Privacy policy

Privacy Policy (GDPR Compliance)

Anna & Morgan

Frankenstraße 152, 90461 Nuremberg, Germany

Owner: Daniele Frischknecht

Website: www.annamorgantailoring.com

Email: dany@annamorgantailoring.com

Last updated: 22/08/2025

1. Introduction

This Privacy Policy explains how Anna & Morgan (“we”, “our”, “us”) collect, use, store, and protect your personal data in compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable German data protection laws (BDSG).

By accessing or using our website, you agree to the terms of this Privacy Policy.

2. Data Controller

The data controller responsible for processing your personal data is:

Anna & Morgan

Owner: Daniele Frischknecht

Frankenstraße 152, 90461 Nuremberg, Germany

Email: dany@annamorgantailoring.com

3. Categories of Data We Collect

We may collect and process the following categories of personal data:

- Identification Data: Name, title, date of birth (if provided)

- Contact Data: Billing address, shipping address, email address, phone number

- Order Data: Product details, customization specifications, transaction history

- Payment Data: Payment method, bank or card details (processed via secure payment service providers; we do not store full card numbers)

- Technical Data: IP address, browser type, device information, operating system, referral URLs

- Marketing Preferences: Newsletter subscriptions, communication preferences

- Customer Support Data: Any personal data you provide when contacting us

4. Purpose and Legal Basis of Processing

We process your personal data for the following purposes and legal bases:

- To process and fulfill your orders – Article 6(1)(b) Contract performance

- To manage payments and prevent fraud – Article 6(1)(b) & (f) Contract performance & Legitimate interests

- To respond to your inquiries and provide customer service – Article 6(1)(b) Contract performance

- To send order confirmations, invoices, and updates – Article 6(1)(b) Contract performance

- To comply with legal obligations (e.g., tax laws) – Article 6(1)(c) Legal obligation

- To send marketing communications (if consent is given) – Article 6(1)(a) Consent

- To improve our website and services – Article 6(1)(f) Legitimate interests

5. Cookies and Tracking

We use cookies and similar tracking technologies to enhance your browsing experience, analyze traffic, and measure campaign performance.

You may disable cookies in your browser settings, but this may limit website functionality. For details, please refer to our separate Cookie Policy.

6. Data Sharing and Transfers

We only share your personal data with trusted third parties when necessary for the performance of our services or as required by law:

- Logistics providers (e.g., DHL, UPS) for delivery purposes

- Payment processors (e.g., PayPal, Stripe) for secure transactions

- IT service providers for website hosting, email, and maintenance

- Legal and tax advisors when required by law

- Marketing service providers if you have consented to receive marketing communications

If we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place (e.g., EU Standard Contractual Clauses).

7. Data Retention

We retain your personal data only as long as necessary for the purposes described above or as required by law. In general:

- Order and invoice data: 10 years (German tax law requirement)

- Customer service communications: 3 years

- Marketing consent data: Until consent is withdrawn

8. Your Rights Under GDPR

You have the following rights regarding your personal data:

- Right of access – Request a copy of your personal data

- Right to rectification – Correct inaccurate or incomplete data

- Right to erasure – Request deletion of your data (subject to legal obligations)

- Right to restrict processing – Limit processing under certain conditions

- Right to data portability – Receive your data in a structured, machine-readable format

- Right to object – Object to processing based on legitimate interests or direct marketing

- Right to withdraw consent – Withdraw consent at any time (for consent-based processing)

To exercise your rights, contact us at dany@annamorgantailoring.com.

9. Data Security

We implement technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or alteration.

Despite these measures, no method of transmission over the Internet or electronic storage is 100% secure.

10. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The latest version is always available on our website.

11. Supervisory Authority

If you believe your rights under GDPR have been violated, you have the right to lodge a complaint with:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)

Promenade 18, 91522 Ansbach, Germany

Website: https://www.lda.bayern.de