Privacy Policy

Status April 2026

 

Information Obligation Statement

The protection of your personal data is of particular concern to us. We therefore process your data exclusively on the basis of the applicable legal provisions, in particular the GDPR, the Austrian Data Protection Act (DSG), and the Telecommunications Act 2021 (TKG 2021). In this privacy policy, we inform you about the most important aspects of data processing in connection with our website.

You can visit our website without providing personal information. If you wish to place an order (see section 2) or subscribe to our newsletter (see section 4), the necessary personal data will be collected.

 

1) Contacting us
If you contact us using a form on the website or by email, the data you provide will be stored by us for six months for the purpose of processing your request and in case of follow-up questions. We will not share this data without your consent.

 

2) Data collected when shopping in the online store
For the purpose of contract processing for purchases in the shop, the following data is stored by us:

- Name
- Address
- Telephone number and email address (for contacting you in the event of questions and information related to the order)
- where applicable, VAT ID number and company name

 

The data you provide is required for contract fulfillment or for carrying out pre-contractual measures. Without this data, we cannot conclude the contract with you. No data will be transferred to third parties, except for the transfer of payment data to the processing banks / payment service providers (see section 5 Third Parties) for the purpose of debiting the purchase price, to the transport/shipping company commissioned by us for delivery of the goods, and to our tax advisor for the fulfillment of our tax obligations.

 

2.1) Storage period
If the purchasing process is canceled, the data stored by us will be deleted. In the event of a contract being concluded, all data from the contractual relationship will be stored until the expiry of the tax retention period (7 years).
The data name, address, purchased goods and purchase date will furthermore be stored until the expiry of product liability obligations (10 years). Data processing is carried out on the basis of the legal provisions of Section 96 para. 3 TKG as well as Art. 6 para. 1 lit. a (consent) and/or lit. b (necessary for contract fulfillment) of the GDPR.

 

2.2) User accounts
As a customer, you have the option to create a password-protected customer account. This includes an overview of completed orders and active order processes. Here you can also change your master data at any time. The password is stored in encrypted form and cannot be viewed by us. The operator accepts no liability for password misuse unless this was caused by the operator itself.

 

2.3) Use of cookies
We do not use third-party cookies or non-essential cookies on our website. When the website is used purely for informational purposes and for guest orders, we do not set any cookies. Only if you deliberately log in to your customer account or wish to use a customer account do we set exclusively technically necessary cookies required to provide the login function. These cookies are not used for analysis, marketing, or recognition across other websites. As only technically necessary cookies are used, no consent is required for this.

 

2.4) Data security and encryption
To ensure that all contractual data is transmitted securely, it is transmitted in encrypted form using SSL technology (128 bit), thereby enabling us to ensure the protection of confidential data. We protect our website and other systems through technical and organizational measures against loss, destruction, access, alteration, or distribution of your data by unauthorized persons. You can recognize the use of this secure data transmission by the small padlock symbol at the top left of the browser and by the use of the https scheme (instead of http) as part of our web address.

 

3) Web analytics
Currently, no third-party tools are used for web analytics.

 

3.1) Device data
When visiting our website for purely informational purposes, technically necessary connection data is processed by the web server, in particular IP address, date and time of access, requested resource, browser type, and operating system, insofar as this is necessary for delivering the website, system security, error analysis, and detecting misuse. This data is not combined with other data, no marketing profiling takes place, and your usage behavior is not tracked.

 

4) Newsletter
The following information explains the registration procedures, mailing, and statistical evaluation, as well as the content of our newsletter and your rights to object. By subscribing (and confirming your registration), you agree to receive our newsletter and to the respective procedures.

 

4.1) Content of the newsletter
The data you provide will be used to stay in contact with you and to send updates and marketing information to the email address you provided. This includes information about new additions to our range, information about reviews of our products, promotions, and invitations to topic-related events.

 

4.2) Confirmation of registration and documentation (double opt-in)
To prevent any unauthorized person from subscribing to the newsletter using your email address, you will receive an automatically generated email after registration in which you can confirm your subscription. In order to be able to prove your registration in a legally compliant manner, your IP address as well as the date and time of registration are stored (for more details, see "Tracking and Evaluation").

 

4.3) Data / optional information when registering
Only your email address is required to subscribe to the newsletter. Additional data is optional and is used to tailor the content sent, for example according to stated interests, and to personalize the newsletter if applicable.

