Privacy policy

Last updated: October 24, 2025

ResiForce operates this store and website, including all related information, content, features, tools, products, and services, to provide you, the customer, with a curated shopping experience (the "Services"). ResiForce is powered by Shopify, which enables us to provide the Services to you. This Privacy Policy describes how we collect, use, and disclose your personal information when you visit, use, or make a purchase or other transaction using the Services or otherwise communicate with us. If there is a conflict between our Terms of Service and this Privacy Policy, this Privacy Policy controls with respect to the collection, processing, and disclosure of your personal information.

Please read this Privacy Policy carefully. By using and accessing any of the Services, you acknowledge that you have read this Privacy Policy and understand the collection, use, and disclosure of your information as described in this Privacy Policy.

Personal Information We Collect or Process

When we use the term "personal information," we refer to information that identifies or can reasonably be linked to you or another person. Personal information does not include anonymized or de-identified information that cannot be linked to you. We may collect or process the following categories of personal information, including inferences drawn from this information, depending on how you interact with the Services and as permitted by applicable German and EU law, including the General Data Protection Regulation (GDPR):

  • Contact details: Your name, address, billing address, shipping address, phone number, and email address.
  • Financial information: Credit card, debit card, financial account numbers, payment card information, transaction details, payment confirmation, and other payment details.
  • Account information: Your username, password, security questions, preferences, and settings.
  • Transaction information: Items you view, add to your cart, wishlist, purchase, return, exchange, or cancel, and your past transactions.
  • Communications with us: Information included in communications with us, such as customer support inquiries.
  • Device information: Information about your device, browser, network connection, IP address, and other unique identifiers.
  • Usage information: Information regarding your interaction with the Services, including how and when you navigate the Services.

Personal Information Sources

We may collect personal information from the following sources:

  • Directly from you: When you create an account, use the Services, communicate with us, or provide personal information.
  • Automatically through the Services: From your device when you use our products, services, or visit our websites, including through cookies and similar technologies.
  • From our service providers: When we engage them to enable technology or process your personal information on our behalf.
  • From partners or third parties: Including business or marketing partners.

How We Use Your Personal Information

We process your personal information based on legal grounds under the GDPR, such as your consent, the necessity to perform a contract, compliance with legal obligations, or our legitimate interests. We may use your personal information for the following purposes:

  • Provide, Tailor, and Improve the Services: To perform our contract with you, process payments, fulfill orders, remember preferences, send account-related notifications, process purchases, returns, exchanges, manage your account, arrange shipping, facilitate returns, enable reviews, and create a customized shopping experience (e.g., recommending products). This is based on contract performance (Art. 6(1)(b) GDPR) and our legitimate interests (Art. 6(1)(f) GDPR).
  • Marketing and Advertising: For marketing purposes, such as sending promotional communications by email, text, or postal mail, and showing targeted advertisements based on your activity. This is based on your consent (Art. 6(1)(a) GDPR) or our legitimate interests (Art. 6(1)(f) GDPR) where permitted.
  • Security and Fraud Prevention: To authenticate your account, ensure secure payments, detect or investigate fraudulent, illegal, or malicious activity, and secure our Services. This is based on our legitimate interests (Art. 6(1)(f) GDPR) and legal obligations (Art. 6(1)(c) GDPR).
  • Communicating with You: To provide customer support, respond to inquiries, and maintain our business relationship, based on contract performance (Art. 6(1)(b) GDPR) or legitimate interests (Art. 6(1)(f) GDPR).
  • Legal Reasons: To comply with legal obligations, respond to legal processes (e.g., requests from authorities), participate in litigation, or enforce our terms or policies, based on legal obligations (Art. 6(1)(c) GDPR) or legitimate interests (Art. 6(1)(f) GDPR).

How We Disclose Personal Information

We may disclose your personal information to third parties for legitimate purposes, subject to this Privacy Policy and GDPR requirements:

  • With Shopify and service providers: For IT management, payment processing, data analytics, customer support, cloud storage, fulfillment, and shipping.
  • With business and marketing partners: To provide marketing services and targeted advertising, in accordance with their privacy notices and your consent where required (Art. 6(1)(a) GDPR).
  • With your consent: When you request or consent to disclosure, such as for shipping or through social media integrations.
  • Within our corporate group: With affiliates for business purposes.
  • In business transactions or legal processes: For mergers, bankruptcy, to comply with legal obligations, enforce terms, or protect our rights or users.

Relationship with Shopify

The Services are hosted by Shopify, which processes personal information to provide and improve the Services. Your information may be transmitted to Shopify and third parties, potentially in countries outside Germany. Shopify’s processing is governed by its own privacy policy (see Shopify Consumer Privacy Policy). Shopify may use your data for enhanced features, acting as a data controller. You can exercise your rights regarding Shopify’s processing at Shopify Privacy Portal.

Third Party Websites and Links

The Services may link to third-party websites or platforms. We are not responsible for their privacy or security policies. Review their terms before providing information. Information shared on public or semi-public venues, including third-party platforms, may be viewable by others without limitation.

Children's Data

The Services are not intended for children under 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided personal information, contact us to request deletion. We do not "share" or "sell" personal information of individuals under 16, as defined by applicable law.

Security and Retention of Your Information

We implement appropriate technical and organizational measures to protect your personal information, as required by Art. 32 GDPR. However, no security measures are perfect, and data in transit may not be secure. We recommend avoiding unsecure channels for sensitive information.

We retain your personal information only as long as necessary for the purposes outlined, to maintain your account, provide Services, comply with legal obligations, resolve disputes, or enforce contracts, in accordance with Art. 17 GDPR.

Your Rights and Choices

Under the GDPR, you have the following rights regarding your personal information, subject to limitations:

  • Right to Access (Art. 15 GDPR): Request access to personal information we hold about you.
  • Right to Rectification (Art. 16 GDPR): Request correction of inaccurate personal information.
  • Right to Erasure (Art. 17 GDPR): Request deletion of your personal information.
  • Right to Data Portability (Art. 20 GDPR): Receive your personal information or have it transferred to another controller.
  • Right to Restrict Processing (Art. 18 GDPR): Request restriction of processing in certain cases.
  • Right to Object (Art. 21 GDPR): Object to processing based on legitimate interests or for direct marketing.
  • Right to Withdraw Consent (Art. 7(3) GDPR): Withdraw consent at any time, without affecting prior processing.

You can exercise these rights via the Services or by contacting us at resiforce200@outlook.com. We will verify your identity and respond within one month, as required by GDPR.

You may opt out of promotional emails using the unsubscribe option in our emails. Non-promotional emails (e.g., account or order-related) will still be sent.

Complaints

If you have concerns about our processing of your personal information, contact us at resiforce200@outlook.com. You may appeal our decision or lodge a complaint with a supervisory authority, such as the Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW) in Germany. Contact details: LDI NRW.

International Transfers

We may transfer your personal information outside the European Economic Area (EEA), including to Shopify or third parties. Transfers are protected by Standard Contractual Clauses or adequacy decisions, as required by Art. 46 GDPR, unless the recipient country is deemed adequate by the European Commission.

Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in practices or legal requirements. We will post the revised policy on our website, update the "Last updated" date, and notify you as required by GDPR.

Contact

For questions, to exercise your rights, or for complaints, contact us at resiforce200@outlook.com or by mail at Balsaminenweg 8, 50769 Köln, Germany. For GDPR purposes, ResiForce is the data controller of your personal information.