Privacy Policy

1. Overview of Data Protection

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can personally identify you. Detailed information on the subject of data protection can be found in our privacy policy below.

Data Collection on This Website

Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. You can find their contact details in the section "Information about the Responsible Party" in this privacy policy.

How do we collect your data?
Your data is collected in two ways:

  1. Provided Data: When you provide it to us, for example, by entering data into a contact form.
  2. Automatically Collected Data: When you visit our website, our IT systems automatically collect technical data (e.g., your browser, operating system, or the time the page was accessed). This data is collected automatically as soon as you access this website.

What do we use your data for?
Some of the data is collected to ensure the website is provided without errors. Other data may be used to analyze your user behavior.

What are your rights regarding your data?
You have the right to receive information about the origin, recipient, and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. Furthermore, you have the right to request the restriction of the processing of your personal data under certain circumstances. Additionally, you have the right to lodge a complaint with the competent supervisory authority. For any questions related to data protection, you can contact us at any time.

2. Hosting

We host the contents of our website with the following providers:

Shopify

The provider is Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify"). Shopify is a tool for creating and hosting websites. When you visit our website, Shopify collects your IP address as well as information about the device and browser you are using. Shopify also analyzes visitor numbers, visitor sources, and customer behavior to create user statistics. When you make a purchase on our website, Shopify collects your name, email address, delivery and billing addresses, payment details, and other purchase-related data (e.g., phone number, total transaction amount, etc.). For analysis purposes, Shopify stores cookies in your browser.

You can find more details in Shopify’s privacy policy: https://www.shopify.com/legal/privacy.

The use of Shopify is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the reliable presentation of our website. If consent has been obtained, the processing will be based solely on Art. 6(1)(a) GDPR and § 25(1) TTDSG, as far as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) under TTDSG. Consent can be revoked at any time.

External Hosting

This website is hosted externally. The personal data collected on this website is stored on the servers of the hosting providers. This may include IP addresses, contact inquiries, metadata, communication data, contract data, contact details, names, website access, and other data generated through a website.

External hosting takes place for the fulfillment of our contractual obligations towards potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of a secure, fast, and efficient provision of our online offer by a professional provider (Art. 6(1)(f) GDPR). If consent has been obtained, the processing will be based solely on Art. 6(1)(a) GDPR and § 25(1) TTDSG, as far as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) under TTDSG. Consent can be revoked at any time.

Our hosting provider will process your data only to the extent necessary to fulfill its performance obligations and follow our instructions regarding this data. The hosting provider we use is:

GoDaddy
Corporate Headquarters
2155 E. GoDaddy Way
Tempe, AZ 85284 USA

3. General Information and Mandatory Notices

Data Protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations as well as this privacy policy.

When you use this website, various personal data is collected. Personal data is data that can personally identify you. This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose this happens.

We would like to point out that data transmission over the internet (e.g., when communicating via email) can have security vulnerabilities. Complete protection of data from access by third parties is not possible.

Information about the Responsible Party

The responsible party for data processing on this website is:

Lorenz Assaid
Ziegelhüttenweg 22
60598 Frankfurt am Main
Phone: 01638646633
Email: hello@ohhmydog.de

The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).

4. Storage Period

Unless a more specific storage period is mentioned within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you make a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, the data will be deleted after these reasons no longer apply.

5. Legal Basis for Data Processing on This Website

If you have consented to the data processing, we process your personal data based on Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, if special categories of data according to Art. 9(1) GDPR are processed. If you have expressly consented to the transfer of personal data to third countries, the data processing is also carried out based on Art. 49(1)(a) GDPR. If the storage of cookies or access to information on your device (e.g., device fingerprinting) has been consented to, the data processing is additionally based on § 25(1) TTDSG. Consent can be revoked at any time. If your data is required for the fulfillment of a contract or the execution of pre-contractual measures, we process your data based on Art. 6(1)(b) GDPR.

We also process your data if this is necessary to fulfill a legal obligation based on Art. 6(1)(c) GDPR. The data processing can also be based on our legitimate interest under Art. 6(1)(f) GDPR.

Right to Complain to the Competent Supervisory Authority

In the event of violations of the GDPR, the data subject has the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, workplace, or the place of the alleged violation. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.

This translation covers only part of your privacy policy. Please review the document for completeness and consistency with your original text.

6. Recipients of Personal Data

In the course of our business activities, we work with various external parties. This may include transferring personal data to these external parties. We only share personal data if it is necessary for the performance of a contract, if we are legally obliged to do so (e.g., sharing data with tax authorities), if we have a legitimate interest in doing so under Art. 6(1)(f) GDPR, or if another legal basis allows data sharing. When we engage data processors, we only transfer personal data based on a valid data processing agreement. In cases of joint processing, a joint processing agreement is established.

