Privacy Policy

1) Introduction and Contact Details of the Responsible Party

1.1 We are pleased that you visit our website and thank you for your interest. Below we inform you about the handling of your personal data when using our website. Personal data refers to all data that can identify you personally.

1.2 The entity responsible for data processing on this website in accordance with the General Data Protection Regulation (GDPR) is DORSA Corporation GmbH, Mexikoring 27-29, 22297 Hamburg, Germany, Tel.: +49 177 9270174, Email: info@globaldorsa.com. The responsible party for processing personal data is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.

2) Data Collection When Visiting Our Website

2.1 When using our website purely for informational purposes, i.e., if you do not register or otherwise provide us with information, we only collect data that your browser transmits to the page server (so-called "server log files"). When you access our website, we collect the following data, which is technically required for us to display the website to you:

• The website you visited
• Date and time at the time of access
• Amount of data sent in bytes
• Source/referrer from which you reached the page
• Browser used
• Operating system used
• IP address used (if applicable: in anonymized form)

The processing is carried out in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of our website. No transfer or other use of the data occurs. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to us), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the "https://" prefix and the padlock symbol in your browser's address bar.

3) Hosting & Content Delivery Network

For hosting our website and displaying page content, we use a provider that delivers its services exclusively on servers within the European Union, either directly or through selected subcontractors.

All data collected on our website is processed on these servers.

We have concluded a data processing agreement with the provider to ensure the protection of our website visitors’ data and to prohibit unauthorized sharing with third parties.

4) Cookies

To make your visit to our website attractive and to enable the use of certain functions, we use cookies, small text files stored on your device. Some of these cookies are automatically deleted after closing the browser (so-called "session cookies"), while others remain on your device longer and allow the storage of site settings (so-called "persistent cookies"). In the latter case, you can find the duration of storage in the overview of your web browser's cookie settings.

If any of the cookies we use also process personal data, the processing is based on Art. 6(1)(b) GDPR for the execution of the contract, Art. 6(1)(a) GDPR in the case of consent, or Art. 6(1)(f) GDPR to safeguard our legitimate interests in the optimal functionality of the website and a customer-friendly and effective design of the site visit.

You can set your browser to be informed about the setting of cookies and decide individually whether to accept them or exclude them for certain cases or generally.

Please note that the functionality of our website may be limited if cookies are not accepted.

5) Contact

5.1 WhatsApp Business

We offer you the possibility to contact us via the messaging service WhatsApp of WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, using the "Business Version" of WhatsApp.

If you contact us via WhatsApp in connection with a specific transaction (e.g., an order), we store and use the mobile number you use on WhatsApp and – if provided – your first and last name according to Art. 6(1)(b) GDPR to process and respond to your request. Based on the same legal basis, we may ask you via WhatsApp to provide further data (order number, customer number, address, or email address) to assign your request to a specific case.

If you use our WhatsApp contact for general inquiries (e.g., about services, availability, or our website), we store and use the mobile number used on WhatsApp and – if provided – your first and last name according to Art. 6(1)(f) GDPR based on our legitimate interest in efficiently and promptly providing the requested information.

Your data is always used solely to respond to your WhatsApp inquiry. No transfer to third parties occurs.

Please note that WhatsApp Business has access to the address book of the mobile device used for our WhatsApp Business account, and phone numbers stored in the address book are automatically transferred to a server of Meta Platforms Inc. in the USA. For operating our WhatsApp Business account, we use a mobile device whose address book contains only the WhatsApp contact details of users who have contacted us via WhatsApp.

This ensures that every person whose WhatsApp contact data is stored in our address book has already consented to the transfer of their WhatsApp phone number from the address books of their chat contacts through acceptance of WhatsApp's terms of use on their device, according to Art. 6(1)(a) GDPR. Transmission of data from users who do not use WhatsApp or have not contacted us via WhatsApp is excluded.

The purpose and scope of data collection, as well as further processing and use of the data by WhatsApp, and your rights and privacy settings, can be found in WhatsApp’s privacy policy: https://www.whatsapp.com/legal/?eea=1#privacy-policy

Data may be transferred to servers of Meta Platforms Inc. in the USA.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with European data protection standards based on a decision of the European Commission.

