Login

Language

Privacy policy

MHSA Gaedeke GmbH - privacy policy

The contract language is German. The legally binding version of our Terms and customer information is the German version.

1. Data Protection at a Glance

General Information

The following information provides an overview of what happens to your personal data when you visit our website or use our online shop. Personal data is any data by which you can be personally identified or that can reasonably be associated with you. Detailed information on data protection can be found in this Privacy Policy.

Data Collection on This Website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. The contact details can be found in the section “Information on the Controller” in this Privacy Policy.

How do we collect your data?

On the one hand, your data is collected when you provide it to us. This may include, in particular, data that you enter when placing an order, creating a customer account, contacting us, or communicating with us in any other way.

Other data is collected automatically or with your consent when you visit the website through our IT systems or integrated services. This primarily includes technical data, such as information about your device, browser, network connection, IP address, referrer information, times of page access, and information about your use of our website and our shop.

Personal data may also be processed by service providers and integrated partners or transmitted to us insofar as this is necessary for the provision of our shop, payment processing, shipping, communication, reach measurement, analytics, or marketing measures, and where the legal requirements for this are met.

What data do we process?

Depending on how you use our website and our shop, we process in particular the following categories of personal data:

  • Contact data such as name, billing address, shipping address, telephone number, and email address

  • Order and transaction data such as viewed products, shopping cart contents, purchases, returns, exchanges, or cancellations

  • Account information such as login credentials, settings, and preferences

  • Payment and billing information

  • Communication data when you contact us

  • Device, usage, and connection data

What do we use your data for?

We process your personal data in particular in order to:

  • provide our website and shop

  • process orders and payments

  • provide a customer account

  • enable deliveries, returns, and other transactions

  • communicate with you

  • ensure the security of our website and shop

  • improve our offering technically and in terms of content

What rights do you have regarding your data?

You have the right at any time to receive free information about your personal data stored by us, its origin, recipients, and the purpose of the processing. You also have a right to rectification, erasure, restriction of processing, data portability, and to lodge a complaint with the competent data protection supervisory authority. Any consent you have given may be revoked at any time with effect for the future.

2. Hosting, Technical Provision and Shop System

Our website uses a shared technical infrastructure.

Hosting and Email Infrastructure via ALL-INKL

The domain ms-sucra.de and our business email infrastructure are provided via ALL-INKL.COM – Neue Medien Münnich. In the context of hosting, personal data may be processed, in particular IP addresses, browser information, technical connection data, times of access, and data in log files. All-Inkl states that log files are processed when the website is provided and that these are generally deleted no later than after seven days, although longer storage may be possible in individual cases, for example to defend against attacks on information technology systems.

The provider is:
ALL-INKL.COM – Neue Medien Münnich
Hauptstraße 68
02742 Friedersdorf
Germany

ALL-INKL is used on the basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure, stable, and reliable provision of our website and our business email communication.

Shop System via Shopify

Our online shop, including product pages, shopping cart, customer account, order processing, and checkout, is provided via Shopify. Shopify makes it possible to display shop functions under a connected custom domain and to store shop policies in the Shopify admin area. Shopify also provides functions for managing privacy and shop settings.

The provider is:
Shopify International Ltd.
Attn: Data Protection Officer
c/o Intertrust Ireland
2nd Floor, 1-2 Victoria Buildings
Haddington Road
Dublin 4, D04 XN32
Ireland

Where necessary, data may also be processed by affiliated companies of Shopify, in particular by:

Shopify Inc.
151 O’Connor Street, Ground Floor
Ottawa, Ontario K2P 2L8
Canada

In connection with the use of the shop, contact data, order and transaction data, account information, payment information, communication data, and technical usage data are processed in particular insofar as this is necessary for providing and improving the shop and for carrying out orders.

Shopify is used on the basis of Art. 6(1)(b) GDPR insofar as the processing is necessary for taking steps prior to entering into a contract or for the performance of a contract, and on the basis of Art. 6(1)(f) GDPR due to our legitimate interest in a functional and user-friendly online shop.

As a rule, Shopify processes personal data in connection with providing the shop infrastructure on our behalf or in order to carry out the shop functions we use.

Insofar as Shopify processes personal data beyond this for its own purposes, in particular for the provision, security, further development, or optimization of Shopify’s own services and functions, such processing takes place under Shopify’s responsibility under data protection law.

Further information can be found in Shopify’s privacy policy.

3. Information on the Controller

The controller responsible for data processing on this website is:

MHSA Gaedeke GmbH
represented by the managing directors Marietta Gädeke and Hasan Eisso
Kapuzinerstr. 7-9
55116 Mainz
Germany

Phone: +49 176 641 369 17
Email: mg@ms-sucra.de

The above address at Kapuzinerstr. 7-9, 55116 Mainz is the administrative and business address of the controller.

Our physical store is located at Weißliliengasse 19, 55116 Mainz. If you contact us there in person or use services provided by our physical store, the data processing is also carried out by the controller named above.

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data. The identity of the controller and its contact details are part of the mandatory information under Art. 13 GDPR.

4. Storage Period

Unless a more specific storage period has been stated within this Privacy Policy, your personal data will remain with us only for as long as this is necessary for the respective processing purposes. The data will then be deleted unless statutory retention obligations or other legal reasons prevent deletion. Under the information obligations of the GDPR, the Privacy Policy must state the duration of storage or, if this is not possible, the criteria used to determine that duration.

In particular, we store personal data that we process for contract performance for as long as this is necessary to carry out the contractual relationship, including any reversals, returns, warranty cases, and accounting documentation obligations.

We store data that you send to us when contacting us for as long as this is necessary to process your request and any follow-up questions.

Where statutory retention obligations apply, deletion will take place only after the respective periods have expired.

5. Legal Bases for Data Processing

We process your personal data only insofar as there is a legal basis for doing so. The GDPR requires that data subjects be informed of the respective legal basis of the processing.

If you have consented to processing, we process your personal data on the basis of Art. 6(1)(a) GDPR. This applies in particular to processing operations for which prior consent is required, for example for certain cookies, tracking, or marketing measures. You may revoke any consent you have given at any time with effect for the future.

