We're celebrating autumn! 11% off all Merchant & Mills fabrics. Code: MM-11
Valid until 26.10.25
Store opening hours in Munich:
Wednesday 11:30 AM - 5:00 PM & Thursday 2:00 PM - 6:00 PM.
Personal Privacy Policy
1. General information
Protecting your personal data during collection, processing, and use on the occasion of your visit to our homepage is very important to us. Your data is protected in accordance with legal regulations. Below you will find information about which data is collected during your visit to the homepage and how it is used.
The person responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:
lavendels GbR
Authorized partners: Moritz Wessel and Petra Werner
Kreuzstraße 13
80331 Munich
Germany,
Tel.: 0049-(0) 89 89 311 788
E-Mail: info@lavendels.de
For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders), this website uses SSL encryption. If the site is accessed with www (http://www.lavendels.de or .com), it will be redirected to https://www.lavendels.com . If the website is accessed without www (http://lavendels.de or .com), it will also be redirected to https://lavendels.com .
Furthermore, we secure our website and other systems through technical and organizational measures against loss, destruction, access, alteration, or dissemination of your data by unauthorized persons. Despite regular checks, complete protection against all dangers is not possible.
2. Collection and storage of personal data as well as type and purpose of use
Every access to our homepage and every retrieval of a file stored on the homepage is logged. The storage serves internal system-related and statistical purposes. Logged are: referrer, requested website or file, browser type and browser version, operating system used, device type used, time of access as well as IP address in anonymized form (used only to determine the location of access). There is no transfer or other use of the data. However, we reserve the right to retrospectively check the server log files if there are concrete indications of unlawful use.
Further personal data is only collected if you provide this information voluntarily, for example in the context of an order or inquiry.
2.2. Contact
When contacting us by e-mail or telephone, personal data is collected. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for processing the data is our legitimate interest in responding to your request pursuant to Art. 6 para. 1 lit. f GDPR. If your contact aims at concluding a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted after your request has been finally processed; this is the case if the circumstances indicate that the matter concerned has been conclusively clarified and provided that no statutory retention obligations oppose this.
2.3. Data processing in the context of order processing
To process your order, we work with the following service providers who support us wholly or partly in the execution of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.
The personal data we collect is passed on to the transport company commissioned with the delivery as part of the contract processing, insofar as this is necessary for the delivery of the goods. We pass on your payment data to the commissioned credit institution as part of the payment processing, provided this is necessary for the payment processing.
2.3.1. Transfer of personal data to shipping service providers:
DHL Paket GmH and Deutsche Post AG
If the delivery of the goods is carried out by the transport service provider DHL (DHL Paket GmbH, Sträßchenweg 10, 53113 Bonn) or Deutsche Post AG (Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn), we only pass on the recipient's name and delivery address to DHL or Deutsche Post AG for the purpose of delivery in accordance with Art. 6 para. 1 lit. b GDPR. The transfer is only made to the extent necessary for the delivery of goods.
2.3.2. Transfer of personal data to payment service providers:
Paypal
When paying via PayPal, we pass on your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") within the scope of payment processing. The transfer is made in accordance with Art. 6 para. 1 lit. b GDPR and only to the extent necessary for payment processing. You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for proper payment processing.
3. Google Analytics
This website uses Google Analytics, a web analytics service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").
Google Analytics uses so-called "cookies", text files that are stored on your computer and allow an analysis of your use of the website. The information generated by the cookie about your use of this website (including the shortened IP address) is usually transmitted to a Google server in the USA and stored there. This website uses Google Analytics exclusively with the extension that ensures anonymization of the IP address by shortening and excludes direct personal reference. Through the extension, your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area beforehand. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. In these exceptional cases, this processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes.
On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide us with other services related to website and internet usage. The IP address transmitted by your browser within the scope of Google Analytics will not be merged with other data from Google.