All data collected during registration as well as during the sending and receipt of the newsletter is stored on Brevo servers in the EU. Stored data includes the IP address (for documenting the confirmation, see section Tracking and Evaluation), times of use, location data (to determine language and time zone), device information (desktop or mobile), as well as reading and usage behavior (for more details, see Tracking and Evaluation). This data is used by both Brevo and LARIMIS FlexCo to improve services and optimize content (e.g. personalization by adapting newsletter topics for different recipient groups, as well as technical optimization such as optimization for mobile users). However, Brevo does not directly send information to stored email addresses and does not transfer collected data to third parties.

 

4.4) Tracking and evaluation
When a newsletter is received, user information is determined and stored through tracking technologies. This includes information on whether a newsletter is opened, which device type and browser are used, where and at what time the newsletter is opened (determined based on the IP address), and which links are clicked. This information is used to adapt content according to reading behavior and to improve services (e.g. optimized display for mobile devices). However, if data is used for evaluations, this is done in the form of group evaluations (e.g. how many users in a mailing list opened a newsletter) and not in relation to individual users (which specific person opened the newsletter), as the aim is not to determine and evaluate the behavior of individual users.

Your IP address at the time of registration is stored as proof of your subscription. Beyond that, however, the IP address is not used for any further purposes.

 

4.5) Updating data and storage period
You have the option to update your data at any time (you will find a link to update your data at the end of every newsletter). The data is stored for as long as the newsletter subscription remains active.

 

4.6) Unsubscribing
You may unsubscribe from the newsletter at any time by email to LARIMIS FlexCo or via the unsubscribe link (at the end of each newsletter).

 

5) Disclosure to third parties
Data collected for purchases will not be passed on to third parties under any circumstances. Exceptions are service partners, such as transport companies, our contractual partners for financial services, or insurers. Any such transfer is carried out in accordance with applicable data protection regulations and is limited to the necessary minimum.

 

5.1) Shipping service providers:
Austrian Post AG
1030 Vienna, Rochusplatz 1


DPD Direct Parcel Distribution Austria GmbH
2333 Leopoldsdorf, Arbeitergasse 46

 

5.2) PayPal as a payment method
The controller has integrated PayPal components on this website. PayPal is an online payment service provider. Payments are processed via so-called PayPal accounts, which represent virtual private or business accounts. PayPal also offers the option of processing virtual payments via credit cards if a user does not have a PayPal account. A PayPal account is managed via an email address, which is why there is no traditional account number. PayPal makes it possible to initiate online payments to third parties or to receive payments. PayPal also assumes trustee functions and offers buyer protection services.

The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.

If the data subject selects “PayPal” as the payment option during the ordering process in our online shop, data of the data subject will be automatically transmitted to PayPal. By selecting this payment option, the data subject consents to the transfer of personal data required for payment processing.

The personal data transmitted to PayPal generally includes first name, last name, address, email address, IP address, telephone number, mobile phone number, or other data necessary for payment processing. Personal data related to the respective order is also required for processing the purchase contract.

The transfer of data serves the purpose of payment processing and fraud prevention. The controller will transmit personal data to PayPal particularly if there is a legitimate interest in the transfer. The personal data exchanged between PayPal and the controller may, under certain circumstances, be transmitted by PayPal to credit agencies. This transmission serves the purpose of identity and creditworthiness checks.

PayPal may pass on personal data to affiliated companies and service providers or subcontractors if this is necessary to fulfill contractual obligations or if the data is to be processed on behalf of PayPal.

The data subject has the option to revoke consent regarding the handling of personal data at any time vis-à-vis PayPal. A revocation shall not affect personal data that must necessarily be processed, used, or transmitted for (contractual) payment processing.

The applicable privacy policy of PayPal can be accessed at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

 

6) Changes to the privacy policy
We reserve the right to amend or supplement the privacy policy without prior notice in the event of security-related developments or procedural changes (provided the use of the data does not change). To view the current status, you may consult this page regularly if needed.

 

7) Your rights
With regard to your data stored by us, you generally have the rights to access, rectification, erasure, restriction, data portability, withdrawal of consent, and objection. If you believe that the processing of your data violates data protection law or that your data protection rights have otherwise been infringed in any way, you may lodge a complaint with us or with the data protection authority.

