Privacy Policy

Glimelle – Privacy Policy

Last updated: 11 November 2025

This Privacy Policy explains how Glimelle (“we”, “us”, “our”) collects, uses, and protects your personal data when you visit or make a purchase from our website (the “Site”) and when you interact with our services.

We are fully committed to handling your personal data in a lawful, fair, and transparent manner, in accordance with the General Data Protection Regulation (GDPR) and applicable European and German data protection laws.

1. Data Controller

The data controller responsible for your personal data is:

Glimelle

Cologne, Germany

E-mail: info@glimelle.de

We operate as a small business under §19 UStG (Kleinunternehmer).
If you have any questions about this Privacy Policy or our data practices, please contact us at any time using the contact details above.

2. Personal Data We Collect

We only collect personal data that is necessary to provide our services, operate our online store, and comply with our legal obligations.

a) Device and Usage Data

When you visit our Site, we automatically collect certain technical information about your device and browsing activity, including:

  • IP address

  • Browser type and version

  • Operating system

  • Time zone and language settings

  • Pages viewed and interactions

  • Referring website or marketing source

We collect this data through cookies, log files, and analytics tools such as Google Analytics.
We use this information to ensure proper website functionality, protect our systems from misuse, and analyze how visitors use our Site to improve user experience and content.

b) Order and Account Data

When you place an order or create an account, we collect information necessary to process your purchase and deliver your products:

  • First and last name

  • Billing and shipping address

  • E-mail address

  • Phone number (if provided)

  • Ordered products, payment method, and delivery preferences

  • Payment information (processed securely via external payment gateways; we do not store card details)

We use this data to:

  • process and deliver your order,

  • provide invoices and confirmations,

  • handle returns or refunds,

  • communicate with you regarding your purchase, and

  • comply with tax and accounting laws.

c) Communication and Support

When you contact us by email, form, or social media, we process:

  • your name,

  • e-mail address,

  • message content, and

  • any attachments or additional details you voluntarily provide.

This information is used solely to respond to your inquiry and support you.

d) Marketing and Newsletter (if subscribed)

If you join our newsletter or allow marketing communications, we collect:

  • your e-mail address,

  • your name (optional),

  • information about email openings or link clicks (if tracking is enabled).

You can withdraw your consent to receive marketing emails at any time by clicking “unsubscribe” in our messages or by contacting us directly.

3. Legal Bases for Processing

Under the GDPR, we process your data based on the following legal grounds:

  • Performance of a contract (Art. 6(1)(b) GDPR):
    To process your order, deliver products, and manage your account.

  • Legal obligation (Art. 6(1)(c) GDPR):
    To comply with tax, consumer, and accounting regulations.

  • Legitimate interests (Art. 6(1)(f) GDPR):
    To prevent fraud, maintain website security, analyze traffic, and improve services.

  • Consent (Art. 6(1)(a) GDPR):
    For optional cookies, newsletter subscriptions, and personalized marketing. You can withdraw your consent at any time.

4. Cookies and Similar Technologies

Our website uses cookies and similar technologies to improve your browsing experience.
Cookies are small text files stored on your device that allow us to:

  • remember your preferences,

  • keep your shopping cart active,

  • measure and analyze site traffic, and

  • display relevant ads or recommendations.

Types of Cookies Used:

  1. Essential Cookies:
    Required for core functions like checkout and login. These cannot be disabled.

  2. Performance Cookies:
    Help us understand how visitors use the Site to improve its functionality and design.

  3. Marketing Cookies:
    Used to deliver ads relevant to your interests (only with consent).

You can manage or delete cookies anytime in your browser settings or via our cookie banner on the website.
If you disable some cookies, certain parts of the website may not function correctly.

5. Analytics – Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC (“Google”), to understand how visitors use our Site.
Google Analytics uses cookies to collect anonymized data such as:

  • time of visit, pages viewed, duration on each page, browser, and device type.

This information helps us analyze usage trends and improve our products, marketing, and website design.

Google may process this information on servers located in the United States.
We ensure that all data transfers comply with the GDPR through the use of Standard Contractual Clauses (SCCs) or equivalent protection mechanisms.

You can learn more about Google’s data practices here:
https://policies.google.com/privacy

If you prefer not to be tracked by Google Analytics, you can install the browser add-on available at:
https://tools.google.com/dlpage/gaoptout

6. Third-Party Service Providers

We share personal data only when necessary to deliver our services or when required by law.

a) Fulfillment Partner – Selfnamed

Our products are produced and packed by our certified European partner Selfnamed (based in Latvia, EU),
and shipped from European and US fulfillment centers.

