DE | EN | FR
Anniversary
Women
Men
Baby & Child
Home
Beauty Store
Sale
Sustainability
About Us
772
DE | EN | FR
Anniversary
Women
Men
Baby & Child
Home
Beauty Store
Sale
Sustainability
About Us
  • Sign up
  • Login

    • Privacy Policy

    Last modified: 04.09.2025

    It is very important to us to handle the personal data you provide responsibly, which is why we take all necessary measures to protect it. Of course, the applicable national and European data protection regulations are observed. Below you will find all information about the purpose and legal basis for processing this data, to whom the data is disclosed, how long it is stored, and what rights you have.

    1. Who is responsible for data processing and whom can you contact?

    The party responsible for your personal data is Living Crafts GmbH, Schlesier Straße 11, 95152 Selbitz.
    Email: service@livingcrafts.de
    Phone: +49 (0)9280 98108-0
    You can reach our data protection officer at datenschutz@livingcrafts.de or Data Protection Officer c/o Living Crafts GmbH, Schlesier Straße 11, 95152 Selbitz.

    2. When do we collect data?

    We process data when you place an order in our online shop, visit this website, or contact us. This may include data that we require for processing your customer account and/or order, your visit to the website, or your contact request, as well as data that is provided voluntarily. Details can be found under section 3.

    3. For what purposes is data processed and on what legal basis? 3.1. Customer account, guest order

    You have the option to register as a customer with a customer account on our homepage. For this, the user must go through a registration process to later access the shopping cart via login, manage user data, payment settings, etc., place and view orders.

    Data categories:

    • Salutation
    • Name
    • Street and house number
    • Postal code
    • City
    • Country
    • Email address
    • Voluntary information: Date of birth
    • Voluntary information: Phone
    • Voluntary information: Fax
    • Voluntary information: How did you hear about Living Crafts

    Password assignment during registration:
    It is mandatory to comply with the password policy: 1 lowercase letter, 1 uppercase letter, 1 number, 1 special character [#$^+=!*()@%&-.], and at least 8 characters in total.

    All information provided during registration is stored in the personal account and can be updated at any time.
    Your data will be forwarded to dennree GmbH. dennree GmbH is responsible for storing the customer account and monitoring payments. For this purpose, the above-mentioned data and payment details are transmitted to them when you place an order.
    To ensure data protection-compliant processing, we have concluded a data processing agreement with our service provider.
    Data processing is carried out to provide your customer account, access to your customer profile, and for order and payment processing.
    The legal basis for this processing is Art. 6(1)(b) GDPR and your declaration of consent pursuant to Art. 6(1)(a) in conjunction with Art. 7 GDPR.
    If you wish to place an order without creating a customer account, the above-mentioned data will also be collected. However, it will only be processed for order and payment processing.

    3.2. Advertising

    3.2.1. Personalized offers, surveys

    If you consent, we use your customer account data to send you interesting, individually tailored offers and information by email and/or print advertising. Your data is also used for personalized advertising on social media (Facebook, Instagram, or Twitter) while you visit these sites. For this purpose, your email address, phone number, or electronic usage data is transmitted to the operator of the social network, provided Living Crafts is active on this channel (Facebook, Instagram), so that they can identify you and display personalized advertising.

    You may also be invited to participate in surveys from time to time.

    The legal basis for processing the data is your consent according to Art. 6(1)(a) GDPR. The collected data is used to prepare marketing measures by recognizing typical patterns of purchasing and usage behavior and for internal statistical purposes (target group marketing).

    3.2.2. Newsletter

    Our website offers the option to subscribe to a free newsletter. When registering for the newsletter, the data entered in the input form is transmitted to us. The email address is required, while salutation, title, first name, last name, and date of birth are optional. The user's email address is stored as long as the newsletter subscription is active. Other personal data collected during the registration process is usually deleted after 90 days.

    The legal basis for processing the data after newsletter registration by the user is consent according to Art. 6(1)(a) GDPR.

    3.3. Competitions

    From time to time, we offer you the opportunity to participate in competitions, including via social media. The personal information you provide to us as part of such an activity will be used exclusively for processing the activity (e.g., for determining the winner, notifying the winner, and sending the prize). On social media, we inform our customers via a corresponding post or story. All users can then state why they want to win the prize, without the specific answer affecting the draw. After the draw, we announce the winners under the respective post, asking them to contact us via private message.

    If you participate in a competition offered by us, we process your data as far as necessary for the execution of the competition. If necessary, we will obtain separate consent from you for further processing of your data as part of the competition. To participate, you must be at least sixteen years old. The legal basis for this processing is Art. 6(1)(a) or Art. 6(1)(b) GDPR.

