Last updated: 01.12.2025

1. Controller

The controller responsible for data processing on this website under the GDPR is:

Christian Hänsel
Sommerhäuschenweg 9
32657 Lemgo
Germany

Email: mail@aerim.org
Phone: +49 176 91311142

2. Collection and Storage of Personal Data

We process personal data only to the extent necessary to provide this website, fulfill orders, enable payments, and ensure proper functionality of the shop system.

2.1 When visiting the website

When you access this website, the following data is automatically processed by your browser and stored in server log files:

  • IP address
  • Date and time of access
  • URL and file accessed
  • Referrer URL
  • Browser type and version
  • Operating system

This data is processed to ensure website stability and security (Art. 6(1)(f) GDPR).

3. Data Processing When Placing an Order

If you purchase a digital product, we process the following data necessary for contract fulfillment (Art. 6(1)(b) GDPR):

  • First and last name
  • Email address
  • Billing address (if required)
  • Payment method
  • Purchased product(s)

This data is required to:

  • process your order
  • provide download access
  • issue order confirmations
  • manage your customer account (if created)

We store order data in accordance with legal retention periods (§ 147 AO / § 257 HGB).

4. Payment Providers

4.1 PayPal

If you select PayPal as payment method, your data is transferred to:

PayPal (Europe) S.à r.l. et Cie, S.C.A.
22–24 Boulevard Royal
L-2449 Luxembourg

PayPal may perform its own fraud prevention checks.
Privacy information:
https://www.paypal.com/webapps/mpp/ua/privacy-full

Data transfers to the USA may occur under the GDPR adequacy decision for the EU–US Data Privacy Framework.

5. WooCommerce

This website uses WooCommerce to operate the online shop.
WooCommerce stores:

  • order details
  • cart contents
  • browser/device data (for functionality)
  • email address for order processing

WooCommerce itself does not store payment data.
Legal basis: Art. 6(1)(b) GDPR (contract fulfillment).

More information:
https://woocommerce.com/document/privacy/

6. Cookies

This website uses cookies to ensure basic shop functions (e.g., cart, login, checkout). Cookies required for the website’s operation (technically necessary cookies) are processed under Art. 6(1)(f) GDPR.

Optional cookies (analytics, marketing) are only used with explicit consent (Art. 6(1)(a) GDPR).

If you use a Consent Management Tool (recommended), we will list it here.

7. Download Delivery

After purchase, digital products are delivered electronically.
We store download access logs to prevent abuse and fulfill the contract (Art. 6(1)(b) GDPR).

8. Contact and Support Requests

If you contact us via email, we store your message and contact information to process your request (Art. 6(1)(b) GDPR or Art. 6(1)(f) GDPR).

9. Data Retention

We retain data only as long as necessary:

  • Order data: according to German tax and commercial law
  • Customer emails: until your inquiry is resolved
  • Technical logs: typically 7–30 days (hosting dependent)

10. Transfer of Data to Third Parties

Personal data is only transferred if:

  • required for payment processing
  • required to fulfill the contract
  • you have given consent
  • it is legally required

We do not sell or share data with third parties for advertising.

11. Your Rights Under GDPR

You have the right to:

  • Access your stored personal data (Art. 15 GDPR)
  • Rectification of incorrect data (Art. 16 GDPR)
  • Erasure (“right to be forgotten,” Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Object to processing based on legitimate interests (Art. 21 GDPR)
  • Withdraw consent at any time (Art. 7(3) GDPR)

To exercise these rights, contact:

mail@aerim.org

12. Right to Lodge a Complaint

You may file a complaint with your supervisory authority:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW)
Kavalleriestraße 2–4, 40213 Düsseldorf
Website: https://www.ldi.nrw.de

13. Data Security

We use technical and organizational measures to protect personal data against loss, misuse, or unauthorized access.

14. Updates to This Policy

This Privacy Policy may be updated to reflect legal requirements or changes in data processing.
The latest version is always available on this page.