Privacy Policy

**1) Introduction and Contact Information of the Controller**

1.1 We are pleased that you are visiting our website and thank you for your interest. Below we inform you about the handling of your personal data when using our website. Personal data refers to all data that can be used to personally identify you.

1.2 The controller responsible for data processing on this website, according to the General Data Protection Regulation (GDPR), is Prime Advantages e.U.,
Owner: Peter Paul Pittnauer, Flurgasse 12/1, 7100 Neusiedl am See, Austria,
Tel.: +4369911000116, Email: ppp92@protonmail.com.
The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data.

**2) Data Collection When Visiting Our Website**
2.1 If you are using our website purely for informational purposes, meaning you do not register or otherwise transmit information to us, we only collect the data that your browser transmits to our server (so-called “server log files”). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:
- Our visited website
- Date and time of access
- Amount of data sent in bytes
- Source/referrer from which you accessed the page
- Browser used
- Operating system used
- IP address used (if applicable: in anonymized form)

Processing is carried out according to Art. 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be shared or used in any other way. However, we reserve the right to check the server log files later if there are specific indications of illegal use.

2.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller). You can recognize an encrypted connection by the string "https://" and the lock icon in your browser's address bar.

**3) Hosting & Content Delivery Network**
3.1 Shopify
We use the system of the following provider for hosting our website and displaying page content: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify")
Data is also transmitted to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada.
All data collected on our website is processed on the provider's servers. We have signed a data processing agreement with the provider to ensure the protection of our website visitors’ data and to prevent unauthorized disclosure to third parties.
In the case of data transfer to Canada, an adequate level of data protection is guaranteed by an adequacy decision of the European Commission.

3.2 Cloudflare
We use a content delivery network from the following provider: Cloudflare Inc., 101 Townsend St, San Francisco, CA 94107, USA
This service allows us to deliver large media files, such as graphics, page content, or scripts, more quickly through a network of regionally distributed servers. Processing is based on our legitimate interest in improving the stability and functionality of our website per Art. 6(1)(f) GDPR.
We have signed a data processing agreement with the provider to ensure the protection of our website visitors’ data and to prevent unauthorized disclosure to third parties.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which, based on an adequacy decision of the European Commission, ensures compliance with the European level of data protection.

**4) Cookies**
To make visiting our website more attractive and enable certain functions, we use cookies, which are small text files stored on your device. Some of these cookies are automatically deleted when you close your browser (so-called "session cookies"), while others remain on your device for longer, allowing us to save settings (so-called "persistent cookies"). The storage duration can be found in your browser's cookie settings.

If personal data is processed by individual cookies we use, processing is based either on Art. 6(1)(b) GDPR for contract execution, Art. 6(1)(a) GDPR if consent is given, or Art. 6(1)(f) GDPR based on our legitimate interest in the best possible functionality of the website and a user-friendly experience.

You can configure your browser to notify you when cookies are set and decide on a case-by-case basis whether to accept cookies or exclude them entirely. Please note that the functionality of our website may be restricted if cookies are not accepted.

**5) Contacting Us**
5.1 WhatsApp Business
We offer visitors the option to contact us via the WhatsApp messaging service provided by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. For this, we use the so-called "business version" of WhatsApp.

If you contact us via WhatsApp regarding a specific transaction (e.g., a placed order), we will store and use your WhatsApp mobile number and, if provided, your first and last name, based on Art. 6(1)(b) GDPR, to process and respond to your inquiry. Based on the same legal basis, we may request additional data (such as order number, customer number, address, or email) to allocate your inquiry to a specific transaction.

When contacting us via WhatsApp for general inquiries (e.g., questions about services or website availability), we store and use your WhatsApp mobile number and, if provided, your name based on our legitimate interest in efficient communication per Art. 6(1)(f) GDPR.

Your data will be used exclusively for responding to your WhatsApp inquiries and will not be shared with third parties. Please note that WhatsApp Business accesses the address book of the device used, meaning that phone numbers stored in the address book are transmitted to a server of Meta Platforms Inc. in the USA. We use a mobile device for our WhatsApp Business account, where only WhatsApp contact details of users who have contacted us via WhatsApp are stored.

