START SCAN

Privacy Policy

1. DATA PROTECTION AT A GLANCE

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. Detailed information can be found in the full Privacy Policy below.

Data Collection on This Website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. Contact details can be found in the section “Information about the Controller.”

How do we collect your data?

Some data is collected when you provide it to us (e.g., via contact form or during checkout). Other data is collected automatically or after your consent when visiting the website (e.g., technical data such as browser type, operating system, or time of access).

What do we use your data for?

Some data is collected to ensure the website is provided without errors. Other data may be used for analytics or marketing purposes, provided you have given consent.

What rights do you have regarding your data?

You have the right to obtain information about your stored personal data, its origin, recipients, and purpose at any time. You also have the right to request correction or deletion. You may withdraw consent at any time with effect for the future. You also have the right to request restriction of processing and to lodge a complaint with a supervisory authority.

2. HOSTING

This website is hosted by: Infomaniak Network SA, Rue Eugène-Marziano 25, 1227 Les Acacias (GE), Switzerland, https://www.infomaniak.com 

Data processing is based on Art. 6(1)(f) GDPR (legitimate interest in secure and efficient website operation). Where required, a Data Processing Agreement (DPA) has been concluded.

3. GENERAL INFORMATION AND MANDATORY DISCLOSURES

Information about the Controller

PLAY AND LOVE TRADING LTD. Represented by Barbara Weber

13/F, OTB Building, 259–265 Des Voeux Road Central, Central / Sheung Wan, Hong Kong, Email: notes@barbara-weber.com

The controller is the legal entity that determines the purposes and means of processing personal data.

Data Retention

Personal data is stored only as long as the purpose of processing exists. Statutory retention periods remain unaffected.

Legal Basis for Processing

Depending on context, data processing is based on:

  • Art. 6(1)(a) GDPR (consent)

  • Art. 6(1)(b) GDPR (contract performance)

  • Art. 6(1)(c) GDPR (legal obligation)

  • Art. 6(1)(f) GDPR (legitimate interest)

SSL/TLS Encryption

This website uses SSL/TLS encryption for security reasons.

4. DATA COLLECTION ON THIS WEBSITE

Cookies

This website uses cookies. Essential cookies are stored based on Art. 6(1)(f) GDPR. Analytics and marketing cookies are only used based on your consent (Art. 6(1)(a) GDPR).

Consent Management (Termageddon)

This website uses Termageddon as a consent management solution to collect and document user consent. Processed data may include:

  • Consent status

  • Timestamp

  • Shortened IP address

  • Technical browser data

Legal basis: Art. 6(1)(c) GDPR

Google Services (Site Kit by Google)

This website uses Google services via “Site Kit by Google.”

Google Analytics

Provider: Google Ireland Limited, Dublin, Ireland. Google Analytics enables analysis of user behavior. Processed data may include:

  • IP address (anonymized where activated)

  • Browser type

  • Device information

  • Pages visited

  • Time spent on site

  • User interactions

Legal basis: Art. 6(1)(a) GDPR (consent) Data may be transferred to the United States. Google is certified under the EU-US Data Privacy Framework. Privacy policy: https://policies.google.com/privacy 

Google for WooCommerce / Google Merchant Center

We use Google for WooCommerce to transmit product data to Google Merchant Center. Processed data may include:

  • Product information

  • Prices

  • Order data

  • Conversion data

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in online marketing) or Art. 6(1)(a) GDPR (if tracking technologies are used)

Facebook / Meta (Facebook for WooCommerce)

This website uses services of Meta Platforms Ireland Ltd., Dublin, Ireland. Through the plugin, product and conversion data may be transmitted to Meta. If the Meta Pixel is used, the following data may be processed:

  • IP address

  • Browser information

  • Interactions

  • Purchase events

  • Page views

Legal basis: Art. 6(1)(a) GDPR (consent). Data may be transferred to the United States. Meta is certified under the EU-US Data Privacy Framework. Privacy policy: https://www.facebook.com/privacy/policy/ 

Contact Form

If you submit inquiries via contact form, your information will be stored for processing your request. Legal basis:

  • Art. 6(1)(b) GDPR (pre-contractual measures)

  • Art. 6(1)(f) GDPR (legitimate interest)

  • Art. 6(1)(a) GDPR (if consent is required)

Contact via Email or Phone

If you contact us via email or phone, your transmitted data will be stored for processing your request. Legal basis: Art. 6(1)(b) or Art. 6(1)(f) GDPR

Communication via WhatsApp Business

Provider: WhatsApp Ireland Limited, Dublin, Ireland. Processed data may include:

  • Phone number

  • Message content

  • Timestamps

  • Metadata

Legal basis:

  • Art. 6(1)(f) GDPR (legitimate interest in efficient communication)

  • Art. 6(1)(a) GDPR (if consent is required)

Data may be transferred to Meta Platforms Inc., USA. Privacy policy: https://www.whatsapp.com/legal/privacy-policy 

Akismet (Spam Protection)

We use Akismet, a service provided by Automattic Inc., USA, for spam detection. Processed data may include:

  • IP address

  • User agent

  • Submitted form content

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in spam prevention). Privacy policy: https://automattic.com/privacy/ 

5. E-COMMERCE AND PAYMENT PROVIDERS

WooCommerce

We use WooCommerce to operate our online shop. Processed data may include:

  • Name

  • Billing and shipping address

  • Email address

  • Order details

Legal basis: Art. 6(1)(b) GDPR (contract performance)

Stripe (including Apple Pay / Google Pay)

Provider: Stripe Payments Europe Ltd., Dublin, Ireland. If you select a payment method (e.g., credit card, Apple Pay, Google Pay), payment data is transmitted directly to Stripe. We do not receive full payment data (e.g., credit card numbers). Legal basis: Art. 6(1)(b) GDPR. Privacy policy: https://stripe.com/privacy