If processing is necessary for the performance of a contract or for carrying out pre-contractual measures, it is carried out on the basis of Art. 6(1)(b) GDPR. This concerns in particular processing in connection with orders, payments, shipping, customer accounts, returns, and the handling of contract-related inquiries.

If processing is necessary to comply with a legal obligation, it is carried out on the basis of Art. 6(1)(c) GDPR. This concerns in particular retention and documentation obligations under commercial and tax law.

If processing is necessary for the purposes of our legitimate interests or the legitimate interests of a third party and no overriding interests of the data subject require protection, it is carried out on the basis of Art. 6(1)(f) GDPR. This concerns in particular the technical provision of our website, ensuring IT security, the stability of operations, the handling of general inquiries, and the establishment, exercise, or defense of legal claims.

If, in individual cases, special categories of personal data are processed, this will only be done within the framework of the applicable legal requirements.

6. Your Rights

Within the framework of the applicable legal provisions, you have the following rights with regard to your personal data:

Right of Access

You have the right to request information as to whether we process personal data concerning you. If this is the case, you have the right to information about this data as well as further information about the processing.

Right to Rectification

You have the right to request the immediate rectification of inaccurate personal data. Taking into account the purposes of the processing, you also have the right to request that incomplete personal data be completed.

Right to Erasure

You have the right to request the erasure of your personal data insofar as the legal requirements for this are met.

Right to Restriction of Processing

You have the right to request the restriction of processing of your personal data insofar as the legal requirements for this are met.

Right to Data Portability

You have the right to receive personal data that you have provided to us and that we process by automated means on the basis of your consent or for the performance of a contract in a commonly used, machine-readable format, or – where technically feasible – to have it transmitted to another controller.

Right to Object

Insofar as we process your personal data on the basis of Art. 6(1)(e) or (f) GDPR, you have the right, on grounds relating to your particular situation, to object at any time to the processing.

If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing purposes. If you object, we will no longer use your personal data for direct marketing purposes.

Right to Withdraw Your Consent

You have the right to withdraw any consent already given at any time with effect for the future. The lawfulness of the processing carried out before the withdrawal remains unaffected.

Right to Lodge a Complaint with the Competent Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates the GDPR.

7. SSL or TLS Encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content.

You can recognize an encrypted connection by the fact that the address line of your browser changes from http:// to https:// and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot generally be read by unauthorized third parties. For domains connected to Shopify, Shopify provides HTTPS/TLS certificates.

8. Cookies and Consent Management

Our website uses cookies and comparable technologies. Cookies are small text files that are stored on your device or that can read certain information from your device. They serve to provide the website technically, make it user-friendly, enable certain functions, and – if you have consented – support analytics and marketing measures.

Some of the cookies and technologies used are technically necessary so that the website and online shop function properly. These include in particular functions relating to page display, security, shopping cart use, language settings, session control, and order processing. We use such technically necessary cookies and technologies on the basis of Art. 6(1)(f) GDPR and Section 25(2) TDDDG. Our legitimate interest lies in the secure, stable, and functional provision of our website and our online shop.

Insofar as cookies or comparable technologies are not technically necessary, we use them only on the basis of your consent pursuant to Art. 6(1)(a) GDPR and Section 25(1) TDDDG. This concerns in particular cookies and technologies for analytics, statistics, personalization, and marketing purposes. Any consent you have given can be revoked or adjusted at any time with effect for the future.

To obtain, manage, and document your consent, we use the cookie banner or the customer privacy functions provided by Shopify within our Shopify shop. Through these, consent can be obtained, managed, and documented for certain cookies, tracking, and marketing measures.

In particular, your consent decision, timestamps, browser information, device information, a shortened IP address, and technical log data may be processed insofar as this is necessary for the legally compliant documentation of your selection and for controlling privacy-related settings.

You can adjust your cookie settings at any time via the consent tool we use.

9. Server Log Files

When you visit our website, the hosting provider automatically collects and stores information in so-called server log files. This concerns in particular the following data:

  • Browser type and browser version

  • Operating system used

  • Referrer URL

  • Hostname of the accessing computer

  • Time of the server request

  • IP address

This data is collected in order to ensure the technical provision, stability, and security of the website.

The processing is carried out on the basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure and trouble-free provision of our website as well as in the detection and defense against misuse and attempted attacks.

Insofar as log file processing takes place via our hosting provider ALL-INKL.COM – Neue Medien Münnich, the log files are generally deleted no later than after seven days according to its information. Longer storage may take place in individual cases if this is necessary, for example, to investigate or defend against attacks on information technology systems.

10. Contacting Us

If you contact us via contact form, email, telephone, or WhatsApp, we process the personal data you provide insofar as this is necessary to handle your inquiry, communicate with you, and initiate or perform a contract.

In particular, the following data may be processed:

  • Name

  • Email address

  • Telephone number

  • Content of your message

  • Any further information provided by you

  • When using the contact form, additional technical metadata in connection with the transmission

  • When using WhatsApp, additionally your mobile phone number, profile information, and communication metadata

The processing is carried out on the basis of Art. 6(1)(b) GDPR insofar as your inquiry is connected with the initiation or performance of a contract. In all other cases, processing is carried out on the basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in the efficient and customer-friendly handling of inquiries as well as in communication with interested parties and customers.

Contact Form

If you send us inquiries via contact form, your details from the form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions.

Contact by Email or Telephone

If you contact us by email or telephone, we process your inquiry including all personal data resulting from it for the purpose of handling your request.

Communication via WhatsApp

If you communicate with us via WhatsApp, we process the data transmitted in this context in order to handle your inquiry and communicate with you.

The provider of WhatsApp is:
WhatsApp Ireland Limited
4 Grand Canal Square
Grand Canal Harbour
Dublin 2
Ireland

Please note that when using WhatsApp, personal data may also be processed by WhatsApp or companies of the Meta group. Communication via WhatsApp is voluntary. If you do not want this, you can contact us at any time via the other contact channels provided, in particular by email or telephone.

