What are you looking for?

Privacy Policy

1. Introduction

1.1 We’re delighted to have you visiting our online shop. Protecting your personal data is extremely important to us. Below, we provide detailed information about how we handle your data. Personal data includes any information through which you can be personally identified.

1.2 Responsible for data processing on this website in accordance with the General Data Protection Regulation (GDPR) is NEOSPIRITUAL SELFCARE WEAR, Bellealliancestraße 6, 20259 Hamburg, Germany, Tel. (+49) 157 31091684, Email: privacy@neospiritual.de. The responsible party for the processing of personal data is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

2. Data Collection When Visiting Our Website

2.1 When you use our website for informational purposes only, that is, if you do not register or otherwise provide us with information, we collect only the data that your browser transmits to our server (so-called “server log files”). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

  • The website visited
  • Date and time of access
  • Amount of data sent in bytes
  • Source/reference from which you came to the page
  • Browser used
  • Operating system used
  • IP address used (if applicable: in anonymized form)

This processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the responsible party), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the string “https://” and the lock symbol in your browser line.

3. Cookies

To make your visit to our website attractive and to enable the use of certain functions, we use cookies, which are small text files stored on your device. Some of these cookies are deleted after you close your browser (so-called session cookies), while others remain on your device and allow us to recognize your browser on your next visit (persistent cookies). The storage duration of persistent cookies can be found in the cookie settings overview of your web browser.
If personal data is processed by individual cookies implemented by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR either for the performance of the contract, in accordance with Art. 6 para. 1 lit. a GDPR in case of consent given, or in accordance with Art. 6 para. 1 lit. f GDPR to protect our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the site visit.
You can set your browser to inform you about the setting of cookies and decide individually about their acceptance or exclude the acceptance of cookies for certain cases or generally. Please note that if cookies are not accepted, the functionality of our website may be limited.

4. Contact

When contacting us (e.g., via contact form or email), personal data is processed solely for the purpose of handling and responding to your request to the extent required.
The legal basis for processing these data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted if it can be inferred from the circumstances that the relevant issue has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

5. Data Processing When Opening a Customer Account

In accordance with Art. 6 para. 1 lit. b GDPR, personal data will continue to be collected and processed if you provide it to us when opening a customer account. The data required for the account opening can be seen from the input mask of the respective form on our website.
The deletion of your customer account is possible at any time and can be done by sending a message to the above-mentioned address of the responsible party. After deletion of your customer account, your data will be deleted provided that all contracts concluded via it have been fully processed, no statutory retention periods oppose, and there is no legitimate interest on our part in continuing to store the data.

6. Data Processing for Order Handling

6.1 To the extent necessary for the fulfillment of the contract for delivery and payment purposes, the personal data collected by us will be passed on to the commissioned transport company and the commissioned credit institution in accordance with Art. 6 para. 1 lit. b GDPR.
If we owe you updates for goods with digital elements or for digital products on the basis of a corresponding contract, we process the contact data provided by you at the time of the order (name, address, email address) in order to inform you within the framework of our statutory information obligations pursuant to Art. 6 para. 1 lit. c GDPR by appropriate means of communication (e.g., by post or email) about upcoming updates within the statutory period. Your contact data will be used strictly for the purpose of notifications about updates owed by us and will be processed by us only to the extent necessary for the respective information.
In order to process your order, we also cooperate with the following service provider(s), who support us in whole or in part in the execution of concluded contracts. Certain personal data will be transmitted to these service providers in accordance with the following information.

6.2 Transfer of Personal Data to Shipping Service Providers
DHL: We use the following provider for shipping: DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn, Germany. We pass on your email address and/or telephone number to DHL prior to the delivery of the goods for the purpose of coordinating a delivery date or delivery notification, provided you have given your express consent in the ordering process. Otherwise, we only provide the name of the recipient and the delivery address to DHL for the purpose of delivery. The transfer of this data is necessary for the delivery of the goods. In this case, it is not possible to coordinate the delivery date in advance with DHL or to announce the delivery.

Your consent can be revoked at any time with effect for the future either to the above-mentioned responsible party or to DHL.

