Legal
Privacy policy
Draft, to be reviewed by counsel before publishing
This is a structure for a GDPR-compliant privacy policy. Replace brackets and have it reviewed by counsel before publishing.
1. Controller
[Legal company name, address, email] is the controller responsible for the processing of personal data on this website.
2. Data we process
- Order and account data (name, address, email, order details)
- Payment data (processed by our payment providers)
- Usage and device data (via cookies and analytics)
- Communications you send us
3. Purposes and legal bases
We process data to fulfil contracts (Art. 6(1)(b) GDPR), to comply with legal obligations (Art. 6(1)(c)), and on the basis of legitimate interests or consent (Art. 6(1)(f)/(a)). [Detail each purpose.]
4. Shopify and processors
This store is hosted by Shopify. Shopify and our payment, shipping and analytics providers act as processors. [List processors and transfers.]
5. Cookies and tracking
[Describe essential vs optional cookies and your consent banner.]
6. Your rights
- Access, rectification, erasure, restriction (Art. 15 to 18)
- Data portability (Art. 20)
- Objection (Art. 21)
- Withdraw consent at any time
- Complain to a supervisory authority
7. Contact
For any privacy request, contact johannes@office-walker.com.