5.2 When contacting us (e.g., via contact form or email), personal data is processed solely for the purpose of handling and responding to your inquiry and only to the extent necessary.

The legal basis for processing this data is our legitimate interest in responding to your inquiry under Art. 6(1)(f) GDPR. If your contact is related to a contract, the additional legal basis for processing is Art. 6(1)(b) GDPR. Your data will be deleted once it is clear that the matter has been fully resolved and no legal retention obligations exist.

6) Data Processing When Opening a Customer Account

In accordance with Art. 6(1)(b) GDPR, personal data is further collected and processed to the necessary extent if you provide it when opening a customer account. The required data for account creation can be seen in the respective form on our website.

Deletion of your customer account is possible at any time by sending a message to the above address of the responsible party. After deletion, your data will be erased, provided all related contracts have been fully settled, no legal retention periods prevent deletion, and no legitimate interest in continued storage exists.

7) Use of Customer Data for Direct Marketing

7.1 Newsletter Subscription

If you subscribe to our email newsletter, we regularly send you information about our offers. The only mandatory information for sending the newsletter is your email address. Providing additional data is voluntary and allows us to address you personally. We use a double opt-in process to ensure that you only receive the newsletter after confirming your subscription via a verification link sent to your email.

By activating the confirmation link, you consent to the use of your personal data under Art. 6(1)(a) GDPR. We record your ISP-assigned IP address and the date and time of registration to detect potential misuse of your email address at a later time. The collected data is used strictly for the stated purpose.

You can unsubscribe from the newsletter at any time via the link in the newsletter or by contacting the responsible party. After unsubscribing, your email address will be promptly removed from our newsletter list unless you have explicitly consented to further use of your data.

7.2 Shopping Cart Reminders via Email

If you abandon your purchase before completing your order, you can be reminded once via email about the contents of your virtual shopping cart.

The only mandatory information for sending this reminder is your email address. Providing additional data is voluntary and may be used to address you personally. We use a double opt-in process for this reminder as well.

By activating the confirmation link, you consent to the use of your personal data under Art. 6(1)(a) GDPR for sending a shopping cart reminder. We record your ISP-assigned IP address and the date and time of registration to detect potential misuse. The data collected is used strictly for the stated purpose.

You can unsubscribe from shopping cart reminders at any time by contacting the responsible party. After unsubscribing, your email address will be promptly removed unless you have explicitly consented to further use or if legal provisions allow additional use.

h2>8) Payment Services

We offer various payment methods in our online shop. Depending on the selected payment method, the following information is collected and transmitted to the payment service provider in accordance with Art. 6(1)(b) GDPR to execute the payment transaction:

• Name
• Address
• Payment details (e.g., IBAN, card number)
• Order details

The transmitted data is used exclusively for processing the payment transaction and is deleted after the transaction is completed unless legal retention obligations exist.

9) Use of Plugins and External Services

9.1 Google Maps

For the display of maps, we use Google Maps, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. By using Google Maps, data including your IP address is transmitted to Google servers in the USA. Google participates in the EU-US Data Privacy Framework, ensuring compliance with European data protection standards.

The legal basis for using Google Maps is our legitimate interest under Art. 6(1)(f) GDPR to provide you with a user-friendly display of our store location and route options.

9.2 YouTube

We embed videos from YouTube, a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. When you play a video, your data may be transmitted to YouTube and stored on their servers. Google is certified under the EU-US Data Privacy Framework. The legal basis for this processing is our legitimate interest under Art. 6(1)(f) GDPR in providing multimedia content.

10) Rights of the Data Subject

You have the following rights under the GDPR regarding your personal data:

• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object (Art. 21 GDPR)
• Right to withdraw consent at any time (Art. 7(3) GDPR)
• Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

11) Data Security

We take appropriate technical and organizational measures to protect your personal data from accidental or intentional manipulation, loss, destruction, or unauthorized access. Our security measures are continuously improved according to technological developments.

12) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The current version is always published on our website. We recommend that you regularly review our Privacy Policy for updates.