Privacy Policy

PRIVACY POLICY

WELCOME TO MY BITCOIN MERCH PROJECT PRIVACY POLICY

I appreciate your interest in my project. I take the protection of your personal data very seriously and would like to inform you about the processing of your data as comprehensively as possible.

Processing of personal data, such as the name, address, email address, or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations applicable to My Bitcoin Merch Project. I would like to use this privacy policy to inform the public about the nature, extent, and purpose of the personal data I collect, use, and process. I would also like to use this privacy policy to inform data subjects about their rights.

1. DEFINITION OF TERMS

My Bitcoin Merch Project privacy policy is based on the terms used by the European Guidelines and Regulatory Authority when adopting the General Data Protection Regulation (GDPR). My data policy should be easy to read and understand, both by the public and by my customers and business partners. To ensure this, I would like to begin by explaining the terms used.

In this privacy policy, I use the following terms:

a) Personal data: Personal data is all information relating to an identified or identifiable natural person (hereinafter called "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

b) Data subject: A data subject is any identified or identifiable natural person whose personal data is processed by a data controller responsible for the processing.

c) Processing: Processing is any operation or set of operations that is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, blocking, erasure, or destruction.

d) Restriction of processing: Restriction of processing is marking stored personal data with the aim of limiting its processing in the future.

e) Profiling: Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular, to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

f) Pseudonymization: Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

g) Controller or controller responsible for the processing: Controller means the natural or legal person, public authority, agency, or any other body that alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of processing are determined by European Union law or the law of the Member States, the controller or the specific criteria for its nomination may be designated by European Union law or the law of the Member State.

h) Processor: The processor is a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.

i) Recipient: The recipient is a natural or legal person, public authority, agency, or any other body to whom personal data are disclosed, whether a third party or not. However, public authorities that may receive personal data in the framework of a particular inquiry in accordance with the European Union or Member State law shall not be regarded as recipients.

j) Third party: A Third-party is a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

k) Consent: The data subject’s consent is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. NAME AND CONTACT INFORMATION OF THE CONTROLLER

This privacy policy provides information about the processing of personal data on the website of:

Controller:

My Bitcoin Merch Project, Brunnenstr. 25A, 10119 Berlin, Germany, E-mail: gm@amongstplebs.com, Phone: +49 151 106 169 00 Contact information of data protection officer:

The My Bitcoin Merch Project data protection officer can be contacted as follows:

My Bitcoin Merch Project, Brunnenstr. 25A, 10119 Berlin Germany, E-Mail: gm@amongstplebs.com, Phone: +49 151 106 169 00

3. EXTENT AND PURPOSE OF THE PROCESSING OF PERSONAL DATA

3.1 Accessing the website

When you access this website: www.amongstplebs.com , the internet browser used by the visitor automatically sends data to the server of this website and stores it in a log file. Until the automatic erasure, the following data is stored without further input by the visitor:

  • IP address of the visitor’s device,
  • Date and time of visitor access,
  • Name and URL of the page accessed by the visitor,
  • Website from which the visitor arrived at the website (so-called referrer URL),
  • Browser and operating system of the visitor’s device, as well as the name of the access provider used by the visitor.

The processing of such personal data is in accordance with Art. 6 (1), sentence 1 lit f) of the GDPR. I have a legitimate interest in data processing for the purpose of:

  • Rapidly connecting to the website of my project,
  • Enabling user-friendly use of the website,
  • Identifying and ensuring the security and stability of the systems and
  • Facilitating and improving the administration of the website.

3.2 Data collection during registration and payment processing

For the purposes of registration and payment processing, data such as the object of purchase, shopping basket, name, date of birth, address, email address, delivery address, payment type, and bank data is collected and processed by me, insofar as the processing is necessary for the performance of the contract or if the customer has consented to the processing. The legal basis for the processing of personal data is Art. 6 (1), Sentence 1, lits a) and b) GDPR.

If desired by the customer, he can create a customer account for future orders (registration). In doing so, his customer data will be stored for use also for future orders in my online store, so that he does not have to enter them again. Registration also requires the provision of a user ID and password (access data) so that only he can log into his customer account. I may process the customer's data provided during registration in accordance with Art. 6 (1) b) DSGVO, provided that this is necessary for the establishment or fulfillment of a contract. Furthermore, I am allowed to process the data according to Art. 6 para. 1 f) DSGVO, as I would like to simplify future orders of the customer. Deletion of the customer account is possible at any time.

