1) Information on the Collection of Personal Data and Contact Details of the Controller
1.1 We are pleased that you visit our website and thank you for your interest. Below we inform you about how we handle your personal data when using our website. Personal data is any data that can identify you personally.
1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Dropsirius, Dammstr. 46, 74076 Heilbronn, Germany, Email: support@dropsirius.com. The data controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.
1.3 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize a secure connection by the “https://” prefix and the lock symbol in your browser’s address bar.
2) Data Collection When Visiting Our Website
When using our website for informational purposes only (i.e., if you do not register or provide information to us), we only collect data that your browser transmits to our server (so-called “server log files”). When you access our website, we collect the following data, which is technically required to display the website:
-
The website visited
-
Date and time of access
-
Amount of data sent in bytes
-
Source/referrer from which you accessed the site
-
Browser used
-
Operating system used
-
IP address (possibly anonymized)
Processing is based on our legitimate interest under Art. 6(1)(f) GDPR to improve the stability and functionality of our website. The data is not shared or used otherwise. However, we reserve the right to review server log files retrospectively if there are concrete indications of unlawful use.
3) Cookies
To make the visit to our website attractive and to enable the use of certain functions, we use cookies—small text files stored on your device. Some cookies are automatically deleted after closing the browser (so-called “session cookies”), while others remain on your device for a longer period and allow the storage of site settings (so-called “persistent cookies”). You can see the storage duration in your browser’s cookie settings.
If individual cookies process personal data, this is done based on Art. 6(1)(b) GDPR (for contract execution), Art. 6(1)(a) GDPR (if consent is given), or Art. 6(1)(f) GDPR (to ensure website functionality and user-friendly design). You can set your browser to inform you about cookie placement and to accept or reject them individually. Please note that website functionality may be limited if cookies are not accepted.
4) Contact
When contacting us (e.g., via contact form or email), personal data is processed exclusively for the purpose of handling and responding to your inquiry and only to the extent necessary. The legal basis is our legitimate interest in responding to your inquiry under Art. 6(1)(f) GDPR. If your contact concerns a contract, the additional legal basis is Art. 6(1)(b) GDPR. Your data is deleted once it is clear that the matter has been fully resolved, unless statutory retention obligations exist.
5) Data Processing When Creating a Customer Account
In accordance with Art. 6(1)(b) GDPR, personal data is collected and processed as required when you provide it during account registration. Required fields are indicated in the registration form. Deletion of your account is possible at any time by contacting the controller. After deletion, your data will be erased, provided all contracts have been fully executed, no statutory retention obligations exist, and we have no legitimate interest in retaining it.
6) Comment Function
When using the comment function, your comment, the time of posting, and the chosen username are stored and published. Your IP address is stored for security reasons to trace unlawful comments. Your email address is stored for contact purposes in case a third party reports your content as illegal.
7) Use of Customer Data for Direct Marketing
7.1 Newsletter Subscription
If you subscribe to our newsletter, we send regular information about our offers. Only your email address is required. Other data is optional and used for personalization. We use a double opt-in process to ensure you only receive the newsletter after confirming via a verification link sent to your email.
By activating the confirmation link, you consent to the use of your personal data according to Art. 6(1)(a) GDPR. Your IP address, date, and time of subscription are recorded to prevent misuse. You can unsubscribe at any time via the link in the newsletter or by contacting us. After unsubscribing, your email is immediately removed from our newsletter list, unless you consent to further use.
7.2 Abandoned Cart Reminders
If you abandon your shopping cart before completing a purchase, you can receive a one-time email reminder. Only your email address is required. Other data is optional for personalization. The double opt-in process ensures you receive the reminder only after confirming via the verification link. You can unsubscribe at any time.
8) Data Processing for Order Fulfillment
For order processing and payment purposes, personal data is shared with the shipping company and the bank as required under Art. 6(1)(b) GDPR.
If your order includes digital products, we process your contact details (name, address, email) to inform you of updates under Art. 6(1)(c) GDPR. Your data is strictly used for this purpose.
We work with service providers to fulfill contracts. Certain personal data may be shared with these providers as necessary.
9) Rights of the Data Subject
9.1 Applicable data protection law grants you the following rights regarding the processing of your personal data:
-
Right of access (Art. 15 GDPR)
-
Right to rectification (Art. 16 GDPR)
-
Right to erasure (Art. 17 GDPR)
-
Right to restriction of processing (Art. 18 GDPR)
-
Right to notification (Art. 19 GDPR)
-
Right to data portability (Art. 20 GDPR)
-
Right to withdraw consent (Art. 7(3) GDPR)
-
Right to lodge a complaint (Art. 77 GDPR)
9.2 Right to Object
If we process your personal data based on legitimate interests, you have the right to object at any time for reasons arising from your particular situation. If you exercise this right, we will stop processing your data unless we can demonstrate compelling legitimate grounds or if processing is required to assert, exercise, or defend legal claims.
If your data is processed for direct marketing, you have the right to object at any time, which will stop processing for marketing purposes.
10) Duration of Data Storage
The storage period depends on the legal basis, purpose of processing, and any statutory retention periods (e.g., commercial and tax law).
-
Data processed based on consent (Art. 6(1)(a)) is stored until consent is withdrawn.
-
Data processed for contractual obligations (Art. 6(1)(b)) is stored until obligations are fulfilled and retention periods expire.
-
Data processed for legitimate interests (Art. 6(1)(f)) is stored until objection rights are exercised, unless overriding interests apply.
-
Data for direct marketing is stored until objection rights are exercised.
If no specific situation applies, personal data is deleted when it is no longer necessary for the purpose it was collected.
