Privacy Policy

      

 

1. Introduction

Welcome to BAAKD (referred to hereafter as 'BAAKD' or 'we') At BAAKD, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy is designed to explain how we collect, use, share, and protect your information.

To maintain transparency and provide a clear explanation of how we handle your personal data, we would like to acquaint you with the specific legal terms that may be employed in this privacy policy for BAAKD, please see below:

• Personal Information: Any information that can be used to identify an individual, including but not limited to name, email address, phone number, and mailing address.

• Data Controller: The entity or person responsible for determining the purposes and means of processing personal data.

• Data Processor: A party that processes personal data on behalf of the data controller.

• Processing: Any operation performed on personal data, such as collection, recording, organisation, storage, adaptation, or disclosure.

• Consent: Voluntary and informed agreement given by an individual for the processing of their personal data for a specific purpose.

• Cookies: Small text files stored on a user's device, often used for tracking and storing information about the user's online behaviour.

• IP Address: A unique numerical label assigned to a device connected to a computer network, used for identifying the device and its location.

• Data Subject: The individual whose personal data is being processed.

• Third-Party: An entity or organisation that is not the data subject or the data controller, and may process personal data independently.

• Profiling: The automated processing of personal data to evaluate, analyse, or predict an individual's behaviour, preferences, or characteristics.

• Data Breach: Unauthorised access, disclosure, or loss of personal data that compromises its security or confidentiality.

• Encryption: The process of converting data into a code to prevent unauthorised access.

• Data Minimisation: The principle of collecting and processing only the minimum amount of personal data necessary for a specific purpose.

• Data Portability: The right of a data subject to obtain their personal data in a structured, commonly used, machine-readable format and to transfer it to another data controller.

• Right to be Forgotten: The right of a data subject to have their personal data erased and no longer processed, also known as the right to erasure.

• Profiling: The automated processing of personal data to evaluate, analyse, or predict an individual's behaviour, preferences, or characteristics.

• Privacy Policy: A document outlining how an organisation collects, processes, and protects personal data, and the rights and choices available to data subjects.

• Data Protection Officer (DPO): An individual designated by an organisation to oversee data protection compliance and serve as a point of contact for data subjects.

• Data Subject Access Request (DSAR): A request made by a data subject to access their personal data held by an organisation.

• Processing Consent: An individual's explicit and informed agreement to the processing of their personal data for specific purposes.

• Sensitive Personal Data: Special categories of personal data that may require additional protection, such as health information, racial or ethnic origin, religious beliefs, and biometric data.

• Data Retention: The period during which personal data is stored by an organisation, often subject to legal requirements.

• Cross-Border Data Transfer: The transfer of personal data from one jurisdiction to another, which may have different data protection regulations.

• Anonymization: The process of removing or altering data to make it impossible to identify an individual.

• Data Security: Measures and protocols in place to protect personal data from unauthorised access, disclosure, alteration, or destruction.

• Data Processing Register: A record or document detailing all data processing activities conducted by an organisation.

• Consent Withdrawal: The right of a data subject to revoke their consent for the processing of their personal data.

• International Data Transfers: The transfer of personal data between countries or regions that may require specific safeguards to protect data subjects' rights.

• Privacy by Design: The principle of integrating data protection measures into the development of products, services, and processes from the outset.
• Data Protection Impact Assessment (DPIA): An evaluation of the potential impact of data processing activities on data subjects' rights and freedoms.
  
  Please note that this list provides general definitions, and the specific definitions and requirements in a privacy policy may vary depending on the applicable laws and regulations in your jurisdiction.
  
  

2. Information We Collect

We collect various types of information to enhance your shopping experience and to improve our services. This information may include:

2.1. Personal Information

• Name
• Contact information (email address, phone number, shipping address)
• Billing information (credit card details)
• Account credentials (username and password)
  
  

2.2. Usage Information

• IP address
• Device information (e.g., browser, operating system)
• Website usage data (e.g., pages visited, time spent on the site)
  
  

2.3. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to personalize your experience, improve our services, and for analytics. By using our website, you consent to the use of cookies and tracking technologies.

2.4. Third-Party Services

We use the following third-party services for various purposes. Please review their privacy policies for more information:

• Google Analytics:
• Purpose: Analysing website traffic and user behavior.
• Privacy Policy: https://policies.google.com/technologies/partner-sites
• Contact Information: Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; 'Google').
  
  

• Facebook Pixel:
• Purpose: Measuring the effectiveness of our Facebook ads and tracking user interactions on our website.
• Privacy Policy: https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0
• Contact Information: Meta Platforms Ireland Limited, 4 Grand Canal Quare, Dublin 2, Ireland ('Facebook').
  
