Privacy policy

Last updated: 22 July 2025

Introduction

Plugraphics operates this online shop and website and is committed to protecting your privacy. This notice explains how we collect, use and share personal data when you visit plugraphics.com or interact with our services.

Unless otherwise stated, the provision of your personal data is neither legally nor contractually required. "Personal data" means any information relating to an identified or identifiable natural person.

1. Controller (Art. 4 (7) GDPR)

Plugraphics
Michael Anslik
c/o Online-Impressum.de #4266
Europaring 90
53757 Sankt Augustin
E‑mail: info@plugraphics.com

2. Server log files

When you access our site your browser automatically sends usage data (e.g. requested page, date/time, IP address, referrer URL). This data is processed under Art. 6 (1)(f) GDPR based on our legitimate interest in ensuring the stability and security of the website. Log files are erased after 30 days unless a security incident requires longer retention.

3. Contact

3.1 Contacting us by e‑mail

When you email us we process the data you provide (name, e‑mail address, message). If your enquiry relates to a contract or pre‑contractual measures, processing is based on Art. 6 (1)(b) GDPR; otherwise on Art. 6 (1)(f) GDPR. We delete the data once your enquiry is resolved unless statutory retention obligations apply.

3.2 Contact form

Data entered in our contact form is processed for the same purposes and legal bases as e‑mails (see 3.1).

4. Uploading design or artwork files

If you upload graphics or other media for customised products, we process the file contents solely to create and fulfil your order (Art. 6 (1)(b) GDPR). Files are stored securely and deleted no later than 24 months after dispatch, unless legal obligations require longer retention or you request earlier deletion.

5. Orders and fulfilment

When you place an order we collect only the data necessary to conclude and perform the contract (Art. 6 (1)(b) GDPR):

  • Contact and delivery details
  • Ordered items and configuration
  • Payment information (processed by our payment service provider)

Data is shared with:

  • Shopify Inc. (hosting, e‑commerce platform; Canada/USA, EU SCC)
  • DHL Paket GmbH or other carriers (shipping)
  • Payment providers (e.g. PayPal, Stripe)
  • Print/fulfilment partners (production of custom items)

6. Advertising & newsletters

With your explicit consent (Art. 6 (1)(a) GDPR) we send newsletters and product updates to the e‑mail address you provide. You may withdraw consent at any time via the unsubscribe link in each e‑mail.

We may also send postal advertisements based on our legitimate interest in direct marketing (Art. 6 (1)(f) GDPR). You can object at any time (see section 11).

7. Shipping updates

If you choose the option during checkout, we share your e‑mail address with the carrier so they can send tracking notifications (Art. 6 (1)(a) GDPR). You can revoke this consent at any time.

8. Payment providers

Selecting a payment method transmits the necessary data to the chosen provider. Providers may perform identity or credit checks. Details are governed by their own privacy policies:

9. Cookies & tracking technologies

We use essential cookies to operate the shop and, with your consent (§ 25 TTDSG, Art. 6 (1)(a) GDPR), additional cookies for analytics (e.g. Google Analytics) and marketing (e.g. Meta Pixel). When you first visit the site, a consent banner lets you choose which categories to accept. Detailed cookie information is available via the "Details" link in the banner.

10. Transfers to third countries

Some recipients are located outside the EU/EEA. Where no adequacy decision exists we protect transfers with the EU Standard Contractual Clauses or comparable safeguards.

11. Your rights

You may exercise the following rights at any time (Art. 15–22 GDPR):

  • Access, rectification, erasure, restriction of processing
  • Data portability (Art. 20 GDPR)
  • Objection to processing based on legitimate interests or direct marketing (Art. 21 GDPR)
  • Withdrawal of consent (Art. 7 (3) GDPR)

Contact: info@plugraphics.com

You also have the right to lodge a complaint with the supervisory authority:

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein (ULD)
Holstenstraße 98
24103 Kiel, Germany
www.datenschutzzentrum.de

12. Data security & retention

We use TLS encryption, access controls and regular backups in line with Art. 32 GDPR. Personal data is retained only as long as necessary for the stated purposes or statutory obligations (see sections 4 and 5).

13. Changes to this policy

We may update this policy to reflect legal, technical or business developments. The current version is always available here; earlier versions are provided on request.

© 2025 Plugraphics – All rights reserved.