Privacy Policy

1) Controller and Overview

We are pleased that you are visiting our online store and thank you for your interest in our products. In this Privacy Policy, we explain how we process your personal data when you visit or shop at our Shopify-based website.

Controller (Art. 4(7) GDPR):

Eisbach Riders
Michael Schmidt
Lothstr. 72
80797 München, Germany
Tel.: +49 176 69019542
E-mail: support@eisbach-riders.com

This website is operated on the e-commerce platform Shopify. Shopify provides the technical infrastructure and acts as our data processor.

Shopify Inc., 151 O’Connor Street, Ground Floor, Ottawa, Ontario K2P 2L8, Canada
Privacy: https://www.shopify.com/legal/privacy

The website uses SSL/TLS encryption (see lock symbol / “https://”) to protect transmitted data.

2) Purposes and Legal Bases of Processing

We process your personal data for the following purposes:

  • To operate and secure our website (Art. 6(1)(f) GDPR)

  • To process orders and payments and fulfill contracts (Art. 6(1)(b) GDPR)

  • To provide customer support and respond to enquiries (Art. 6(1)(b) and/or (f) GDPR)

  • To send newsletters and marketing communications with your consent or as permitted by law (Art. 6(1)(a) and (f) GDPR)

  • To comply with legal, tax and accounting obligations (Art. 6(1)(c) GDPR)

We only share data with third parties where this is necessary for these purposes or where you have consented.

3) Data Collection When Visiting Our Website

When you visit our website for information only, Shopify automatically collects certain technical data (“server log files”):

  • Visited pages/URL

  • Date and time of access

  • Referrer URL

  • Browser type and version

  • Operating system

  • IP address (may be shortened/anonymized)

Processing is based on our legitimate interest in technical security and stability (Art. 6(1)(f) GDPR). Log data is deleted after a short period unless needed to investigate misuse.

4) Cookies and Consent

Our store uses cookies and similar technologies:

  • Essential cookies for core functions (cart, checkout, login) – legal basis: Art. 6(1)(b) and (f) GDPR.

  • Non-essential / analytics / marketing cookies (e.g. for statistics or ads) – legal basis: Art. 6(1)(a) GDPR via your consent.

You can control cookies via:

  • Your browser settings, and

  • (If implemented) our cookie banner / consent tool.

If you disable cookies, some functions of the website may not work properly.

For Shopify cookies: https://www.shopify.com/legal/cookies

5) Contacting Us

When you contact us (e.g. via contact form or e-mail), we process the data you provide (e.g. name, e-mail, message).

Legal basis:

  • Art. 6(1)(f) GDPR (legitimate interest in handling enquiries)

  • Art. 6(1)(b) GDPR if the request relates to a contract

We delete these data once your request is resolved, unless statutory retention obligations apply.

6) Customer Accounts and Orders

When you create an account or place an order, we process:

  • Name

  • Billing and shipping address

  • E-mail address

  • (Optional) phone number

  • Order details

  • Selected payment method (actual payment data processed by payment provider)

Legal basis: Art. 6(1)(b) GDPR (contract performance).

Your account can be deleted at any time by contacting us. Order-related data is retained as required by tax/commercial law (see section 11).

7) Service Providers and Recipients of Data

We only share your data with third parties where necessary and on the basis of a contract or legal obligation:

E-commerce & hosting

  • Shopify Inc. (store platform, hosting, checkout, technical infrastructure)

Order management

  • Billbee GmbH, Paulinenstraße 54, 32756 Detmold, Germany
    (used for order processing, invoicing, shipping documents)

Logistics / fulfillment

  • Shipping and fulfillment partners (e.g. parcel services) receive your name, address and, if required, phone/e-mail for delivery notifications.

Payment providers
Depending on your choice at checkout, payment is processed by:

  • Shopify Payments / Stripe Payments Europe Ltd.

  • PayPal (Europe) S.à r.l. et Cie, S.C.A.

  • Klarna Bank AB (publ), where available

These providers receive the data required for payment processing directly from you. We do not store your full payment details.

Newsletter / E-mail marketing

  • Mailchimp (The Rocket Science Group LLC, USA), where used, under EU Standard Contractual Clauses.

All processors are bound by data processing agreements and may only process data according to our instructions.

8) Newsletters and Direct Marketing

If you subscribe to our newsletter, we process your e-mail address (and optional name) to send updates about Eisbach Riders.

  • Legal basis: your consent, Art. 6(1)(a) GDPR.

  • You may withdraw consent at any time via the unsubscribe link or by contacting us.

If you have purchased from us, we may send you e-mails about similar products (Art. 6(1)(f) GDPR in conjunction with §7(3) UWG). You can object at any time.

9) Analytics and Marketing Tools (If Enabled)

We may use the following tools to improve our website and marketing. These only run if permitted under applicable cookie/consent rules:

9.1 Shopify Analytics

Used to understand visitor behavior (aggregated). Legal basis: Art. 6(1)(f) GDPR.

9.2 Google Analytics (with IP anonymization)

If activated, we use Google Analytics to analyze usage in pseudonymized form.
Opt-out: https://tools.google.com/dlpage/gaoptout
Legal basis: Art. 6(1)(a) GDPR (consent).

9.3 Meta/Facebook Pixel, Pinterest Tag

If activated, used for interest-based ads and conversion tracking.
You can adjust your preferences in your Meta/Pinterest account and via our cookie settings.
Legal basis: Art. 6(1)(a) GDPR (consent).

If you do not use a specific tool, remove it from this section in the live version.

10) Social Media Links

Our website contains links (icons) to our profiles on platforms such as Instagram, Facebook or YouTube.

These are simple links. No data is transmitted to these platforms until you click the link.
If you are logged in to the platform at that time, your visit may be associated with your account (responsibility of the respective provider).

11) Retention Periods

We store personal data only as long as necessary for the purposes stated above or as required by law.

In particular:

  • Commercial and tax law retention periods: generally 6 to 10 years for order and invoice data, starting at the end of the calendar year.

  • After expiry of retention periods, data are deleted or anonymized.

12) Data Security

We use technical and organisational security measures to protect your data against loss, destruction, unauthorized access, modification or distribution. This includes SSL/TLS encryption for data transmitted via our website.

No method of transmission over the internet is 100% secure, but we continuously adapt our measures to current technical standards.

13) Your Rights (GDPR)

You have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to object (Art. 21 GDPR)

  • Right to withdraw consent (Art. 7(3) GDPR)

  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

To exercise your rights, contact: support@eisbach-riders.com

Competent authority (e.g. for Munich):
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA) – details available on their official website.

14) Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The current version is always available on our website. Substantial changes may be communicated separately where appropriate.

Submit Withdrawal Request

Please fill out the following form to submit your withdrawal request.