  

• Twitter:
• Purpose: Marketing and customer engagement.
• Privacy Policy: https://twitter.com/en/privacy
• Contact Information: Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA.
  
  

• Pinterest:
• Purpose: Marketing and promotional activities.
• Privacy Policy: https://policy.pinterest.com/de/privacy-policy
• Contact Information: Pinterest, Inc., 808 Brannan St, San Francisco, CA 94103, USA.
  
  

• Trustpilot:
• Purpose: Collecting and displaying customer reviews.
• Privacy Policy: https://uk.legal.trustpilot.com/for-reviewers/end-user-privacy-terms
• Contact Information: Trustpilot A/S, Pilestræde 58, 1112 Copenhagen K, Denmark.
  
  

3. Server Log Files and Hosting by Shopify

(3.1) Server Log Files

When you visit our website, we collect server log files hosted by Shopify Inc. This information is necessary for the technical provision of the website and includes the following:

• IP address
• Date and time of your inquiry
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request (actual page)
• Access status/HTTP status code
• Transmitted data volume
• Website from which the request is received
• Browser
• Operating system and its interface
• Language and version of the browser software
  
  

The storage of this access data is necessary to provide a functional website and ensure system security. This data is used for needs-based design and optimization of our website, purely statistically, without any conclusions about your person. The data is not merged with data from other sources and is not used for marketing purposes.

The access data collected as part of the use of our website is only kept for the period required to achieve the above purposes.

(3.2) Hosting by Shopify

Our shop is hosted by Shopify Inc. Shopify offers us an e-commerce platform that allows us to sell our goods and services to you. Your data are administered via data storage, a database and generally the Shopify app. Shopify stores your data on a secure server behind a firewall. If you pay by credit card, Shopify stores your credit card data. These are encrypted using the Payment Card Industry Data Security Standard (PCI-DSS). The data of your purchase will be stored only as necessary for the duration of your purchase. As soon as it is completed, your purchase data are erased. All direct payment portals are subject to the PCI-DSS standard and are administered by PCI Security Standards Council, a joint initiative by Visa, MasterCard, American Express and Discover. PCI-DSS conditions help to ensure secure payment transactions using your credit card information in our shop and with service providers. More detailed information can be found in the terms of use here or privacy policies detailed here.

(3.3) Google Analytics

In addition to the information mentioned above, we also employ Google Analytics to enhance your experience on our website. Google Analytics collects data regarding your interaction with our site, including the pages you visit, the time you spend on each page, and the links you click. This data assists us in understanding how users engage with our website, allowing us to improve its content and functionality.

Google Analytics utilizes cookies to gather information on your behavior on our website, including your IP address. This information is then transmitted to Google's servers and stored in accordance with Google's privacy policy. We use Google Analytics with the anonymization function, which masks your IP address before it is transmitted to Google. This means that, while we receive usage data, your identity remains anonymous.

You can opt out of Google Analytics by using the Google Analytics Opt-Out Browser Add-on, which is available at here You can also configure your browser to block or delete cookies, which may affect the functionality of our website. Please refer to our Cookie Policy for further details on how we use cookies and how you can manage your cookie preferences.

4. Data Security

Please be aware that no method of online data transmission or storage is entirely secure. We continuously monitor and enhance all security measures to protect your data.

5. Sharing Your Information

We may share your information with trusted third-party service providers to help us deliver our services, process payments, and enhance your experience. We do not sell your personal information to third parties.

6. Your Rights and Choices

You have the following rights regarding your personal information:

(6.1) Access and Update: You have the right to access and update your data through your account settings. We encourage you to keep your information up to date to ensure its accuracy.

(6.2) Information Request: You can request information about the data we have about you, and we will provide you with details regarding its processing.

(6.3) Data Deletion: You can request the deletion of your data, subject to legal obligations that may require us to retain certain information. Upon such requests, we will erase your data promptly.

(6.4) Marketing Communications: If you no longer wish to receive promotional emails and marketing communications from BAAKD, you can opt out at any time by following the instructions provided in our emails or contacting us using the information in the "Contact Us" section.

(6.5) Right to Object: Under Article 21 of the GDPR, you have the right to object to the processing of your personal data if it is based on legitimate interests or for direct marketing purposes. We will cease processing your data unless we can demonstrate compelling legitimate grounds for such processing that override your interests, rights, and freedoms.

You can exercise these rights by contacting us using the contact options specified in the "Contact Us" section of this policy.

7. Changes to this Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or for legal, regulatory, or operational reasons. We will notify you of any significant changes via email or by posting a prominent notice on our website.

