top of page

PRIVACY POLICY

Privacy Policy

Data Controller

Maria Roberta Russi
Schubertstraße
72581 Dettingen an der Erms
Germany
hi@shirtupmama.com

1. Access Data and Hosting

You can visit our website without providing personal information. When accessing the website, the hosting provider automatically collects server log files, including:

  • IP address

  • Date and time of access

  • Amount of data transferred

  • Requesting provider

This data is processed on the basis of Art. 6(1)(f) GDPR to ensure the proper functioning and improvement of our website.

The data is deleted no later than 7 days after your visit.

Hosting by a third-party provider
Our website is hosted within the EU or EEA. Data is processed only within the scope described here.

2. Data Collection for Contract Processing

We collect personal data when you provide it to us voluntarily, for example when placing an order or contacting us.

Mandatory fields are required to process your request or order.

Processing is based on Art. 6(1)(b) GDPR.

After full contract completion, your data will be restricted and deleted in accordance with legal retention periods.

 

3. Data Sharing

We share your data only when necessary:

  • With shipping providers (for delivery)

  • With payment providers (for payment processing)

Additional terms may apply depending on the selected payment service provider.

4. Cookies and Consent Management

We use cookies on our website.

We distinguish between:

  • Essential cookies (required for website functionality)

  • Analytics and marketing cookies (only with your consent)

Non-essential cookies are only used with your consent (Art. 6(1)(a) GDPR).

You can withdraw or adjust your consent at any time via our cookie banner.

5. Use of Google Analytics (GA4)

With your consent, we use Google Analytics 4, a web analytics service provided by Google LLC.

Google Analytics uses cookies to analyze how users interact with the website.

Processing is based on your consent (Art. 6(1)(a) GDPR).

  • IP anonymization is enabled

  • Data may be transferred to the United States

Data transfers are safeguarded by:

  • Standard Contractual Clauses (SCCs)

  • where applicable, the EU-US Data Privacy Framework

You can withdraw your consent at any time.

6. Social Media (Facebook & Instagram)

We maintain online presences on platforms operated by Meta Platforms Inc..

User data may be processed for marketing and analytics purposes.

Processing is based on:

  • your consent (Art. 6(1)(a) GDPR), or

  • our legitimate interests (Art. 6(1)(f) GDPR)

Data transfers to the US are based on SCCs and, where applicable, the EU-US Data Privacy Framework.

More information:
https://www.facebook.com/privacy/policy/

7. Review Reminder Emails

If you have given your consent, we may use your email address to send review reminders.

Legal basis: Art. 6(1)(a) GDPR

You can withdraw your consent at any time.

8. Your Rights

You have the following rights:

  • Access (Art. 15 GDPR)

  • Rectification (Art. 16 GDPR)

  • Erasure (Art. 17 GDPR)

  • Restriction (Art. 18 GDPR)

  • Data portability (Art. 20 GDPR)

  • Complaint to a supervisory authority (Art. 77 GDPR)

9. Right to Object

You have the right to object to the processing of your data at any time.

For direct marketing, this applies without restriction.

bottom of page