Last updated: September 12, 2025

Atelier Hellbusch operates this shop and website, including all related information, content, features, tools, products, and services, to provide you as a customer with a personalized shopping experience (the "Services"). Atelier Hellbusch is powered by Shopify, which enables us to provide you with the Services. This Privacy Policy describes how we collect, use, or share personal data when you visit, use the website, make a purchase or other transaction using the Services, or otherwise communicate with us. If there is a conflict between our general terms and conditions and this Privacy Policy, this Privacy Policy will take precedence with respect to the collection, processing, and sharing of your personal data.

Please read this Privacy Policy carefully. By using and accessing any of the Services, you confirm that you have read this Privacy Policy and agree to the collection, use, and sharing of your data as described in this Privacy Policy.

What personal data do we collect or process?

When we use the term "personal data," we mean information that identifies you or another person, or can be directly linked to you. Personal data does not include information that is collected anonymously or anonymized in such a way that identification or connection to you is not possible. Depending on how you interact with the Services, where you live, and as permitted or required by applicable law, we may collect or process the following categories of personal data, including inferences drawn from such personal data:

• Contact information including name, mailing address, billing address, shipping address, phone number, and email address.
• Financial information including credit, debit card and financial account numbers, payment card information, financial account details, transaction details, payment method, payment confirmation, and other payment details.
• Account information including username, password, security questions, configurations, and settings.
• Transaction information including the items you view, add to cart, add to your wishlist or purchase, return, exchange, or cancel, as well as your past transactions.
• Communications with us including information you provide when communicating with us, such as when you submit a customer support inquiry.
• Device information including information about your device, browser, or network connection, IP address, and other unique identifiers.
• Usage information including information about your interaction with the Services, including how and when you interact with or browse the Services.

Sources of personal data

We may collect personal data from the following sources:

• Directly from you We collect data, among other ways, when you create an account, access or use the Services, communicate with us, or otherwise provide us with your personal data.
• Automatically through the Services We collect data, among other ways, from your device or when you use our products or Services or visit our website, as well as through the use of cookies and similar technologies.
• From our service providers We collect data, among other ways, when we engage service providers to enable certain technologies, and when they collect or process your personal data on our behalf.
• From our partners and other third-party providers

How do we use your personal data?

Depending on how you interact with us or which of the Services you use, we may use personal data for the following purposes:

• Provision, customization, and improvement of the Services. We use your personal data to provide you with the Services. This includes, among other things, fulfilling our contract with you, processing your payments, executing your orders, storing your configurations and the items you are interested in, sending notifications related to your account, creating, maintaining, and otherwise managing your account, organizing shipping, facilitating returns and exchanges, enabling you to leave reviews, and creating a personalized shopping experience for you by, for example, recommending products based on your purchases. This may also involve using your personal data to better tailor and improve the Services.
• Marketing and advertising. We use your personal data for marketing and advertising purposes, such as sending you marketing and promotional communications by email, SMS, or mail, and showing you online advertisements for products or services for the Services or other websites, including based on items you have previously purchased or added to your cart, as well as other activities related to the Services.
• Security and fraud prevention. We use your personal data to authenticate your account, provide a secure payment and shopping experience, detect, investigate, or take action against possible fraudulent, illegal, unsafe, or malicious activities, protect public safety, and ensure the security of our Services. If you choose to use the Services and register an account, you are responsible for protecting your account credentials. We strongly recommend that you do not share your username, password, or other access information with anyone else.
• Communication with you. We use your personal data to provide you with customer support and effective Services, respond promptly to your inquiries, and maintain our business relationship with you.
• Legal reasons. We use your personal data to comply with applicable law or respond to lawful processes, including requests from law enforcement or regulatory authorities, to investigate or participate in civil investigations, potential or actual legal disputes, or other adversarial proceedings, and to investigate or enforce potential violations of our terms or policies.

How do we share personal data?

Under certain circumstances, we may share your personal data with third parties for legitimate purposes in accordance with this Privacy Policy. Such circumstances may include the following:

• For Shopify, these are vendors and other third parties who provide services on our behalf (e.g., IT management, payment processing, data analysis, customer support, cloud storage, fulfillment, and shipping).
• We share personal data with business and marketing partners who provide you with marketing services and display advertising to you. For example, we use Shopify to support personalized advertising with third-party services based on your online activities with different merchants and websites. Our business and marketing partners use your data in accordance with their own privacy policies. Depending on where you live, you may have the right to instruct us not to share information about you for the purpose of providing you with targeted advertising and marketing based on your online activities with various merchants and websites. If you wish to exercise your right and opt out of such uses, you can do so here
• If you request or otherwise consent to us sharing certain information with third parties, for example to deliver products to you, or if you use social media widgets or login integrations.
• We share personal data with our affiliates or otherwise within our corporate group.
• In connection with a business transaction such as a merger or bankruptcy, to comply with applicable legal obligations (including responding to subpoenas, search warrants, and similar requests), to enforce applicable terms of service or policies, and to protect or defend the Services, our rights, and the rights of our users or others.

