Privacy Policy

1) Introduction and contact details of the controller

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we will inform you about the handling of your personal data when you use our website. Personal data is any data with which you can be personally identified.

1.2 The controller for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is DEW&JUJU OG, Hochstraßgasse 67d, 7423 Pinkafeld, Austria, Tel.: 004369910600044, E-mail: office@dewandjuju.com. The controller for the processing of personal data is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

2) Data collection when visiting our website

2.1 When you use our website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to the page server (so-called "server log files"). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:

Our visited website
Date and time of access
Amount of data sent in bytes
Source/reference from which you accessed the page
Browser used
Operating system used
IP address used (if applicable: in anonymised form)

The processing is carried out in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively should there be concrete indications of unlawful use.

2.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or enquiries to us). You can recognise an encrypted connection by the string "https://" and the padlock symbol in your browser line.

3) Hosting & Content Delivery Network

3.1 Shopify

We use the system of the following provider for hosting our website and displaying the page content: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify").

Data is also transferred to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada.

All data collected on our website is processed on the provider's servers. We have concluded a data processing agreement with the provider, which ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

In the case of data transfer to Canada, an adequate level of data protection is guaranteed by an adequacy decision of the European Commission.

3.2 Cloudflare

We use a Content Delivery Network from the following provider: Cloudflare Inc., 101 Townsend St. San Francisco, CA 94107, USA

This service enables us to deliver large media files such as graphics, page content or scripts more quickly via a network of regionally distributed servers. Processing is carried out to protect our legitimate interest in improving the stability and functionality of our website in accordance with Art. 6 (1) (f) GDPR. We have concluded a data processing agreement with the provider, which ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level on the basis of an adequacy decision by the European Commission.

4) Cookies

To make visiting our website attractive and to enable the use of certain functions, we use cookies, which are small text files that are stored on your end device. Some of these cookies are automatically deleted after you close your browser (so-called "session cookies"), while others remain on your end device for a longer period and enable the storage of page settings (so-called "persistent cookies"). In the latter case, you can find the storage period in the overview of the cookie settings of your web browser.

If personal data is also processed by individual cookies used by us, the processing is carried out either in accordance with Art. 6 (1) (b) GDPR for the execution of the contract, in accordance with Art. 6 (1) (a) GDPR in the event of consent given or in accordance with Art. 6 (1) (f) GDPR to protect our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the website visit.

You can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general.

Please note that if cookies are not accepted, the functionality of our website may be limited.

5) Contact

When contacting us (e.g. via contact form or e-mail), personal data is processed - exclusively for the purpose of processing and responding to your request and only to the extent necessary for this purpose.

The legal basis for the processing of this data is our legitimate interest in responding to your request in accordance with Art. 6 (1) (f) GDPR. If your contact aims at concluding a contract, the additional legal basis for the processing is Art. 6 (1) (b) GDPR. Your data will be deleted when it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no legal retention obligations to the contrary.

6) Use of customer data for direct marketing

6.1 Registration for our e-mail newsletter

If you register for our e-mail newsletter, we will regularly send you information about our offers. The only mandatory information for sending the newsletter is your e-mail address. The provision of further data is voluntary and will be used to address you personally. For sending the newsletter, we use the so-called double opt-in procedure, which ensures that you only receive newsletters when you have explicitly confirmed your consent to receive newsletters by activating a verification link sent to the e-mail address provided.

By activating the confirmation link, you give us your consent to the use of your personal data in accordance with Art. 6 (1) (a) GDPR. In this case, we store your IP address entered by the Internet Service Provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data collected by us when you register for the newsletter is used strictly for its intended purpose.

You can unsubscribe from the newsletter at any time via the corresponding link in the newsletter or by sending a message to the controller mentioned at the beginning. After unsubscribing, your e-mail address will be immediately deleted from our newsletter distribution list, unless you have expressly consented to further use of your data or we reserve the right to further data use, which is permitted by law and about which we inform you in this declaration.

6.2 Sending of the e-mail newsletter to existing customers

If you have provided us with your e-mail address when purchasing goods or services, we reserve the right to regularly send you offers for similar goods or services, such as those already purchased, from our product range by e-mail. For this purpose, we do not have to obtain separate consent from you in accordance with Section 7 (3) UWG (Unfair Competition Act). The data processing in this respect is carried out solely on the basis of our legitimate interest in personalised direct advertising in accordance with Art. 6 (1) (f) GDPR. If you have initially objected to the use of your e-mail address for this purpose, we will not send any e-mails.