11. Customer Account / Registration

You have the option of creating and using a voluntary customer account on our website. The customer account serves to make shopping with us more convenient and to provide you with certain self-service functions.

For this purpose, we use the standard Shopify Customer Accounts function without any additional third-party app. Shopify describes these customer accounts as including functions such as viewing and managing orders, editing profile information, storing addresses, and – in the case of new customer accounts and depending on the activated settings – functions such as self-service returns, reordering, store credit, and saved payment methods.

In connection with the registration and use of the customer account, we process in particular the following personal data:

  • Name

  • Email address

  • Login or authentication data

  • Saved addresses

  • Order history and order status

  • Profile information

  • Where applicable, saved payment methods

  • Where applicable, information on returns, store credit, and repeat orders

The customer account is voluntary. Insofar as a purchase is also possible without a customer account, the use of the customer account is based on your decision to use this function. The processing of your data in connection with the customer account is carried out on the basis of Art. 6(1)(b) GDPR insofar as it is necessary for providing the customer account and the associated functions.

If you no longer wish to use your customer account, you may request its deletion. Statutory retention obligations and data required for already completed contractual relationships remain unaffected.

12. Processing of Customer and Contract Data / Orders

We process personal data insofar as this is necessary for the initiation, performance, and handling of orders via our online shop.

If you place an order via our shop, we process in particular the following personal data:

  • Name

  • Billing and shipping address

  • Email address

  • Telephone number, if provided

  • Ordered products

  • Order number

  • Order and shipping information

  • Information on selected delivery options

  • Where applicable, details in connection with redeemed vouchers or discount codes

  • Communication data in connection with your order

The processing is carried out for the purpose of contract handling, in particular for receiving and processing your order, providing the shopping cart and checkout, preparing shipping, handling delivery, and communicating with you in connection with your order.

Purchases in our online shop are also possible without a customer account. The processing of your data in connection with orders is carried out on the basis of Art. 6(1)(b) GDPR.

Shipping and Order Handling

We process and package the orders ourselves. For shipping, we currently use DHL in particular. However, we reserve the right to use other suitable shipping service providers depending on the destination region, shipping method, or organizational requirements.

Insofar as this is necessary for the delivery of your order, we transmit the necessary data to the shipping service provider commissioned in each case. This generally includes your name, your shipping address, and – where necessary – further contact details required for delivery.

Guest Orders

You may also place orders in our shop as a guest without creating a customer account. In this case, we process the data you provide in the course of the ordering process exclusively for the purpose of carrying out and handling your order and fulfilling statutory obligations.

Discount Codes and Vouchers

Our shop technically offers the possibility of redeeming discount codes or vouchers. If you use such a function, we process the data required for this in the context of order handling.

Returns, Exchanges, and Cancellations

If you contact us with a request concerning a return, exchange, or cancellation, or if you exercise corresponding rights or options in connection with your order, we process the personal data required for handling and completing the respective process. This may include, in particular, order and contact data, details about the product concerned, information on the reason for the request, and communication data.

The processing is carried out on the basis of Art. 6(1)(b) GDPR insofar as it is necessary for carrying out the contractual relationship or for handling pre-contractual or contract-related matters.

13. Payment Services

For processing payments in our online shop, we use external payment service providers. Depending on the selected payment method, the data required for payment processing is transmitted to the respective payment service provider.

The processing is carried out for the purpose of payment processing and on the basis of Art. 6(1)(b) GDPR.

In particular, the following data may be processed:

  • Name

  • Billing address

  • Shipping address

  • Email address

  • Telephone number, if provided

  • Order number

  • Order amount

  • Payment method

  • Transaction data

  • IP address

  • Device and browser information, insofar as this is necessary for fraud prevention or payment processing

Shopify Payments

We use Shopify Payments to process online payments in our shop. Shopify Payments enables the processing of card and wallet payments as well as certain local payment methods. Shopify describes European Shopify Payments setups as including card payments, accelerated checkouts, and local payment methods such as Klarna.

The provider is:
Shopify International Ltd.
Attn: Data Protection Officer
c/o Intertrust Ireland
2nd Floor, 1-2 Victoria Buildings
Haddington Road
Dublin 4, D04 XN32
Ireland

Where necessary, data may also be processed by affiliated companies of Shopify, in particular by:

Shopify Inc.
151 O’Connor Street, Ground Floor
Ottawa, Ontario K2P 2L8
Canada

Via Shopify Payments, we currently offer in particular the following payment methods:

Cards

  • Visa

  • Mastercard

  • American Express

  • Maestro

  • UnionPay

Wallets / Accelerated Checkouts

  • Apple Pay

  • Google Pay

  • Shop Pay

Local Payment Methods

  • Klarna

Which payment methods are actually displayed to you at checkout may depend on your device, your location, your selection in checkout, and the technical and contractual requirements of the respective payment service.

PayPal

We also offer payments via PayPal.

The provider is:
PayPal (Europe) S.à r.l. et Cie, S.C.A.
22-24 Boulevard Royal
L-2449 Luxembourg

If you choose PayPal as your payment method, the personal data required for payment processing is transmitted to PayPal. This generally concerns identity, contact, order, and payment data as well as, where applicable, further data required for fraud prevention, authentication, or transaction handling.

Fraud Prevention and Risk Assessment

In connection with payment processing, the payment service providers used may process technical data, device information, IP addresses, transaction data, and other risk-relevant information insofar as this is necessary for fraud prevention, authentication, security checks, and the prevention of payment defaults.

14. Newsletter and Email Communication

We use Shopify Email to send newsletters, marketing emails, and automated email communication. In addition, we also send transaction-related messages by email, in particular in connection with orders, customer accounts, and other communication with you. Shopify describes Shopify Email as an integrated tool for manual and automated email campaigns within the Shopify system.

