Privacy Policy

Numopack GmbH respects your privacy and takes data protection seriously. In the following "Privacy Policy", we transparently describe how your personal data is processed.

"Personal data" refers to any information relating to an identified or identifiable natural person.

Unless otherwise specified below, providing your personal data is neither legally nor contractually required, nor necessary for concluding a contract. You are not obliged to provide your data, and failure to do so has no consequences. This applies only as long as no other indication is given in the following processing operations.

1. Who processes my personal data?

Your data is processed by the following responsible entity:

Numopack GmbH
20537 Hamburg
Normannenweg 16-18

2. Who can I contact regarding data protection questions or concerns?

For questions, concerns, or to exercise your rights, please contact the responsible entity or email: sales@numopack.de

3. What data is collected, processed, and used for order processing?

When you place an order, we collect and use your personal data only to the extent necessary to fulfill and process your order and to handle your inquiries. Providing your data is necessary for concluding the contract. Failure to provide it means that no contract can be concluded. Processing is based on Article 6(1)(b) GDPR, as it is required to fulfill a contract with you.

Your data will not be shared with third parties without your explicit consent, except for our service partners who are necessary for executing the contract. In addition to those mentioned in this privacy policy, these include:

Shipping providers

Payment service providers

Web hosting companies

IT and cloud service providers


In all cases, we strictly comply with legal regulations, and data sharing is kept to a minimum.

Once the contract has been fully executed, your data will be stored for the duration of the warranty period. After that, it will be retained in compliance with legal retention periods, particularly tax and commercial laws, and will be deleted after the retention period unless you have agreed to further processing and use.

4. Your Rights

If the legal requirements are met, you have the following rights under Articles 15-20 GDPR:

Right of access

Right to rectification

Right to erasure

Right to restriction of processing

Right to data portability


Additionally, you have the right to object under Article 21(1) GDPR to processing based on Article 6(1)(f) GDPR, including processing for direct marketing purposes.

Right of Access

You can request free information about which personal data we store about you, the purpose of processing, and its origin.

Right to Rectification

You have the right to correct your personal data. We strive to keep our records as accurate and up-to-date as possible. Please inform us of any changes or errors in your data.

Right to Erasure ("Right to be Forgotten")

You have the right to request the deletion of your personal data unless processing is necessary for:

Exercising the right to freedom of expression and information

Compliance with legal obligations under Union or Member State law

Performing a task in the public interest or in the exercise of official authority

Reasons of public interest in public health under Article 9(2)(h) and (i) GDPR

Archival, research, or statistical purposes in the public interest under Article 89(1) GDPR

The establishment, exercise, or defense of legal claims


Right to Restriction of Processing

You have the right to restrict the processing of your personal data, e.g., during the verification of its accuracy or if the purpose of processing has been fulfilled.

Right to Data Portability

You have the right to request that your personal data be provided in a machine-readable format. It can also be transferred to a third party of your choice, if technically feasible.

Right to Object

If processing is based on our legitimate interest under Article 6(1)(f) GDPR, you have the right to object at any time for reasons arising from your particular situation. After your objection, the processing will be stopped unless we can demonstrate compelling legitimate reasons that outweigh your interests, rights, and freedoms or if processing serves to establish, exercise, or defend legal claims.

If your personal data is processed for direct marketing purposes, you may object at any time. After an objection, we will cease processing your data for direct marketing.

Right to File a Complaint with a Supervisory Authority

According to Article 77 GDPR, you have the right to file a complaint with a supervisory authority if you believe that the processing of your personal data is unlawful.

5. How do we protect your personal data?

We have implemented various technical and organizational measures to protect your personal data, ensuring confidentiality, integrity, and availability.

Confidentiality: We prevent unauthorized disclosure of your personal data.

Integrity: We protect your data from unauthorized modification.

Availability: Only authorized persons have access when necessary.


Our data security measures include access security, backup systems, monitoring, audits, maintenance, and handling of security incidents.

6. When will my personal data be deleted?

Your personal data will be deleted or blocked once the storage purpose ceases to exist. Further storage may occur if required by European or national laws. Data will also be deleted when legally required retention periods expire, unless continued storage is necessary for contractual purposes.



II.COOKIES & SERVER LOG FILES

Cookies

Our website uses cookies to improve user experience, efficiency, and security. Some cookies are necessary for website functionality, while others analyze user behavior.

You can manage or disable cookies in your browser settings:

Chrome: Google Support

Internet Explorer: Microsoft Support

Mozilla Firefox: Mozilla Support

Safari: Apple Support


Server Log Files

Our website automatically collects and stores information in server log files, including:

Browser type and version

Operating system

Referrer URL

Hostname of accessing computer

Time of server request


This data is not linked to specific individuals and is deleted after 30 days, except when unlawful use is suspected.


III.ANALYTICS TOOLS

Google Analytics

We use Google Analytics for website analysis. The data is processed to evaluate website activity and improve user experience. IP addresses are anonymized.

You can opt out by installing the browser plugin: Google Analytics Opt-Out.


OBJECTION TO ADVERTISING EMAILS

The use of contact data published in the legal notice for sending unsolicited advertisements is prohibited. We reserve the right to take legal action in the event of spam emails.


CHANGES & UPDATES

From time to time, it may be necessary to adjust this Privacy Policy (e.g., due to changes in the legal framework). The current version can always be accessed at this address. Last update: March 13, 2025.