Privacy Policy

We at Maldire value your privacy and are committed to protecting your personal data in compliance with the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). This Privacy Policy explains how and why we collect, process, and store your data when you use our website [www.maldire.com].

1. Controller

The controller responsible for data processing is:

Maldire
Voigtstr. 29, laden links
10247 Berlin, Germany

Represented by:
Pietro Zambello

Phone: +49 (0)30 43970738
Email: info@maldire.com

2. Data We Collect

We may collect and process the following personal data:

  • Identification and contact data: e.g. name, address, email address, phone number

  • Order-related data: products ordered, billing and delivery address

  • Payment data: payment method (processed via third-party services like PayPal or Stripe)

  • Website usage data: IP address, device information, browser type, pages visited

  • Communication data: messages or inquiries you send to us

We do not knowingly collect data from children or sensitive categories of personal data.

3. Legal Basis and Purpose of Processing

We process your data for the following reasons:

PurposeLegal BasisProcessing and delivering your ordersArt. 6(1)(b) GDPR – contract fulfillmentResponding to your inquiriesArt. 6(1)(b) or (f) GDPR – legitimate interestSending newsletters or promotional content (if opted-in)Art. 6(1)(a) GDPR – consentComplying with legal obligations (e.g. tax law)Art. 6(1)(c) GDPRWebsite performance and analyticsArt. 6(1)(f) GDPR – legitimate interest

4. Cookies and Tracking

We use cookies and similar technologies to enhance site functionality and analyze user behavior. Some cookies are essential for operation, while others require your prior consent.

You can manage or withdraw your consent at any time via the [Cookie Settings] link on our site.

5. Newsletter

If you subscribe to our newsletter, we will send you occasional updates and offers. You can unsubscribe at any time via the link in each email.

We use a double opt-in process and do not share your email address with third parties outside our service providers.

6. Data Sharing

We only share your data with third parties when necessary and lawful, including:

  • Shipping providers (e.g. DHL, UPS)

  • Payment processors (e.g. PayPal, Stripe)

  • Technical service providers (e.g. hosting, email newsletter platforms like Klaviyo)

All partners are contractually bound to handle your data securely and only for the intended purpose.

7. Retention Period

We retain your data only as long as necessary for contractual, legal, or legitimate business purposes. This includes mandatory storage periods under German commercial and tax law (§ 257 HGB and § 147 AO).

8. Your Rights

You have the right to:

  • Access your data (Art. 15 GDPR)

  • Rectify inaccurate data (Art. 16 GDPR)

  • Erase your data (Art. 17 GDPR)

  • Restrict processing (Art. 18 GDPR)

  • Object to processing (Art. 21 GDPR)

  • Receive your data in a portable format (Art. 20 GDPR)

  • Withdraw consent at any time (Art. 7(3) GDPR)

  • Lodge a complaint with a supervisory authority (Art. 77 GDPR)

The competent authority in Germany is:

Der Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI)
Graurheindorfer Straße 153, 53117 Bonn
www.bfdi.bund.de

9. International Transfers

If your data is transferred outside the EU/EEA, we ensure appropriate safeguards, such as EU Commission adequacy decisions or Standard Contractual Clauses.

10. Data Security

We implement appropriate technical and organizational measures (TOMs) to protect your data against unauthorized access, alteration, or loss. These include SSL encryption, secure hosting, and access controls.

11. Changes to This Privacy Policy

We may update this policy as needed to reflect changes in law or our business operations. The current version is always available on our website.