We are very pleased about your interest in our webshop and services. Data protection is of particular importance to us.

The processing of personal data is always carried out in accordance with the General Data Protection Regulation (GDPR) and the Austrian Data Protection Act 2018 (DSG 2018). With this privacy policy, we aim to inform you about the nature, scope, and purpose of the personal data we collect, use, and process. Additionally, we will inform you about the rights you are entitled to under this privacy policy.

We, STILAMI GmbH, protect your personal data through appropriate technical and organizational measures based on common industry practices.

By using the offered services, you consent to the use of your personal data for the agreed purpose. According to the General Data Protection Regulation (GDPR, Article 6, Paragraph 1, Point a), this serves as the legal basis for the use of your data.

This privacy policy applies to the use of our website as well as the services we offer. This includes the use of the STILAMI app, which is necessary for the product.

1. Who is responsible for your personal data?

We, STILAMI GmbH, are responsible for your personal data in accordance with the provisions of the GDPR and the Austrian Data Protection Act 2018 (DSG 2018).

STILAMI GmbH

Bachstraße 57

5023 Salzburg​

Austria

​

Tel.: +4369911076876

E-Mail:

2. Which personal data is processed?

2.1 We collect your personal data that you voluntarily provide to us, particularly in the context of requesting a quote, a contact inquiry, or other contract initiation processes. The personal data you provide and transmit includes, in particular, contact details (such as name, address, date of birth, etc.), communication data (such as email addresses, phone numbers, etc.), payment data (payment information and payment history), credit, and order information.

2.2 We work with processors who process certain data on our behalf. This is done exclusively in accordance with the GDPR and the Austrian Data Protection Act 2018 (DSG 2018). Through careful selection and regular monitoring, we ensure that our processors implement all organizational and technical measures necessary to protect your data.

​

3. Where is your data stored?

​

3.1 The data we collect from you is stored within the European Economic Area (EEA), but may be transferred to a country outside the EEA and processed there. Such a transfer of your personal data is carried out in compliance with applicable laws. For transfers to countries outside the EEA, we rely on standard contractual clauses and the Privacy Shield, unless the European Commission has made a decision regarding adequacy. Below are our data storage methods:

​

3.2 Cookies

3.2.1 We use cookies. Cookies are small text files that are stored on your device when you visit the site. These cannot transmit viruses or malware to your computer, but they may contain information that allows for the identification of the user.

​

3.2.2 In terms of functionality, a distinction is made between technically necessary cookies, functional cookies, performance cookies, and tracking cookies. Additionally, cookies differ in terms of their storage duration and affiliation.

3.2.3 Technically Necessary Cookies
Technically necessary cookies are essential for the operation of our website and services, as well as their functionalities. These are typically set in response to actions you have taken, such as registration, login, or settings like language or cookie preferences. It is possible to disable these cookies in your browser, but in this case, the proper functioning of our website and services cannot be guaranteed.

3.2.4 Functional Cookies
Functional cookies are used to store information that influences the behavior or appearance of our website, such as your language settings or the geographical region from which you access the site. They support the smooth use of our website by saving your user settings and data during login, so you don’t have to re-enter them. The information collected by functional cookies is solely related to our website and does not track your browsing behavior. The information contained in these cookies is typically anonymized. If you consent to the use of these cookies, they will be stored on your device in accordance with the details provided in the cookie consent tool and our cookie description.

3.2.5. Performance Cookies
Performance cookies help us understand anonymous user behavior on our website by collecting and analyzing information about interactions. This includes (i) visited subpages (duration and frequency), (ii) the order of pages visited, (iii) search terms that led to the website’s use, (iv) mouse movements (scrolling and clicking), and (v) the country and region of access. These cookies allow us to recognize your interests and tailor website content and features to your individual needs. They do not contain personal data such as your IP address and cannot be used to identify individual users. If you consent to the placement of these cookies, performance cookies will be stored on your device in accordance with the details provided in the cookie consent tool and our cookie description.

3.2.6. Tracking- Cookies
Tracking Cookies: These cookies enable the tracking of visitors across websites in order to display relevant and engaging advertisements, thereby creating value for both the website operator and advertisers. This is done by analyzing user behavior and displaying personalized ads based on the identified interests, including information about previously visited websites. If you consent to the placement of these cookies, tracking cookies will be stored on your device in accordance with the details provided in the cookie consent tool and our cookie description.

3.2.7 Storage Duration
With regard to storage duration, cookies can be classified as session cookies and persistent cookies. Session cookies are automatically deleted once you close your current browser session. Persistent cookies remain stored on your device until a previously set expiration date is reached or they are manually removed.