6.3 Use of Payment Service Providers (Payment Services)
Paypal: This website offers one or more online payment methods from the following provider: PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg.

When selecting a payment method provided by PayPal, your payment data (including name, address, bank and payment card information, currency, and transaction number) as well as information about the content of your order will be passed on to PayPal in accordance with Art. 6 para. 1 lit. b GDPR for the purpose of processing the payment. The transfer of your data is only for the purpose of payment processing with PayPal and only to the extent necessary.
When choosing a payment method in which we make advance payments, you will be asked to provide certain personal data (first and last name, street, house number, postal code, city, date of birth, email address, telephone number, if applicable, data of an alternative payment method) in the order process.
To safeguard our legitimate interest in determining your ability to pay, these data will be forwarded by us to PayPal in accordance with Art. 6 para. 1 lit. f GDPR for the purpose of a credit check. PayPal uses the provided personal data as well as other data (such as shopping cart, invoice amount, order history, payment experience) to check whether the payment option you have selected can be granted in view of payment and/or bad debt risks.
The credit report may contain probability values (so-called score values). As far as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. Address data, among other things, are included in the calculation of the score values.
You can object to this processing of your data at any time by sending a message to us or PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual payment processing.

7. Use of Customer Data for Direct Advertising

7.1 Signing up for our Email Newsletter
If you sign up for our email newsletter, we will regularly send you information about our offers. The only mandatory information for sending the newsletter is your email address. Providing additional data is voluntary and will be used to address you personally. For the newsletter dispatch, we use the so-called double opt-in procedure, which ensures that you only receive newsletters if you have expressly confirmed your consent by activating a link sent to the provided email address.
By activating the confirmation link, you give us your consent for the use of your personal data in accordance with Art. 6 para. 1 lit. a GDPR. We store your IP address entered by the Internet Service Provider (ISP) as well as the date and time of registration to trace possible misuse of your email address at a later time. The data collected by us during registration for the newsletter will be used exclusively for the intended purpose.
You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending a message to the responsible party mentioned above. After unsubscribing, your email address will be immediately removed from our newsletter distribution list.

7.2 Mailchimp
This website uses the services of MailChimp to send out its newsletters. The provider is the Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
Among other things, MailChimp is a service that can be deployed to organize the sending of newsletters. Whenever you enter data for the purpose of subscribing to a newsletter (e.g. your e-mail address), the information is stored on MailChimp servers in the United States. MailChimp is in possession of a certification that is in compliance with the “EU-US-Privacy-Shield.” The “Privacy-Shield” is a compact between the European Union (EU) and the United States of America (USA) that aims to warrant the compliance with European data protection standards in the United States.

If you do not want MailChimp to receive your data, you must unsubscribe from the newsletter. We provide a link for you to do this in every newsletter message. Moreover, you can also unsubscribe from the newsletter right on the website.

The data is processed based on your consent (Art. 6 Sect. 1 lit. a GDPR).  You may revoke any consent you have given at any time by unsubscribing from the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place prior to your revocation.

The data deposited with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter or the newsletter service provider and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored for other purposes with us remain unaffected.

After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist to prevent future mailings. The data from the blacklist is used only for this purpose and not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). The storage in the blacklist is indefinite. You may object to the storage if your interests outweigh our legitimate interest.

For more details, please consult the Data Privacy Policies of MailChimp at: https://mailchimp.com/legal/terms/.

Execution of a contract data processing agreement

We have executed a so-called “Data Processing Agreement” with MailChimp, in which we mandate that MailChimp undertakes to protect the data of our customers and to refrain from sharing it with third parties.

7.3 Cart Reminders via Email
If you leave your shopping cart without completing your purchase, we can send you a one-time reminder email about the contents of your virtual cart.
To receive this reminder, we only need your email address. Providing additional information is optional and helps us address you personally. We use a double opt-in process to ensure you only receive notifications after you have confirmed your consent through a verification link sent to your email.
By clicking the confirmation link, you consent to us using your personal data according to Art. 6(1)(a) GDPR for sending cart reminders. We store your IP address, provided by your Internet Service Provider (ISP), along with the date and time of your registration, to trace any potential misuse of your email address. Data collected during your subscription to our email notification service is used strictly for this purpose.
You can unsubscribe from cart reminders at any time by notifying us via the contact information provided at the beginning of this document. Once you unsubscribe, your email address will be promptly removed from our mailing list unless you have explicitly consented to further use of your data or we are legally permitted to use your data for other purposes, which we will inform you about in this policy.

