Datenschutzerklärung

Privacy Policy

Last Updated: July 15, 2026

This Privacy Policy explains how mkminy.shop (“mkminy.shop,” “we,” “us,” or “our”) collects, uses, stores, discloses, and protects personal data when you visit our website, purchase products, contact customer service, create an account, subscribe to marketing communications, or otherwise interact with our online store.

We process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the German Federal Data Protection Act (“BDSG”), the German Telecommunications Digital Services Data Protection Act (“TDDDG”), and other applicable privacy and data protection laws.

By using our website, you acknowledge that your personal data will be processed as described in this Privacy Policy.

1. Data Controller

The data controller responsible for the processing of personal data through this website is the operator of:

Store Name: mkminy.shop
Website: mkminy.shop
Email: info@mkminy.shop

Further legal information concerning the website operator is available in our Legal Notice or Impressum.

For questions about this Privacy Policy or the processing of your personal data, please contact us at info@mkminy.shop.

2. Personal Data We Collect

Depending on how you interact with our website, we may collect the following categories of personal data.

2.1 Contact and Identification Information

We may collect:

  • Full name
  • Billing address
  • Shipping address
  • Email address
  • Telephone number
  • Account login information
  • Information provided when contacting customer service

2.2 Order and Transaction Information

When you place or attempt to place an order, we may collect:

  • Products ordered
  • Order number
  • Purchase amount
  • Currency
  • Discounts or promotional codes used
  • Payment status
  • Shipping method
  • Delivery and tracking information
  • Return, refund, cancellation, or complaint information

We generally do not directly store complete payment card details. Payment information is processed by authorized payment service providers selected during checkout.

2.3 Payment Information

Depending on the payment method you select, payment service providers may process:

  • Cardholder name
  • Billing address
  • Payment card details
  • Bank or payment account information
  • Transaction identifiers
  • Fraud-prevention and verification information

Payment service providers process personal data in accordance with their own privacy policies and legal obligations.

2.4 Device and Usage Information

When you visit our website, certain technical information may be collected automatically, including:

  • IP address
  • Browser type and version
  • Device type
  • Operating system
  • Language and regional settings
  • Referring website
  • Pages viewed
  • Date and time of access
  • Session information
  • Cookie identifiers
  • Shopping cart activity
  • Interactions with website features
  • Approximate location derived from an IP address

2.5 Customer Account Information

When customer accounts are available and you create an account, we may process:

  • Name
  • Email address
  • Password or authentication information
  • Saved addresses
  • Order history
  • Account preferences

Passwords are stored or processed in protected or encrypted form and are not visible to us in plain text.

2.6 Communications

When you contact us, we may process:

  • The content of your message
  • Your email address and contact details
  • Order-related information
  • Photographs or documents you provide
  • Records of customer service communications
  • Information necessary to investigate and resolve your request

2.7 Marketing Information

When you subscribe to marketing communications or provide valid marketing consent, we may process:

  • Email address
  • Marketing preferences
  • Consent records
  • Interaction with marketing emails
  • Purchase and browsing interests, where permitted

3. How We Collect Personal Data

We collect personal data from the following sources:

  • Directly from you when you place an order, create an account, subscribe to marketing communications, complete a form, or contact us
  • Automatically through cookies, server logs, pixels, and similar technologies
  • From payment service providers
  • From shipping and logistics providers
  • From fraud-prevention and security service providers
  • From Shopify and applications connected to our Shopify store
  • From advertising or analytics providers, where you have provided any legally required consent

4. Purposes and Legal Bases for Processing

We process personal data only when we have a valid legal basis under the GDPR.

4.1 Processing Orders and Performing Contracts

We process personal data to:

  • Accept and process orders
  • Receive and verify payments
  • Arrange shipping and delivery
  • Provide order confirmations and tracking information
  • Process cancellations, returns, exchanges, and refunds
  • Provide customer support relating to purchases
  • Manage customer accounts

The legal basis is Article 6(1)(b) GDPR, where processing is necessary to perform a contract or take steps at your request before entering into a contract.

4.2 Compliance With Legal Obligations

We may process and retain personal data to:

  • Meet tax and accounting obligations
  • Maintain legally required transaction records
  • Respond to lawful requests from authorities
  • Comply with consumer protection requirements
  • Comply with fraud-prevention, sanctions, or other regulatory obligations
  • Establish and document legal compliance

The legal basis is Article 6(1)(c) GDPR.

4.3 Legitimate Interests

We may process personal data where necessary for our legitimate interests, provided that those interests are not overridden by your fundamental rights and freedoms.

These legitimate interests may include:

  • Operating and improving our website
  • Securing our website and systems
  • Preventing fraud, misuse, and unauthorized transactions
  • Responding to customer enquiries
  • Managing business operations
  • Maintaining records of communications
  • Establishing, exercising, or defending legal claims
  • Measuring general website performance using privacy-compliant methods
  • Improving products, services, and customer experience

The legal basis is Article 6(1)(f) GDPR.

