Free shipping over €, 30-day returns
EN
EUR €

Privacy Policy

Last updated: June 2026

1. Data Controller

The data controller for this website is the operator of HorseHof. For contact details, see our Impressum.

2. What Data We Collect

We collect the following categories of personal data:

  • Account data: name, email address, password (hashed)
  • Order data: shipping address, billing address, order history
  • Technical data: IP address, browser type, device information
  • Usage data: pages visited, products viewed, time on site
  • Communication data: newsletter subscriptions, support requests

3. Legal Basis (GDPR Art. 6)

  • Contract performance (Art. 6(1)(b)): processing orders, managing accounts
  • Consent (Art. 6(1)(a)): newsletter, analytics cookies, marketing
  • Legitimate interest (Art. 6(1)(f)): fraud prevention, website security
  • Legal obligation (Art. 6(1)(c)): tax records, legal compliance

4. How We Use Your Data

  • Process and fulfill orders
  • Manage your account and provide customer support
  • Send order confirmations and shipping updates
  • Send marketing communications (only with your consent)
  • Improve our website and services
  • Prevent fraud and ensure security

5. Data Sharing

We do not sell your personal data. We may share data with:

  • Payment processors (to process transactions securely)
  • Shipping providers (to deliver your orders)
  • Analytics providers (anonymized usage data)
  • Legal authorities (when required by law)

6. Your Rights (GDPR)

Under GDPR, you have the right to:

  • Access: request a copy of your personal data
  • Rectification: correct inaccurate data
  • Erasure: request deletion of your data ("right to be forgotten")
  • Restriction: limit how we process your data
  • Portability: receive your data in a structured format
  • Object: object to processing based on legitimate interest
  • Withdraw consent: withdraw consent at any time

To exercise these rights, contact us via our Impressum.

7. Data Retention

We retain personal data only as long as necessary:

  • Account data: until you delete your account
  • Order data: 10 years (tax/legal requirements)
  • Technical logs: 90 days
  • Newsletter subscriptions: until you unsubscribe

8. Security

We implement appropriate technical and organizational measures to protect your data, including encrypted connections (SSL/TLS), secure password hashing, and access controls.

9. Cookies

We use cookies as described in our Cookie Policy. You can manage cookie preferences using the banner shown on your first visit.

10. Changes

We may update this privacy policy from time to time. Changes will be posted on this page with an updated date.