Datenschutzerklärung

Privacy Policy
Last updated: January 2025

Data Controller:
William Fan
Große Hamburger Str. 25
10115 Berlin, Germany
Telephone: +49 30 555 27 292
Email: service@williamfan.com

1. Introduction

We ("we", "us", "our") respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose and safeguard your personal data when you visit our website, interact with us, create an account, place an order, or use any of our services.

We comply with applicable data protection laws including the EU GDPR, UK GDPR, Swiss FADP and other relevant regulations. Where applicable, we also comply with CCPA/CPRA and PIPEDA for users in relevant jurisdictions.

By using our website or services, you confirm that you have read and understood this Privacy Policy.

2. Personal Data We Collect

2.1 Information You Provide Directly
You may provide personal data when you:

  • place an order

  • create an account

  • contact us via email, telephone or contact form

  • subscribe to our newsletter

  • book an appointment

This may include your name, billing and shipping address, email address, phone number, account details, and communication history. We do not store full payment information; payments are processed securely by third-party providers.

2.2 Information Collected Automatically
When visiting our website, we may collect:

  • IP address

  • device and browser information

  • pages viewed, time and date of visit

  • referring URLs

  • cookie identifiers

  • approximate location (based on IP)

2.3 Information from Third Parties
We may receive personal data from:

  • payment providers (e.g., Shopify Payments, PayPal, Klarna, Stripe)

  • shipping carriers (e.g., UPS, DHL, DPD)

  • marketing and analytics partners (where consent is provided)

  • third-party apps installed on our Shopify website (see Section 7)

3. Purposes and Legal Bases for Processing

3.1 Order Fulfilment
To process orders, deliver products, handle returns, and provide customer support.
Legal basis: performance of contract (Art. 6(1)(b) GDPR)

3.2 Security & Fraud Prevention
To detect and prevent fraud and protect our website.
Legal basis: our legitimate interest in maintaining IT security and fraud prevention (Art. 6(1)(f) GDPR)

3.3 Website Improvement & Analytics
To analyse usage and improve user experience and service offerings.
Legal basis: legitimate interest (Art. 6(1)(f) GDPR); consent where legally required

3.4 Marketing
To send newsletters or promotional messages only with your prior and explicit consent.
Legal basis: consent (Art. 6(1)(a) GDPR)

4. Cookies and Similar Technologies

We use cookies to:

  • operate our website (essential cookies)

  • analyse website traffic

  • personalise your experience

  • support marketing and retargeting (only with your consent)

Consent is managed via our cookie-consent banner, powered by [insert name of CMP provider, e.g., Cookiebot]. You can modify or withdraw consent at any time via the banner settings.

5. Sharing of Personal Data

5.1 Service Providers
We share personal data only with carefully selected service providers necessary to operate our business, including payment processors, shipping companies, analytics and marketing providers, and Shopify apps (see Section 7).

5.2 Legal Obligations
We may disclose data if required by law, legal proceedings or regulatory authorities.

We do not sell personal data.

6. International Data Transfers

Some of our service providers are located outside the EU/EEA. In such cases, we ensure an adequate level of protection through:

  • Standard Contractual Clauses (SCCs)

  • Adequacy decisions by the EU Commission

  • Participation in the EU–US Data Privacy Framework (where applicable)

7. Third-Party Apps and Tools on Our Shopify Store

We provide a detailed list of third-party apps and services used on our website, the data they process, and their legal basis. This list is reviewed regularly and available under [link to dedicated third-party apps section].

8. Data Retention

We retain your data only as long as necessary for the purposes listed above or to comply with legal obligations. Upon request, we will anonymise or delete personal data unless retention is legally required.

9. Your Rights

Under the GDPR and applicable laws, you have the right to:

  • access your data

  • rectify inaccurate data

  • delete your data (right to be forgotten)

  • restrict or object to processing

  • withdraw consent at any time

  • data portability

  • lodge a complaint with a supervisory authority

To exercise your rights, please email: service@williamfan.com

Supervisory authority for our location: Berliner Beauftragte für Datenschutz und Informationsfreiheit (https://www.datenschutz-berlin.de/)

10. Data Security

We implement appropriate technical and organisational measures, including encryption and access controls. However, no system is entirely immune from risks.

11. Links to Third-Party Websites

We are not responsible for the privacy practices or content of external sites. Please review third-party privacy policies before sharing data.

12. Children’s Privacy

Our services are not directed to individuals under 16. If we become aware that such data has been collected, we will delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The version date at the top reflects the current version.

14. Contact

For any questions or data protection requests:

William Fan
Email: service@williamfan.com
Telephone: +49 30 555 27 292
Address: Große Hamburger Str. 25, 10115 Berlin, Germany