Privacy Policy

1) Introduction and Contact Details of the Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. The following information explains how we handle your personal data when you use our website. Personal data means all data by which you can be personally identified.

1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Noel Atta, Dsp.shoes, Schützenstraße 97, 44147 Dortmund, Germany, Tel.: 0176 32609724, E-Mail: dsp.rope@gmail.com.
The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

2) Data Collection When Visiting Our Website

2.1 When using our website purely for informational purposes, i.e., if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to the server (so-called “server log files”). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:

Our visited website
Date and time at the moment of access
Amount of data sent in bytes
Source/referrer from which you came to the page
Browser used
Operating system used
IP address used (if applicable, in anonymized form)

The processing is carried out in accordance with Art. 6 (1) lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. There is no disclosure or other use of the data. However, we reserve the right to check the server log files retrospectively if there are concrete indications of unlawful use.

2.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller). You can recognize an encrypted connection by the character string “https://” and the lock symbol in your browser’s address bar.

3) Hosting & Content Delivery Network

3.1 Amazon Web Services

For hosting our website and displaying the pages, we use the system of the following provider:
Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98109, USA.

All data collected on our website is processed on the provider’s servers.
We have concluded a data processing agreement with the provider, which ensures the protection of our visitors’ data and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-U.S. Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.

3.2 Wix

For hosting our website and displaying the page content, we use the system of the following provider:
Wix HQ, 6350671, Nemal Tel Aviv St 40, Tel Aviv-Yafo, Israel.

Data is also transmitted to: Wix Inc., 500 Terry A. Francois Boulevard, San Francisco, California 94158, USA.

For data transfers to the provider’s location, an adequate level of data protection is ensured by an adequacy decision of the European Commission.

3.3 Google Cloud CDN

We use a Content Delivery Network (CDN) from the following provider:
Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

This service enables us to deliver large media files such as graphics, page content, or scripts more quickly via a network of regionally distributed servers. The processing takes place to safeguard our legitimate interest in improving the stability and functionality of our website pursuant to Art. 6 (1) lit. f GDPR.

Data may also be transferred to: Google LLC, USA.

We have concluded a data processing agreement with the provider, which ensures the protection of our visitors’ data and prohibits unauthorized disclosure to third parties.

4) Cookies

To make visiting our website attractive and to enable the use of certain functions, we use cookies — small text files that are stored on your device. Some cookies are automatically deleted after you close your browser (“session cookies”), while others remain stored on your device for a longer period (“persistent cookies”). The duration of storage can be found in your browser’s cookie settings.

If personal data is processed through the use of cookies, processing is carried out based on Art. 6 (1) lit. b GDPR (contract execution), Art. 6 (1) lit. a GDPR (consent), or Art. 6 (1) lit. f GDPR (legitimate interest in website functionality and user-friendliness).

You can set your browser to inform you about the setting of cookies and decide individually on their acceptance or exclude cookies in specific cases or generally.

Please note that disabling cookies may limit the functionality of our website.

5) Contact

When contacting us (e.g., via contact form or email), personal data is processed exclusively for the purpose of handling and responding to your inquiry, and only to the extent necessary.

The legal basis for data processing is our legitimate interest in responding to your inquiry in accordance with Art. 6 (1) lit. f GDPR. If your contact aims at concluding a contract, the additional legal basis is Art. 6 (1) lit. b GDPR.
Your data will be deleted once it is clear that the relevant matter has been fully resolved, unless statutory retention obligations apply.

6) Data Processing for Order Handling

To the extent necessary for contract performance regarding delivery and payment, personal data collected by us is passed on to the commissioned transport company and credit institution pursuant to Art. 6 (1) lit. b GDPR.

If we owe you updates for products with digital elements or digital products, we will use your contact information to inform you personally in accordance with Art. 6 (1) lit. c GDPR. Your contact details will be used strictly for this purpose.

We also cooperate with external service providers who help us fulfill orders. Certain personal data will be transferred to these providers as necessary.

7) Website Features

X Plugins

Our website uses plugins from the social network Twitter (X) operated by:
Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.

These plugins enable direct interaction with content on the social network.

To increase data protection, these plugins are initially deactivated using a “2-click” or “Shariff” solution.
This ensures that no connection is established with the provider’s servers when a page containing such plugins is first loaded.

Only when you activate the plugin and thus give consent under Art. 6 (1) lit. a GDPR, will your browser establish a direct connection with the provider’s servers. In doing so, certain information (including your IP address, browser, and page activity) may be transmitted and processed.

If you are logged into your user account on the social network, any interactions will also be visible to your contacts.
You may revoke your consent at any time by deactivating the plugin again. Revocation does not affect previously transmitted data.

Data may also be transferred to: X Corp., USA.

We have concluded a data processing agreement with the provider to ensure protection of visitor data and prohibit unauthorized disclosure.

For data transfers to the USA, the provider relies on the EU Standard Contractual Clauses to ensure compliance with EU data protection standards.

8) Rights of the Data Subject

8.1 Under applicable data protection law, you have the following rights regarding your personal data:

Right of access (Art. 15 GDPR)
Right to rectification (Art. 16 GDPR)
Right to erasure (Art. 17 GDPR)
Right to restriction of processing (Art. 18 GDPR)
Right to be informed (Art. 19 GDPR)
Right to data portability (Art. 20 GDPR)
Right to withdraw consent (Art. 7 (3) GDPR)
Right to lodge a complaint (Art. 77 GDPR)

8.2 RIGHT TO OBJECT

IF WE PROCESS YOUR PERSONAL DATA BASED ON OUR LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, WITH EFFECT FOR THE FUTURE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR IF THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS.

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO SUCH PROCESSING.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING YOUR DATA FOR DIRECT MARKETING PURPOSES.

9) Duration of Storage of Personal Data

The duration of storage of personal data depends on the respective legal basis, processing purpose, and statutory retention periods.

Data processed on the basis of explicit consent (Art. 6 (1) lit. a GDPR) will be stored until consent is withdrawn.

Data subject to statutory retention (e.g., commercial or tax law) based on Art. 6 (1) lit. b GDPR will be deleted after these periods expire, provided it is no longer required for contract fulfillment or we have no legitimate interest in continued storage.

Data processed under Art. 6 (1) lit. f GDPR will be stored until you exercise your right to object under Art. 21 (1) GDPR, unless compelling legitimate grounds for processing prevail or the processing serves the establishment, exercise, or defense of legal claims.

For data processed for direct marketing under Art. 6 (1) lit. f GDPR, storage continues until you exercise your right to object under Art. 21 (2) GDPR.

Unless otherwise stated in this declaration, personal data will be deleted once it is no longer necessary for the purposes for which it was collected or otherwise processed.