You can prevent the storage of cookies by adjusting your browser software settings accordingly; however, we point out that in this case you may not be able to use all functions of this website fully. Furthermore, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de
Google LLC, based in the USA, is certified under the US-European data protection agreement "Privacy Shield," which ensures compliance with the data protection level applicable in the EU. More information on handling user data with Google Analytics can be found in Google's privacy policy.-sigel.de/datenschutz.
4. Rights of the data subject
The applicable data protection law grants you comprehensive data subject rights (rights of access and intervention) vis-à-vis the controller regarding the processing of your personal data, about which we inform you below:
4.1. Right of access pursuant to Art. 15 GDPR
You have, in particular, the right to information about your personal data processed by us, the purposes of processing, the categories of personal data processed, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned storage duration or the criteria for determining the storage duration, the existence of a right to rectification, deletion, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if it was not collected by us from you, the existence of automated decision-making including profiling and, if applicable, meaningful information about the involved logic and the scope concerning you and the intended effects of such processing, as well as your right to be informed about the guarantees pursuant to Art. 46 GDPR when forwarding your data to third countries.
4.2. Right to rectification according to Art. 16 GDPR
You have the right to immediate correction of incorrect data concerning you and/or completion of your incomplete data stored with us.
4.3. Right to deletion according to Art. 17 GDPR
You have the right to request the deletion of your personal data if the conditions of Art. 17 para. 1 GDPR are met. However, this right does not exist in particular if the processing is necessary for exercising the right to freedom of expression and information, to comply with a legal obligation, for reasons of public interest, or to assert, exercise, or defend legal claims.
4.4. Right to restriction of processing according to Art. 18 GDPR
You have the right to request the restriction of processing of your personal data while the accuracy of your disputed data is being verified, if you refuse the deletion of your data due to unlawful data processing and instead request the restriction of processing of your data, if you need your data to assert, exercise, or defend legal claims after we no longer need this data for the purpose, or if you have objected for reasons of your particular situation, as long as it is not yet determined whether our legitimate reasons prevail.
4.5. Right to information according to Art. 19 GDPR
If you have asserted the right to rectification, deletion, or restriction of processing against the controller, the controller is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or deletion of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients.
4.6. Right to data portability according to Art. 20 GDPR
You have the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request the transmission to another controller, insofar as this is technically feasible
4.7. Right to revoke given consents pursuant to Art. 7 para. 3 GDPR
You have the right to revoke any consent given to the processing of data at any time with effect for the future. Upon revocation, we will immediately delete the affected data unless further processing can be based on a legal basis for processing without consent. The revocation of consent does not affect the lawfulness of processing based on consent before its revocation.
4.8. Right to complain pursuant to Art. 77 GDPR
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, especially in the member state of your residence, workplace, or the place of the alleged infringement, if you believe that the processing of personal data concerning you violates the GDPR.
5. Right of objection
If we process your personal data based on our overriding legitimate interest within the framework of a balancing of interests, you have the right at any time to object to this processing for reasons arising from your particular situation with effect for the future. If you exercise your right of objection, we will stop processing the affected data. However, further processing remains reserved if we can prove compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves the assertion, exercise, or defense of legal claims.
If we process personal data to conduct direct advertising, you have the right to object at any time to the processing of personal data concerning you for the purposes of such advertising. You can exercise the objection as described above. If you exercise your right of objection, we will stop processing the affected data for direct advertising purposes.
6. Duration of storage of personal data
The duration of the storage of personal data is determined by the respective statutory retention period (e.g., commercial and tax law retention periods). After the period expires, the corresponding data will be routinely deleted, provided they are no longer required for contract fulfillment or contract initiation and/or we no longer have a legitimate interest in further storage.
7. Currency and changes to this privacy policy
This privacy policy is currently valid and is up to date as of May 2018. Due to changed legal or official requirements, it may become necessary to change this privacy policy. The current privacy policy can be accessed by you at any time on our website under the section "Privacy Policy".
- Choosing a selection results in a full page refresh.