3.2.8 Affiliation
Cookies can be distinguished based on their affiliation. There is a distinction between first-party cookies and third-party cookies. First-party cookies are used by us and are placed directly by our website. Browsers typically do not provide these cookies across domains, meaning the user is recognized only by the site from which the cookie originates. Third-party cookies are not placed by the website operator itself, but by third parties when you visit a specific website, especially for advertising purposes (e.g., to track browsing behavior). They allow for the evaluation of various page views and their frequency.

3.2.9. What is the purpose of cookies?
Technically necessary cookies perform the essential functions of the website and services. For example, they ensure that your shopping cart is preserved while navigating through different pages. Additionally, we use cookies for personalizing content and ads, providing social media features, and analyzing traffic on our website. We also share information about your interaction with our website with our partners for social media, advertising, and analytics purposes.

Furthermore, cookies help ensure the quality improvement of the website and services. Cookies store information on how our website and services are used. With this data, we can tailor our services to the preferences of our customers, offering a better experience. Our respective partners may combine this data with other datasets that you have provided or that were collected during the use of their services. Cookies stored on your device due to your visit to our website can be set either directly by us or by third parties providing services for us (third-party cookies). The actual content of a particular cookie is always determined by the website that created it.

Cookies contain the following information:

• Name of Cookies
• The name of the server from which a cookie originates
• ID number of a cookie
• The expiration date of a cookie, or when it will automatically be deleted

The setting options for the most common browsers can be found at the following links:

Internet Explorer™: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies

Edge™: https://support.microsoft.com/de-de/help/4468242/microsoft-edge-browsing-data-and-privacy

Safari™: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac

Chrome™: https://support.google.com/chrome/answer/95647?hl=de-DE&hlrm=de

Firefox™ https://support.mozilla.org/de/kb/verbesserter-schutz-vor-verfolgung-firefox-desktop?redirectlocale=de&redirectslug=cookies-und-website-daten-in-firefox-loeschen

Opera™: https://help.opera.com/de/latest/web-preferences/#cookies

​

3.3 Local Storage

3.3.1 If you have given us your explicit prior consent in accordance with Section 96 (3) of the TKG (Telecommunications Act) in conjunction with Article 6 (1) lit. a of the GDPR, we use the storage capacity of your browser software to improve the user-friendliness of our website, its usability, and our services in general (e.g., to store your language preferences). For this purpose, we use the so-called Local Storage to store certain data on your device, with your browser software maintaining a separate local storage for each domain.

3.3.2 Apart from you, only we have access to the data processed in this context. Under no circumstances can third parties/websites access or read such data; furthermore, we do not combine data in your local storage with other data in your local storage or with data from different sources. The data stored in local storage is not used for advertising purposes. Unlike “cookies,” this method is more secure and faster since the data is not automatically transmitted to the respective server with each HTTP request but is stored by your browser software. Additionally, a larger amount of data (at least 5 megabytes) can be stored.

3.3.3 Since local storage requires JavaScript, disabling JavaScript may prevent websites from accessing and storing data in this manner. The settings options for JavaScript in the most common browsers can be found at this link. However, please note that disabling JavaScript can lead to significant limitations in usability. Certain features on websites may no longer be fully usable, and controls may not work or may only work partially. Generally, JavaScript does not pose a security risk but may be implemented incorrectly on websites with questionable activities.

3.3.4 If you choose to refuse us your consent for the use of local storage, revoke your previously given consent (see point 5 lit. e), or disable JavaScript, our website will not function fully and this may result in limitations in the provision of our services.

4. Why do we use your personal data and what is the legal basis for processing?

4.1 We use your personal data for the following purposes:

1. Provision of Services
   Our website enables quick electronic contact and immediate communication with us. If you contact us via email or through a contact form, the personal data you provide will be automatically stored. Such voluntarily provided personal data will be stored for the purpose of processing or contacting the affected person. We also use the personal data you provide for processing your online purchases and for related communication (sending notifications regarding delivery status or alerts in case of issues with the delivery of your items).

1. Direct Marketing
   We use your personal data to send you promotional offers, invitations to participate in surveys, events, etc., via email, SMS, phone, and mail. We send you relevant information, product recommendations, reminders about items in your shopping cart, and personalized offers.

1. Accounting and Financial Reporting

​

1. Fulfillment of Legal Obligations
   We use your personal data to comply with legal obligations as well as to implement court rulings and regulatory decisions. We may also use the collected information to investigate or resolve claims or disputes related to your use of our services, or for other purposes permitted by applicable law.

4.2 The processing of your personal data is carried out based on your explicit consent and/or the existing contractual relationship and/or legal requirements.

​

4.3 The provision of your personal data for the purposes mentioned in point 4.1 is required for the provision of our services. Failure to provide or the deletion of your personal data may result in the termination of the contractual relationship and prevent us from providing further services.

5. Who has access to your data?

5.1 We transfer your personal data to companies for the purposes mentioned in point 4.1, including but not limited to companies for address verification, communication agencies for sending order confirmations, warehousing and distribution providers related to the delivery of your order, payment service providers for processing payments, collection agencies, advertising agencies, and technical service providers for physical and digital direct marketing, website agencies, IT companies, public or governmental authorities, legal representatives, tax advisors, insurance companies, and internal business departments that process the data on our behalf. Please note that many of these recipients have their own legal rights or obligations to process your personal data.

5.2 Your data will not be shared or sold to third parties for advertising purposes. The sharing of data with third parties is solely for the purposes outlined in point 4.1.

5.3 In addition, external processors that we engage may receive your data if they require it to provide their respective services (with the possibility of accessing personal data being sufficient). All processors are contractually obligated to treat your data confidentially and to process it only within the scope of providing their services. These include the following:

• Website Evaluation/Analysis
• Amazon Internet Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855, Luxemburg.
• Pinata Technologies, Inc., 3555 Farnam St. #905, Omaha, NE 68131, USA.
• InterPlanetary File System (IFPS), dezentrales Peer-to-Peer Netzwerk in Open Source-Betrieb mit dem Kern-Team von Protocol Labs.

5.4 Please note that some of the recipients mentioned above may be located outside the EEA region or process your (personal) data outside the EEA region. In cases where there is no adequacy decision by the European Commission, we legitimize the transfer to third countries based on standard contractual clauses or other appropriate safeguards in accordance with Article 46 of the GDPR, which we have agreed upon with the respective provider.

​

6. How long will your personal data be stored?

​

6.1 The criterion for the duration of the storage of personal data is the respective statutory retention period. After the retention period has expired, the relevant data will be routinely deleted unless they are still required for the fulfillment of the contract, for contract initiation, or for asserting or defending any claims. Your data provided through customer service (telephone calls, email records, correspondence) will be stored for 12 months.

​

6.2 We process and store personal data of the data subject only for the period necessary to achieve the storage purpose or if required by laws or regulations set forth by the European legislator or another legislator to which the data controller is subject. If the storage purpose no longer applies or if the storage period prescribed by the European legislator or another competent legislator expires, the personal data will be routinely blocked or deleted in accordance with legal regulations.

​

7. ​What rights do you have?

​

7.1 Right of Access
You have the legal right to request information about the personal data we have stored about you at any time and to receive a copy of that information. Additionally, you have the right to request confirmation as to whether personal data concerning you is being processed.

7.2 Right to Rectification

If your data is incorrect or incomplete, we will correct it upon request.

​

7.3 Right to Data Portability

If we process your personal data with your consent or based on a corresponding agreement, you have the right to request a copy of your data in a structured, commonly used, and machine-readable format. This can be sent to you or another party. This applies only to the personal data you have provided to us.

7.4 Right to Restriction of Processing

You have the right to request that we restrict the processing of your personal data under certain circumstances, particularly if you object to processing based on our legitimate interest, if you inform us that your personal data is incorrect, if you raise objections to the deletion of your personal data and instead request the restriction of its use, or if we no longer need the personal data, but it is necessary for the establishment, exercise, or defense of legal claims.

7.5 Right to Erasure:

You have the right to request the deletion of your personal data processed by us – provided this is legally permissible. Exceptions particularly include the following cases:

1. You have placed an order that has not yet been shipped or has only been partially shipped.
2. You have outstanding payments with us.
3. You have misused our services in the past five years, or there is a suspicion of such misuse.
4. You have assigned your liabilities to a third party in the past three years.
5. If you have made purchases, we retain your personal data related to your transaction in accordance with accounting regulations.

You can also withdraw your consent to the use of your data at any time and object to its processing. The processing of your personal data remains lawful until the time of your withdrawal.

7.6 We will notify you promptly in the event of a personal data breach, provided that the breach is likely to result in a high risk to your rights and freedoms.

7.7 If you believe that we are not processing your personal data correctly, you can contact us. You also have the right to file a complaint with a supervisory authority.

7.8 Contact Person
If you have any questions regarding the storage or use of your personal data, please send your inquiry to:

​

If we are unable to assist you, please contact the relevant data protection authority. For Austria, this is:

Data Protection Authority

Barichgasse 40-42

1030 Vienna

E-Mail: ​