Newsletter Subscription

If you subscribe to our newsletter, we process the data entered by you in the subscription form. This includes in particular:

  • First name

  • Last name

  • Email address

Subscription to our newsletter takes place using the double opt-in procedure. This means that after registration, we send you an email in which you must verify your subscription by clicking a confirmation link. In this way, we ensure that no one can subscribe using someone else’s email address.

In the context of the double opt-in procedure, we additionally process technical and evidentiary data, in particular:

  • IP address

  • Date and time of registration

  • Date and time of confirmation

  • Technical information relating to the registration and confirmation

The processing is carried out on the basis of your consent pursuant to Art. 6(1)(a) GDPR.

Sending Newsletters and Marketing Emails

If you have subscribed to our newsletter or if we are legally permitted to send you marketing emails, we process your data in order to send you information about our products, offers, news, and other company-related content.

This may also include automated emails, for example in connection with marketing campaigns or recurring customer communication within Shopify Email. Shopify expressly describes Shopify Email as also being suitable for automated emails.

The processing is carried out on the basis of your consent pursuant to Art. 6(1)(a) GDPR or – where applicable – on the basis of the legal requirements for marketing to existing customers.

You can revoke your consent at any time with effect for the future, in particular via the unsubscribe link in every newsletter email or by sending us a message.

Performance Measurement and Interaction Analysis

Our newsletters and marketing emails may include measurement of opens, clicks, and other interactions. In particular, this evaluates whether an email has been opened, which links have been clicked, and how users interact with the content sent.

This processing serves to analyze and optimize our email communication, improve content, and design future campaigns in a user-oriented manner.

The processing is carried out on the basis of your consent pursuant to Art. 6(1)(a) GDPR.

Transactional Emails

Irrespective of a newsletter subscription, we send you emails insofar as this is necessary for the performance of our contractual relationship or for handling your request. This includes in particular:

  • Order confirmations

  • Shipping information

  • Information relating to your customer account

  • Messages in connection with inquiries, returns, exchanges, or cancellations

  • Security-related or account-related emails

These emails do not primarily serve advertising purposes, but rather the implementation and handling of our services. In this respect, the processing is carried out on the basis of Art. 6(1)(b) GDPR.

Service Used

We use Shopify Email within our Shopify shop for newsletters, marketing emails, and automated email communication.

The provider is:
Shopify International Ltd.
Attn: Data Protection Officer
c/o Intertrust Ireland
2nd Floor, 1-2 Victoria Buildings
Haddington Road
Dublin 4, D04 XN32
Ireland

Where necessary, data may also be processed by affiliated companies of Shopify, in particular by:

Shopify Inc.
151 O’Connor Street, Ground Floor
Ottawa, Ontario K2P 2L8
Canada

15. Accounting Software / BuchhaltungsButler

We use BuchhaltungsButler to process accounting-related operations. The integration serves in particular the automated transfer of payment and order data into our accounting.

The provider is:
BuchhaltungsButler GmbH
An der Schillingbrücke 4
10243 Berlin
Germany

In connection with the use of BuchhaltungsButler, the following personal data may in particular be processed:

  • Order and invoice data

  • Payment data and payout information from Shopify Payments

  • Customer name

  • Email address

  • Telephone number, if available

  • Billing and shipping address

  • Transaction-related information in connection with orders, payments, and booking processes

  • Technical information insofar as this is processed within the scope of the integration, such as IP address, device information, and browser and operating system information

The integration may access order data, including past and future orders, as well as payout data from Shopify Payments insofar as this is necessary for the provision and usefulness of the integration.

The processing is carried out for the purpose of ongoing accounting, payment reconciliation, and the preparatory commercial and tax-related processing of business transactions.

The processing is carried out on the basis of Art. 6(1)(c) GDPR insofar as it is necessary for compliance with statutory retention, documentation, and accounting obligations, as well as on the basis of Art. 6(1)(f) GDPR due to our legitimate interest in proper, efficient, and traceable bookkeeping.

16. Communication Services within Shopify

We use supplementary communication functions within our Shopify system insofar as this is necessary for handling customer inquiries, managing communication processes, and technically organizing our customer communication.

In this context, the following data may in particular be processed:

  • Name

  • Email address

  • Telephone number

  • Communication content

  • Technical usage data

The processing is carried out on the basis of Art. 6(1)(b) GDPR insofar as it serves the performance or initiation of a contract, and otherwise on the basis of Art. 6(1)(f) GDPR due to our legitimate interest in efficient and customer-friendly communication.

The provider is:
Shopify International Ltd.
Attn: Data Protection Officer
c/o Intertrust Ireland
2nd Floor, 1-2 Victoria Buildings
Haddington Road
Dublin 4, D04 XN32
Ireland

Where necessary, data may also be processed by affiliated companies of Shopify, in particular by:

Shopify Inc.
151 O’Connor Street, Ground Floor
Ottawa, Ontario K2P 2L8
Canada

17. Sales Channels and Platform Integrations

17.1 TikTok

We use TikTok as a connected sales channel and marketing/advertising channel within our Shopify system. Via the TikTok integration, products, marketing measures, tracking, and sales functions can be connected with TikTok. The integration includes, among other things, access to customer data, browsing behavior, client ID cookies, discounts, marketing events, order information, and tracking and web pixels. The TikTok Partner Privacy Policy also describes the processing of identification data, contact data, device and usage data, event data, and data from partner integrations.

In connection with the use of TikTok, the following personal data may in particular be processed:

  • Name

  • Email address

  • Telephone number

  • Address and location data

  • IP address

  • Device information

  • Browser and operating system information

  • Geolocation data

  • Browsing behavior

  • Client ID cookies

  • Order and shipping information

  • Discount and marketing information

  • Tracking, event, and pixel data

The processing is carried out in particular for the following purposes:

  • Advertising and marketing our products on TikTok

  • Delivery and optimization of advertising campaigns

  • Reach and conversion measurement

  • Technical linking of product, inventory, and shop data with TikTok

  • Analysis of user and purchasing behavior

Insofar as the processing is necessary for the performance of a contract or for pre-contractual measures, it is carried out on the basis of Art. 6(1)(b) GDPR. Insofar as TikTok is used for marketing, tracking, and analytics purposes, the processing is carried out on the basis of Art. 6(1)(a) GDPR where consent is required, and otherwise on the basis of Art. 6(1)(f) GDPR.

