Legal

Privacy Policy

How Clearingeregenel collects, processes, and protects your personal data

Last updated:

This Privacy Policy complies with the EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and applicable German data protection law (BDSG). It applies to all personal data processed by Clearingeregenel in connection with this website and the sale of InnerSpark dietary supplements.

1. Data Controller

The data controller responsible for the processing of personal data collected through this website is:

Clearingeregenel
Zeil 106
60313 Frankfurt am Main
Germany
Email: write-to-us@clearingeregenel.world
Website: https://clearingeregenel.world

If you have any questions about how your personal data is processed, please contact us at the email address above.

2. Data We Collect

We collect personal data only to the extent necessary for specified, legitimate purposes. The categories of personal data we may collect include:

2.1 Data You Provide Directly

  • Full name
  • Email address
  • Phone number (optional, only if provided)
  • Postal or delivery address (for order fulfilment)
  • Message content submitted via the order form
  • Payment information (processed by our third-party payment provider; we do not store full card details)

2.2 Data Collected Automatically

  • IP address (anonymised where technically feasible)
  • Browser type and version
  • Operating system
  • Pages visited and time spent on pages
  • Referral URL
  • Cookie identifiers (subject to your consent – see Section 9)

2.3 Data from Third Parties

We may receive limited data from payment processors and logistics partners solely for the purpose of fulfilling your order.

3. Purposes and Legal Basis for Processing

We process personal data only when we have a valid legal basis under Article 6 GDPR. The table below describes our main processing activities:

  • Order fulfilment: Processing your order, arranging delivery, and managing returns. Legal basis: performance of a contract (Art. 6(1)(b) GDPR).
  • Customer communications: Responding to enquiries, sending order confirmations and shipping updates. Legal basis: performance of a contract / legitimate interests (Art. 6(1)(b) and (f)).
  • Legal compliance: Retaining transaction records, invoicing, and meeting tax obligations under German and EU law. Legal basis: legal obligation (Art. 6(1)(c)).
  • Website analytics: Understanding how visitors use our website to improve content and performance, using anonymised or aggregated data. Legal basis: consent (Art. 6(1)(a)) where cookies are used, or legitimate interests (Art. 6(1)(f)) for fully anonymised server-side analytics.
  • Marketing communications: Sending promotional emails about InnerSpark, only with your explicit opt-in consent. Legal basis: consent (Art. 6(1)(a)). You may withdraw consent at any time.
  • Fraud and security: Detecting and preventing fraudulent transactions and protecting the security of our systems. Legal basis: legitimate interests (Art. 6(1)(f)).

4. Data Retention Periods

We retain personal data only for as long as necessary to fulfil the purpose for which it was collected, or as required by applicable law:

  • Order and transaction data: 10 years, in compliance with German commercial and tax law (§ 147 AO, § 257 HGB).
  • Customer enquiry data: Up to 3 years from the date of the last communication, or until the matter is resolved.
  • Marketing consent records: For the duration of your consent plus 3 years for record-keeping purposes.
  • Website analytics data: Up to 26 months, unless a shorter period is set by the analytics tool configuration.
  • Cookie consent logs: 12 months, after which you will be asked to renew your preferences.

When data is no longer required, it is securely deleted or anonymised on a scheduled basis.

5. Data Sharing and Third-Party Processors

We do not sell, rent, or trade your personal data to third parties. We share data only as described below:

  • Payment processors: To process payments securely. Our payment partners are PCI-DSS compliant and process data on our behalf under a data processing agreement.
  • Logistics and fulfilment partners: Your name and delivery address are shared with our shipping carrier to arrange delivery of your order.
  • Email service providers: To send transactional and, where consented, promotional emails. These processors act under our instructions pursuant to GDPR Article 28.
  • Analytics providers: Where you have consented to analytics cookies, aggregated usage data may be shared with our analytics platform.
  • Legal and regulatory authorities: Where required by applicable law, court order, or legitimate regulatory request.

All third-party processors are contractually bound to process your data only on our instructions and subject to equivalent data protection obligations.

6. International Data Transfers

Our primary operations are based in Germany and the European Union. Where data is transferred outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions for the recipient country issued by the European Commission
  • Binding Corporate Rules where applicable

You may request information about international transfer safeguards by contacting us at the address in Section 1.

7. Your Rights Under GDPR

As a data subject under the GDPR, you have the following rights with respect to your personal data:

  • Right of access (Art. 15): You may request a copy of the personal data we hold about you.
  • Right to rectification (Art. 16): You may request that inaccurate or incomplete data is corrected.
  • Right to erasure (Art. 17): You may request deletion of your personal data where the legal basis for processing no longer applies and no overriding legal obligation requires retention.
  • Right to restriction of processing (Art. 18): You may request that we restrict processing of your data in certain circumstances, for example while a rectification request is pending.
  • Right to data portability (Art. 20): You may request your data in a structured, commonly used, machine-readable format where processing is based on consent or contract.
  • Right to object (Art. 21): You may object to processing based on legitimate interests, including for direct marketing purposes.
  • Right to withdraw consent (Art. 7(3)): Where processing is based on consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of prior processing.
  • Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority. In Germany, the competent authority is the Hessian Commissioner for Data Protection and Freedom of Information (HBDI) at https://datenschutz.hessen.de.

To exercise any of these rights, please contact us at write-to-us@clearingeregenel.world. We will respond within 30 days.

8. Security Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, or disclosure. These include:

  • TLS/HTTPS encryption for all data transmitted between your browser and our server
  • Access controls and role-based permissions for staff who handle personal data
  • Regular security assessments and updates of our systems
  • Data minimisation practices – we only collect data that is necessary
  • Pseudonymisation and anonymisation of data where feasible
  • Contractual data security requirements applied to all processors

While we take all reasonable precautions, no method of transmission over the internet or electronic storage is 100% secure. In the event of a personal data breach, we will notify affected individuals and the relevant supervisory authority in accordance with GDPR Article 33 and 34 obligations.

9. Cookies

We use cookies and similar technologies on this website. For full details, please refer to our Cookie Policy. You can manage your cookie preferences at any time using the cookie settings banner on this website.

10. Minors

Our website and products are intended for adults aged 18 and over. We do not knowingly collect personal data from children under the age of 16. If you believe a child has provided us with personal data without appropriate parental consent, please contact us and we will delete that information promptly.

11. Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of this website following any update constitutes acceptance of the revised policy.

12. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact:

Clearingeregenel – Data Privacy
Zeil 106, 60313 Frankfurt am Main, Germany
Email: write-to-us@clearingeregenel.world