Privacy Policy

Extended Privacy Policy

(Status: January 2026)

We appreciate your interest in our online shop InselGold. Protecting your personal data is important to us. Below, we inform you about the processing of your data when using our website in accordance with the General Data Protection Regulation (GDPR).

1. Data Controller

InselGold

Jasmin Sonja Hanke

Ul. Josipa Pupačića 45

51500 Krk, Croatia

Email: inselgoldinfo@gmail.com

Tel: +385995254922

2. What data we collect and why

a) When visiting the website:

IP address

Date and time of the request

Browser type and version

Operating system

Referrer URL

Purpose: System security, improvement of our services (Art. 6 para. 1 lit. f GDPR)

b) When placing an order/making a purchase:

First and last name

Address

Email address

Payment details (depending on the payment service provider)

Purpose: Contract processing (Art. 6 para. 1 lit. b GDPR)

c) When contacting us:

If you contact us by email, we store your message to process your request.

2a. Hosting via Wix

This website is hosted by Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel. Wix stores personal data on servers in the EU, the USA, and Israel.

According to the EU Commission, Israel is considered a safe third country with regard to data protection.

Further information: https://de.wix.com/about/privacy Legal basis: Art. 6 para. 1 lit. f GDPR

3. Disclosure to Third Parties

Payment Service Provider:

Payment processing via PayWay

We use the following payment service provider to process payments in our online shop:

PayWay d.o ... Radnička cesta 21

10000 Zagreb

Croatia

As part of the payment processing, the following personal data will be transmitted to PayWay, insofar as this is necessary for processing the payment:

• First and last name

• Invoice amount

• Payment method

• Billing and shipping address (if applicable)

• Payment and transaction data

The data is transmitted exclusively for the purpose of payment processing, invoicing, and, if necessary, fraud prevention.

The data is processed in accordance with PayWay's data protection regulations. We have no influence on the scope of the data collected by PayWay or its further processing.

Legal basis for data processing:

Art. 6 para. 1 lit. b GDPR (performance of a contract)

Further information on data processing by PayWay can be found in PayWay's privacy policy.

For payment processing, we may also share your data with the following providers:

PayPal (Europe) S.à r.l. et Cie, S.C.A.

Stripe Payments Europe, Ltd.

Data transfer is based on Art. 6 para. 1 lit. b GDPR.

Shipping service providers:

For delivery purposes, we only share your address and name with the delivery service we have commissioned (e.g., Croatian Post, DHL, GLS, Austrian Post, or similar).

Legal basis: Art. 6 para. 1 lit. b GDPR

3a. Orders in the online shop

When you place an order, we process the following data:

• First and last name

• Billing and delivery address

• Email address

• Payment information

• Products ordered

This data is required for:

• Contract processing

• Delivery of goods

• Invoicing

• Customer communication

Legal basis: Art. 6 para. 1 lit. b GDPR (performance of a contract)

4. Use of analysis and marketing tools

a) Google Analytics

We use Google Analytics to analyze website usage. Provider:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics uses cookies. The IP address is anonymized (IP anonymization is activated).

Legal basis: Your consent pursuant to Art. 6 para. 1 lit. a GDPR

You can withdraw your consent at any time.

b) Meta Pixel (Facebook Pixel)

We use the Meta Pixel to measure the effectiveness of Facebook advertising. Provider:

Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland.

The pixel allows us to assign website visitors to specific target groups ("Custom Audiences").

Legal basis: Consent pursuant to Art. 6 para. 1 lit. a GDPR

5. Cookies and similar tracking technologies

We use cookies to make our website more user-friendly.

Cookies are small text files that are stored on your device.

We distinguish between:

• Essential cookies (technically necessary)

• Functional cookies

• Analytics & marketing cookies (only with consent)

A cookie banner will be displayed on your first visit.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent) Art. 6 para. 1 lit. f GDPR (necessary)

Necessary cookies)

We use cookies and similar technologies to improve your user experience and analyze the use of our services. You can control the use of cookies through your browser settings.

For more information about the cookies we use and the purposes for which we use them, please see our Cookie Policy page.

Necessary cookies

We use cookies and similar technologies to improve your user experience and analyze the use of our services. You can control the use of cookies through your browser settings.

6. Your Rights

You have the right to:

Access (Art. 15 GDPR)

Recognition (Art. 16 GDPR)

Erasure (Art. 17 GDPR)

Restriction of processing (Art. 18 GDPR)

Data portability (Art. 20 GDPR)

Objection to processing (Art. 21 GDPR)

Withdrawal of your consent (Art. 7 para. 3 GDPR)

Lodging a complaint with a supervisory authority

7. Contact

If you have any questions about data protection, please contact:

Jasmin Sonja Hanke

Email: inselgoldinfo@gmail.com

Your privacy and the protection of your personal data are of utmost importance to us. This Privacy Policy (hereinafter: Policy) describes how we collect, use, share, and protect your personal data when you visit or use our website, services, applications, and other platforms (hereinafter: Services).

