Privacy Policy

As of: July 2026

Standard template - have it reviewed by a lawyer before launch. Details marked with [brackets] are placeholders.

Protecting your personal data is important to us. Below we inform you, in accordance with the General Data Protection Regulation (GDPR), which data we process when you visit this website and when you place an order.

1. Controller

The controller for data processing on this website is:

Qimondo Limited Partnership
Monavalley Business Park
Tralee, Co. Kerry, V92 YP84
Ireland

Email: [email address]
Phone: +353 66 913048-0

2. Hosting

This website is hosted by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA (Cloudflare Workers, D1 database and CDN). Cloudflare processes technical access data (e.g. IP address, time of access, page visited) in order to ensure the delivery and security of the website. The legal basis is our legitimate interest in secure and efficient operation (Art. 6 (1) lit. f GDPR). As Cloudflare may also process data in the USA, we base the transfer on the EU standard contractual clauses. A data processing agreement is in place with Cloudflare.

3. Orders and customer account

When you place an order, we process the data required for this: email address, name, delivery address, the products ordered and details of the chosen payment method. This data is stored in our database (Cloudflare D1) and used to process the purchase contract. The legal basis is Art. 6 (1) lit. b GDPR (performance of a contract).

We retain order and invoice data on the basis of commercial and tax retention obligations for the legally prescribed period (generally up to ten years); the legal basis is Art. 6 (1) lit. c GDPR.

4. Passwordless login (customer area)

To access your customer area, we use a passwordless procedure: we send you a six-digit login code by email. We store the code and session token only in encrypted or hashed form. The login serves to display and manage your orders and subscriptions. The legal basis is Art. 6 (1) lit. b GDPR.

5. Payment processing (PayPal)

For payment processing - including card payments and direct debit - we use PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. The data required for payment is transmitted to PayPal; card data is transmitted directly to PayPal and does not reach our servers. For a subscription, PayPal stores a payment agreement for recurring charges; we store a reference ID for this, but not your payment data. The legal basis is Art. 6 (1) lit. b GDPR. PayPal's privacy terms also apply.

6. Email delivery (Resend)

To send login codes and order confirmations, we use the service provider Resend (Resend, Inc., USA). Your email address is transmitted to Resend for this purpose. The legal basis is Art. 6 (1) lit. b GDPR or our legitimate interest in reliable email delivery (Art. 6 (1) lit. f GDPR). We base the transfer to the USA on the EU standard contractual clauses.

7. Cookies and local storage

We use only technically necessary storage: a session cookie („nyce_session“) for the login to the customer area and your browser's local storage (localStorage) to remember the contents of your cart. There is no tracking or analysis of your behaviour, and we do not use marketing cookies. A cookie banner is therefore not required. The legal basis for this technically necessary storage is § 25 (2) TDDDG or Art. 6 (1) lit. f GDPR.

8. Your rights

Under the GDPR you have the following rights:

  • Access to the data stored about you (Art. 15)
  • Rectification of incorrect data (Art. 16)
  • Erasure (Art. 17)
  • Restriction of processing (Art. 18)
  • Data portability (Art. 20)
  • Objection to processing (Art. 21)

To exercise your rights, a message to [email address] is sufficient. You also have the right to lodge a complaint with a data protection supervisory authority.