Privacy Policy
This Privacy Policy explains how we process personal data when you use this website, contact us, or place an order. It is written to reflect the EU General Data Protection Regulation (GDPR) and related German law.
1. Scope and definitions
“Personal data” means any information relating to an identified or identifiable natural person. “Processing” includes collection, storage, use, and erasure.
Geographic scope and language
The controller is established in Germany. This website is operated mainly for adults in the European Economic Area and Switzerland who use English. Depending on where you are located, additional national data-protection rules may apply when we offer goods or services to you.
Food supplements, advertising, and sensitive topics
We sell food supplements such as Solvexa. We do not process personal data on this site for the purpose of inferring sensitive health data about you. Where we use analytics or marketing technologies with your consent, they support aggregated reporting, campaign measurement, and site improvement—not diagnosis or treatment decisions. Online advertising we run is intended to comply with platform policies for health-related products, including avoidance of prohibited disease claims.
2. Data we collect
| Category | Examples | Source |
|---|---|---|
| Identity and contact | Name, email, postal address, phone if provided | You, when you fill in forms or write to us |
| Order and payment metadata | Order reference, delivery details, payment status (processed by payment partners) | Your transaction and our service providers |
| Technical data | IP address, browser type, device identifiers, timestamps | Server logs and, if enabled, analytics cookies with consent |
| Communication content | Messages you send to our inboxes | You |
3. Purposes and lawful bases
We process data to respond to enquiries (Art. 6(1)(b) GDPR for pre-contract steps, or Art. 6(1)(f) for general questions), to perform contracts and deliver goods (Art. 6(1)(b)), to meet legal obligations such as tax and accounting records (Art. 6(1)(c)), and to secure our systems (Art. 6(1)(f)). Marketing or non-essential analytics rely on Art. 6(1)(a) consent where required.
4. Retention
We keep contact and order data for as long as needed to fulfil the purpose, typically up to statutory limitation and tax retention periods (often several years for invoices). Server logs are rotated on a short cycle unless security incidents require longer storage. Marketing consents are refreshed periodically.
5. Recipients and transfers
We use hosting, email, payment, and logistics providers that process data on our instructions. Where data leaves the European Economic Area, we apply appropriate safeguards such as Standard Contractual Clauses.
6. Security measures
We apply access controls, encryption in transit where supported, separation of environments, and vendor review. No method of transmission is fully risk-free; we mitigate known risks proportionately.
7. Your rights
Under the GDPR you may request access, rectification, erasure, restriction, portability, and object to processing based on legitimate interests. You may withdraw consent at any time without affecting prior lawful processing. You may lodge a complaint with a supervisory authority; in Bavaria, a lead authority is the Bavarian State Commissioner for Data Protection.
8. Automated decisions
We do not use solely automated decision-making that produces legal effects concerning you.
9. Children
This site is aimed at adults. We do not knowingly collect data from children without parental authority.
10. Contact
For privacy requests, write to info@thunmareiedrexel.world or contact@thunmareiedrexel.world using the identifiers published in the site footer, or post to Frauentorgraben 57, 90443 Nürnberg, Germany.