The provider is:
TikTok Technology Limited
10 Earlsfort Terrace
Dublin 2
D02 T380
Ireland

and, where applicable, affiliated TikTok companies.

17.2 Facebook & Instagram

We use Facebook & Instagram as connected sales and marketing channels within our Shopify system. The integration includes, in particular, access to customer data, geolocation data, browsing behavior, client ID cookies, orders, shipping information, product data, discount codes, web pixels, and marketing events.

In connection with the use of Facebook & Instagram, the following personal data may in particular be processed:

  • Name

  • Email address

  • Telephone number

  • Address and location data

  • IP address

  • Device information

  • Browser and operating system information

  • Geolocation data

  • Browsing behavior

  • Client ID cookies

  • Order and shipping information

  • Discount and promotion data

  • Pixel, tracking, and analytics information

The processing is carried out in particular for the following purposes:

  • Managing our presence on Facebook and Instagram

  • Publishing and marketing our products

  • Delivery and optimization of marketing measures

  • Conversion measurement and analysis of user interactions

  • Technical synchronization of product, shop, and campaign data with Meta services

Insofar as the processing is necessary for the performance of a contract or for pre-contractual measures, it is carried out on the basis of Art. 6(1)(b) GDPR. Insofar as cookies, pixels, or comparable tracking technologies are used, the processing is carried out — where required — on the basis of Art. 6(1)(a) GDPR and Section 25(1) TDDDG. Otherwise, the processing is carried out on the basis of Art. 6(1)(f) GDPR.

The provider is:
Meta Platforms Ireland Limited
Merrion Road
Dublin 4
D04 X2K5
Ireland

Meta’s Privacy Policy describes the processing of contact data, usage data, device information, cookie information, partner data, and location data in connection with Meta products.

17.3 Pinterest

We use Pinterest as a connected sales channel and marketing channel within our Shopify system. The Pinterest integration includes, in particular, access to customer data, IP address, device information, browsing behavior, client ID cookies, discount and marketing data, product data, product feeds, and web pixels. In its Privacy Policy, Pinterest describes, among other things, the processing of contact information, usage data, device data, log data, cookie/similar technologies, and data from partner sources.

In connection with the use of Pinterest, the following personal data may in particular be processed:

  • Name

  • Email address

  • Telephone number

  • Address and location data

  • IP address

  • Device information

  • Browser and operating system information

  • Browsing behavior

  • Client ID cookies

  • Marketing and interaction data

  • Product and feed data

  • Tracking and pixel data

The processing is carried out in particular for the following purposes:

  • Publishing and marketing our products on Pinterest

  • Delivery and optimization of marketing measures

  • Reach and conversion measurement

  • Technical linking of product data and product feeds with Pinterest

  • Analysis of interaction with our content and offers

Insofar as cookies, pixels, or comparable technologies are used, the processing is carried out — where required — on the basis of Art. 6(1)(a) GDPR and Section 25(1) TDDDG. Insofar as the processing is carried out for other marketing, sales, and analytics purposes, we base it on Art. 6(1)(f) GDPR. Insofar as specific ordering or contractual processes are concerned, the processing is carried out on the basis of Art. 6(1)(b) GDPR.

For users in the EEA, the provider is in particular according to the Pinterest Privacy Policy:

Pinterest Europe Ltd.
Palmerston House, 2nd Floor
Fenian Street
Dublin 2
Ireland

and, where applicable, affiliated Pinterest companies.

17.4 Shop

We use Shop by Shopify as an additional sales channel within the Shopify ecosystem. This sales channel includes, among other things, access to customer data, geolocation data, IP address, device information, analytics, marketing events, order histories, order fulfillments, checkout-related functions, and checks relating to cookies and conversion tracking pixels.

In connection with the use of Shop, the following personal data may in particular be processed:

  • Name

  • Email address

  • Telephone number

  • Address and location data

  • IP address

  • Device information

  • Browser and operating system information

  • Order and fulfillment data

  • Discount and promotion data

  • Marketing and analytics information

  • Tracking and pixel data

The processing is carried out in particular for the following purposes:

  • Providing and managing our offering within the Shop platform

  • Handling channel-related ordering and delivery processes

  • Reach, marketing, and analytics purposes

  • Technical synchronization of shop, checkout, product, and order data

  • Improving the visibility of our offering within the Shopify ecosystem

The processing is carried out, insofar as it is necessary for the performance of a contract or for pre-contractual measures, on the basis of Art. 6(1)(b) GDPR. Insofar as cookies, conversion tracking, or comparable technologies are used, the processing is carried out — where required — on the basis of Art. 6(1)(a) GDPR and Section 25(1) TDDDG. Otherwise, the processing is carried out on the basis of Art. 6(1)(f) GDPR.

The provider is:
Shopify International Ltd.
Attn: Data Protection Officer
c/o Intertrust Ireland
2nd Floor, 1-2 Victoria Buildings
Haddington Road
Dublin 4, D04 XN32
Ireland

and, where applicable:

Shopify Inc.
151 O’Connor Street, Ground Floor
Ottawa, Ontario K2P 2L8
Canada

Shopify describes in its Privacy Policy the processing of personal data in connection with the use of Shopify services and shop-related functions.

17.5 Online Store

We use Online Store by Shopify as the central technical infrastructure of our online shop. This sales channel includes, among other things, the processing of customer and staff data, functions for editing checkout pages, checks for web cookies and conversion tracking pixels, the management of online store pages, themes, metaobjects, store settings, Shopify Markets, and Shopify Payments information.

