Privacy policy

We take the protection of your personal data very seriously. In this privacy policy we inform you about the most important aspects of data processing in the Paul Flora Shop (www.paulflora.at).

Table of contents

• Automatic storage of data
• Cookies
• Web analysis
• Storage duration of data
• Encryption via TLS
• What personal data we collect and why
• Sending data and accessing data
• Payment methods
• Online store / purchase process
• Your rights under the GDPR

1. automatic storage of data

Our hosting provider Ionos automatically stores data such as the IP address, browser information, time and date of access. This data is anonymized and used to ensure the operation of the website.

When you visit our website or our web store, the following data may be logged and transmitted to our hosting provider:

• the URL – this is the address called up
• Your browser and its version number
• the reference URL, i.e. from where you were redirected/referred to our website
• Your IP address
• Your device and operating system
• Date and time of access

Such and similar data are stored in so-called server log files (access logs, error logs) at the provider.

2. cookies

Cookies are small text files that store basic information about your website visit. This enables functions such as the “recognition” of users to ensure a smooth and personalized use of the website.

For technical reasons, our website uses essential cookies that are absolutely necessary for the operation of our online presence (set, for example, by our CMS WordPress). As a matter of principle, we endeavor to keep the use of cookies to a minimum.

3. web analysis

We use Plausible, a data protection-friendly analysis tool, for the analysis. Plausible works without cookies and does not store any personal data, as IP addresses are anonymized, for example.

4. storage duration of data

We store personal data for as long as is necessary to process your orders, to provide proper customer support in the follow-up and to comply with statutory retention periods.

5. encryption via TLS

Our website is protected by an SSL certificate from Sectigo RSA. This means that your data is transmitted securely and encrypted. You can recognize a TLS-encrypted website, for example, by the “https://” at the beginning of the URL. In addition, modern browsers display a small padlock symbol and may indicate a “secure connection”. Whenever you enter your data on the Internet or carry out payment transactions in a web store, you should ensure that the SSL connection is upright.

6. what personal data we collect and why

We collect data such as name, address, e-mail address and telephone number in order to process orders. This data is necessary to fulfill our contract with you or to communicate with you in the context of your order.

7. sending data and accessing data

Your data will only be passed on to necessary service providers such as shipping service providers and payment providers. In addition, our website admin and, if applicable, the hosting provider have access to customer data in order to ensure the secure and stable operation of the store.

8. payment methods

In addition to bank transfer, we also offer PayPal as a payment method. PayPal processes your data in accordance with their data protection guidelines. When using PayPal as a payment method, an API request is first sent to PayPal, after which you are forwarded to PayPal, where a security and payment check is carried out.

9. online store / purchase process

As part of the purchase process in our online store, it is necessary for you to provide personal data such as your name, address, e-mail address and telephone number. This data is required in order to:

• process and dispatch your order,
• to send you important information about your order, such as an order confirmation,
• to contact you in the event of queries or problems.

Corporate customers can also optionally provide their EU VAT identification number (UID) in order to process a tax-free intra-Community delivery.

10. your rights under the EU GDPR

You have the right of access, rectification, erasure, restriction of processing, data portability and objection. If you believe that the processing of your data violates data protection law, you can lodge a complaint with the data protection authority:

Austrian Data Protection Authority
Barichgasse 40-42, 1030 Vienna
Phone: +43 1 52 152-0
E-mail: dsb@dsb.gv.at

However, as good communication is important to us, we would ask you to contact us directly in the event of any inconsistencies or questions.

Responsible for the content

Galerie Seywald e.U.
Dr. Thomas Seywald (Management)
Josef Kainz Straße 6
5026 Salzburg
Austria, EU