Privacy Policy

Status April 2026

 

Information Obligation Statement

The protection of your personal data is of particular concern to us. We therefore process your data exclusively on the basis of the applicable legal provisions, in particular the GDPR, the Austrian Data Protection Act (DSG), and the Telecommunications Act 2021 (TKG 2021). In this privacy policy, we inform you about the most important aspects of data processing in connection with our website.

You can visit our website without providing personal information. If you wish to place an order (see section 2) or subscribe to our newsletter (see section 4), the necessary personal data will be collected.

 

1) Contacting us
If you contact us using a form on the website or by email, the data you provide will be stored by us for six months for the purpose of processing your request and in case of follow-up questions. We will not share this data without your consent.

 

2) Data collected when shopping in the online store
For the purpose of contract processing for purchases in the shop, the following data is stored by us:

- Name
- Address
- Telephone number and email address (for contacting you in the event of questions and information related to the order)
- where applicable, VAT ID number and company name

 

The data you provide is required for contract fulfillment or for carrying out pre-contractual measures. Without this data, we cannot conclude the contract with you. No data will be transferred to third parties, except for the transfer of payment data to the processing banks / payment service providers (see section 5 Third Parties) for the purpose of debiting the purchase price, to the transport/shipping company commissioned by us for delivery of the goods, and to our tax advisor for the fulfillment of our tax obligations.

 

2.1) Storage period
If the purchasing process is canceled, the data stored by us will be deleted. In the event of a contract being concluded, all data from the contractual relationship will be stored until the expiry of the tax retention period (7 years).
The data name, address, purchased goods and purchase date will furthermore be stored until the expiry of product liability obligations (10 years). Data processing is carried out on the basis of the legal provisions of Section 96 para. 3 TKG as well as Art. 6 para. 1 lit. a (consent) and/or lit. b (necessary for contract fulfillment) of the GDPR.

 

2.2) User accounts
As a customer, you have the option to create a password-protected customer account. This includes an overview of completed orders and active order processes. Here you can also change your master data at any time. The password is stored in encrypted form and cannot be viewed by us. The operator accepts no liability for password misuse unless this was caused by the operator itself.

 

2.3) Use of cookies
We do not use third-party cookies or non-essential cookies on our website. When the website is used purely for informational purposes and for guest orders, we do not set any cookies. Only if you deliberately log in to your customer account or wish to use a customer account do we set exclusively technically necessary cookies required to provide the login function. These cookies are not used for analysis, marketing, or recognition across other websites. As only technically necessary cookies are used, no consent is required for this.

 

2.4) Data security and encryption
To ensure that all contractual data is transmitted securely, it is transmitted in encrypted form using SSL technology (128 bit), thereby enabling us to ensure the protection of confidential data. We protect our website and other systems through technical and organizational measures against loss, destruction, access, alteration, or distribution of your data by unauthorized persons. You can recognize the use of this secure data transmission by the small padlock symbol at the top left of the browser and by the use of the https scheme (instead of http) as part of our web address.

 

3) Web analytics
Currently, no third-party tools are used for web analytics.

 

3.1) Device data
When visiting our website for purely informational purposes, technically necessary connection data is processed by the web server, in particular IP address, date and time of access, requested resource, browser type, and operating system, insofar as this is necessary for delivering the website, system security, error analysis, and detecting misuse. This data is not combined with other data, no marketing profiling takes place, and your usage behavior is not tracked.

 

4) Newsletter
The following information explains the registration procedures, mailing, and statistical evaluation, as well as the content of our newsletter and your rights to object. By subscribing (and confirming your registration), you agree to receive our newsletter and to the respective procedures.

 

4.1) Content of the newsletter
The data you provide will be used to stay in contact with you and to send updates and marketing information to the email address you provided. This includes information about new additions to our range, information about reviews of our products, promotions, and invitations to topic-related events.

 

4.2) Confirmation of registration and documentation (double opt-in)
To prevent any unauthorized person from subscribing to the newsletter using your email address, you will receive an automatically generated email after registration in which you can confirm your subscription. In order to be able to prove your registration in a legally compliant manner, your IP address as well as the date and time of registration are stored (for more details, see "Tracking and Evaluation").

 

4.3) Data / optional information when registering
Only your email address is required to subscribe to the newsletter. Additional data is optional and is used to tailor the content sent, for example according to stated interests, and to personalize the newsletter if applicable.