    The data collected for participation will be deleted after the competition ends, unless you have consented to further processing.

    3.4. Contact

    Our website contains various contact forms that can be used for electronic contact. Mandatory fields are marked with an asterisk, other information is voluntary. If a user uses this option, the data entered in the input form is transmitted to us and stored. Your consent is obtained for processing the data during the submission process, and reference is made to this privacy policy.

    Alternatively, you can contact us via the provided email address. In this case, the personal data transmitted with the email will be stored.

    The data will not be passed on to third parties in this context. The data is used exclusively for processing the conversation. If you contact us by phone, your name and phone number, possibly your address, and the reason for your call will be stored.

    The processing of personal data from the input form is used to process the contact and handle the request. In the case of contact by email or phone, this also constitutes the necessary legitimate interest in processing the data.

    Other personal data processed during the submission process is used to prevent misuse of the contact form and to ensure the security of our IT systems. We store your data relating to a request until the process is completed, but no longer than 6 years.

    The legal basis for processing the data is Art. 6(1)(a) GDPR. The legal basis for processing data transmitted by email is Art. 6(1)(f) GDPR.

    3.5. Application

    Through our online career portal, you have the opportunity to find out about open positions at Living Crafts and within the dennree Group and to apply online. For this, you must provide the following mandatory information: salutation, first name, last name, street and house number, postal code, city, and country, as well as your phone number as a voluntary detail. We also require information on how you heard about us, your earliest possible starting date, and an upload of your CV. You can also voluntarily indicate which company division you are interested in, the period of your employment, and your salary expectations. In addition, you can voluntarily upload a cover letter, your photo, and other documents.

    If you apply by post or email, the following principles apply accordingly.
    Your data will be processed by the HR department of the dennree Group for application processing. Based on the data you provide, we make a pre-selection for the position.
    If you use our online career portal, your data will be transmitted encrypted to our processor heroes GmbH and then made available to the HR department of the dennree Group.
    If we cannot consider you for the position, you will be informed by email. The data will then be deleted within 6 months after the application process is completed, unless you have agreed to be included in our applicant pool.
    If you apply via the contact form for unsolicited applications for an independent organic market, your application will be forwarded directly to the owner of this organic market and processed there.
    The legal basis for processing the data is Art. 6(1)(b) GDPR.
    The applicant can withdraw their consent to the processing of personal data at any time. In this case, the application process will be terminated and the data deleted. You can also make changes to your profile in the applicant management system and delete your data under "Delete account". After deleting your account, your data will be anonymized and used for statistical purposes. Please note that changes to your profile affect all your applications.

    3.6. Cookies

    Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user's computer system. When a user accesses a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string that enables the browser to be uniquely identified when the website is accessed again. A list of the cookies used can be found in the cookie policy in the privacy settings.

    Different types of cookies are used: necessary, analytics, and marketing cookies.

    • Necessary cookies: are used to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change. The following data is stored and transmitted in the cookies: language settings, items in a shopping cart or shopping list, login information. The user can also set the market in the market search by location. The page then opens with the entered market. The legal basis is Art. 6(1)(b) and (f) GDPR in conjunction with § 25(2) No. 2 TTDSG.
    • Analytics cookies: are used to analyze user surfing behavior and to evaluate surfing behavior in order to continuously improve the website. The legal basis for processing is Art. 6(1)(a) GDPR in conjunction with § 25(1) TTDSG. Data processing only takes place if explicit consent has been given in the cookie banner or cookie settings.
    • Marketing cookies: are used to analyze user surfing behavior and to display individual content. Various data provided or collected from you is combined to prepare or carry out marketing measures and to display personalized advertising. The legal basis is Art. 6(1)(a) GDPR in conjunction with § 25(1) TTDSG. Data processing only takes place if explicit consent has been given in the cookie banner or cookie settings.
    3.7. Social Media

    On our website you will find buttons that allow interaction with various so-called social media networks. You can activate these social plugins ("plugins"), and activation means that, in particular, the address of the website where the activated plugin is located, the date and time of accessing the website, information about the browser and operating system used, and your current IP address are transmitted to the respective social media provider. If you are already logged in to the respective networks at the time of activating the plugin, the plugin can also determine your username and, if applicable, your real name from the above data. With these buttons, it is possible to share a post or page of this offer on the social network, follow the provider on the social network, and go directly to posts on the social networks.

    Our online offering uses plugins from the social networks Facebook, Instagram, Xing, and LinkedIn. The plugins are recognizable by their respective logos. These are social media services in the USA and other countries outside the European Union. Your personal data will therefore also be processed outside the European Union when using the plugin. We point out that companies in these countries are subject to data protection laws that do not always correspond to the standard of European data protection laws.