8. Web Analytics Services

8.1 Google (Universal) Analytics
Our website uses Google (Universal) Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), to analyze your use of our website.
By default, Google (Universal) Analytics places cookies on your device, which collect certain information, including your IP address. However, Google shortens your IP address to prevent it from being directly linked to you. The information collected is transmitted to Google’s servers and processed there, including possible transfers to Google LLC in the USA.
Google uses this information on our behalf to evaluate your website use, compile reports on website activity, and provide other services related to website and internet usage. The shortened IP address transmitted by your browser will not be merged with other data from Google. Data collected by Google Analytics is stored for two months and then deleted.
All these processes, especially cookie placement, occur only if you have given us your explicit consent per Art. 6(1)(a) GDPR. Without your consent, Google (Universal) Analytics will not be used during your visit. You can withdraw your consent at any time with future effect by disabling this service via the “Cookie-Consent-Tool” on our website.
We have a data processing agreement with Google to ensure the protection of our visitors’ data and prohibit unauthorized disclosure to third parties.
For more information on Google (Universal) Analytics, visit https://policies.google.com/privacy?hl=de&gl=de and https://policies.google.com/technologies/partner-sites

Demographic Features
Google (Universal) Analytics uses the “demographic features” function to generate statistics about the age, gender, and interests of site visitors. This data, derived from third-party advertising and information, helps identify target groups for marketing purposes. The data is anonymized and deleted after two months.

Google Signals
Our website may use Google Signals to create cross-device reports. If you have enabled personalized ads and linked your devices to your Google account, Google can analyze your behavior across devices, provided you have consented to the use of Google Analytics per Art. 6(1)(a) GDPR. We receive only anonymized statistics, not personal data. To stop cross-device analysis, disable “Personalized Advertising” in your Google account settings. Follow the instructions under following link: https://support.google.com/ads/answer/2662922?hl=de Further information about Google Signals can be found here: https://support.google.com/analytics/answer/7532985?hl=de

User IDs
Our website may use the “User IDs” function of Google (Universal) Analytics. If you consent to Google Analytics and have created an account on our site, your activities, including conversions, can be analyzed across devices. Data transfers to the USA are protected by the EU-US Data Privacy Framework.

8.2 Google Analytics 4
Our website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), to analyze your use of our website.
Google Analytics 4 places cookies on your device to collect certain information, including your IP address, which is shortened to prevent direct linkage to you. This information is transmitted to Google’s servers, including possible transfers to Google LLC in the USA.
Google uses this information on our behalf to evaluate your website use, compile reports on website activity, and provide other services related to website and internet usage. The shortened IP address transmitted by your browser will not be merged with other data from Google. Data collected by Google Analytics 4 is stored for two months and then deleted.
All these processes, especially cookie placement, occur only if you have given us your explicit consent per Art. 6(1)(a) GDPR. Without your consent, Google Analytics 4 will not be used during your visit. You can withdraw your consent at any time with future effect by disabling this service via the “Cookie-Consent-Tool” on our website.
We have a data processing agreement with Google to ensure the protection of our visitors’ data and prohibit unauthorized disclosure to third parties.
For more information on Google Analytics 4, visit https://policies.google.com/privacy?hl=de&gl=de and https://policies.google.com/technologies/partner-sites


Demographic Features
Google Analytics 4 uses the “demographic features” function to generate statistics about the age, gender, and interests of site visitors. This data, derived from third-party advertising and information, helps identify target groups for marketing purposes. The data is anonymized and deleted after two months.

