your order, we work with the following service provider(s), who support us wholly or partially in executing concluded contracts. Certain personal data is transmitted to these service providers.

The legal basis is Art. 6(1)(b) GDPR.

  • Payment Processing via Shopify Payments

  • Delivery Processing via DHL, Hermes, DPD, UPS (depending on the shipping option chosen).

8.2 Payment Methods

When paying via PayPal, credit card, Klarna, or other services integrated via Shopify Payments, your payment data will be passed on to the respective payment service provider. The processing of payment data is based on Art. 6(1)(b) GDPR.

9) Online Marketing

We use online marketing services (e.g., Google Analytics, Facebook Pixel) integrated via Shopify to analyze usage behavior and to display targeted advertising. If consent is required for this, it is obtained pursuant to Art. 6(1)(a) GDPR. You may revoke your consent at any time.

10) Tools and Miscellaneous

10.1 Google reCAPTCHA

On this website, we use the reCAPTCHA function from Google to protect our forms. Processing is carried out pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interest in preventing abuse and spam.

10.2 Google Fonts

We use “Google Fonts” to ensure a uniform display of fonts. This is based on our legitimate interest in an attractive presentation of our website (Art. 6(1)(f) GDPR).

11) Rights of the Data Subject

You have the following rights regarding your personal data:

  • Right of access pursuant to Art. 15 GDPR

  • Right to rectification pursuant to Art. 16 GDPR

  • Right to erasure pursuant to Art. 17 GDPR

  • Right to restriction of processing pursuant to Art. 18 GDPR

  • Right to data portability pursuant to Art. 20 GDPR

  • Right to withdraw consent pursuant to Art. 7(3) GDPR

  • Right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR

12) Duration of Storage of Personal Data

The duration of storage of personal data is determined by the respective legal retention period (e.g., commercial and tax retention periods). After expiry of this period, the data is routinely deleted, provided it is no longer required for contract performance or initiation, and/or there is no legitimate interest in further storage on our part.