You are entitled to object to the use of your e-mail address for the aforementioned advertising purpose at any time with effect for the future by sending a message to the controller named at the beginning. For this, you will only incur transmission costs according to the basic rates. After receipt of your objection, the use of your e-mail address for advertising purposes will cease immediately.

6.3 Klaviyo

The sending of our e-mail newsletters and other promotional e-mail communication is carried out via this provider: Klaviyo, Inc., 125 Summer St., Ste 600, Boston, MA 02110, USA

Based on our legitimate interest in effective and user-friendly e-mail marketing, we pass on the data provided during registration to this provider in accordance with Art. 6 (1) (f) GDPR so that they can carry out the e-mail dispatch on our behalf.

Subject to your express consent in accordance with Art. 6 (1) (a) GDPR, the provider also carries out a statistical success analysis of e-mail campaigns using web beacons or tracking pixels in the e-mails sent, which can measure opening rates and specific interactions with the content of the newsletter. Device information (e.g. time of access, IP address, browser type and operating system) is also collected and evaluated, but not merged with other data sets.

You can revoke your consent to mail tracking at any time with effect for the future.

We have concluded a data processing agreement with the provider, which protects the data of our site visitors and prohibits disclosure to third parties.

6.4 Shopping cart reminders by e-mail

If you abandon your purchase with us before completing the order, you have the option of being reminded once by e-mail about the contents of your virtual shopping cart.

The only mandatory information for sending this reminder is your e-mail address. The provision of further data is voluntary and may be used to address you personally. For sending the e-mail, we use the so-called double opt-in procedure, which ensures that you only receive a notification if you have explicitly confirmed your consent by activating a verification link sent to the e-mail address provided.

By activating the confirmation link, you give us your consent to the use of your personal data in accordance with Art. 6 (1) (a) GDPR for sending a shopping cart reminder. In this case, we store your IP address entered by the Internet Service Provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data collected by us when you register for our e-mail notification service is used strictly for its intended purpose.

You can unsubscribe from shopping cart reminders at any time by sending a message to the controller mentioned at the beginning. After unsubscribing, your e-mail address will be immediately deleted from our distribution list set up for this purpose, unless you have expressly consented to further use of your data or we reserve the right to further data use, which is permitted by law and about which we inform you in this declaration.

7) Data processing for order processing

7.1 Insofar as it is necessary for the execution of the contract for delivery and payment purposes, the personal data collected by us will be passed on to the commissioned transport company and the commissioned credit institution in accordance with Art. 6 (1) (b) GDPR.

If, on the basis of a corresponding contract, we owe you updates for goods with digital elements or for digital products, we process the contact data transmitted by you when ordering (name, address, e-mail address) in order to inform you personally about upcoming updates within the legally prescribed period in accordance with Art. 6 (1) (c) GDPR via a suitable communication channel (e.g. by post or e-mail). Your contact data will be used strictly for the purpose of notifications about updates owed by us and will only be processed by us for this purpose to the extent that this is necessary for the respective information.

To process your order, we also work with the following service provider(s) who support us entirely or partially in the execution of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.

7.2 Use of payment service providers

- Apple Pay

If you choose the "Apple Pay" payment method offered by Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, payment will be processed via the "Apple Pay" function of your iOS, watchOS or macOS device by debiting a payment card stored in "Apple Pay". Apple Pay uses security features integrated into your device's hardware and software to protect your transactions. To authorise a payment, you must enter a code you have previously set and verify it using the "Face ID" or "Touch ID" function of your device.

For the purpose of payment processing, your information provided during the order process, along with information about your order, will be transmitted to Apple in encrypted form. Apple then re-encrypts this data with a developer-specific key before the data is transmitted to the payment service provider of the payment card stored in Apple Pay for the purpose of payment execution. The encryption ensures that only the website where the purchase was made can access the payment data. After the payment has been made, Apple sends your device account number and a transaction-specific, dynamic security code to the originating website to confirm the success of the payment.

If personal data is processed during the described transmissions, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 (1) (b) GDPR.

Apple stores anonymised transaction data, including the approximate purchase amount, approximate date and time, and whether the transaction was successfully completed. Anonymisation completely excludes any personal reference. Apple uses the anonymised data to improve "Apple Pay" and other Apple products and services.

If you use Apple Pay on your iPhone or Apple Watch to complete a purchase you made via Safari on your Mac, the Mac and the authorisation device communicate via an encrypted channel on Apple's servers. Apple does not process or store any of this information in a format that can identify you. You can disable the ability to use Apple Pay on your Mac in your iPhone settings. Go to "Wallet & Apple Pay" and disable "Allow Payments on Mac".