In connection with the use of the Online Store, the following personal data may in particular be processed:

  • Name

  • Email address

  • Telephone number

  • Address and location data

  • IP address

  • Device information

  • Browser and operating system information

  • Order and checkout data

  • Cookie and tracking information

  • Market- and location-related shop data

  • Information on the use of the shop and its functions

The processing is carried out in particular for the following purposes:

  • Technical provision and management of our online shop

  • Handling checkout and ordering processes

  • Carrying out cookie and tracking checks

  • Managing theme, content, and market settings

  • Technically ensuring the functionality, stability, and user-friendliness of the shop

The processing is carried out, insofar as it is necessary for the performance of a contract or for pre-contractual measures, on the basis of Art. 6(1)(b) GDPR. Insofar as cookies, conversion tracking, or comparable technologies are used, the processing is carried out — where required — on the basis of Art. 6(1)(a) GDPR and Section 25(1) TDDDG. Otherwise, the processing is carried out on the basis of Art. 6(1)(f) GDPR.

The provider is:
Shopify International Ltd.
Attn: Data Protection Officer
c/o Intertrust Ireland
2nd Floor, 1-2 Victoria Buildings
Haddington Road
Dublin 4, D04 XN32
Ireland

and, where applicable:

Shopify Inc.
151 O’Connor Street, Ground Floor
Ottawa, Ontario K2P 2L8
Canada

Shopify describes in its Privacy Policy the data processing in connection with the operation and improvement of its services.

18. Point of Sale

We use Shopify Point of Sale (POS) to support and process sales in physical retail and to link our online and offline sales channels. Shopify describes Point of Sale as a solution that enables online and in-person sales to be combined.

In connection with the use of Point of Sale, the following personal data may in particular be processed:

  • Name

  • Email address

  • Telephone number

  • Address and location data

  • IP address

  • Device information

  • Browser and operating system information

  • Order and fulfillment data

  • Return information

  • Discount and promotion data

  • Gift card data

  • Shopify Payments-related information

  • Information on cash register, checkout, and retail settings

  • Where applicable, information on mobile devices used in connection with POS use

The processing is carried out in particular for the following purposes:

  • Carrying out and managing sales in physical retail

  • Combining online and offline sales

  • Handling orders, returns, and discount promotions

  • Managing gift cards and cross-channel customer interactions

  • Technical and organizational management of cash register, checkout, and retail functions

  • Analysis and traceability of sales and payment processes

Insofar as the processing is necessary for the performance of a contract or for pre-contractual measures, it is carried out on the basis of Art. 6(1)(b) GDPR. Insofar as statutory retention, documentation, or accounting obligations are concerned, the processing is carried out on the basis of Art. 6(1)(c) GDPR. Otherwise, the processing is carried out on the basis of Art. 6(1)(f) GDPR due to our legitimate interest in efficient, cross-channel, and traceable sales and business handling.

The provider is:
Shopify International Ltd.
Attn: Data Protection Officer
c/o Intertrust Ireland
2nd Floor, 1-2 Victoria Buildings
Haddington Road
Dublin 4, D04 XN32
Ireland

Where necessary, data may also be processed by affiliated companies of Shopify, in particular by:

Shopify Inc.
151 O’Connor Street, Ground Floor
Ottawa, Ontario K2P 2L8
Canada

Shopify describes in its Privacy Policy the processing of personal data in connection with its services and their provision.

19. Google Services (Google & YouTube, Google Analytics, Google Ads / Conversion Tracking)

We use the Google & YouTube app within our Shopify system to integrate Google services for product marketing, reach building, analytics, and conversion measurement. Shopify describes the Google & YouTube sales channel as a connection to Google Merchant Center and optionally to Google Ads and Google Analytics 4. Google itself recommends using the Google & YouTube app for Shopify to set up all Google analytics, including Google Ads conversions and Google Analytics.

In connection with these Google services, the following personal data may in particular be processed:

  • Name

  • Email address

  • Telephone number

  • Address and location data

  • IP address

  • Device information

  • Browser and operating system information

  • Geolocation data

  • Browsing behavior

  • Client ID cookies

  • Order and shipping information

  • Product, inventory, and feed data

  • Marketing and conversion events

  • Tracking, web pixel, and analytics information

Insofar as cookies, tracking pixels, or comparable technologies are used, the processing is carried out — where required — on the basis of your consent pursuant to Art. 6(1)(a) GDPR and Section 25(1) TDDDG. Insofar as the processing is necessary for the performance of a contract or for pre-contractual measures, it is carried out on the basis of Art. 6(1)(b) GDPR. Otherwise, the processing is carried out on the basis of Art. 6(1)(f) GDPR.

The provider is:
Google Ireland Limited
Gordon House
Barrow Street
Dublin 4
Ireland

Google describes in its Privacy Policy the processing of, among other things, contact data, activity data, device information, location data, browser data, cookie information, and data from partner sources.

19.1 Google & YouTube

We use the Google & YouTube sales channel to synchronize products and relevant shop information with Google Merchant Center and to make our products visible on Google surfaces and, where applicable, further Google/YouTube environments. Shopify describes that the Google & YouTube channel automatically synchronizes products and relevant store information with Merchant Center and that product listings and marketing information can then be managed from there.

The processing is carried out in particular for the following purposes:

  • Synchronizing product data with Google

  • Managing product feeds and product presentations

  • Marketing our products via Google and YouTube surfaces

  • Technical linking of shop, product, and marketing data

19.2 Google Analytics

We use Google Analytics 4 to evaluate the behavior of users on our website and to better understand the use of our online shop. Shopify expressly points out that a GA4 property can be connected or newly created via the Google & YouTube channel. Google also recommends setting up analytics for Shopify via the Google & YouTube app.

Google Analytics may in particular process information about:

  • how users access and use our website

  • which pages and products are viewed

  • which interactions and events take place

  • through which sources users reach our shop

  • which technical characteristics relate to device, browser, or region

The processing is carried out in particular for the following purposes:

  • Analysis of usage behavior

  • Reach measurement

  • Technical and content-related optimization of our online shop

  • Evaluation of campaigns and user interactions

19.3 Google Ads and Conversion Tracking

We use Google Ads and Google Conversion Tracking to deliver advertising campaigns, measure their success, and analyze the effectiveness of our ads and product listings. Google expressly describes the setup of conversion tracking on Shopify via the Google & YouTube app; this makes it possible to track which actions users take in our shop after clicking on ads or free product listings.

