PRODUCT OF KOREA

privacy policy

This privacy policy informs you about the nature, scope, and purpose of the processing of personal data on our website in accordance with the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

Who we are

Our website address is https://kotlery.com and further legal information about us is provided here.

Data Collection and Processing

We collect and process personal data when you:

  • Visit our website:
    We collect server log files, including your IP address, browser type, operating system, referrer URL, and time of access. This data is processed for the purpose of ensuring website security and functionality (Art. 6(1)(f) GDPR).
  • Create an account:
    We collect your name, email address, and password. This data is processed for the purpose of account management and order processing (Art. 6(1)(b) GDPR).
  • Place an order:
    We collect your name, billing address, shipping address, email address, and payment details. This data is processed for the purpose of order fulfillment and contract performance (Art. 6(1)(b) GDPR).
  • Contact us:
    We collect your name, email address, and any other information you provide in your message. This data is processed for the purpose of responding to your inquiries (Art. 6(1)(f) GDPR).
  • Subscribe to our newsletter (if applicable):
    We will collect your email address. This data is processed for the purpose of sending you the newsletter (Art. 6(1)(a) GDPR).

Data Storage and Transfer

  • Website Hosting (AWS):
    Our website is hosted on an AWS Server instance located in the Frankfurt region. Data collected through website visits is stored on these servers.
  • Database (AWS):
    Order and customer data are stored in an AWS database located in the Frankfurt region.
  • WooCommerce:
    WooCommerce processes order and customer data for order management and fulfilment.
  • Stripe:
    Payment processing is handled by Stripe. Stripe collects and processes payment information in accordance with its own privacy policy. Stripe may also set additional cookies to facilitate payment. Please refer to Stripe’s privacy policy for more information.
  • Paypal
    If payment is done through Paypal, then Paypal collects and processes payment information in accordance with its own privacy policy. PayPal may also set additional cookies to facilitate payment. Please refer to Paypal’s privacy policy for more information.
  • Google Pay
    If payment is done through Google Pay, then Google Pay collects and processes payment information in accordance with its own privacy policy. Google Pay may also set additional cookies to facilitate payment. Please refer to Google Pay’s privacy policy for more information.
  • Apple Pay
    If payment is done through Apple Pay, then Apple Pay collects and processes payment information in accordance with its own privacy policy. Apple Pay may also set additional cookies to facilitate payment. Please refer to Apple Pay’s privacy policy for more information.
  • Data transfer to third countries:
    AWS, Stripe, and other services may transfer data to countries outside the EU/EEA. We ensure that appropriate safeguards are in place, such as standard contractual clauses, to protect your data.

Cookies

We use cookies to offer website core functionality, alongside improve your user experience. You can manage your cookie preferences in your browser settings.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

Analytics

We use Google Analytics on our website to detect user behavior and improve our services. Any analytics data is collected after user consent is obtained through cookies. If a user denies the use of analytical cookies, then we do not track user behavior and no degradation of user experience is expected. Detailed information about Google’s role as a processor of analytics data can be read here.

Data security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, disclosure, alteration, or destruction.

Your Rights

You have the following rights under the GDPR:

  • Right of access (Art. 15 GDPR): You have the right to obtain confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data.  
  • Right to rectification (Art. 16 GDPR): You have the right to obtain the rectification of inaccurate personal data concerning you.  
  • Right to erasure (Art. 17 GDPR): You have the right to obtain the erasure of personal data concerning you under certain circumstances.
  • Right to restriction of processing (Art. 18 GDPR): You have the right to obtain restriction of processing under certain circumstances.
  • Right to data portability (Art. 20 GDPR): You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format.  
  • Right to object (Art. 21 GDPR): You have the right to object to the processing of personal data concerning you under certain circumstances.
  • Right to withdraw consent (Art. 7(3) GDPR): If processing is based on your consent, you have the right to withdraw your consent at any time.
  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR): You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement.

Data Retention

We retain personal data for as long as necessary to fulfil the purposes for which it was collected, or as required by law.

Changes to this Privacy Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page.

Contact

If you have any questions about this privacy policy, please contact us at: privacy@kotlery.com