Further information on data protection at Apple Pay can be found at the following internet address: https://support.apple.com/de-de/HT203027
- Klarna

One or more online payment methods from the following provider are available on this website: Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden

If you choose a payment method from the provider where you make an advance payment (e.g. credit card payment), your payment data provided during the order process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be passed on to this provider in accordance with Art. 6 (1) (b) GDPR. The transfer of your data in this case is solely for the purpose of payment processing with the provider and only insofar as it is necessary for this purpose.

If you choose a payment method where the provider makes an advance payment (e.g. invoice or instalment purchase or direct debit), you will also be asked to provide certain personal data (first name, last name, street, house number, postcode, city, date of birth, e-mail address, telephone number, possibly data on an alternative payment method) during the order process.

In order to protect our legitimate interest in determining the creditworthiness of our customers, we forward this data to the provider for a credit check in accordance with Art. 6 (1) (f) GDPR. Based on the personal data you provide and other data (such as shopping cart, invoice amount, order history, payment experience), the provider checks whether the payment option you have selected can be granted with regard to payment and/or default risks.

In addition to internal provider criteria, identity and creditworthiness information from the following credit agencies may be included in the decision-making process for the application in accordance with Art. 6 (1) (f) GDPR:

https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies

The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they are based on a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, among other things, but not exclusively, address data.

You can object to this processing of your data at any time by sending a message to us or to the provider. However, the provider may still be entitled to process your personal data if this is necessary for contractually compliant payment processing.
- PayPal

One or more online payment methods from the following provider are available on this website: PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg

If you select a payment method from the provider where you make an advance payment, your payment data (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order communicated during the ordering process will be passed on to them in accordance with Art. 6 Para. 1 lit. b GDPR. The transfer of your data in this case takes place exclusively for the purpose of payment processing with the provider and only insofar as it is necessary for this purpose.

If you select a payment method for which we make an advance payment, you will also be asked during the ordering process to provide certain personal data (first name and surname, street, house number, postcode, city, date of birth, email address, telephone number, if applicable, data on an alternative payment method).

In such cases, in order to protect our legitimate interest in determining your solvency, we will forward this data to the provider for a credit check in accordance with Art. 6 Para. 1 lit. f GDPR. Based on the personal data you provide and other data (such as shopping cart, invoice amount, order history, payment experiences), the provider will check whether the payment option you have selected can be granted with regard to payment and/or default risks.

One or more online payment methods from the following provider are available on this website: Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland

If you select a payment method from the provider for which you make an advance payment (e.g. credit card payment), your payment data (including name, address, bank and payment card information, currency and transaction number) communicated during the ordering process, as well as information about the content of your order, will be transmitted to them in accordance with Art. 6 para. 1 lit. b GDPR. In this case, the transfer of your data is exclusively for the purpose of payment processing with the provider and only to the extent that it is necessary for this.

8) Web analysis services

Shopify Analytics

This website uses the web analysis service of the following provider: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland

Data is also transferred to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada

Using cookies and/or similar technologies (tracking pixels, web beacons, algorithms for reading out end device and browser information), the service collects and stores pseudonymised visitor data, including information about the end device used, such as the IP address and browser information, to evaluate it for statistical analyses of user behaviour on our website and to create pseudonymised usage profiles. Among other things, this allows for the evaluation of movement patterns (so-called heatmaps), which show the duration of page visits as well as interactions with page content (e.g. text input, scrolling, clicks and mouse-overs). Pseudonymisation generally excludes direct personal identification. No merging with clear data about you collected in other ways takes place.

All processing described above, in particular the reading out or storage of information on the end device used, will only be carried out if you have given us your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR. You can withdraw your given consent at any time with effect for the future by deactivating this service in the "Cookie Consent Tool" provided on the website.

We have concluded a data processing agreement with the provider, which protects the data of our website visitors and prohibits disclosure to third parties.

For data transfer to Canada, an adequate level of data protection is ensured by an adequacy decision of the European Commission.

9) Page functionalities

9.1 Facebook plugins

Our website uses plugins from the social network of the following provider: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

These plugins enable direct interactions with content on the social network.

To increase the protection of your data when visiting our website, the plugins are initially deactivated and integrated into the page using a so-called "2-click" or "Shariff" solution.

This integration ensures that when you access a page of our website that contains such plugins, no connection is yet established with the provider's servers.