The processing is carried out in particular for the following purposes:

  • Delivery and optimization of advertisements

  • Measurement of conversion events

  • Analysis of the performance of advertisements and product listings

  • Attribution of purchases and other shop events to advertising campaigns

Google notes that the Google & YouTube app is the preferred Shopify solution for Google measurement and that duplicate older tags should be removed after migration in order to avoid double counting.

20. Meta Pixel

We use the Meta Pixel in connection with the Facebook & Instagram app within our Shopify system. The integration serves to link our products and content with Meta services, manage marketing measures, and measure user interactions on our website. Meta describes the pixel as website code that can be used to record actions on a website and optimize advertising campaigns.

The Facebook & Instagram integration includes, in particular, access to customer data, geolocation data, browsing behavior, client ID cookies, orders, shipping information, product data, discount codes, web pixels, and marketing events.

In connection with the use of the Meta Pixel and the associated app integration, the following personal data may in particular be processed:

  • Name

  • Email address

  • Telephone number

  • Address and location data

  • IP address

  • Device information

  • Browser and operating system information

  • Geolocation data

  • Browsing behavior

  • Client ID cookies

  • Order and shipping information

  • Product and interaction data

  • Marketing and conversion events

  • Pixel, tracking, and analytics information

The processing is carried out in particular for the following purposes:

  • Measurement and analysis of user interactions on our website

  • Attribution of website activities to advertising campaigns on Facebook and Instagram

  • Conversion measurement

  • Optimization of advertisements and campaigns

  • Audience building

  • Retargeting

  • Personalized advertising

  • Technical linking of our shop with Meta services

Insofar as cookies, pixels, or comparable tracking technologies are used, the processing is carried out — where required — on the basis of your consent pursuant to Art. 6(1)(a) GDPR and Section 25(1) TDDDG. Insofar as the processing is otherwise carried out for marketing, analytics, and advertising purposes, we base it on Art. 6(1)(f) GDPR, provided that no overriding consent requirement applies.

The provider is:
Meta Platforms Ireland Limited
Merrion Road
Dublin 4
D04 X2K5
Ireland

Meta’s Privacy Policy describes the processing of contact data, usage data, device information, cookie information, partner data, and location data in connection with Meta products.

21. TikTok Pixel

We use the TikTok Pixel in connection with the TikTok app within our Shopify system. The integration serves to link our products and content with TikTok, manage marketing measures, and measure user interactions on our website. The TikTok integration includes, in particular, access to customer data, browsing behavior, client ID cookies, discounts, marketing events, order information, and tracking and web pixels.

TikTok states in its Partner Privacy Policy that in the context of partner and business integrations, data such as identification data, contact data, device and usage data, event data, and data from website or app interactions may in particular be processed.

In connection with the use of the TikTok Pixel and the associated app integration, the following personal data may in particular be processed:

  • Name

  • Email address

  • Telephone number

  • Address and location data

  • IP address

  • Device information

  • Browser and operating system information

  • Geolocation data

  • Browsing behavior

  • Client ID cookies

  • Order and shipping information

  • Product and interaction data

  • Marketing and conversion events

  • Pixel, tracking, and analytics information

The processing is carried out in particular for the following purposes:

  • Measurement and analysis of user interactions on our website

  • Attribution of website activities to advertising campaigns on TikTok

  • Conversion measurement

  • Optimization of advertisements and campaigns

  • Audience building

  • Retargeting

  • Personalized advertising

  • Technical linking of our shop with TikTok services

Insofar as cookies, pixels, or comparable tracking technologies are used, the processing is carried out — where required — on the basis of your consent pursuant to Art. 6(1)(a) GDPR and Section 25(1) TDDDG. Insofar as the processing is otherwise carried out for marketing, analytics, and advertising purposes, we base it on Art. 6(1)(f) GDPR, provided that no overriding consent requirement applies.

The provider is:
TikTok Technology Limited
10 Earlsfort Terrace
Dublin 2
D02 T380
Ireland

and, where applicable, affiliated TikTok companies.

22. Pinterest Tag

We use the Pinterest Tag in connection with the Pinterest app within our Shopify system. The integration serves to link our products and content with Pinterest, manage marketing measures, and measure user interactions on our website. The Pinterest integration includes, in particular, access to customer data, IP address, device information, browsing behavior, client ID cookies, discount and marketing data, product data, product feeds, and web pixels.

Pinterest states in its Privacy Policy that contact information, usage data, device information, log data, cookies and similar technologies, as well as partner data may, among other things, be processed.

In connection with the use of the Pinterest Tag and the associated app integration, the following personal data may in particular be processed:

  • Name

  • Email address

  • Telephone number

  • Address and location data

  • IP address

  • Device information

  • Browser and operating system information

  • Browsing behavior

  • Client ID cookies

  • Product and feed data

  • Marketing and interaction data

  • Order and conversion data

  • Pixel, tracking, and analytics information

The processing is carried out in particular for the following purposes:

  • Measurement and analysis of user interactions on our website

  • Attribution of website activities to advertising and marketing measures on Pinterest

  • Conversion measurement

  • Optimization of advertisements and campaigns

  • Audience building

  • Retargeting

  • Personalized advertising

  • Technical linking of our shop and our product feeds with Pinterest services

Insofar as cookies, pixels, or comparable tracking technologies are used, the processing is carried out — where required — on the basis of your consent pursuant to Art. 6(1)(a) GDPR and Section 25(1) TDDDG. Insofar as the processing is otherwise carried out for marketing, analytics, and advertising purposes, we base it on Art. 6(1)(f) GDPR, provided that no overriding consent requirement applies.

For users in the EEA, the provider is in particular:

Pinterest Europe Ltd.
Palmerston House, 2nd Floor
Fenian Street
Dublin 2
Ireland

and, where applicable, affiliated Pinterest companies.

23. Applications

You have the option of applying to us by email at HR@ms-sucra.de.

