Privacy Policy

1. Data Protection at a Glance

The following information provides a simple overview of what happens to your personal data when you visit our website and use our online shop. Personal data includes all data with which you can be personally identified.

2. Controller

The controller responsible for data processing on this website in accordance with the General Data Protection Regulation (GDPR) is:

Jörn-Hagen Stoll
Kaiser-Joseph-Straße 254
79098 Freiburg im Breisgau

Email: joernhagenstoll@gmail.com / ishita@parui.de

3. Collection and Storage of Personal Data and Type and Purpose of Use

a) When visiting the website
When you visit our website kapatapa.com, information is automatically sent from your browser to our website server. This information is temporarily stored in log files. The following data can be collected without your involvement:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which access is made (referrer URL)
  • Browser and operating system used

This data processing is carried out in accordance with Art. 6 (1) (f) GDPR based on our legitimate interest in improving the stability and functionality of our website.

b) When using our online shop (WooCommerce)
When you make purchases in our online shop, we collect the personal data you provide in order to process your order. This includes:

  • First and last name
  • Billing and shipping address
  • Email address
  • Payment details (payment method details, but not full credit card numbers)
  • IP address

The processing of this data is carried out to fulfill the contract in accordance with Art. 6 (1) (b) GDPR.

c) Payment processing with Stripe
We use Stripe for payment processing. Your payment data is transferred to Stripe, including:

  • Card payment details
  • Name
  • Billing address
  • Email address

Stripe is an international payment service provider based in the USA. Stripe complies with the requirements of the EU-US Privacy Shield. Further information on Stripe’s data processing can be found in Stripe’s Privacy Policy.

The processing of your payment data takes place on the basis of Art. 6 (1) (b) GDPR for the execution of the payment process as well as on the basis of our legitimate interest pursuant to Art. 6 (1) (f) GDPR in ensuring secure and efficient payment transactions.

4. Cookies

Our website uses cookies. These are small files that are automatically created by your browser and stored on your device when you visit our website. Cookies can store information related to the specific device used.

We use cookies to ensure the operation of our online shop (WooCommerce) and to analyze usage. These include:

  • Essential cookies: Necessary for operating the online shop (e.g., cart cookies).
  • Analytics cookies: Allow us to analyze the use of our website (e.g., Google Analytics).
  • Marketing cookies: Used to analyze user behavior for advertising purposes.

Processing takes place in accordance with Art. 6 (1) (f) GDPR based on our legitimate interest in improving the functionality of our website and user experience.

5. Analytics Tools

We use Google Analytics to statistically evaluate user behavior on our website. Google Analytics uses cookies stored on your computer to enable analysis of your use of the website.

The information generated by the cookie regarding your use of this website is usually transferred to a Google server in the USA and stored there. Google uses this information on our behalf to compile reports on website activity and to provide further services relating to website and internet usage.

You can prevent the storage of cookies by adjusting your browser settings. More information can be found in Google’s Privacy Policy.

6. Disclosure of Data to Third Parties

Your personal data will only be disclosed to third parties if:

  • You have given express consent in accordance with Art. 6 (1) (a) GDPR,
  • Disclosure is necessary for the performance of a contract in accordance with Art. 6 (1) (b) GDPR (e.g., to payment providers),
  • There is a legal obligation to do so (Art. 6 (1) (c) GDPR), or
  • Disclosure is necessary for the protection of our legitimate interests pursuant to Art. 6 (1) (f) GDPR.

7. Data Subject Rights

You have the right to:

  • Request information about your personal data processed by us (Art. 15 GDPR),
  • Request immediate correction of inaccurate or completion of your stored personal data (Art. 16 GDPR),
  • Request deletion of your stored personal data (Art. 17 GDPR),
  • Request restriction of processing of your personal data (Art. 18 GDPR),
  • Receive your personal data in a structured, commonly used, and machine-readable format (Art. 20 GDPR).

8. Right to Object

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) (f) GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR.

9. Data Security

We implement appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological development.

Effective Date: 16.08.2024