Privacy Policy
Privacy Policy
1. Controller
The controller responsible for processing your personal data is:
- Company
- dekobello GmbH
- Address
- Reinprechtsdorferstrasse 48/16, 1050 Vienna, Austria
- Phone
- +43 699 17225776
- office@dekobello.com
- Web
- www.dekobello.com
- Data Protection Officer
- No formal DPO appointed. For all privacy inquiries, please use the contact details above.
Full provider details can also be found in the Imprint.
2. What data do we process?
2.1 Personal data
- Master data: name, address, contact details (phone, e-mail)
- Order/contract data: purchased products, prices, shipping & billing address, communication history
- Payment-related data: payment status, transaction identifiers (note: we do not store full credit card numbers; processing occurs directly with the payment provider)
2.2 Technical data
- Server/usage data: IP address, timestamps, requested resources/URLs, referrer
- Device/browser data: device type, operating system, browser type/version
- Cookies & similar technologies (see Section 6)
3. Purposes and legal bases (Art. 6 GDPR)
- Contract performance & customer service (Art. 6(1)(b)): order processing, delivery, communication, complaints.
- Compliance with legal obligations (Art. 6(1)(c)): statutory tax and commercial retention duties.
- Legitimate interests (Art. 6(1)(f)): IT security, fraud prevention, statistical reach measurement (only pseudonymous/aggregated), demand-oriented presentation of our offers.
- Consent (Art. 6(1)(a)): newsletter/marketing, optional analytics/marketing cookies. Consent can be withdrawn at any time with effect for the future.
Where processing is based on legitimate interests, we conduct a balancing test and only process data to the extent your rights and freedoms do not override our interests.
4. Recipients and processors
We share data only where necessary:
- IT/hosting providers (operation of our systems)
- Payment service providers (e.g., credit card, PayPal, Klarna, Stripe – where used)
- Shipping/logistics partners (delivery, tracking)
- Support/communication tools (customer inquiries)
- Tax advisors/authorities (legal obligations)
We enter into processing agreements pursuant to Art. 28 GDPR with our processors.
5. Transfers to third countries
Where providers in countries outside the EU/EEA (e.g., the USA) are used, transfers occur only if an adequate level of protection exists (adequacy decision) or appropriate safeguards are in place, in particular the EU Standard Contractual Clauses under Art. 46 GDPR. Further details are provided by the respective providers.
6. Cookies & tracking
We use cookies and similar technologies to provide and secure our website and — with your consent — to analyze and personalize.
6.1 Cookie categories
- Strictly necessary: e.g., cart, session, security.
- Functional: e.g., language, preferences.
- Analytics/statistics (consent-based): reach measurement, error analysis.
- Marketing (consent-based): personalization, remarketing.
Illustrative cookie overview
| Name | Purpose | Storage period |
|---|---|---|
| session_id / PHPSESSID | Session management, cart | Session |
| language / currency | Language & currency | 1–12 months |
| analytics_* | Statistics (consent-based) | 1–24 months |
| marketing_* | Marketing/remarketing (consent-based) | 1–24 months |
Note: Actual names/durations may vary depending on the services used.
6.2 Consent & withdrawal
You can accept/decline non-essential cookies via our cookie banner and change your choice at any time under /cookie-settings.
7. Retention periods
- Contract/order data: as long as necessary, then according to statutory retention duties (generally up to 7 years under Austrian law).
- Communication data: typically 3 years (warranty/claims).
- Marketing data: until consent is withdrawn or objection is made.
- Technical logs: typically 6–24 months unless security reasons require longer.
8. Payments
Payments are processed via external payment service providers. Depending on the method chosen, only the data required for that method is transmitted. We do not store full credit card numbers on our systems. For details, please refer to the respective provider (e.g., PayPal, Klarna, Stripe – where used).
9. Newsletter & direct marketing
We send newsletters only after double opt-in or with your consent. You can unsubscribe at any time via the unsubscribe link in every e-mail or by contacting office@dekobello.com.
10. Your rights (Art. 15–21 GDPR)
- Access to the data processed
- Rectification of inaccurate data
- Erasure (“right to be forgotten”)
- Restriction of processing
- Data portability
- Object to processing based on legitimate interests
- Withdraw consent with future effect
To exercise your rights, please contact us at office@dekobello.com or by phone at +43 699 17225776.
Right to lodge a complaint: You may lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence. In Austria: Austrian Data Protection Authority, Barichgasse 40–42, 1030 Vienna, www.dsb.gv.at.
11. Security
We implement appropriate technical and organizational measures (TOMs) to ensure a level of security appropriate to the risk, including TLS encryption, access and authorization concepts, logging, and regular updates.
12. Minors
Our offers are not directed at children. Persons under 14 should not provide personal data without parental consent.
13. Automated decision-making
No automated decision-making including profiling with legal effect takes place.
14. Changes to this policy
We may adapt this Privacy Policy to reflect changes in laws or services. The version published here is always the current one.
Effective date:
15. Contact
For privacy questions, please contact office@dekobello.com or call +43 699 17225776.
