1) Introduction and Contact Details of the Data Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. The following policy informs you about the handling of your personal data when using our website. Personal data is any data by which you can be personally identified.

1.2 The controller for data processing on this website under the UK GDPR is: Luca Bonura, Luca Bonura Onlinehandel, Oberstraße 101, 56154 Boppard, Germany Phone: +49 17681255742 Email: info@adlarion.com

The controller is the natural or legal person who determines, alone or jointly with others, the purposes and means of processing personal data.

2) Data Collection When Visiting Our Website

2.1 When you use our website for informational purposes only (i.e., without registering or submitting any information), we only collect the data that your browser transmits to our server (so-called “server log files”). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:

- Website visited - Date and time of access - Amount of data sent in bytes - Source/referring URL - Browser used - Operating system used - IP address (possibly in anonymized form)

The processing is carried out in accordance with Art. 6 (1)(f) UK GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to retrospectively check the server log files if specific indications point to unlawful use.

2.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries). You can recognize an encrypted connection by the string "https://" and the lock symbol in your browser's address bar.

3) Hosting & Content Delivery Network

Onepage.io

We use the platform provided by the following vendor to host and display our website content: Shopify International Limited, 2nd Floor, 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 XN32, Ireland

Data may also be transferred to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada

All data collected via our website is processed on the servers of this provider. We have concluded a Data Processing Agreement (DPA) with the provider, ensuring the protection of our website visitors’ data and prohibiting unauthorized disclosure to third parties.

For data transfers to Canada, an adequate level of data protection is ensured by an adequacy decision of the European Commission.

4) Cookies

To make visiting our website attractive and to enable the use of certain features, we use cookies—small text files stored on your device. Some of these cookies are deleted automatically when you close your browser (so-called “session cookies”), while others remain on your device longer to store page settings (so-called “persistent cookies”). The duration of storage can be found in your browser’s cookie settings.

If personal data is also processed by individual cookies we use, the processing takes place in accordance with Art. 6 (1)(b) UK GDPR (for contract performance), Art. 6 (1)(a) UK GDPR (with consent), or Art. 6 (1)(f) UK GDPR (to protect our legitimate interest in optimal website functionality and a user-friendly experience).

You can configure your browser to notify you about the setting of cookies and to allow or reject them individually or in general. Please note that the functionality of our website may be limited if cookies are disabled.

5) Contacting Us

When you contact us (e.g., via contact form or email), your personal data will be processed solely for the purpose of responding to your inquiry and only to the extent necessary.

The legal basis for this processing is our legitimate interest in responding to your request in accordance with Art. 6 (1)(f) UK GDPR. If your contact is aimed at entering into a contract, the additional legal basis is Art. 6 (1)(b) UK GDPR.

Your data will be deleted once it is clear that your inquiry has been fully resolved and provided no legal retention obligations apply.

6) Comment Function

If you use the comment function on our website, your comment, the time it was posted, and your chosen display name will be stored and publicly displayed.

Additionally, your IP address will be logged and stored. This is done for security reasons and in the event that a comment violates third-party rights or contains illegal content. We also collect your email address in case we need to contact you (e.g., if your comment is challenged legally by a third party).

The legal basis for this processing is Art. 6 (1)(b) and (f) UK GDPR. We reserve the right to delete comments if they are legally challenged.

7) Use of Customer Data for Direct Marketing

Newsletter Subscription

If you subscribe to our email newsletter, we will regularly send you information about our offers. The only required data is your email address; other information is optional and used for personalization.

We use the double opt-in process to ensure that you only receive newsletters after confirming your subscription via a verification link sent to your email.

By confirming, you give us your consent under Art. 6 (1)(a) UK GDPR. We log your IP address and the timestamp of your subscription to protect against misuse.

You can unsubscribe at any time via the link provided in each email or by contacting the data controller. After unsubscribing, your email address will be deleted unless you have explicitly consented to further use or we are legally permitted to retain it.

8) Data Processing for Order Fulfilment

8.1 To fulfil your order, we share your data with the shipping provider and payment provider according to Art. 6 (1)(b) UK GDPR.

If we owe you updates to digital goods or services, we will use your contact data strictly for that purpose under Art. 6 (1)(c) UK GDPR.

We may also work with third-party service providers to fulfil your order. Relevant data is only shared when necessary.

8.2

If necessary for delivery, we may share your name, address, and phone number with shipping partners, under Art. 6 (1)(b) UK GDPR.

8.3

Payment Providers (examples):

- Apple Pay

Apple Pay transactions are processed via your Apple device using secure technology. Apple encrypts all transmitted data, and we only receive confirmation of payment. For more, see: Apple Privacy

- Klarna

When using Klarna, your payment and personal data may be shared with Klarna for credit checks and fraud prevention. Details: Klarna Privacy Notice

- PayPal Depending on your selected method, PayPal may require your payment and personal data for verification or credit checks.

- SOFORT If you use SOFORT (Klarna Group), your payment details will be shared securely for payment processing.

Each of these processes is based on Art. 6 (1)(b) UK GDPR. If credit checks are involved, Art. 6 (1)(f) UK GDPR applies due to our legitimate interest in avoiding payment defaults.

9) Retargeting / Remarketing & Conversion Tracking

9.1 Meta Pixel (with Advanced Matching)

We use the Meta Pixel by Meta Platforms Ireland Ltd. to track user actions and improve ad relevance. This may include enhanced matching (e.g., email hash, purchase behavior).

Data is shared with Meta only with your consent under Art. 6 (1)(a) UK GDPR.

Details: Meta Privacy

9.2 TikTok Pixel

We also use the TikTok Pixel for conversion tracking and audience building. This allows us to analyze actions such as purchases or page views.

Use is based on your consent under Art. 6 (1)(a) UK GDPR.

10) Website Functionalities

10.1 Facebook Plugins

Our site uses Facebook plugins (e.g., Like buttons). These remain inactive until you opt-in ("2-click solution").

Data is only sent to Meta upon activation, under Art. 6 (1)(a) UK GDPR.

10.2 Instagram Plugins

Same mechanism as Facebook applies.

10.3 Endereco

For address validation during checkout, we use services from Endereco UG (Germany). Data is temporarily stored and deleted after validation.

Processing is based on Art. 6 (1)(f) UK GDPR.

11) Tools and Services

Lexware Office

For accounting, we use software by Haufe-Lexware GmbH & Co. KG. Invoice and banking data may be processed to automate bookkeeping.

Based on our legitimate interest per Art. 6 (1)(f) UK GDPR.

12) Data Subject Rights

Under the UK GDPR, you have the following rights:

Right of access (Art. 15)

Right to rectification (Art. 16)

Right to erasure (Art. 17)

Right to restrict processing (Art. 18)

Right to be informed (Art. 19)

Right to data portability (Art. 20)

Right to withdraw consent (Art. 7(3))

Right to lodge a complaint with the ICO (Art. 77)

12.2) Right to Object

If we process your data based on legitimate interest (Art. 6 (1)(f)), you may object at any time for reasons relating to your particular situation.

We will stop processing unless compelling legitimate grounds prevail.

If your data is used for direct marketing, you may object at any time without stating reasons. We will cease this processing immediately.

13) Data Retention

The duration of data storage is based on legal retention periods, purpose of use, and consent status. Once the purpose no longer applies or you withdraw consent, data will be deleted—unless legal obligations require longer retention.