7. Withdrawal of Your Consent to Data Processing

Many data processing activities are only possible with your explicit consent. You can revoke your consent at any time. The lawfulness of the data processing carried out before the revocation remains unaffected.

8. Right to Object to Data Collection in Special Cases and to Direct Marketing (Art. 21 GDPR)

IF THE DATA PROCESSING IS BASED ON ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RELEVANT LEGAL BASIS FOR PROCESSING CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OUTWEIGH YOUR INTERESTS, RIGHTS, AND FREEDOMS OR THE PROCESSING IS FOR THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS (OBJECTION UNDER ART. 21(1) GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING AT ANY TIME; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION UNDER ART. 21(2) GDPR).

9. Complaint Rights with the Competent Supervisory Authority

In the event of violations of the GDPR, you have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your habitual residence, workplace, or the place where the violation allegedly occurred.

10. Right to Data Portability

You have the right to receive data, which we process automatically based on your consent or in performance of a contract, in a structured, commonly used, and machine-readable format. You also have the right to request the transfer of this data to another controller, where technically feasible.

11. Right to Restrict Processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time regarding this matter. The right to restriction applies in the following cases:

  • If you dispute the accuracy of your personal data stored by us, we will generally need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
  • If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of deletion.
  • If we no longer need your personal data, but you need it to exercise, defend, or assert legal claims, you have the right to request the restriction of processing instead of deletion.
  • If you have filed an objection under Art. 21(1) GDPR, a balancing of interests must be conducted between your interests and ours. As long as it is not yet determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If the processing of your personal data has been restricted, this data may only be processed with your consent or for the establishment, exercise, or defense of legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the European Union or a member state.

12. Encrypted Payment Transactions on This Website

If, after concluding a fee-based contract, there is an obligation to provide us with your payment data (e.g., account number for direct debit authorization), this data will be required for payment processing.

Payment transactions using common means of payment (Visa/MasterCard, direct debit) are carried out exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the browser's address line changing from "http://" to "https://" and the lock symbol in your browser line.

With encrypted communication, your payment data, which you submit to us, cannot be read by third parties.

13. Objection to Advertising Emails

We hereby object to the use of the contact details published as part of the imprint obligation for sending unsolicited advertising and information materials. The operators of these pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam emails.

14. Data Collection on This Website

Cookies

Our website uses "cookies." Cookies are small data packages that do not harm your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are automatically deleted after your visit. Persistent cookies remain stored on your device until you delete them, or your web browser automatically removes them.

Cookies may come from us (first-party cookies) or from third-party companies (third-party cookies). Third-party cookies enable specific services from external providers integrated into the website (e.g., payment services). Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g., the shopping cart or video display). Other cookies may be used to analyze user behavior or for advertising purposes.

Cookies that are necessary to perform electronic communications, provide specific functions you want (e.g., shopping cart), or optimize the website (e.g., measuring web traffic) are stored based on Art. 6(1)(f) GDPR unless another legal basis is specified. We have a legitimate interest in the storage of necessary cookies to ensure the optimized provision of our services.

If consent for cookies has been requested, processing is based solely on Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent can be revoked at any time. You can set your browser to notify you about the setting of cookies, only allow them on a case-by-case basis, block cookies in certain cases or in general, and automatically delete cookies when you close your browser. The functionality of this website may be limited if cookies are deactivated.

The specific cookies and services used on this website are detailed in this privacy policy.

Contact Form

If you send us inquiries via the contact form, the information you provide, including your contact details, will be stored to process your inquiry and for any follow-up questions. We do not share this data without your consent.

The processing of the data entered into the contact form is based on Art. 6(1)(b) GDPR if your request relates to the fulfillment of a contract or pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively handling inquiries (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR), provided that this was obtained.

The data entered into the contact form will remain with us until you request deletion, revoke your consent to storage, or the purpose for the data storage no longer applies (e.g., after your inquiry has been fully processed). Mandatory legal provisions – particularly retention periods – remain unaffected.

Inquiries via Email, Phone, or Fax

If you contact us by email, phone, or fax, your inquiry, including all personal data (name, inquiry), will be stored and processed to handle your request. We do not share this data without your consent.

This data is processed based on Art. 6(1)(b) GDPR if your inquiry relates to the performance of a contract or pre-contractual measures. In all other cases, processing is based on your consent (Art. 6(1)(a) GDPR) or our legitimate interest (Art. 6(1)(f) GDPR) in effectively handling inquiries.

