Privacy policy

Last updated: May 5, 2026

Atelier Hellbusch operates this shop and this website, including all related information, content, features, tools, products, and services, to provide you as a customer with a personalized shopping experience (the “Services”). Atelier Hellbusch is powered by Shopify, which enables us to provide the Services to you. This Privacy Policy describes how we collect, use, or share personal data when you visit or use the website, make a purchase or other transaction using the Services, or otherwise communicate with us. If there is a conflict between our Terms and Conditions and this Privacy Policy, this Privacy Policy will prevail with respect to the collection, processing, and sharing of your personal data.

Please read this Privacy Policy carefully. By accessing or using any of the Services, you acknowledge that you have read this Privacy Policy and agree to the collection, use, and sharing of your data as described in this Privacy Policy.

What personal data do we collect or process?

When we use the term “personal data,” we mean information that identifies you or another person or can reasonably be linked to you. Personal data does not include information that is collected anonymously or anonymized so that it can no longer be used to identify you or be linked to you. Depending on how you interact with the Services, where you live, and as permitted or required by applicable law, we may collect or process the following categories of personal data, including inferences drawn from such personal data:

  • Contact information including name, mailing address, billing address, shipping address, phone number, and email address.
  • Financial information including credit and debit card and financial account numbers, payment card information, financial account information, transaction details, payment method, payment confirmation, and other payment details.
  • Account information including username, password, security questions, configurations, and settings.
  • Transaction information including items you view, add to your cart, add to your wishlist, purchase, return, exchange, or cancel, as well as your past transactions.
  • Communications with us including information you provide when you communicate with us, for example when you submit a customer support request.
  • Device information including information about your device, browser, or network connection, IP address, and other unique identifiers.
  • Usage information including information about your interaction with the Services, including how and when you interact with or browse the Services.

Sources of personal data

We may collect personal data from the following sources:

  • Directly from you We collect data, among other ways, when you create an account, access or use the Services, communicate with us, or otherwise provide us with your personal data.
  • Automatically through the Services We collect data, among other ways, from your device or when you use our products or Services or visit our website, as well as through the use of cookies and similar technologies.
  • From our service providers We collect data, among other ways, when we engage service providers to enable certain technologies and when they collect or process your personal data on our behalf.
  • From our partners and other third parties

How do we use your personal data?

Depending on how you interact with us or which of the Services you use, we may use personal data for the following purposes:

  • Providing, customizing, and improving the Services. We use your personal data to provide the Services to you. This includes, among other things, fulfilling our contract with you, processing your payments, fulfilling your orders, storing your configurations and the items you’re interested in, sending notifications related to your account, creating, maintaining, and otherwise managing your account, arranging shipping, facilitating returns and exchanges, enabling you to leave reviews, and creating a personalized shopping experience for you, for example by recommending products based on your purchases. This may also include using your personal data to better tailor and improve the Services.
  • Marketing and advertising. We use your personal data for marketing and advertising purposes, for example to send you marketing and promotional communications by email, SMS, or post and to show you online advertising for products or services on the Services or other websites, including based on items you have previously purchased or added to your cart and other activities related to the Services.
  • Security and fraud prevention. We use your personal data to authenticate your account, provide a secure payment and shopping experience, detect, investigate, or take action regarding potential fraudulent, illegal, unsafe, or malicious activity, protect public safety, and ensure the security of our Services. If you choose to use the Services and register an account, you are responsible for safeguarding your account login credentials. We strongly recommend that you do not share your username, password, or other access credentials with anyone else.
  • Communicating with you. We use your personal data to provide you with customer support and effective Services, respond promptly to your inquiries, and maintain our business relationship with you.
  • Legal reasons. We use your personal data to comply with applicable law or respond to lawful processes, including requests from law enforcement or regulatory authorities, to investigate or participate in civil investigations, potential or actual litigation, or other adversarial proceedings, and to investigate or enforce potential violations of our terms or policies.

How do we share personal data?

Under certain circumstances, we may share your personal data with third parties for legitimate purposes in accordance with this Privacy Policy. Such circumstances may include the following:

  • With Shopify, these are vendors and other third parties that provide services on our behalf (e.g., IT management, payment processing, data analytics, customer support, cloud storage, fulfillment, and shipping).
  • We share personal data with business and marketing partners that provide marketing services to you and show you advertising. For example, we use Shopify to support personalized advertising with third-party services based on your online activities across different merchants and websites. Our business and marketing partners use your data in accordance with their own privacy policies. Depending on where you live, you may have the right to direct us not to share information about you in order to show you targeted advertising and marketing based on your online activities across different merchants and websites. If you wish to exercise your right and opt out of such uses, you can do so here.
  • When you ask us to or otherwise consent to us sharing certain information with third parties, for example to deliver products to you, or when you use social media widgets or login integrations.
  • We share personal data with our affiliates or otherwise within our corporate group.
  • In connection with a business transaction such as a merger or bankruptcy; to comply with applicable legal obligations (including responding to subpoenas, search warrants, and similar requests); to enforce applicable terms of service or policies; and to protect or defend the Services, our rights, and the rights of our users or others.