This ensures that all users whose WhatsApp contact details are stored have consented to the transfer of their WhatsApp number from the address books of their chat contacts by accepting WhatsApp’s terms of use (Art. 6(1)(a) GDPR). No data of users who do not use WhatsApp and/or have not contacted us via WhatsApp is transmitted.
The purpose and scope of WhatsApp's data collection and further processing and use, as well as your rights and privacy settings, can be found in WhatsApp's privacy policy: [https://www.whatsapp.com/legal/?eea=1#privacy-policy](https://www.whatsapp.com/legal/?eea=1#privacy-policy).

**6) Data Processing When Opening a Customer Account**
In accordance with Art. 6(1)(b) GDPR, personal data will be collected and processed to the necessary extent when you open a customer account. You can see which data is required in the input form for the account opening on our website. You may request the deletion of your customer account at any time by sending a message to the above contact information of the controller. Once the customer account is deleted, your data will be erased unless it is required to fulfill contractual obligations or there are statutory retention periods preventing deletion.

**7) Use of Customer Data for Direct Marketing**
7.1 Email Newsletter
When you subscribe to our email newsletter, we regularly send you information about our offers. The only mandatory information for receiving the newsletter is your email address. Providing additional data is voluntary and allows us to address you personally. For the newsletter subscription, we use a double opt-in procedure to ensure you only receive the newsletter after explicitly confirming your consent by clicking a link sent to your provided email address.

By activating the confirmation link, you give us your consent to use your personal data according to Art. 6(1)(a) GDPR. We store your IP address provided by the internet service provider (ISP) as well as the date and time of the registration to trace any misuse of your email address at a later time. The data collected when subscribing to the newsletter is used exclusively for the purpose of sending the newsletter.

You may unsubscribe from the newsletter at any time via the link provided in the newsletter or by notifying us directly. After unsubscribing, your email address will be immediately removed from our mailing list unless you have expressly consented to the further use of your data or we are legally permitted to continue using it.

7.2 WhatsApp Newsletter
When you subscribe to our WhatsApp newsletter, we will regularly send you information about our offers via WhatsApp. The only mandatory information for receiving the newsletter is your mobile phone number.

To subscribe to the WhatsApp newsletter, you must add our mobile phone number to your contacts and send the message "Start" via WhatsApp. By sending this WhatsApp message, you consent to the use of your personal data according to Art. 6(1)(a) GDPR for the purpose of sending the newsletter. We will then add you to our newsletter list.

The data collected upon subscription will be used solely for promotional purposes via the WhatsApp newsletter. You can unsubscribe from the newsletter at any time by sending the message "Stop" via WhatsApp. After unsubscribing, your mobile phone number will be immediately removed from our newsletter list unless you have expressly consented to further use of your data or we are legally permitted to continue using it.

Please note that WhatsApp Business has access to the address book of the mobile device used, meaning that phone numbers stored in the address book are automatically transmitted to a server of Meta Platforms Inc. in the USA.

**8) Data Processing for Order Fulfillment**
8.1 To fulfill the contract for delivery

and payment purposes, personal data collected by us will be shared with the shipping company or financial institution responsible for processing, to the extent necessary under Art. 6(1)(b) GDPR.

If we owe you updates for goods with digital elements or for digital products based on a corresponding contract, we process the contact details provided during the order (e.g., name, address, email) to inform you of upcoming updates as required by law under Art. 6(1)(c) GDPR.

To process your order, we also work with the following service providers. Certain personal data will be transmitted to these providers according to the information below.

8.2 Transfer of Personal Data to Shipping Service Providers
- Österreichische Post
We use the following service provider for shipping: Österreichische Post Aktiengesellschaft, Rochusplatz 1, 1030 Vienna, Austria
We will forward your email address and/or phone number to the provider for the purpose of coordinating a delivery date or announcing delivery, provided you have given your explicit consent during the ordering process. Otherwise, only the recipient's name and delivery address will be shared for the purpose of delivery (Art. 6(1)(b) GDPR).

**9) Retargeting/Remarketing and Conversion Tracking**
9.1 Meta Pixel with Enhanced Data Matching
Within our online offering, we use the "Meta Pixel" service from Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland ("Meta"), with enhanced data matching. If a user clicks on an ad we have placed on Facebook or Instagram, the URL of our linked page is expanded with a parameter that is stored in the user's browser via a cookie.

For more information about Meta's privacy practices, visit [https://www.facebook.com/about/privacy/](https://www.facebook.com/about/privacy/).