If you are logged into an existing user profile on the provider's social network, information about interactions carried out via the plugins will also be published there and displayed to your contacts. You can revoke your consent at any time by deactivating the activated plugin again by clicking on it. However, the revocation does not affect the data that has already been transmitted to the provider.

Data may also be transferred to: Meta Platforms Inc., USA.

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision of the European Commission.

9.2 Instagram plugins

Our website uses plugins from the social network of the following provider: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.

These plugins enable direct interactions with content on the social network.

To increase the protection of your data when visiting our website, the plugins are initially deactivated and integrated into the page using a so-called "2-click" or "Shariff" solution.

This integration ensures that when you access a page of our website that contains such plugins, no connection is yet established with the provider's servers.

Only when you activate the plugins and thus give your consent to data transmission in accordance with Art. 6 para. 1 lit. a GDPR, does your browser establish a direct connection to the provider's servers. In this process, regardless of a login to an existing user profile, certain information about your end device (including your IP address), your browser and your page history is transmitted to the provider and may be further processed there.
If you are logged into an existing user profile on the provider's social network, information about interactions carried out via the plugins will also be published there and displayed to your contacts.
You can revoke your consent at any time by deactivating the activated plugin again by clicking on it. However, the revocation does not affect the data that has already been transmitted to the provider.

Data may also be transferred to: Meta Platforms Inc., USA.

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

9.3 Pinterest plugins

Our website uses plugins from the social network of the following provider: Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.

These plugins allow you to interact directly with content on the social network.

To increase the protection of your data when visiting our website, the plugins are initially deactivated and integrated into the page using a so-called "2-click" or "Shariff" solution.

This integration ensures that when you access a page of our website that contains such plugins, no connection is yet established with the provider's servers.

Data may also be transferred to: Pinterest Inc., USA.

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

For the transfer of data to the USA, the provider relies on standard contractual clauses from the European Commission, which are intended to ensure compliance with the European level of data protection.

9.4 Google Web Fonts

This site uses so-called web fonts from the following provider for the uniform display of fonts: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

When you access a page, your browser loads the required web fonts into your browser's cache to display texts and fonts correctly and establishes a direct connection to the provider's servers. In this process, certain browser information, including your IP address, is transmitted to the provider.

Data may also be transferred to: Google LLC, USA

The processing of personal data in connection with establishing contact with the font provider will only be carried out if you have given us your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your given consent at any time with effect for the future by deactivating this service via the "Cookie Consent Tool" provided on the website. If your browser does not support web fonts, a standard font from your computer will be used.

10) Rights of the data subject

10.1 Applicable data protection law grants you, as the data controller, the following data subject rights (rights of access and intervention) with regard to the processing of your personal data, whereby the legal basis for the respective exercise conditions is referenced:

Right of access according to Art. 15 GDPR;
Right to rectification according to Art. 16 GDPR;
Right to erasure according to Art. 17 GDPR;
Right to restriction of processing according to Art. 18 GDPR;
Right to notification according to Art. 19 GDPR;
Right to data portability according to Art. 20 GDPR;
Right to withdraw given consents according to Art. 7 para. 3 GDPR;
Right to lodge a complaint according to Art. 77 GDPR.

10.2 RIGHT TO OBJECT

IF, WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS, WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, WITH EFFECT FOR THE FUTURE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE AFFECTED DATA. HOWEVER, FURTHER PROCESSING REMAINS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES THE ASSERTION, EXERCISE OR DEFENCE OF LEGAL CLAIMS.

IF YOUR PERSONAL DATA IS PROCESSED BY US FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE AFFECTED DATA FOR DIRECT MARKETING PURPOSES.

11) Duration of storage of personal data

The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing and – if applicable – additionally by the respective statutory retention period (e.g. commercial and tax law retention periods).

When processing personal data based on explicit consent in accordance with Art. 6 para. 1 lit. a GDPR, the data concerned will be stored until you revoke your consent.

If there are statutory retention periods for data processed within the scope of legal transactions or similar obligations based on Art. 6 para. 1 lit. b GDPR, this data will be routinely deleted after the retention periods have expired, provided it is no longer necessary for the fulfilment or initiation of the contract and/or we no longer have a legitimate interest in its continued storage.

When processing personal data based on Art. 6 para. 1 lit. f GDPR, this data will be stored until you exercise your right to object under Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims.

When personal data is processed for direct marketing purposes based on Art. 6 para. 1 lit. f GDPR, this data will be stored until you exercise your right to object under Art. 21 para. 2 GDPR.

Unless otherwise stated in the other information of this declaration about specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

Status: 27.05.2026, 15:29:30