For this purpose, based on the customer's consent pursuant to Art. 6 (1) sentence 1 a) DSGVO, I am permitted to store the goods and products placed in the customer's shopping cart. I store and use this data to remind the customer of his selection of the product by e-mail if the purchase process is not completed. This is in the interest of the customer, as it may be that there is only a limited number of the product in the selected size.

In addition, according to § 7 para 3 UWG, I am allowed to use the e-mail address provided by the customer during the purchase for direct advertising for my own similar goods. If the customer no longer wishes to receive such direct advertising, he can object to its use at any time without incurring any costs other than the transmission costs according to the prime rates. The revocation can be made directly via the link provided in the advertising e-mail or by sending an e-mail to gm@amongstplebs.com.

3.3 Contact form

Visitors can submit messages to me via an online contact form on the website. In order to be able to receive an answer, at least a valid email address is required. All other information can be voluntarily provided to the person making the request. By sending the message via the contact form, the visitor agrees to the processing of the transmitted personal data. The data is processed exclusively for the purpose of processing and responding to requests via the contact form. This will be done on the basis of the voluntarily granted consent pursuant to Art. 6(1), sentence 1, lit a) GDPR. The personal data collected for the use of the contact form is automatically deleted once the request has been completed and there are no grounds for further storage.

4. Rights of the Data Subject

You have the following rights regarding your personal data processed by Amongst Plebs, which can be exercised free of charge by notifying us via the contact details listed in Section 2. We will respond within one (1) month, unless restricted by certain exceptional cases:

  • Right of access (Art. 15 GDPR): Request access to your personal data.
  • Right to rectification (Art. 16 GDPR): Correct incomplete or inaccurate data.
  • Right to erasure (Art. 17 GDPR): Request deletion of unnecessary or unlawfully processed data.
  • Right to restriction (Art. 18 GDPR): Temporarily limit processing of your data under certain conditions.
  • Right to revoke consent (Art. 7 para. 3 GDPR): Withdraw your consent at any time, effective for the future.
  • Right to object (Art. 21 GDPR): Object to data processing based on legitimate interests or for direct marketing.
  • Right to data portability (Art. 20 GDPR): Request a copy of your data in a machine-readable format.
  • Right to lodge a complaint: You can file a complaint with your local data protection authority.

5. Data Transfer and Recipients

Your data may be transferred to the following recipients for the purpose of fulfilling Amongst Plebs' obligations:

  • Internal employees who need access to fulfill responsibilities.
  • Service providers (processors) such as:
    • Pandectes OÜ (cookie consent solution)
    • Printful, Inc. (shipping and printing products)
    • FORSBERG+two ApS (invoices and order confirmations)
    • Loox Online Ltd (product evaluations)
    • Stripe Payments Europe Ltd (payment processing)
    • Meta Platforms Ireland Ltd (advertising and tracking)
    • Shopify International Ltd (website, store operation, newsletter)
  • Independent controllers like payment providers or other third-party services involved in your order processing.

6. Data Processing Operations

Amongst Plebs processes your data as follows:

  • Website Usage (Art. 6 para. 1 lit f GDPR): We collect traffic data (e.g., IP addresses, browser type, pages visited) to maintain website security and improve quality.
  • Contact (Art. 6 para. 1 lit f or lit b GDPR): We process your data to respond to inquiries.
  • Newsletter (Art. 6 para. 1 lit a GDPR): With your consent, we send you updates. You can unsubscribe at any time.
  • Third-party services (Section 8): Integrated services (Meta Pixel, Shopify) may collect and process data for improving website functionality and marketing.

7. Storage Technologies

We use cookies and similar technologies with your consent for improving user experience, website functionality, and marketing:

  • Technically necessary cookies: These are essential for basic site functionality.
  • Tracking and statistics cookies: Used to analyze behavior for marketing and site improvements.
  • Third-party cookies: These include services like Meta Pixel for targeted advertising.

You can adjust cookie settings in your browser at any time.

8. Third-Party Services

Amongst Plebs utilizes third-party services like:

  • Meta Pixel: Used for tracking user behavior and targeted advertising.
  • Shopify: Provides the infrastructure for our online store + order management, 
  • Omnisend: Platform for our newsletter
  • Mollie: Payment processing with FIAT
  • Opennode: Bitcoin payment processing