For order fulfillment, we share:

  • your name,

  • shipping address,

  • e-mail address,

  • phone number (if applicable), and

  • product details.

Selfnamed acts as our Data Processor, processing this data solely to manufacture, pack, and ship your order.
All processing is done under GDPR-compliant agreements.

More information: https://www.selfnamed.com

b) Payment Processors

We use secure payment providers such as Shopify Payments, PayPal, and possibly Klarna to process your payments.
These providers receive the necessary transaction data (name, address, payment details) and may act as independent data controllers.
Please read their own privacy statements for more information:

c) Hosting & E-Commerce Platform – Shopify

Our online store is hosted by Shopify Inc., which provides our store infrastructure, payment gateway, and analytics tools.
Shopify processes your personal data to operate the store, detect fraud, and fulfill legal obligations.

More details: https://www.shopify.com/legal/privacy

d) Delivery Partners

Depending on your location, your order is delivered through local shipping carriers selected by Selfnamed or us.
They receive only the data necessary to deliver your parcel (name, address, contact details).

e) Marketing Platforms

If you consent to marketing cookies, we may use advertising platforms like Meta (Facebook & Instagram) or Google Ads to display personalized ads.
These platforms may use cookies or tracking pixels to measure ad performance.
You can opt-out of targeted advertising at any time through your browser or the platform settings.

f) Legal Obligations

We may share information when required by law (e.g. tax authorities) or to protect our rights and prevent fraudulent activities.

7. International Data Transfers

Our main data processing takes place within the European Union (EU).
However, because some of our service providers (e.g. Shopify, Google, Selfnamed’s US center) are located outside the EU,
data may occasionally be transferred to third countries, including the United States.

Whenever such transfers occur, we ensure that:

  • adequate protection is guaranteed under an EU-US Data Privacy Framework or

  • Standard Contractual Clauses (SCCs) approved by the European Commission are used,
    and that technical and organizational security measures are in place to protect your information.

You can contact us anytime to request further details about these safeguards.

8. Data Retention

We store your personal data only as long as necessary to fulfill the purposes outlined in this Policy.
After the purpose ends or legal obligations expire, we delete or anonymize the data.

Typical retention periods:

  • Order & invoice data: 6–10 years (required by German tax and commercial law).

  • Customer accounts: as long as the account remains active.

  • Communication data: until your inquiry is resolved, plus a short retention for follow-up.

  • Marketing data: until you withdraw consent.

When the retention period expires, all data is permanently deleted or anonymized.

9. Your Rights under GDPR

If you are an EU or EEA resident, you have the following rights:

  1. Right of Access: You may request a copy of your personal data.

  2. Right to Rectification: You may correct inaccurate or incomplete data.

  3. Right to Erasure: You may request deletion of your data if no legal grounds require its retention.

  4. Right to Restriction of Processing: You may request that we limit the use of your data in certain situations.

  5. Right to Data Portability: You may request your data in a structured, machine-readable format.

  6. Right to Object: You may object to processing based on our legitimate interests or direct marketing.

  7. Right to Withdraw Consent: You can withdraw your consent at any time.

To exercise your rights, contact us via info@glimelle.de.
We may request proof of identity to verify your request.

You also have the right to file a complaint with your local Data Protection Authority.
In Germany, this is usually the authority of your federal state (for NRW: the “Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen”).

10. Children

Our Site and products are not intended for individuals under 18 years old.
We do not knowingly collect or store personal data from minors.
If you believe a child has submitted personal data, please contact us so we can delete it immediately.

11. Security

We apply appropriate technical and organizational measures to protect your data against unauthorized access, alteration, or loss.
Examples include encrypted connections (SSL), password protection, and restricted access to personal information.

However, please note that no method of data transmission over the Internet is 100% secure.
While we do our best to safeguard your data, we cannot guarantee absolute protection.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our business, legal requirements, or data protection practices.
The most current version will always be available on our website and will indicate the latest update date at the top.

We encourage you to review this page periodically to stay informed about how we protect your information.

13. Fulfillment & Data Processing

Glimelle orders are fulfilled by our certified partner Selfnamed (Latvia, EU).
Orders shipped to the United States are dispatched from Selfnamed’s US fulfillment center in Charlotte, NC.
All products are manufactured in Latvia, Europe.
Selfnamed processes customer data strictly according to GDPR-compliant standards, as outlined in their Terms & Conditions.

14. Contact

If you have any questions, comments, or requests regarding this Privacy Policy or our data handling practices, please contact us:

Glimelle – Abdulkader Shikh Naser
E-mail: info@glimelle.de

We will respond as quickly as possible and handle all inquiries confidentially.