The data you send to us via contact requests will remain with us until you request deletion, revoke your consent to storage, or the purpose for the data storage no longer applies (e.g., after processing your inquiry). Mandatory legal provisions – particularly statutory retention periods – remain unaffected.

15. Communication via WhatsApp

We use the messaging service WhatsApp for communication with customers and others. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Communication is encrypted end-to-end, ensuring that only you and we can read the messages. However, WhatsApp gains access to metadata, such as sender and recipient information and the time of communication.

WhatsApp shares data with its parent company, Meta, in the USA. The transmission of data is based on the "EU-US Data Privacy Framework" (DPF). For more details, please refer to WhatsApp's privacy policy: https://www.whatsapp.com/legal/#privacy-policy.

The use of WhatsApp is based on our legitimate interest in providing quick and effective communication with customers (Art. 6(1)(f) GDPR). If consent has been requested, processing is based solely on Art. 6(1)(a) GDPR. Consent can be revoked at any time.

16. Social Media

Facebook

Our website integrates elements of the Facebook social network. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. Facebook also transfers data to the USA and other third countries.

When the social media element is active, a direct connection between your device and Facebook's server is established. Facebook receives the information that you visited this website with your IP address. If you click on the "Like" button while logged into your Facebook account, you can link the content of this website to your Facebook profile. This allows Facebook to associate your visit to this website with your user account.

The use of Facebook elements is based on your consent (Art. 6(1)(a) GDPR and § 25(1) TTDSG). Consent can be revoked at any time.

Further details can be found in Facebook’s privacy policy: https://www.facebook.com/privacy/explanation.

Instagram

Functions of the Instagram service are integrated into this website. These functions are provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

If the Instagram element is active, a direct connection between your device and the Instagram server is established. Instagram receives information about your visit to this website. If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking the Instagram button. This allows Instagram to associate your visit to this website with your user account.

The use of Instagram elements is based on your consent (Art. 6(1)(a) GDPR and § 25(1) TTDSG). Consent can be revoked at any time.

Further details can be found in Instagram’s privacy policy: https://privacycenter.instagram.com/policy/.

17. Newsletter

Newsletter Data

If you would like to receive the newsletter offered on the website, we need an email address from you and information that allows us to verify that you are the owner of the provided email address and agree to receive the newsletter. Additional data will not be collected or will only be collected on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.

The processing of the data entered into the newsletter subscription form is based on your consent (Art. 6(1)(a) GDPR). You can revoke your consent to the storage of data, the email address, and its use for sending the newsletter at any time, for example, by clicking the "unsubscribe" link in the newsletter. The legality of the data processing already carried out remains unaffected by the revocation.

18. eCommerce and Payment Providers

Processing of Customer and Contract Data

We collect, process, and use personal data only to the extent necessary for the establishment, content arrangement, or modification of the contractual relationship (user data). We collect, process, and use personal data regarding the use of this website (usage data) only to the extent necessary to enable or bill the user for the use of the service. The legal basis for this is Art. 6(1)(b) GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.

The collected customer data will be deleted after the order is completed or the business relationship is terminated. Legal retention periods remain unaffected.

Data Transfer upon Conclusion of a Contract for Online Shops, Retailers, and Shipment of Goods

When you order goods from us, we share your personal data with the shipping company entrusted with the delivery and the payment service provider tasked with processing the payment. Only the necessary data will be shared to enable the fulfillment of the order.

The legal basis for this is Art. 6(1)(b) GDPR, which allows data processing to fulfill a contract or pre-contractual measures.

If you have given your consent, we will share your email address with the shipping company so they can inform you about the shipping status of your order by email. You can revoke this consent at any time.

Order Processing via Dropshipping

If you order products from us, your order may be shipped directly from our suppliers to you (dropshipping). For this purpose, we share your name, delivery address, and, if necessary, your phone number with the supplier. This data is shared exclusively for the purpose of delivering the goods.

The legal basis for this is Art. 6(1)(b) GDPR (contract fulfillment) and our legitimate interest in a quick and effective processing of your order under Art. 6(1)(f) GDPR.

We use the following supplier for dropshipping:
Yu Wei (address will be provided later).

Payment Services

We integrate payment services from third-party providers on our website. When you make a purchase, your payment data (e.g., name, amount, payment details) will be processed by the payment service provider to complete the payment. The respective provider’s privacy policy and contractual terms apply to these transactions.

The use of payment service providers is based on Art. 6(1)(b) GDPR (contract fulfillment) and our legitimate interest in providing a secure, fast, and user-friendly payment process (Art. 6(1)(f) GDPR). If your consent is requested, the legal basis is Art. 6(1)(a) GDPR. Consent can be revoked at any time.

We use the following payment providers on this website: