Datenschutz

This Privacy Policy explains how Barklin collects, uses, and safeguards your personal data when you interact with our website, webshop, and services. It follows GDPR requirements and is written in clear, user-friendly language.

1. Information on the Collection of Personal Data

The controller pursuant to Art. 4(7) GDPR is:
Barklin Design Kft.
Nefelejcs utca 13, 1a
9200 Mosonmagyaróvár, Hungary
Email: wuff@thebarklin.com

We may appoint a Data Protection Officer for Barklin. If appointed, their contact details will be published here.

Personal data means all information that relates to you personally, e.g. name, address, email address, user behavior. If we use service providers for individual functions or advertising, we explain the processes and retention periods below.

2. Your Rights

  • Right of access
  • Right to rectification or erasure
  • Right to restriction of processing
  • Right to object to processing
  • Right to data portability

You also have the right to lodge a complaint with a supervisory authority.

3. Objection or Revocation

You may revoke consent at any time. Revocation applies to all future processing. If processing is based on legitimate interests, you may object by explaining your situation. We will examine and adjust or stop processing if justified.

4. Obligation to Provide Data

There is no general obligation to provide personal data. Some data is required to display the website, complete orders, or register an account. Without this, services cannot be provided.

5. Collection of Data When Visiting Our Website

When visiting without registering, we collect only data transmitted by your browser:

  • IP address
  • Date and time of request
  • Requested page
  • HTTP status code
  • Referrer URL
  • Browser, OS, language, version

This is necessary for stability and security (Art. 6(1)(f) GDPR).

Hosting: Shopify (Ireland).
Domain: GoDaddy (USA), transfers under SCCs.
CDN: Cloudflare (USA/Canada), transfers under adequacy/SCCs.

6. Cookies and Local Storage

We use cookies to make the website more user-friendly and effective.

  • Necessary: cart, checkout, consent, chatbot.
  • Analytics: Google Analytics, Hotjar (consent).
  • Marketing: Google Ads, Meta, Microsoft, Pinterest, Klaviyo (consent).

Legal bases: §25 TDDDG and Art. 6(1)(a) GDPR for non-essential cookies; §25(2) TDDDG for strictly necessary cookies.

Lifetimes: Session (until browser close) or persistent (auto-deleted after set time). You can delete cookies anytime in your browser.

You can configure your browser to refuse third-party cookies or all cookies. Some site functions may then be unavailable.

7. Contacting Us

If you contact us via email or forms, we process details such as name, email, and message. Basis: Art. 6(1)(b) GDPR for orders, Art. 6(1)(f) GDPR for general inquiries. Data is deleted once no longer required.

8. Use of Our Webshop

To place an order, we require personal data such as name, address, email, and payment details. Basis: Art. 6(1)(b) GDPR. Data is stored for 10 years under tax/commercial law. Orders are TLS-encrypted.

Payments:

  • PayPal (Luxembourg): Privacy info
  • Klarna (Sweden): Privacy info
  • Apple Pay, Google Pay, Cards via Stripe/Shopify Payments

Shipping: DHL, DPD – we transmit name, address, and if provided, email/phone (Art. 6(1)(b) GDPR).

9. Customer Account

Voluntary. Stores contact data and order history (Art. 6(1)(b) GDPR). You can request deletion anytime.

10. User Generated Content (UGC)

You may submit photos, testimonials, or posts. By doing so, you grant permission to publish on our website, product pages, newsletters, or official social media. Basis: Art. 6(1)(a) GDPR (consent) and Art. 6(1)(f) GDPR (legitimate interest). You can request deletion anytime.

11. Direct Marketing

Newsletters via Klaviyo (double opt-in). Postal marketing under Art. 6(1)(f) GDPR. Customer email marketing under §7(3) UWG. Consent may be revoked anytime.

12–24. Additional Services

  • Cookiebot: Usercentrics CMP for consent logs (Art. 6(1)(c) GDPR).
  • Chatbot: Avada Chatbot (Art. 6(1)(b) GDPR).
  • Availability Notifications: Restock Rocket (Art. 6(1)(b) GDPR).
  • Product Reviews: Loox (Israel) – transfers under SCCs. See Privacy info.
  • Google Tag Manager: tag control only (Art. 6(1)(f) GDPR).
  • Google Maps: location display, transfers under DPF (Art. 6(1)(f) GDPR).
  • Hotjar: behavior analytics with consent.
  • Google Analytics: with consent, 14-month retention, transfers under SCCs/DPF.
  • Google Ads & Remarketing: consent required.
  • Meta Pixel: joint controller with Meta Ireland. Consent required.
  • Microsoft Advertising: UET tag, consent required. See Privacy info.
  • Pinterest: retargeting, joint controller under Art. 26 GDPR. Consent required.
  • Social Media: profiles on Facebook, Instagram, Pinterest, TikTok, LinkedIn, YouTube. Supported by Later (Art. 6(1)(f) GDPR).

Security & Retention

We apply encryption, access controls, and audits. Retention: 10 years for orders, 12 months for cookies, until withdrawal for marketing consent.

Cookie Declaration

The following overview is automatically provided by Cookiebot and lists all cookies and tracking technologies currently active on this site: