Privacy Notice

§1 Controller

Hazard Label GmbH
Herrenhagen 9
21436 Marschacht
Email: info@hazardlabel.de
Represented by: Nadine Ohl (Managing Director)

§2 Collection and Storage of Personal Data and Type and Purpose of Their Use

a) When visiting our website

When you access our website, information is automatically transmitted by the browser used on your device to the server of our website. This information is temporarily stored in so-called server log files. In particular, the following is collected:

  • IP address of the requesting device
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which access is made (referrer URL)
  • Browser and operating system used
  • Name of the access provider

Purposes of processing:

  • Ensuring a smooth connection to the website
  • Ensuring comfortable use of our website
  • Evaluation of system security and stability
  • Other administrative purposes

Legal basis:
Art. 6 para. 1 lit. f GDPR (legitimate interest in secure and technically flawless operation of the website).

Hosting:
Our hosting provider is gambiocloud.com and processes personal data that arises when visiting the website (e.g., server log files).
A data processing agreement exists with the hosting provider in accordance with Art. 28 GDPR.

b) Use of our contact form

When using our contact form, it is necessary to provide a valid email address in order to answer your inquiry.

Processed data:

  • Name
  • Email address
  • Message (free text)

Purpose: Processing your inquiry.
Legal basis: Art. 6 para. 1 lit. b GDPR (pre-contractual measures).
The data will be deleted after final processing unless statutory retention obligations prevent this.

c) Customer account

You can create a personal customer account. We store your information to facilitate future orders.

Processed data:

  • Name, address, email address, password
  • Order history

Purpose: Processing future orders and managing your account.
Legal basis: Art. 6 para. 1 lit. b GDPR.

For contract fulfillment, we forward your address to shipping service providers.

d) Newsletter

We reserve the right to send you newsletters at reasonable intervals, which may contain editorial content and product information.
You can unsubscribe from the newsletter at any time—e.g., by email to info@hazardlabel.de or via the unsubscribe link in every newsletter.

Newsletter service provider: Newsletter2Go / Brevo (Sendinblue)
Procedure: Double opt-in
Data transfer: to the service provider
Legal basis: Your consent in accordance with Art. 6 para. 1 lit. a GDPR.

§3 Payment processing via PayPal

If you pay via PayPal, your payment data will be transmitted to PayPal (Europe) S.à r.l. et Cie, S.C.A.

Purpose: Execution of payment
Legal basis: Art. 6 para. 1 lit. b GDPR
Further information can be found in PayPal’s privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

§4 Use of Google Analytics

We use Google Analytics (Google Ireland Limited, Dublin).

Processed data:

  • Shortened/anonymized IP address
  • Technical device information
  • Click and interaction data
  • Dwell time, page views

IP anonymization: active
Legal basis: Art. 6 para. 1 lit. a GDPR (consent via cookie banner).
Data transfer to the USA: Based on EU Standard Contractual Clauses (SCC).
Withdrawal: Possible at any time via the cookie banner.
Storage period: 2–14 months (depending on configuration).
Further information: https://support.google.com/analytics/answer/6004245

§5 Cookies and Tracking

Our website uses cookies and similar technologies to provide services, display personalized content, and analyze usage.

Consent tool: Plugin from Gambio
Legal basis:

  • Technically necessary cookies: Art. 6 para. 1 lit. f GDPR
  • Marketing/analytics cookies: Art. 6 para. 1 lit. a GDPR

You can change or withdraw your settings at any time via the cookie banner.

§6 Personalized Advertising

If you have consented via the cookie banner, we may use remarketing functions (e.g., Google Ads Remarketing, Brevo tracking).

Purpose: Marketing and optimization
Legal basis: Consent in accordance with Art. 6 para. 1 lit. a GDPR
Withdrawal: Possible at any time via cookie settings

§7 Storage period

We store personal data only as long as necessary or as required by law.

Examples:

  • Server log files: maximum 7 days
  • Customer account data: until account deletion
  • Contract and invoice data: 10 years (tax retention obligations)
  • Newsletter data: until withdrawal

§8 Your rights as a data subject

You have the right to:

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection (Art. 21 GDPR)
  • Withdrawal of your consent (Art. 7 para. 3 GDPR)
  • Lodge a complaint with the competent supervisory authority (Art. 77 GDPR)

Competent authority:
State Commissioner for Data Protection of Lower Saxony

§9 Data security

We use SSL/TLS encryption according to the latest standards to protect all transmitted data from unauthorized access.

§10 Validity and amendment of this privacy policy

This privacy policy is currently valid (as of November 2025).
We reserve the right to adapt it as necessary to reflect changes in our services or legal requirements.

Back