Relationship with Shopify

The Services are hosted by Shopify, with Shopify collecting and processing personal data about your access to and use of the Services in order to provide and improve the Services for you. Data you submit to the Services will be shared with Shopify and with third parties, who may be located in countries other than your country of residence, to provide and improve the Services for you. To protect, expand, and improve our business, we also use certain advanced Shopify features that incorporate data and information from your interactions with our store, with other merchants, and with Shopify. To provide these advanced features, Shopify may use personal data collected through your interactions with our store, other merchants, and Shopify. In these circumstances, Shopify is responsible for processing your personal data, including responding to your requests to exercise your rights regarding the use of your personal data for these purposes. For more information about how Shopify uses your personal data and what rights you have, please refer to the Shopify Consumer Privacy Policy. Depending on where you reside, you may be able to exercise certain rights regarding your personal data listed here Link to Shopify Privacy Portal.

Third-Party Websites and Links

The Services may provide links to websites or other online platforms operated by third parties. If you follow links to websites that are not affiliate sites or not controlled by us, you should review their privacy and security policies, as well as any other terms and conditions. We make no guarantees and are not responsible for the privacy or security of such websites, including the accuracy, completeness, or reliability of any information found on these websites. Information you provide in public or semi-public areas, including information you share on third-party social networking platforms, may also be viewed by other users of the Services and/or users of those third-party platforms, without restriction on their use by us or by a third party. Our inclusion of such links does not imply that we endorse the content of those platforms or their owners or operators, unless expressly stated otherwise in the Services.

Children’s Data

The Services are not intended for use by children, and we do not knowingly collect personal data from children who are not of legal age in your country. If you are the parent or guardian of a child who has provided us with their personal data, you may contact us using the contact information below to request the deletion of that data. As of the effective date of this Privacy Policy, we are not aware of sharing or selling personal data of individuals under the age of 16 (as those terms are defined under applicable law).

Security and Retention of Your Data

Please note that no security measures are perfect or impenetrable, and therefore we cannot guarantee "perfect security." Additionally, information you send to us may be at risk during transmission. We recommend that you do not use unsecured channels when sending sensitive or confidential information to us.

How long we retain your personal data depends on various factors. These include, for example, whether we need the data to manage your account, provide you with Services, comply with legal obligations, resolve disputes, or enforce other applicable agreements and policies.

Your Rights and Choices

Depending on where you reside, you may have some or all of the rights listed below regarding your personal data. However, these rights are not absolute, may apply only in certain circumstances, and in some cases, we may lawfully deny your request.

• Right of Access/Information. You may have the right to request access to the personal data we hold about you.
• Right to erasure. You may have the right to request that we delete the personal data we have stored about you.
• Right to rectification. You may have the right to request that we correct inaccurate personal data that we have stored about you.
• Right to data portability. You may have the right to receive a copy of the personal data we have stored about you and to request that, under certain circumstances and with certain exceptions, we transfer it to a third party.
• Right to opt out of the sale or sharing of data for targeted advertising. Depending on where you reside, you may have the right to opt out of the “sale” or “sharing” of your personal data, or to object to the processing of your personal data for purposes that qualify as “targeted advertising” under applicable privacy laws. If you wish to exercise your right and opt out of such uses, you can do so here. Please note: If you visit our website with an enabled opt-out signal from the “Global Privacy Control” feature, we will automatically treat this, depending on your location, as a request to opt out for the device and browser you use to access the website. If we can link the device sending the signal to a Shopify account, we will also apply the opt-out request to that account. For more information about Global Privacy Control, visit https://globalprivacycontrol.org/. Aside from Global Privacy Control, we do not recognize any other “Do Not Track” signals that your browser or device may send.
• Managing communication preferences. We may send you promotional emails. You can opt out of receiving these emails at any time by using the unsubscribe option included in our emails to you. If you opt out, we may still send you non-promotional emails, such as those about your account or orders you have placed.

You may exercise these rights where indicated in the Services, or by contacting us using the contact details provided below. For more information about how Shopify uses your personal data and your rights, including your rights regarding data processed by Shopify, please visit https://privacy.shopify.com/en.

You will not suffer any disadvantage from exercising these rights. Where permitted or required by applicable law, we may need to verify your identity before processing your requests. In accordance with applicable laws, you may designate an authorized agent to make requests to exercise your rights on your behalf. Before accepting such a request from an agent, we will require proof that you have authorized them to act on your behalf. This may require you to confirm your identity directly with us. We will respond to your request promptly as required by applicable law.

Complaints

If you have complaints about how we handle your personal data, please contact us using the contact information provided below. Depending on where you reside, you may have the right to appeal our decision by contacting us using the details below, or to file a complaint with the relevant data protection authority. For the European Economic Area, there is a list of the relevant data protection supervisory authorities. If you wish to access it, you can do so here.

International transfers

Please note that we may transfer, store, and process your personal data outside the country where you reside.

If we transfer your personal data outside the European Economic Area or the United Kingdom, we rely on recognized transfer mechanisms such as the European Commission’s Standard Contractual Clauses or equivalent contracts issued by the relevant UK authority, unless the data is transferred to a country that has been recognized as providing an adequate level of protection.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time, for example, to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will post the revised Privacy Policy on this website, update the "Last Revised" date accordingly, and provide any notice required by applicable law.

Contact

If you have any questions about our privacy practices or this Privacy Policy, or if you wish to exercise any of your rights, please contact us by phone at , by email at markhellbusch@web.de or by mail at Langendellschlag 62, Wiesbaden, 65199, DE. For the purposes of applicable data protection laws, we are the data controller of your personal information.