Google Signals
Our website may use Google Signals to create cross-device reports. If you have enabled personalized ads and linked your devices to your Google account, Google can analyze your behavior across devices, provided you have consented to the use of Google Analytics per Art. 6(1)(a) GDPR. We receive only anonymized statistics, not personal data. To stop cross-device analysis, disable “Personalized Advertising” in your Google account settings. Follow the instructions under following link: https://support.google.com/ads/answer/2662922?hl=de Further information about Google Signals can be found here: https://support.google.com/analytics/answer/7532985?hl=de

User IDs
Our website may use the “User IDs” function of Google Analytics 4. If you consent to Google Analytics 4 and have created an account on our site, your activities, including conversions, can be analyzed across devices. Data transfers to the USA are protected by the EU-US Data Privacy Framework.

8.3 Google Tag Manager
Our website uses Google Tag Manager, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
Google Tag Manager provides a technical basis to bundle various web applications, including tracking and analytics services, and manage them through a unified interface. The Google Tag Manager itself does not store information or perform independent data analyses. However, it transfers your IP address to Google, where it may be stored. This processing occurs only if you have given us your explicit consent per Art. 6(1)(a) GDPR. Without your consent, Google Tag Manager will not be used during your visit. You can withdraw your consent at any time with future effect by disabling this service via the “Cookie-Consent-Tool” on our website.
We have a data processing agreement with Google to ensure the protection of our visitors’ data and prohibit unauthorized disclosure to third parties. Data transfers to the USA are protected by the EU-US Data Privacy Framework.


9. Retargeting/Remarketing and Conversion Tracking

9.1 Google Ads Remarketing
Our website uses retargeting technology from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
Google places a cookie in your browser, which allows for interest-based advertising based on the pages you visited. Additional data processing occurs only if you have agreed to link your browsing history and Google account for personalized ads. If you are logged in to Google during your visit, Google uses your data along with Google Analytics data to create cross-device remarketing lists. Personal data is temporarily linked with Google Analytics data to form target groups. Data transfers to Google LLC in the USA may occur.
All processing, especially cookie placement, occurs only with your explicit consent per Art. 6(1)(a) GDPR. Without your consent, retargeting technology is not used during your visit. You can withdraw your consent at any time with future effect by disabling this service via the “Cookie-Consent-Tool” on our website. Data transfers to the USA are protected by the EU-US Data Privacy Framework.

You can revoke your consent at any time with future effect. To exercise your revocation, please deactivate this service using the “Cookie-Consent-Tool” provided on the website. For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with European data protection levels based on an adequacy decision by the European Commission.

9.2 Google Ads Conversion-Tracking
This website uses the online advertising program “Google Ads” and, as part of Google Ads, the conversion-tracking of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). We use the Google Ads offer to draw attention to our attractive offers on external websites with the help of advertising materials (so-called Google AdWords). We can determine the success of individual advertising measures in relation to the data of the advertising campaigns. We pursue the aim of showing you advertisements that are of interest to you, making our website more interesting for you, and achieving a fair calculation of the advertising costs incurred.
The conversion-tracking cookie is set when a user clicks on a Google Ads ad. Cookies are small text files that are stored on your device. These cookies generally expire after 30 days and do not serve for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies cannot be tracked across the websites of Google Ads customers. The information obtained using the conversion cookie is used to create conversion statistics for Google Ads customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion-tracking tag. However, you do not receive information that can personally identify users.
As part of the use of Google Ads, personal data may also be transmitted to the servers of Google LLC. in the USA. Details on the processing triggered by Google Ads Conversion Tracking and Google’s handling of data from websites can be found here: https://policies.google.com/technologies/partner-sites
All the processing described above, in particular the setting of cookies for reading information on the device used, will only be carried out if you have given us your express consent in accordance with Art. 6 para. 1 lit. a DSGVO. You can revoke your given consent at any time with future effect by deactivating this service in the “Cookie-Consent-Tool” provided on the website.
You can permanently object to the setting of cookies by Google Ads Conversion Tracking by downloading and installing the browser plug-in available at the following link: https://www.google.com/settings/ads/plugin?hl=de
Please note that certain functions of this website may not be available or may be limited if you have deactivated the use of cookies. Google’s privacy policy can be viewed here: https://www.google.de/policies/privacy/

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with European data protection levels based on an adequacy decision by the European Commission.


