Data protection 

The e-shop Hora Art on the website based in Neuhausen ob Eck processes personal data provided by the customer when fulfilling and confirming the General Terms and Conditions, as well as electronic orders, deliveries and the necessary communication for the period specified by law.

General Provisions

1. The controller of personal data, pursuant to the GDPR (hereinafter referred to as "Regulation"), located in [….] (hereinafter referred to as "Controller"); 

2. The contact details of the controller are: Email:, Tel.: +49 7467 46 799 33; 

3. Personal data includes all information relating to an identified or identifiable natural person.

The source of personal information 

1. The controller processes personal data provided with the consent of the customer through the purchase contract and the fulfillment of the electronic order in the Hora Art e-shop; 

2. The controller only processes contact and identification data of customers, which are necessary for the performance of the purchase contract; 

3. The controller processes personal data for delivery and administrative purposes, as well as necessary communication between the contracting parties for the period provided by law. Personal data will not be made public and will not be transferred to other countries.

Reason for data processing 

The Controller processes Customer's personal data for the following reasons: 

1. Registration on the website according to chapter 4, paragraph 

2. of the GDPR; 2. To fulfill the electronic order submitted by the customer (name, address, e-mail, telephone); 

3. To comply with laws and regulations arising between the customer and controller in the business relationship;

4. Personal data is necessary to fulfill the purchase contract. The contract cannot be concluded without personal data.

Duration of storage of personal data 

1. The controller stores personal data for the period necessary to fulfill the rights and obligations arising from the contractual relationship between the controller and the customer, as well as for a period of three years after the conclusion of the contractual relationship; 

2. The controller must delete all personal data after the specified period for storing personal data has expired. 

Recipients and processors of personal data 

Third parties to process personal data of customers are subcontractors of the controller. The subcontractor's service is essential for the successful fulfillment of the purchase contract and the processing of the electronic order between the controller and the customer. 

The subcontractors of the controller are: 

Webnode AG (e-shop system); shipping companies; Google Analytics (website analysis);

Customer Rights 

According to the regulation, the customer is entitled to: 

1. see the personal data; 

2. Correction of personal data; 

3. Deletion of personal data; 

4. object to the processing of personal data; 

5. data portability; 

6. Withdrawal from the processing of personal data by sending an email to: [….]; 

7. To lodge a complaint with the supervisory authority on suspicion of violation of the regulation. 

Security of Personal Information 

1. The controller agrees to take care of all technical and organizational measures to protect personal data; 

2. The controller has taken technical precautions to protect the data storage space. Especially when accessing the computer with a password, using antivirus software and regular computer maintenance. 

Final provision

1. By placing an electronic order on the website [….], the customer confirms that he is aware of the conditions for the protection of personal data and fully accepts them; 

2. The customer accepts these rules by ticking the checkbox in the purchase form; 

3. The controller can update these rules at any time. The new updated version must be published on its website. 

These rules come into effect on 12/24/2022.