Relationship with Shopify

The Services are hosted by Shopify, which collects and processes personal data about your access to and use of the Services in order to provide and improve the Services for you. Data that you submit to the Services is shared with Shopify and with third parties, who may be located in countries other than your country of residence, in order to provide and improve the Services for you. To protect, grow, and improve our business, we also use certain advanced Shopify features that incorporate data and information from your interactions with our shop, with other merchants, and with Shopify. To provide these advanced features, Shopify may use personal data collected from your interactions with our shop, other merchants, and Shopify. In these circumstances, Shopify is responsible for processing your personal data, including responding to your requests to exercise your rights regarding the use of your personal data for these purposes. For more information about how Shopify uses your personal data and what rights you have, please see the Shopify Consumer Privacy Policy. Depending on where you live, you may be able to exercise certain rights regarding your personal data listed here via this link: Shopify Privacy Portal.

Third-party websites and links

The Services may provide links to websites or other online platforms operated by third parties. If you follow links to websites that are not affiliate sites or not controlled by us, you should review their privacy and security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy or security of such websites, including the accuracy, completeness, or reliability of information found on those websites. Information you provide in public or semi-public areas, including information you share on third-party social networking platforms, may also be viewed by other users of the Services and/or users of those third-party platforms, without limitation as to its use by us or by a third party. Our inclusion of such links does not imply that we endorse the content of those platforms or their owners or operators, unless this is explicitly stated in the Services.

Children’s data

The Services are not intended for use by children, and we do not knowingly collect personal data from children who have not reached the age of majority in your country. If you are the parent or guardian of a child who has provided personal data to us, you can contact us using the contact details below to request deletion of that data. As of the effective date of this Privacy Policy, we are not aware that we “share” or “sell” personal data of individuals under 16 years of age (as those terms are defined under applicable law).

Security and retention of your data

Please note that no security measures are perfect or impenetrable, and therefore we cannot guarantee “perfect security.” In addition, information you send to us may be at risk during transmission. We recommend that you do not use insecure channels when transmitting sensitive or confidential information to us.

How long we retain your personal data depends on various factors. These include, for example, whether we need the data to manage your account, provide Services to you, comply with legal obligations, resolve disputes, or enforce other applicable agreements and policies.

Your rights and choices

Depending on where you live, you may have some or all of the rights listed below regarding your personal data. However, these rights are not absolute, may apply only under certain circumstances, and in some cases we may deny your request to the extent permitted by law.

  • Right of access. You may have the right to request access to the personal data we hold about you.
  • Right to deletion. You may have the right to request that we delete the personal data we hold about you.
  • Right to rectification. You may have the right to request that we correct inaccurate personal data we hold about you.
  • Right to data portability. You may have the right to receive a copy of the personal data we hold about you and to request that we transmit it to a third party under certain circumstances and with certain exceptions.
  • Right to opt out of the sale or sharing of data for targeted advertising. Depending on where you live, you may have the right to opt out of the “sale” or “sharing” of your personal data or to object to the processing of your personal data for purposes that qualify as “targeted advertising” under applicable privacy laws. If you wish to exercise your right and opt out of such uses, you can do so here. Please note: If you visit our website with the Global Privacy Control signal enabled, we will treat this, depending on your location, as an automatic opt-out request for the device and browser you use to visit the website. If we can associate the device from which the signal is sent with a Shopify account, we will also apply the opt-out request to that account. For more information about Global Privacy Control, visit https://globalprivacycontrol.org/. Apart from Global Privacy Control, we do not recognize any other “Do Not Track” signals that may be sent by your web browser or device.
  • Managing communication preferences. We may send you promotional emails. You can opt out of receiving these emails at any time by using the unsubscribe option included in our emails to you. If you opt out, we may still send you non-promotional emails, such as those about your account or orders you have placed.

If your place of residence is in the United Kingdom or the European Economic Area, you may, subject to exceptions and limitations under local law, exercise the following rights in addition to the rights listed above:

  • Right to object and right to restrict processing. You may have the right to request that we stop or restrict the processing of personal data for certain purposes.
  • Withdrawal of consent. Where we rely on consent to process your personal data, you have the right to withdraw that consent. If you withdraw your consent, this will not affect the lawfulness of processing based on your consent before its withdrawal.

You can exercise these rights where indicated in the Services or by contacting us using the contact details below. For more information about how Shopify uses your personal data and what rights you have, including rights regarding data processed by Shopify, visit https://privacy.shopify.com/en.

You will not be disadvantaged for exercising these rights. Where permitted or required by applicable law, we may need to verify your identity before we can process your requests. In accordance with applicable laws, you may appoint an authorized agent to submit requests to exercise your rights on your behalf. Before we accept such a request from an agent, we require proof that you have authorized them to act on your behalf. This may require you to verify your identity directly with us. We will respond to your request promptly within the framework of applicable law.

Complaints

If you have complaints about how we process your personal data, please contact us using the contact details below. Depending on where you live, you may have the right to appeal our decision by contacting us using the contact details below or by submitting your complaint to the competent data protection authority. For the European Economic Area, there is a list of the competent data protection supervisory authorities. If you would like to access it, you can do so here.

International transfers

Please note that we may transfer, store, and process your personal data outside the country where you live.

When we transfer your personal data outside the European Economic Area or the United Kingdom, we rely on recognized transfer mechanisms such as the European Commission’s Standard Contractual Clauses or equivalent contracts issued by the relevant authority in the United Kingdom, unless the data transfer is to a country that has been determined to provide an adequate level of protection.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time, for example to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will post the revised Privacy Policy on this website, update the “Last updated” date accordingly, and provide any notice required under applicable law.

Contact

If you have any questions about our privacy practices or this Privacy Policy, or if you would like to exercise any of your rights, please contact us by phone at , by email at markhellbusch@web.de or by post at Langendellschlag 62, Wiesbaden, 65199, DE. For the purposes of applicable data protection laws, we are the data controller of your personal data.