Privacy Policy — Hailo Colours

Data controller

Hailo Colours GmbH, Schillerstraße 14, 80336 Munich, Germany. Email: [email protected]. Telephone: +49 89 412 087 600.

What data we collect

When you visit hailo-colours.de, we collect standard server log data (IP address, browser type, referring page, date and time of request). This data is collected automatically and is necessary for the technical operation of the website.

When you contact us by email, we collect your name, email address, and the content of your message. We do not use contact form submissions for marketing purposes without explicit consent.

We use analytics cookies to understand how visitors use the site (pages visited, time spent, device type). Analytics data is anonymised and aggregated. We do not use advertising cookies.

How we use your data

Server log data is used solely for the technical operation and security of the website. It is retained for 30 days and then automatically deleted.

Contact enquiry data is used to respond to your enquiry and, if you have become a customer, to fulfil your order. We do not share your contact data with third parties for marketing purposes.

Analytics data is used to improve the content and usability of the website. It is retained in anonymised form for up to 26 months.

Legal basis for processing

Server log data: Article 6(1)(f) GDPR (legitimate interests — website security and operation). Analytics data with consent: Article 6(1)(a) GDPR. Contact enquiry data: Article 6(1)(b) GDPR (contractual necessity) or Article 6(1)(f) GDPR (legitimate interests).

Cookies

We use two categories of cookies: strictly necessary cookies (required for the website to function — session state, cookie consent record) and analytics cookies (used to measure site usage with your consent). You can manage your cookie preferences using the banner displayed when you first visit the site. Your preference is stored in your browser's local storage.

Third-party services

We use Google Fonts to serve typography. Google Fonts may log requests to its servers. We use no other third-party services that collect personal data from site visitors.

Your rights under GDPR

You have the right to access, correct, or delete personal data we hold about you. You have the right to object to processing and to data portability. To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

You have the right to lodge a complaint with the Bayerisches Landesamt für Datenschutzaufsicht (BayLDA), Promenade 18, 91522 Ansbach, Germany.

Data retention

Server logs: 30 days. Analytics data: 26 months (anonymised). Contact and enquiry records: Duration of business relationship plus 3 years. Order and customer records: 10 years (commercial law requirement).

Changes to this policy

We will update this policy when our data practices change. The date at the top of this page reflects the most recent revision. Material changes will be communicated via a notice on the website.