10. Tools and Other

Cookie-Consent-Tool
This website uses a so-called “Cookie-Consent-Tool” to obtain effective user consent for cookies that require consent and cookie-based applications. The “Cookie-Consent-Tool” is displayed to users in the form of an interactive user interface when the page is accessed, where consent can be given for certain cookies and/or cookie-based applications. The tool ensures that all cookies/services that require consent are only loaded if the respective user grants their consent by ticking a checkbox. This ensures that such cookies are only set on the user’s device in the event of given consent.
The tool sets technically necessary cookies to save your cookie preferences. Personal user data is generally not processed in this process. If, in individual cases, the storage, allocation, or logging of cookie settings involves the processing of personal data (such as the IP address), this is done in accordance with Art. 6 para. 1 lit. f DSGVO based on our legitimate interest in a lawful, user-specific, and user-friendly consent management for cookies and thus in the legally compliant design of our online presence. Another legal basis for processing is Art. 6 para. 1 lit. c DSGVO. As the responsible party, we are legally obliged to make the use of technically unnecessary cookies dependent on the respective user consent.
Where necessary, we have concluded a processing agreement with the provider to ensure the protection of our website visitors’ data and to prevent unauthorized disclosure to third parties. Further information about the operator and the settings options of the Cookie-Consent-Tool can be found directly in the corresponding user interface on our website.

11. Rights of the Data Subject

11.1 The applicable data protection law grants you the following data subject rights (rights to information and intervention) concerning the processing of your personal data vis-à-vis the data controller, provided that the legal requirements are met:

  • Right to information according to Art. 15 DSGVO
  • Right to rectification according to Art. 16 DSGVO
  • Right to erasure according to Art. 17 DSGVO
  • Right to restriction of processing according to Art. 18 DSGVO
  • Right to notification according to Art. 19 DSGVO
  • Right to data portability according to Art. 20 DSGVO
  • Right to revoke consent given according to Art. 7 para. 3 DSGVO
  • Right to lodge a complaint according to Art. 77 DSGVO

11.2 Right to Object
If we process your personal data based on our overriding legitimate interest within the framework of a balancing of interests, you have the right at any time, for reasons arising from your particular situation, to object to this processing with effect for the future.
If you exercise your right to object, we will stop processing the data concerned. However, further processing is reserved if we can demonstrate compelling legitimate grounds for processing that outweigh your interests, fundamental rights, and freedoms, or if the processing serves the assertion, exercise, or defense of legal claims.
If your personal data is processed by us for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such advertising. You can exercise the objection as described above.
If you exercise your right to object, we will stop processing the data concerned for direct marketing purposes.

12. Duration of Storage of Personal Data

The duration of the storage of personal data is determined based on the respective legal basis, the processing purpose, and, where relevant, additionally based on the respective statutory retention period (e.g., commercial and tax retention periods).
When processing personal data based on an explicit consent according to Art. 6 para. 1 lit. a DSGVO, the data concerned will be stored until you revoke your consent. If there are statutory retention periods for data processed within the framework of legal or quasi-legal obligations based on Art. 6 para. 1 lit. b DSGVO, this data will be routinely deleted after the retention periods have expired, provided it is no longer required for contract fulfillment or contract initiation and/or we have no legitimate interest in further storage. When processing personal data based on Art. 6 para. 1 lit. f DSGVO, this data will be stored until you exercise your right to object according to Art. 21 para. 1 DSGVO, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights, and freedoms, or the processing serves the assertion, exercise, or defense of legal claims. When processing personal data for direct marketing purposes based on Art. 6 para. 1 lit. f DSGVO, this data will be stored until you exercise your right to object according to Art. 21 para. 2 DSGVO.
Unless otherwise stated in the other information in this declaration regarding specific processing situations, stored personal data will otherwise be deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.

13. Changes to the Privacy Policy

We reserve the right to adjust this privacy policy if necessary. Changes will be published on our website.

With love and respect,
Charlie & The NEOSPIRITUAL Gang