Privacy Policy

Controller responsible for data processing:
DesignGecko GmbH
Stifterstraße 21A
4701 Bad Schallerbach, Austria
Email: info@design-gecko.com

Thank you for visiting LaserPics. The protection of your personal data is important to us. Below you will find detailed information about how we collect, process, and protect your data.

1. Access Data & Hosting

When you visit our website, the web server automatically collects access data (server log files), including the requested URL, your IP address, date and time of the request, amount of data transferred, and the referring URL. This data is used exclusively to ensure stable operation and to improve our service, based on Art. 6(1)(f) GDPR (legitimate interest). Access data is deleted no later than seven days after your visit.

Hosting

Our website is hosted by third-party service providers acting as data processors on our behalf. All data collected on this website is processed on their servers. For questions about our hosting partners, please use the contact details provided above.

2. Data Collection for Contract Processing & Customer Accounts

We collect personal data that you voluntarily provide when placing an order, creating an account, or contacting us (e.g., via contact form or email). Mandatory fields are marked as such, as this data is required to fulfil the contract or process your request in accordance with Art. 6(1)(b) GDPR.

If you create a customer account with your consent under Art. 6(1)(a) GDPR, your data is used to manage that account. You may delete your account at any time by contacting us or using the account settings.

After contract fulfilment, your data will be restricted and deleted upon expiry of applicable statutory retention periods under Art. 6(1)(c) GDPR, unless you consent to further use under Art. 6(1)(a) GDPR.

3. Data Processing for Shipping

Where applicable, we share your data with shipping providers to the extent necessary for delivery of ordered goods, based on Art. 6(1)(b) GDPR.

4. Payment Processing

4.1 Transaction Processing

Depending on your selected payment method, we share the data required for payment processing with our technical service providers, credit institutions, or payment service providers. This serves to fulfil the contract under Art. 6(1)(b) GDPR. Some payment providers collect data directly on their own platforms; in such cases, their respective privacy policies apply.

4.2 Fraud Prevention

We may share additional data with our service providers for fraud prevention and payment process optimisation (e.g., invoicing, disputed payments). This serves our legitimate interest in fraud prevention and efficient payment management under Art. 6(1)(f) GDPR.

5. Cookies & Similar Technologies

5.1 General Information

We use cookies and similar technologies to enable core website functionality (e.g., shopping cart), for web analytics, and for marketing purposes. Cookies are small text files stored on your device.

• Session cookies are deleted when you close your browser.
• Persistent cookies remain on your device and allow us to recognise your browser on subsequent visits.

Technically necessary cookies are used based on Art. 6(1)(f) GDPR (legitimate interest in providing a functional website). Additional cookies require your consent under Art. 6(1)(a) GDPR.

You can manage cookie settings in your browser: Edge | Safari | Chrome | Firefox | Opera

5.2 Consent Management (consentmanager)

We use consentmanager (consentmanager AB, Håltegelvägen 1b, 72348 Västerås, Sweden) to collect, manage, and document your cookie consent as required under Art. 6(1)(c) GDPR in conjunction with Art. 7(1) GDPR. When you submit your cookie preferences, consentmanager processes your IP address, browser information, language, and consent status. This data is stored for up to 2 years.

6. Social Media

We maintain online presences on Facebook and YouTube. When you visit these pages and have given your consent to the respective provider under Art. 6(1)(a) GDPR, your data may be collected for market research and advertising purposes.

• Facebook – operated by Facebook Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland. Data may be transferred to Facebook, Inc., USA. Our cooperation is based on EU Standard Contractual Clauses and a joint controller agreement under Art. 26 GDPR.
• YouTube – operated by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. Data may be transferred to Google LLC, USA, based on EU Standard Contractual Clauses.

7. Your Rights

7.1 Data Subject Rights

Under the GDPR, you have the following rights:

• Right of access (Art. 15) – obtain information about your stored personal data
• Right to rectification (Art. 16) – correct inaccurate or incomplete data
• Right to erasure (Art. 17) – request deletion of your data, unless processing is required for legal obligations, public interest, or legal claims
• Right to restriction (Art. 18) – restrict processing under certain conditions
• Right to data portability (Art. 20) – receive your data in a structured, machine-readable format
• Right to lodge a complaint (Art. 77) – file a complaint with a supervisory authority

7.2 Right to Object

7.3 Contact

For any questions regarding data protection, or to exercise your rights, please contact us at:
info@design-gecko.com

Applicable Law & Jurisdiction

Austrian law applies exclusively to all legal relationships with DesignGecko GmbH.
Place of jurisdiction: Austria.