All data collected during registration as well as during the sending and receipt of the newsletter is stored on Brevo servers in the EU. Stored data includes the IP address (for documenting the confirmation, see section Tracking and Evaluation), times of use, location data (to determine language and time zone), device information (desktop or mobile), as well as reading and usage behavior (for more details, see Tracking and Evaluation). This data is used by both Brevo and LARIMIS FlexCo to improve services and optimize content (e.g. personalization by adapting newsletter topics for different recipient groups, as well as technical optimization such as optimization for mobile users). However, Brevo does not directly send information to stored email addresses and does not transfer collected data to third parties.

 

4.4) Tracking and evaluation
When a newsletter is received, user information is determined and stored through tracking technologies. This includes information on whether a newsletter is opened, which device type and browser are used, where and at what time the newsletter is opened (determined based on the IP address), and which links are clicked. This information is used to adapt content according to reading behavior and to improve services (e.g. optimized display for mobile devices). However, if data is used for evaluations, this is done in the form of group evaluations (e.g. how many users in a mailing list opened a newsletter) and not in relation to individual users (which specific person opened the newsletter), as the aim is not to determine and evaluate the behavior of individual users.

Your IP address at the time of registration is stored as proof of your subscription. Beyond that, however, the IP address is not used for any further purposes.

 

4.5) Updating data and storage period
You have the option to update your data at any time (you will find a link to update your data at the end of every newsletter). The data is stored for as long as the newsletter subscription remains active.

 

4.6) Unsubscribing
You may unsubscribe from the newsletter at any time by email to LARIMIS FlexCo or via the unsubscribe link (at the end of each newsletter).

 

5) Disclosure to third parties
Data collected for purchases will not be passed on to third parties under any circumstances. Exceptions are service partners, such as transport companies, our contractual partners for financial services, or insurers. Any such transfer is carried out in accordance with applicable data protection regulations and is limited to the necessary minimum.

 

5.1) Shipping service providers:
Austrian Post AG
1030 Vienna, Rochusplatz 1


DPD Direct Parcel Distribution Austria GmbH
2333 Leopoldsdorf, Arbeitergasse 46

 

5.2) PayPal as a payment method
The controller has integrated PayPal components on this website. PayPal is an online payment service provider. Payments are processed via so-called PayPal accounts, which represent virtual private or business accounts. PayPal also offers the option of processing virtual payments via credit cards if a user does not have a PayPal account. A PayPal account is managed via an email address, which is why there is no traditional account number. PayPal makes it possible to initiate online payments to third parties or to receive payments. PayPal also assumes trustee functions and offers buyer protection services.

The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.

If the data subject selects “PayPal” as the payment option during the ordering process in our online shop, data of the data subject will be automatically transmitted to PayPal. By selecting this payment option, the data subject consents to the transfer of personal data required for payment processing.

The personal data transmitted to PayPal generally includes first name, last name, address, email address, IP address, telephone number, mobile phone number, or other data necessary for payment processing. Personal data related to the respective order is also required for processing the purchase contract.

The transfer of data serves the purpose of payment processing and fraud prevention. The controller will transmit personal data to PayPal particularly if there is a legitimate interest in the transfer. The personal data exchanged between PayPal and the controller may, under certain circumstances, be transmitted by PayPal to credit agencies. This transmission serves the purpose of identity and creditworthiness checks.

PayPal may pass on personal data to affiliated companies and service providers or subcontractors if this is necessary to fulfill contractual obligations or if the data is to be processed on behalf of PayPal.

The data subject has the option to revoke consent regarding the handling of personal data at any time vis-à-vis PayPal. A revocation shall not affect personal data that must necessarily be processed, used, or transmitted for (contractual) payment processing.

The applicable privacy policy of PayPal can be accessed at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

 

6) Changes to the privacy policy
We reserve the right to amend or supplement the privacy policy without prior notice in the event of security-related developments or procedural changes (provided the use of the data does not change). To view the current status, you may consult this page regularly if needed.

 

7) Your rights
With regard to your data stored by us, you generally have the rights to access, rectification, erasure, restriction, data portability, withdrawal of consent, and objection. If you believe that the processing of your data violates data protection law or that your data protection rights have otherwise been infringed in any way, you may lodge a complaint with us or with the data protection authority.

Enjoyment without tracking: We avoid unnecessary cookies. Your privacy matters to us as much as a fine vintage.