    We have no influence on the scope, type, and purpose of data processing by the respective social media service provider. Information on how you can manage your content and information on social networks can be found at:

    3.8. Use of tracking technologies and transmission to advertising networks

    We use various services on our website for web analysis, reach measurement, and success control of advertising campaigns. These include:

    • Google services (Google Ads)
    • Microsoft Bing Ads
    • Meta Ads (Facebook / Instagram)
    • LinkedIn Ads
    • Awin (Affiliate Tracking)
    • Matomo

    Server-side fingerprinting
    To recognize users and for cross-device analysis, we use a server-side fingerprinting procedure. Technical characteristics of your device (browser type, operating system, screen resolution, language settings) are processed in a pseudonymized manner to create a unique user profile.

    This pseudonymized profile is transmitted via interfaces (APIs) to the above-mentioned advertising networks, e.g., for:

    • Measuring campaign success (conversions)
    • Creating target groups (e.g., "custom audiences", retargeting)
    • Optimizing ad delivery

    Processing is not anonymous, but pseudonymized – i.e., without direct personal reference, but with technical recognizability. Assignment to a natural person does not take place without additional information.
    The legal basis for processing is your explicit consent in accordance with Art. 6(1)(a) GDPR in conjunction with § 25(1) TTDSG. Without your consent, no processing or transmission takes place.

    4. Who has access to the data or to whom is it transmitted?

    The data is processed within the dennree Group and is only made available to those persons who need it to perform these tasks. In addition, various service providers have access to the collected data when we use them for fulfillment. They only receive data to the extent necessary for the performance of their services. These are service providers in the following categories:

    • Hosting service providers for operating the website
    • Development service providers for developing and operating the website
    • IT service providers for operating the online shop
    • Postal and logistics service providers for shipping online orders
    • Payment service providers for processing online orders
    • Credit agencies for conducting credit checks
    • Collection agencies and law firms for asserting claims
    • Service providers for handling returns and warranty claims
    • Service providers for storing and managing customer data
    • Email marketing service providers for sending newsletters
    • Printing service providers for creating and sending customer cards
    • Advertising network operators for embedding advertising campaigns and displaying online advertising
    • Service providers for integrating and measuring the success of online advertising
    • Analytics service providers for evaluating data and analyzing website usage
    • Service providers for carrying out retargeting measures
    • Market research companies for conducting market research studies
    • Operators of social media platforms when interacting with plugins or when consenting to marketing measures

    Service providers used by us only have access to your data as long and as far as necessary for the performance of the respective service. If necessary, we have concluded a data processing agreement with the respective service provider, which explicitly regulates data processing and data security.

    5. How long is your data stored?

    Your data is stored as long as it is required for order fulfillment or as long as it must be stored for commercial or tax reasons (maximum 8 years). Data collected and processed based on your consent for marketing purposes will be deleted after 4 years.

    6. What rights do you have?

    6.1. Right of access

    You have the right, in accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about its details. Please contact info@biomarkt.de directly if you wish to exercise your right of access.

    6.2. Rectification, erasure, restriction of processing, and data portability

    Furthermore, if the legal requirements are met, you have the right:

    • in accordance with Art. 16 GDPR, to demand the immediate correction of incorrect or completion of your personal data stored by us;
    • in accordance with Art. 17 GDPR, to demand the deletion of your personal data stored by us, unless processing is necessary for exercising the right to freedom of expression and information, for fulfilling a legal obligation, for reasons of public interest, or for asserting, exercising, or defending legal claims;
    • in accordance with Art. 18 GDPR, to demand the restriction of processing of your personal data if you contest the accuracy of the data, the processing is unlawful but you oppose its erasure and we no longer need the data, but you require it for the establishment, exercise, or defense of legal claims, or you have objected to processing in accordance with Art. 21 GDPR;
    • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request the transfer to another controller.
    6.3. Right to object

    If your personal data is processed on the basis of legitimate interests pursuant to Art. 6(1)(f) GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided there are reasons arising from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation.
    If you wish to exercise your right of withdrawal or objection, simply send an email to info@livingcrafts.de.

    6.4. Withdrawal of consent

    You have the right to withdraw your data protection consent declaration at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

    6.5. Supervisory authority

    Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace, or the place of the alleged infringement, if you believe that the processing of your personal data violates the GDPR. The supervisory authority to which the complaint was submitted will inform the complainant about the status and outcome of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR. The address of the supervisory authority responsible for our company is: Bayerisches Landesamt für Datenschutzaufsicht, Postfach 1349, 91504 Ansbach, Email: poststelle@lda.bayern.de.

    772