Privacy Policy

Language and Validity:
This privacy policy is provided in German (original version) as well as in English and French translations. The German version is definitive and legally binding; in the event of any contradiction or uncertainty, only the German text shall prevail.

Effective: March 2025

1. Controller and Contact Details

NatureWatt GmbH
Bergham 55
83624 Otterfing, Germany
Phone: +49 8027 9085 670
E-mail: office@naturewatt.de
Managing Directors: Andreas Beckmeier, Christoph Leitgeb
Registered Office: Otterfing
Local Court Munich | HRB 294612
Tax Number: 139/133/10025
VAT ID No.: DE369559209

NatureWatt GmbH is the data controller within the meaning of the EU General Data Protection Regulation (GDPR).

2. Collection and Processing of Personal Data

We process personal data of our users only to the extent necessary to provide a functional website and our services. Personal data are all information relating to an identified or identifiable natural person.

a) When Visiting Our Website

When accessing our website, the following data are automatically collected, which do not allow direct identification of individuals:

  • IP address (possibly pseudonymised)
  • Date and time of access
  • Browser type and version
  • Operating system
  • Referring website (Referrer URL)
  • Access status (e.g. error code)

These data are used exclusively to ensure uninterrupted operation of the website, for statistical purposes and to improve our offering.
Retention Period: Server log files are stored for seven days and then routinely deleted.

b) When Using Our Online Shop and Contact Form

If you place orders in our online shop or contact us via our contact form, we collect and process the following data:

  • Name, address, e-mail address, telephone number
  • Payment data (e.g. credit card information, bank details – where required)
  • Order details (items, quantity, price, delivery address)
  • Other information necessary for performing the contract

3. Purpose of Data Processing and Legal Basis

The processing of your personal data takes place for the following purposes:

  • Contract performance and customer management:
    To process orders, deliver goods, handle payments and provide customer service.
    Legal basis: Art. 6(1)(b) GDPR
  • Provision and optimisation of the website:
    To ensure uninterrupted operation, perform web analytics, diagnose errors and improve our offering.
    Legal basis: Art. 6(1)(f) GDPR (legitimate interest)
  • Communication and marketing:
    To respond to your enquiries, inform you about changes, offers and newsletters (if you have consented).
    Legal basis: Art. 6(1)(a) GDPR (consent) or Art. 6(1)(f) GDPR (legitimate interest)

4. Disclosure of Data to Third Parties

Your personal data are shared only if necessary for contract performance—for example with shipping service providers, payment service providers or IT service providers—or if you have given your express consent. Apart from this, data are not passed on to third parties.

Data transfer to third countries:
If data are transferred to third countries (outside the EU/EEA), we ensure that an adequate level of data protection is guaranteed by appropriate safeguards (e.g. Standard Contractual Clauses of the European Commission).

5. Cookies and Tracking

Our website uses cookies to facilitate usage and provide certain functions. These are small text files stored on your device.

a) Necessary Cookies

These cookies are technically required to provide the website and functions such as the shopping cart in the online shop.
Retention Period: These cookies are typically deleted at the end of your browser session.

b) Functional and Statistical Cookies

These cookies enable us to analyse website usage and optimise our offering.
Legal basis: Processing is based on our legitimate interest under Art. 6(1)(f) GDPR.
Retention Period: 30 days or individually, depending on the cookie provider.

You can prevent cookies from being stored by adjusting your browser settings. Please note that this may result in limited functionality of the website.

6. Web Analytics and Tracking Tools

Where we use web analytics tools (e.g. Google Analytics or comparable services), this is done in compliance with legal requirements. For detailed information on data processing by the respective provider and instructions on opting out, please refer to the provider’s own privacy notices.
Note: If you use Google Analytics, please ensure that IP anonymisation is activated and include, if applicable, a link to the browser opt-out.

7. Social Media Plugins

Our website may contain plugins from social networks. These enable you to share content on your social network profiles. In doing so, personal data may be transmitted to the respective providers. For more information, please refer to the privacy notices of the respective social networks.

8. Retention Period and Deletion of Data

Personal data are stored by us only as long as necessary to achieve the respective processing purposes or as required by statutory retention obligations.

  • Log files and technical data: Stored for seven days and then deleted.
  • Order data: Stored in accordance with statutory retention periods (generally up to 8 years), unless a shorter period is permissible.
  • Customer account data: Remain stored until you terminate your customer account.
    After the purpose of processing ceases to apply or statutory periods expire, the data are routinely deleted, provided no statutory retention obligations conflict.

9. Data Subject Rights

You have the right to:

  • Access: Request information about your personal data we store.
  • Rectification: Request correction of inaccurate data.
  • Erasure: Request deletion of your personal data, provided no statutory retention periods apply.
  • Restriction: Request restriction of processing.
  • Data portability: Request transfer of your data.
  • Objection: Object to processing of your personal data where grounds arise from your particular situation.
  • Complaint: Lodge a complaint with a supervisory authority.

To exercise your rights, please contact the above contact details.

10. Data Security

We implement technical and organisational security measures to protect your personal data processed by us against unauthorised access, loss, destruction or manipulation. Our measures are continuously updated to reflect the state of the art.

Examples of our security measures include:

  • Use of SSL encryption (Secure Socket Layer) for data transmission.
  • Regular review and updating of our IT security protocols.
  • Access restrictions to sensitive data.

11. Changes to This Privacy Policy

NatureWatt GmbH reserves the right to adjust this privacy policy at any time to reflect current legal requirements or changes in our services. The current version is available on our website. In case of material changes, we will inform you in an appropriate manner.

12. Contact for Data Protection

For questions regarding data protection and to exercise your rights, you may contact our Data Protection Officer:

Data Protection Officer of NatureWatt GmbH
Christoph Leitgeb
office@naturewatt.de
Phone: +49 8027 9085 670

13. Hosting and Server Locations

Our hosting is provided by Amazon Web Services EMEA SARL, whose server locations are in Germany/EU. If data are processed outside the EU/EEA, this is done using Standard Contractual Clauses of the European Commission to ensure adequate data protection.

14. Further Details on Third-Party Providers and Specific Data Processing

If we use specific third-party providers (e.g. payment service providers, shipping service providers, web analytics providers) that have their own privacy notices, we refer to their respective privacy policies: