Privacy policy

## Privacy Policy

To obtain any information about the Personal Data processed, the purposes and the parties to whom the Data is communicated, please contact the Owner.

### Provider and responsible party

**Oliver Grünwald / CryptoOnTheWall**
Walserfeldstraße 38
5071 Wals, Austria
**Provider's email address**: team@cryptoonthewall.at

---

### Types of data collected

The Owner does not provide an exhaustive list of Personal Data collected. However, this Application collects the following Personal Data:

- **Contact information**: First name, last name, email address, telephone number, postal address
- **Usage data**: IP address, browser type, pages visited, access time, location data (if activated)
- **Payment details**: credit card information, bank details (for paid services)
- **Device data**: device ID, operating system, browser information

Complete details on each type of Personal Data processed are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection. Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Application.

Unless otherwise specified, all Data requested by this Application is mandatory. Failure to provide such Data may make it impossible for this Application to provide its services to the User. In cases where some Data is expressly stated to be optional, Users are free not to provide such Data without consequences for the availability or functionality of the service.

Users in any doubt about which Personal Data is mandatory can contact the Owner. Any use of Cookies or other tracking tools by this Application or by the owners of third-party services employed by this Application serves the purpose of providing the Service required by the User, in addition to any other purposes described in this privacy policy and in the Cookie Policy.

**Users are responsible for any third-party Personal Data obtained, published or shared through this application.**

---

### Type and location of data processing

#### Processing methods

The Owner processes Users' Personal Data properly and takes appropriate security measures to prevent unauthorized access, disclosure, alteration or destruction of Data. Data processing is carried out using computers or IT-based systems, in accordance with organizational procedures and practices specifically tailored to the purposes indicated.

In addition to the controller, other persons internal to the application (human resources, sales, marketing, legal, system administrators) or externally - appointed as data processors if necessary - may operate this application and thus have access to the data. An up-to-date list of these parties can be requested from the provider at any time.

#### External service providers for data processing

For certain functions, the provider works with external service providers. These service providers only have access to the personal data necessary to perform the respective services.

1. **Payment service provider**
- **American Express, Google Pay, Mastercard, Visa, PayPal**
These providers process payment information for the purpose of secure payment processing. Access to data is only permitted within the scope of the respective transactions.

2. **Marketing and communication services**
- **Klaviyo**
Used for email and marketing automation. Klaviyo may use personal information, such as email addresses and usage data, to analyze and personalize marketing campaigns. Klaviyo's privacy policy governs the processing of this data.

3. **Shop hosting**
- **Shopify**
This platform operates the website and processes personal data necessary for the operation and administration of the online store. Shopify may process usage data and personal information to ensure the functionality of the website and to improve the user experience.

4. **Analysis**
- **Google Analytics**
To analyze website usage and improve user-friendliness.

5. **Hosting service provider**
For storing and managing data.

(*Note*: The complete list of all service providers used as well as their specific data protection guidelines can be requested from the provider at any time.)

---

### Place of data processing

The data will be processed at the provider’s headquarters and at any other locations where the entities involved in the data processing are located.

Personal Data may be transferred to countries outside the European Economic Area (EEA). The Owner ensures that appropriate safeguards are in place, such as standard contractual clauses or other appropriate guarantees to ensure a high level of data protection. Further information on the place of Data processing can be found in the specific sections of this privacy policy.

---

### Storage period

Unless otherwise specified in this privacy policy, personal data will be processed and stored for as long as required for the purposes for which it was collected and may be retained for longer if required to do so by a legal obligation or based on the user’s consent.

- **Contract data**: Will be stored for the duration of the contractual relationship and within the framework of statutory retention periods.
- **Marketing data**: Will be stored until the user objects to the processing or withdraws his consent.
- **Payment data**: Will be retained for the duration of the transaction process and in accordance with tax law requirements.

After the retention period has expired, personal data will be deleted. Therefore, the right to information, the right to erasure, the right to rectification and the right to data portability can no longer be asserted after the retention period has expired.

---

### Cookie Policy

This application uses trackers.

The following types of cookies are used:

- **Necessary cookies**: These are required to ensure the basic functions of the website (e.g. login, shopping cart).
- **Analytical cookies**: To collect usage data to improve the website (e.g. Google Analytics).
- **Marketing cookies**: To display personalized advertising based on users' browsing behavior.

Users are asked to consent to the use of cookies via a cookie banner the first time they visit this application. This consent can be withdrawn at any time via the cookie settings of the application.

---

### Further information for users

#### Legal basis for processing

Users’ personal data is collected for the following purposes:

- **Performance of contracts**
- **Marketing and Advertising**
- **Improvement of the service**
- **Fulfillment of legal obligations**

Users have the right to withdraw their consent at any time. In any case, the provider will be happy to provide information about the specific legal basis for data processing.

---

### The rights of users under the General Data Protection Regulation (GDPR)

Users may exercise certain rights regarding their data:

- **Revocation of consent**
- **Right of objection**
- **Right to information**
- **Right to rectification**
- **Right to restriction of processing**
- **Right to erasure**
- **Right to data portability**
- **Right to lodge a complaint with a supervisory authority**

---

### Further information about the collection and processing of data

#### System logs and maintenance

For operation and maintenance purposes, this Application and any third-party services may collect files that record interaction with this Application (System logs) or use other Personal Data (such as the IP Address) for this purpose.

---

### Changes to this Privacy Policy

The provider reserves the right to make changes to this privacy policy at any time. Changes will be published on this page.

---

Last updated: November 15, 2024