8. Making payments on our online store BAAKD.

Below is a list of our payment providers, it is possible that some of them may or may not be utilised during the course of BAAKD LTD.

PayPal

If you choose to pay for your purchase through PayPal, your personal information will be shared with PayPal. If you don't have a PayPal account, you will be prompted to create one during the payment process. When setting up or using a PayPal account, you will be required to provide details like your name, address, phone number, and email address. The legal basis for data transmission is in accordance with Art. 6 (1) (a) GDPR and Art. 6 (1) (b) GDPR.

The operator of the PayPal payment service is:

PayPal (Europe) S.à r.l. et Cie, S.C.A. 22-24 Boulevard Royal L-2449 Luxembourg Email: impressum@paypal.com

By selecting the PayPal payment option, you agree to share your personal information, including your name, address, phone number, and email address with PayPal. PayPal's privacy policy will outline the additional data collected, which can be found at: PayPal Privacy Policy

Klarna

When opting for payment via Klarna, your personal data will be provided to Klarna Bank AB, the operator of the Klarna payment service. The legal basis for sharing this data is Art. 6 (1) (a) GDPR and Art. 6 (1) (b) GDPR.

Klarna AB's contact details are as follows:

Klarna Bank AB (publ) Sveavägen 46 111 34 Stockholm Sweden Phone: 0046 8-120 120 00 Fax: 0046 8-120 120 99 Contact: info@klarna.de

Klarna collects various data during the payment process, including personal information such as name, date of birth, contact details, and information related to the ordered products and services. Klarna may also conduct identity and creditworthiness checks based on explicit consent granted by you, in compliance with Art. 6 para. 1 clause 1 point (a) GDPR. You have the right to withdraw your consent as per Art. 7 (3) GDPR. Detailed information on Klarna's privacy policy can be found here: Klarna Privacy Policy

Afterpay

If you choose one of our Afterpay payment methods, it is provided by Arvato Payment Solutions GmbH, operating as Afterpay. As the data controller under the GDPR, they are responsible for the storage and processing of your personal information collected in the context of their services.

Arvato Payment Solutions GmbH's contact details are as follows:

Arvato Payment Solutions GmbH Gütersloher Str. 123 33415 Verl Contact: APS@arvato.com

When you place an order on our website and use Afterpay payment methods, or contact us during the payment process, Afterpay collects information about the ordered goods, financial information, historical order data, interactions with you and the customer service, as well as other details. Afterpay may also perform identity and creditworthiness checks based on explicit consent granted by you, in accordance with Art. 6 para. 1 clause 1 point (a) GDPR. You can withdraw your consent under Art. 7 (3) GDPR. More information on Afterpay's privacy policy can be found here: Afterpay Privacy Policy


Clearpay

If you utilize Clearpay for payment processing, your personal data is processed by Clearpay Finance Limited. Clearpay collects contact information, payment details, and other personal information, including identity and creditworthiness checks. This processing is based on explicit consent in line with Art. 6 para. 1 clause 1 point (a) GDPR, and you can withdraw your consent as per Art. 7 (3) GDPR.

Clearpay's contact information is as follows:

Clearpay Finance Limited 22 Long Acre London, UK WC2E 9LY

Detailed information about Clearpay's privacy policy can be found here: Clearpay Privacy Policy


Stripe

Payment via Stripe and its associated methods is offered on our website. Stripe Payments Europe Ltd is the provider of this service. When you select payment via Stripe, the payment data you provide is shared with Stripe, based on Art. 6 (1) (a) GDPR (consent) and Art. 6 (1) (b) GDPR (processing for contract performance). You can withdraw your consent at any time, and it won't affect previous data processing. The data is used solely for payment execution through secure 'SSL' procedures. Stripe may also conduct identity and creditworthiness checks with your explicit consent under Art. 6 para. 1 clause 1 point (a) GDPR. You can withdraw this consent under Art. 7 (3) GDPR.

Stripe's contact information is as follows:

Stripe Payments Europe Ltd The One Building Lower Grand Canal St Dublin 2 Ireland Contact: support@stripe.com

For further details on Stripe's privacy policy, please refer to: Stripe Privacy Policy


Data Retention

In compliance with commercial and fiscal regulations, we are obligated to retain your address, payment, and order data for ten years. However, after two years, we limit processing to meet legal obligations (Art. 6 (1) (c) GDPR). Your data is only used to comply with these legal obligations.

8. Contact Us

If you have any questions or concerns about this Privacy Policy, our data practices, or want to exercise your rights, please contact us at:

BAAKD Customer Support located via our website. 

Effective Date: 01/01/2024