What data do we collect?

When you use our services, we may collect the following information about you:

• Contact information: First name, last name, email address, phone number, address;

• Usage information: Information about how you use our services, including the time, duration, and type of use;

• Technical information: IP address, browser type, browser version, our cookies used to improve the user experience;

• Data you enter into the contact form on the website, including the email address you provide to receive a response to your inquiry;

• Other data you voluntarily provide to us.

• Delivery information, such as your delivery address.

What do we use your data for?

We use your personal data for the following purposes: • Providing, improving, and personalizing our services,

Communicating with you, including responding to your inquiries,

Marketing purposes, with your prior consent,

Compliance with legal obligations,

Specifying the specific purposes for which the website owner uses visitor data.

Who is responsible for processing my data?

The website owner (Jasmin Sonja Hanke, Ul. Josipa Pupačića 45, 51500 Krk) is responsible for processing your data in accordance with the General Data Protection Regulation (GDPR).

Who will my data be shared with?

Your data may be shared with our partners and subcontractors as data processors pursuant to Article 28 GDPR if we engage them for specific tasks related to processing personal data. For example, we use our partner WIX.com LTD (hereinafter: WIX) as our website service provider.

All information regarding the processing of personal data by Wix can be found in their privacy policy at https://www.wix.com/about/privacy. Please note that in these cases, we remain responsible for the processing of your data as the data controller.

Furthermore, we may share data with our partners who offer services to you independently of your relationship with us. For example, if you order our partners' services through us, or if you give us your consent to share your data with partners, or if partners are involved in processing based on legal grounds.

Finally, we may disclose data to government agencies if we are legally obligated to do so.

Is my data subject to automated processing?

We do not use your data for processes that involve automated decision-making.

How long do we retain your personal data?

We retain your personal data only as long as necessary to fulfill the purpose for which it was collected.

... For example, we only store your email address for sending newsletters for as long as you are subscribed to receive our newsletter.

Where is my personal data processed?

We primarily process your data in the Republic of Croatia and in other countries of the European Union and the European Economic Area (EEA).

Only in exceptional cases do we transfer your data to so-called third countries, and in this case, we ensure appropriate measures to protect personal data, for example, by using the European Commission's Standard Contractual Clauses or by transferring data to countries for which the European Commission has issued a specific decision.

that they offer a sufficient level of protection for personal data.

Your rights regarding your data

According to the GDPR, you have the following rights:

• Right of access: You can request information about whether data concerning you is being processed, which categories of personal data are being processed, for what purposes the processing is carried out, which recipients of your data exist, and how long the data is stored (Article 15 GDPR);

• Right to rectification: You can request the rectification of inaccurate personal data or the completion of incomplete data (Article 16 GDPR);

• Right to erasure: You can request the erasure of your personal data in accordance with the provisions of Article 17 GDPR;

• Right to restriction of processing: You can request the restriction of the processing of your personal data in accordance with Article 18 GDPR;

• Right to object: You can object to the processing of your personal data based on legitimate interests in relation to certain data processing activities concerning you (Article 21(1) GDPR);

• Right to data portability: You can request that personal data you have provided to us in a structured, commonly used, and machine-readable format be transferred to another service provider (Article 20 GDPR);

• You have the right to withdraw your consent at any time, and your data processed on this basis will no longer be used.

To exercise your rights, you can contact us at inselgoldinfo@gmail.com.

In any case, you have the right to lodge a complaint with the competent supervisory authority – the data protection authority.

Data security

We take appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction.

This Privacy Policy may be updated from time to time. You will be notified of any changes via our website.

Contact Information

For questions regarding the collection and processing of your personal data or this statement, please contact us at inselgoldinfo@gmail.com.

Contacting Us

When you contact us by email or contact form, we store your information to process your request.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent) or Art. 6 para. 1 lit. f GDPR (legitimate interest)

Newsletter

When you subscribe to our newsletter, we process:

• Email address

• Name (if applicable)

The newsletter is only sent after double opt-in.

You can unsubscribe from the newsletter at any time.

Legal basis: Art. 6 para. 1 lit. a GDPR

Data Retention Period

We store personal data only as long as:

• the respective purpose exists

• statutory retention obligations exist

Afterwards, the data is deleted.

•Competent Supervisory Authority

Croatia:

Agencija za zaštitu osobnih podataka (AZOP)

https://azop.hr

•Data Security

We use technical and organizational security measures (SSL encryption) to protect your data.

•Changes to the Privacy Policy

We reserve the right to amend this Privacy Policy to reflect legal changes or new features.

Privacy Policy

Terms and Conditions

Safety statement

Impressum