PRIVACY POLICY

We’re delighted by your interest in KITSCH KIOSK. Reliable, easy-to-understand, and transparent data protection is especially important to us. We aim to make the processes around handling your personal data as clear as the way we shine and brag with our Kandy. Small, handy, and crystal clear by nature and we’re convinced these qualities should also apply to how we handle communication, purchase processing, and any other situations. That’s why our promise to you is simple: we make it easy to interact with us. So let’s take a look at what we can provide you with when it comes to data protection: Data protection law has become part of everyday life. It empowers and encourages us, as individuals, to understand and review how our data is handled - whether by giant platforms or small online shops and blogs. With this Privacy Policy, KITSCH KIOSK informs the public about the type, scope, and purpose of the personal data we collect, use, and process. In addition, affected persons are informed about their rights. The transparency of a Privacy Policy is not measured by its length, but by whether it speaks to users, takes their level of knowledge into account, and presents legal requirements and measures regarding data processing, data storage, and user rights in a clear and accessible way. How do we make our Privacy Policy easy to understand? We break down the principles by which we process your data, and then go step by step into detail where it becomes relevant for you. Come as you are. We don’t need your data right away. Using the KITSCH KIOSK website is generally possible without providing any personal information. Why cookies, when there’s Kandy? We’re not interested in pushing any cookies on you other than those that are technically necessary. Look around — Kandy is everywhere. We don’t need cookies to connect with you. That’s why we avoid technical complications that annoy both our users and us. Our principle is simple: Kandy before cookies. You decide whether you come along with us. If you do choose to use our product range and special services through our website or social media, then the processing of personal data becomes necessary. This data processing allows us to properly and efficiently handle your requests, fulfill our role as an online shop operator, and meet our obligations as a data processor. We’ll keep you in the loop. If processing your personal data becomes necessary and there’s no legal basis for it, we’ll always ask for your consent. No worries. GDPR or data minimization is basically our second name, because we love a minimalist lifestyle. Processing of personal data (such as your name, address, email address, or phone number) always takes place conscientiously, in line with the General Data Protection Regulation and with the data protection laws applicable to KITSCH KIOSK. Third-party cookies: In some cases, cookies from third-party companies may also be stored on your device when you visit our site. These enable us or you to use certain services from those companies (e.g. cookies for processing payments). If such third-party or analytical cookies are used, you’ll be informed separately in this Privacy Policy and via links to their websites. Unfortunately, we have no influence over how cookie functions are embedded on third-party websites. Therefore, our cookie-free policy only applies to the level of control we can ensure on this static website through programming. Technical protection: As the controller responsible for processing, KITSCH KIOSK has implemented numerous technical and organizational measures to ensure the best possible protection of personal data processed through this website. Still, internet-based data transmissions may have security vulnerabilities, so absolute protection cannot be guaranteed. For this reason, you are free to provide us with personal data through alternative means, for example, by phone. SSL/TLS encryption: For security reasons, and to protect the transmission of confidential content such as orders or inquiries you send to us as the site operator, this site uses SSL/TLS encryption. You can recognize an encrypted connection when the browser’s address bar switches from "http://" to "https://" and a lock icon appears in your browser. When SSL/TLS encryption is activated, the data you send to us cannot be read by third parties. Data transfers to third countries: We use tools from companies based in the USA or in other countries that are not considered secure under data protection law. If these tools are active, your personal data may be transferred to and processed in such countries. Please note that these countries may not guarantee a level of data protection comparable to the EU. For example, US companies are obliged to hand over personal data to security authorities, and you as an individual may have no legal recourse against this. It therefore cannot be ruled out that US authorities (e.g. intelligence services) may process, evaluate, and permanently store your data on US servers for surveillance purposes. Unfortunately, we have no influence over these processing activities.