Privacy policy

 1.Introduction

This Privacy Policy explains how Ducan collects, uses, and protects your personal data when you visit or make a purchase from our store 

We are committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR).

Data Controller:
Ducan
Blauenstraße 68
79576 Weil am Rhein
Germany
Email: support@ducano.shop

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity Data: Name

  • Contact Data: Billing address, shipping address, email address, phone number

  • Financial Data: Payment details (processed securely via payment providers)

  • Account Data: Username, password, preferences

  • Transaction Data: Orders, purchases, returns, and payment history

  • Technical Data: IP address, browser type, device information

  • Usage Data: Interaction with our website

  • Communication Data: Messages sent to us

3. How We Collect Your Data

We collect data through:

  • Direct interactions (e.g., account creation, purchases)

  • Automated technologies (cookies, tracking tools)

  • Third parties (e.g., payment providers, Shopify)

4. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

  • Contract (Art. 6(1)(b) GDPR): To process orders and provide services

  • Legal obligation (Art. 6(1)(c) GDPR): For tax and accounting compliance

  • Legitimate interests (Art. 6(1)(f) GDPR): Fraud prevention, security, analytics

  • Consent (Art. 6(1)(a) GDPR): Marketing communications and cookies

You may withdraw consent at any time.

5. How We Use Your Data

We use your data to:

  • Process and deliver orders

  • Manage your account

  • Provide customer support

  • Improve our website and services

  • Prevent fraud and ensure security

  • Send marketing communications (only with consent)

6. Marketing Communications

We will only send marketing emails or messages if you have given explicit consent.

You can withdraw your consent at any time by:

  • Clicking "unsubscribe" in emails

  • Contacting us directly

7. Cookies and Tracking Technologies (TTDSG Compliance)

In accordance with the German Telecommunications-Telemedia Data Protection Act (TTDSG), we use cookies and similar technologies only with your consent, except where strictly necessary.

We use the following types of cookies:

  • Strictly necessary cookies: Required for website functionality (no consent required)

  • Analytics cookies: To understand user behavior (consent required)

  • Marketing cookies: For advertising and tracking across websites (consent required)

When you visit our website, you will be presented with a cookie consent banner allowing you to:

  • Accept all cookies

  • Reject non-essential cookies

  • Customize your preferences

You can change or withdraw your consent at any time via the cookie settings on our website.

The legal basis for storing or accessing information on your device is §25 TTDSG.

8. Sharing Your Data

We may share your data with:

  • Service providers (e.g., hosting, payment processing, shipping)

  • Shopify (our e-commerce platform)

  • Marketing and analytics partners (only with consent where required)

  • Authorities if required by law

All third parties are required to respect the security of your data.

9. International Data Transfers

Your data may be transferred outside the European Economic Area (EEA), including to countries such as the United States.

Where this occurs, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs)

  • Adequacy decisions by the European Commission

10. Data Retention

We retain personal data only as long as necessary for:

  • Order fulfillment

  • Legal obligations

  • Dispute resolution

After this period, data is securely deleted or anonymized.

11. Your Rights Under GDPR (Including German Law)

Under the GDPR and applicable German data protection laws, you have the following rights:

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to object (Art. 21 GDPR)

  • Right to withdraw consent (Art. 7(3) GDPR)

You also have the right to lodge a complaint with a supervisory authority.

Competent Supervisory Authority (Germany):
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg (LfDI BW)

Website: https://www.baden-wuerttemberg.datenschutz.de/

12. Data Security

We implement appropriate technical and organizational measures to protect your data. However, no system is completely secure.

13. Children's Data

Our services are not intended for individuals under the age of 16. We do not knowingly collect data from children.

If you believe a child has provided personal data, please contact us to request deletion.

14. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for their privacy practices.

15. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised date.

16. Contact

If you have any questions or wish to exercise your rights, contact us:

Email: support@ducano.shop
Address: Blauenstraße 68, 79576 Weil am Rhein, Germany