4.4 Consent

We rely on your consent where required for:

  • Non-essential cookies
  • Analytics technologies
  • Advertising and remarketing technologies
  • Personalized marketing
  • Email marketing where another legal basis does not apply
  • Other optional processing activities clearly identified when consent is requested

The legal basis is Article 6(1)(a) GDPR and, for storing or accessing information on your device, Section 25 TDDDG where applicable.

You may withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing carried out before consent was withdrawn.

5. Shopify Platform

Our online store is hosted and operated using the Shopify ecommerce platform.

Shopify processes certain personal data to provide services such as:

  • Website hosting
  • Store administration
  • Checkout functionality
  • Order management
  • Customer accounts
  • Security and fraud prevention
  • Technical support
  • Platform analytics
  • Payment-related functionality, where applicable

Depending on the processing activity, Shopify may act as a service provider, data processor, independent controller, or joint participant in the processing of personal data.

Personal data processed through Shopify may be stored or accessed in countries outside Germany or the European Economic Area. Where legally required, appropriate transfer safeguards are used, such as adequacy decisions, Standard Contractual Clauses, or other lawful transfer mechanisms.

6. Payment Service Providers

Payments are processed through the payment options displayed during checkout.

Payment service providers may receive information necessary to:

  • Authorize and complete payments
  • Confirm the identity of the payer
  • Prevent fraudulent transactions
  • Process refunds
  • Handle disputes or chargebacks
  • Meet financial and regulatory obligations

We only share information that is reasonably necessary to process the selected payment method.

Your payment provider may process personal data as an independent controller under its own privacy policy.

7. Shipping and Logistics Providers

We may share necessary personal data with shipping companies, fulfilment partners, warehouses, customs service providers, and logistics providers.

This information may include:

  • Recipient name
  • Shipping address
  • Telephone number
  • Email address
  • Order reference
  • Package information
  • Customs information, where required

The legal basis is Article 6(1)(b) GDPR because this processing is necessary to deliver your order.

Where shipment tracking communications are sent directly by a carrier, your email address or telephone number may be provided when necessary for delivery or where you have agreed to receive such updates.

8. Service Providers and Other Recipients

We may disclose personal data to carefully selected service providers that help us operate our business, including:

  • Shopify and ecommerce platform providers
  • Website hosting and IT service providers
  • Payment service providers
  • Shipping and fulfilment companies
  • Customer support providers
  • Accounting, auditing, and tax advisers
  • Legal advisers
  • Fraud-prevention and cybersecurity providers
  • Analytics providers, subject to consent where required
  • Advertising and marketing providers, subject to consent where required
  • Government agencies or courts where disclosure is legally required

Service providers that act as processors may only process personal data according to our documented instructions and must provide appropriate confidentiality and security protections.

We do not sell personal data in the ordinary meaning of selling customer information for monetary payment.

9. Cookies and Similar Technologies

Our website uses cookies and similar technologies.

Cookies are small files or pieces of information stored on or accessed from your device when you visit a website.

9.1 Strictly Necessary Cookies

Strictly necessary cookies are used to:

  • Operate the website
  • Maintain shopping cart functionality
  • Enable secure checkout
  • Remember privacy choices
  • Prevent fraud and protect website security
  • Maintain user sessions
  • Provide requested website functions

These cookies may be used without consent where they are strictly necessary to provide a service expressly requested by the user.

9.2 Preference Cookies

Preference cookies may remember choices such as:

  • Language
  • Region
  • Currency
  • Display preferences
  • Previously selected settings

Where required by law, these cookies are used only after consent has been provided.

9.3 Analytics Cookies

Analytics cookies help us understand how visitors use the website, such as:

  • Which pages are visited
  • How users navigate through the website
  • Whether technical errors occur
  • How website performance can be improved

Analytics cookies that are not strictly necessary are activated only after valid consent has been obtained.

9.4 Advertising Cookies

Advertising cookies and similar technologies may be used to:

  • Measure advertising performance
  • Limit repeated advertisements
  • Understand whether an advertisement resulted in a visit or purchase
  • Deliver more relevant advertising
  • Create advertising audiences

These technologies are used only after valid consent where required by law.

9.5 Managing Cookie Preferences

You can accept, reject, or manage non-essential cookies through the cookie banner or privacy settings displayed on our website.

You may withdraw or change your consent at any time through the available cookie settings.

You may also configure your browser to block or delete cookies. However, blocking strictly necessary cookies may prevent parts of the website or checkout from functioning correctly.

10. Marketing Communications

We may send marketing emails only when permitted by applicable law.

Where consent is required, you will receive marketing communications only after providing consent. We may use a confirmation procedure to verify your subscription.

You may unsubscribe at any time by:

  • Clicking the unsubscribe link in a marketing email
  • Contacting us at info@mkminy.shop

Unsubscribing from marketing communications does not prevent us from sending non-promotional messages necessary to process an order, provide customer service, issue legal notices, or administer your account.

11. Fraud Prevention and Website Security

We may process personal data to detect and prevent:

  • Fraudulent orders
  • Unauthorized payment activity
  • Account misuse
  • Security incidents
  • Automated attacks
  • Violations of our Terms of Service

This processing may involve evaluating transaction details, IP addresses, device information, payment status, ordering patterns, and other risk indicators.

The legal basis is Article 6(1)(f) GDPR and, where applicable, Article 6(1)(c) GDPR.

12. International Data Transfers

Some service providers may process personal data outside Germany or the European Economic Area.

Where personal data is transferred to a country that has not been recognized as providing an adequate level of data protection, we use legally recognized safeguards where required, including:

  • European Commission adequacy decisions
  • Standard Contractual Clauses
  • Supplementary technical and organizational safeguards
  • Other legally permitted transfer mechanisms

You may contact us for further information about the safeguards used for relevant international transfers.

13. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy.

Retention periods depend on:

  • The duration of our contractual relationship
  • The time needed to process an order, return, refund, or complaint
  • Statutory tax, accounting, and commercial record-keeping obligations
  • Limitation periods for potential legal claims
  • Fraud-prevention and security requirements
  • Whether consent remains valid
  • Whether an unresolved dispute or legal proceeding exists

When personal data is no longer required, it will be deleted, anonymized, or securely restricted, unless continued retention is required by law.

14. Your Rights Under the GDPR

Subject to the applicable legal requirements, you may have the following rights.

14.1 Right of Access

You may request confirmation as to whether we process your personal data and receive a copy of relevant personal data.

14.2 Right to Rectification

You may request correction of inaccurate personal data and completion of incomplete personal data.

14.3 Right to Erasure

You may request deletion of personal data where the legal conditions for deletion are met.

This right may be limited where processing is necessary to meet legal obligations, establish or defend legal claims, or exercise other legally protected rights.

14.4 Right to Restriction of Processing

You may request that processing be restricted in certain circumstances, including while the accuracy or lawfulness of processing is being reviewed.

14.5 Right to Data Portability

Where processing is based on consent or a contract and carried out by automated means, you may request relevant personal data in a structured, commonly used, machine-readable format.

You may also request that the data be transmitted directly to another controller where technically feasible.

14.6 Right to Object

You may object at any time to processing based on Article 6(1)(e) or Article 6(1)(f) GDPR for reasons relating to your particular situation.

We will stop processing the relevant data unless we demonstrate compelling legitimate grounds that override your rights or the processing is necessary for legal claims.

You may object to direct marketing at any time. When you object to direct marketing, your personal data will no longer be processed for that purpose.

14.7 Right to Withdraw Consent

Where processing is based on consent, you may withdraw that consent at any time.

Withdrawal does not affect processing that took place lawfully before the withdrawal.

14.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a competent data protection supervisory authority.

You may contact the supervisory authority responsible for your place of residence, place of work, the location of the alleged infringement, or the competent German state data protection authority.

15. How to Exercise Your Rights

To exercise a privacy right, contact us at:

Email: info@mkminy.shop
Recommended subject line: Privacy Request

Please explain which right you wish to exercise and provide sufficient information for us to identify the relevant data.

To protect customer information, we may request reasonable proof of identity before completing a request. We will use verification information only to confirm your identity and process the request.

We will respond within the period required by applicable law. In complex cases or where multiple requests are received, the response period may be extended where permitted by the GDPR. We will inform you of any lawful extension.

Privacy requests are generally processed free of charge. A reasonable fee may be charged or a request may be refused where it is manifestly unfounded or excessive, as permitted by law.

16. Automated Decision-Making

We do not generally make decisions based solely on automated processing that produce legal effects or similarly significant effects on customers.

Automated tools may be used to identify potentially fraudulent or high-risk transactions. Where a decision with a significant effect is made solely through automated processing, we will provide any information and rights required by applicable law.

17. Data Security

We implement appropriate technical and organizational measures designed to protect personal data against:

  • Unauthorized access
  • Accidental loss
  • Unlawful alteration
  • Unauthorized disclosure
  • Destruction
  • Misuse
  • Other unlawful processing

These measures may include encrypted data transmission, access controls, authentication procedures, security monitoring, restricted employee access, backups, and contractual confidentiality requirements.

No online system can be guaranteed to be completely secure. Customers should protect their account credentials and contact us promptly if they suspect unauthorized account activity.

18. Children’s Privacy

Our website and products are not directed at children.

We do not knowingly collect personal data directly from children where parental consent or another legal basis would be required. Where we learn that personal data has been collected unlawfully from a child, we will take appropriate steps to delete or restrict that data.

19. Third-Party Websites

Our website may contain links to third-party websites, social media platforms, payment services, or other external services.

We are not responsible for the privacy practices, security, or content of third-party websites. Customers should review the privacy policy of each third-party service before providing personal data.

20. Changes to This Privacy Policy

We may update this Privacy Policy when necessary to reflect:

  • Changes to our business practices
  • New website functions or services
  • Changes to service providers
  • Changes to legal or regulatory requirements
  • Security or operational improvements

The updated version will be published on this page with a revised “Last Updated” date.

Where required by law, we will provide additional notice or request renewed consent before making material changes that affect consent-based processing.

21. Contact Us

For questions, complaints, or requests concerning personal data or this Privacy Policy, please contact:

Store Name: mkminy.shop
Website: mkminy.shop
Email: info@mkminy.shop

We will review your request and respond in accordance with applicable data protection law.

 Daten.