If you send us an application, we process the associated personal data exclusively for the purpose of carrying out the application procedure and deciding on the establishment of an employment relationship.

In particular, the following personal data may be processed:

  • Name

  • Contact details

  • Cover letter

  • Curriculum vitae

  • Certificates

  • Other documents and information submitted by you

The processing is carried out on the basis of Art. 6(1)(b) GDPR and — where applicable — Section 26 BDSG for the purpose of deciding on the establishment of an employment relationship.

If your application is successful, the transmitted data may be included in our personnel records for the purpose of carrying out the employment relationship.

If no employment relationship is established, your application documents will generally be deleted 6 months after completion of the application procedure unless statutory retention obligations prevent this or you have expressly consented to longer storage.

24. Social Media Profiles

We maintain company profiles on social networks and platforms in order to provide information about our company, our products, news, and promotions, and to communicate with interested parties, customers, and other users.

If you visit our profiles or interact with us via these platforms, personal data may be processed. This concerns in particular:

  • Your username

  • Profile data

  • Comments

  • Direct messages

  • Reactions, likes, and shares

  • Other interactions with our content

  • Where applicable, further data that you communicate to us via the respective platform

The processing is carried out in particular for the following purposes:

  • External presentation of our company

  • Communication with interested parties and customers

  • Publication and marketing of our content and products

  • Reach measurement and analysis of interactions with our content

  • Maintenance of our presence on the respective platforms

The processing is carried out on the basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in modern, visible, and user-oriented corporate communication.

Please note that the respective platform providers also process personal data for their own purposes. We have only limited influence over the type and scope of this data processing by the platform providers. In this respect, the privacy policies and terms of use of the respective providers also apply.

24.1 Instagram and Facebook

We maintain company profiles on Instagram and Facebook.

The provider is:
Meta Platforms Ireland Limited
Merrion Road
Dublin 4
D04 X2K5
Ireland

Meta provides a Page Insights Controller Addendum for page insights; according to this, a form of joint controllership exists for certain processing activities in connection with page insights between Meta and the page operator.

If you visit our Facebook or Instagram profiles or interact with them, Meta may process personal data such as usage data, device information, location data, interaction data, and data regarding your behavior on the platform. Meta describes this data processing in its Privacy Policy.

24.2 LinkedIn

We maintain a company profile on LinkedIn.

The provider is:
LinkedIn Ireland Unlimited Company
Wilton Place
Dublin 2
Ireland

LinkedIn provides a Pages Joint Controller Addendum for Page Insights. According to this, joint controllership may exist for certain processing activities in connection with Page Insights between LinkedIn and the operator of the page.

If you visit our LinkedIn profile or interact with it, LinkedIn may process personal data such as usage data, device information, interaction data, and profile data. LinkedIn’s privacy policy also applies.

24.3 TikTok

We maintain a company profile on TikTok.

The provider is:
TikTok Technology Limited
10 Earlsfort Terrace
Dublin 2
D02 T380
Ireland

and, where applicable, affiliated TikTok companies.

If you visit our TikTok profile or interact with it, TikTok may process personal data such as profile data, usage data, device information, location data, interaction data, and communication data. TikTok’s privacy policy also applies.

24.4 Pinterest

We maintain a company profile on Pinterest.

For users in the EEA, the provider is in particular:

Pinterest Europe Ltd.
Palmerston House, 2nd Floor
Fenian Street
Dublin 2
Ireland

If you visit our Pinterest profile or interact with it, Pinterest may process personal data such as contact data, usage data, device information, cookie information, interaction data, and partner data. Pinterest’s privacy policy also applies.

25. External Links and Third-Party Offers

Our website and our online shop may contain links to external websites, platforms, or other third-party offers. If you click on such a link, you may leave our sphere of influence.

The respective operators are solely responsible for data processing on external websites or by other third-party offers. We have no influence on the content, scope, or further processing of personal data by these third parties. In this respect, the privacy policies and terms of use of the respective providers apply.

26. Minors

Our online shop and our offers are not directed at children. We do not knowingly collect personal data from minors.

Should we become aware that personal data of minors has been processed without the required authorization, we will delete such data or restrict the processing in accordance with the statutory provisions.

27. Transfers to Third Countries

In the course of using certain services on our website and within our Shopify ecosystem, personal data may be transferred to countries outside the European Union (EU) or the European Economic Area (EEA), in particular to the United States or Canada.

Such transfers may occur in particular in connection with the following services or providers:

  • Shopify and affiliated Shopify companies

  • Google services

  • Meta / Facebook / Instagram

  • TikTok

  • Pinterest

  • PayPal

  • Where applicable, other service providers used by us with international data processing

Please note that in third countries there may not be a level of data protection comparable to that of the European Union. However, we ensure that personal data is transferred only insofar as the legal requirements for this are met.

Transfers to third countries take place in particular on the basis of:

  • an adequacy decision of the European Commission

  • Standard Contractual Clauses of the European Commission

  • other appropriate safeguards within the meaning of Art. 44 et seq. GDPR

  • or — where required — your explicit consent

If providers are certified under the EU-U.S. Data Privacy Framework, the transfer of personal data to these providers may also be based on the corresponding adequacy decision of the European Commission.

Further information on the respective applicable safeguards and protection mechanisms can be found in the privacy policies of the respective providers.

28. Changes to This Privacy Policy

We reserve the right to amend this Privacy Policy so that it always complies with current legal requirements or to reflect changes to our website, our online shop, our services used, or our data processing activities.

The current version of this Privacy Policy is available on our website.

Version: 15 March 2026

Cartoon of delivery man on scooter delivering Ms Sucra cowboy boots

Free delivery

Enjoy free delivery on selected orders with reliable shipping and careful handling.

Icon of money with a dollar sign and an arrow pointing upwards on a white background

Satisfied or refunded

Shop with confidence — if something is not right, we are here to help find a solution.

White headset icon on a blue circle

Top-notch support

Our team is here to support you with quick answers and personal service.

Shield icon with a check mark next to a stylized credit card on a white background

Secure payments

Your payment information is protected through secure and trusted checkout methods.