At REICH, we are committed to protecting your privacy and ensuring the security of your personal data. This Personal Data Protection Policy explains how we collect, use, store, and safeguard the personal data you provide when using our website and services. It also outlines your rights regarding your data and how you can exercise them.

  1. Data Controller
    The data controller responsible for your personal data is REICH, and the contact email is: [email protected]
  2. Who is this Privacy Policy addressed to?
    This Privacy Policy is intended for our customers, potential customers, their legal representatives, guardians, or curators; as well as users who visit our website or applications, and anyone who has had any contact with us.
  3. Regulatory Framework
    We understand how important it is to use your personal information appropriately. Therefore, we take the protection of your personal information very seriously. We will use your personal data strictly in compliance with the German Data Protection Act (DSG) and the Digital Services Act (DDG). Additionally, you may browse our website without providing any personal or sensitive information.

For this reason, this privacy policy complies with the provisions of the German data protection legislation and the requirements of the European General Data Protection Regulation (GDPR).

Accordingly, we have implemented the required technical and legal measures to ensure the security and protection of the information you provide to us.

  1. What data do we collect?
    We collect the following types of personal data, depending on the nature of your interaction with us:
  • Identification data: Name, surname, email address, phone number.
  • Browsing data: IP address, information about the device and browser, cookies, and interaction data related to the website.
  • Transaction data: Information related to purchases and contracted services (e.g., products purchased, payment information, etc.).
  • Usage data: Information about how you use our website, products, and services.
  1. Accuracy of Personal Data
    The data subject who provides their personal data and accepts this Privacy Policy guarantees that the data provided is true, complete, and up to date. The individual is responsible for any damage or harm, direct or indirect, that may arise as a result of non-compliance with this obligation.
  2. How do we collect your data?
    We collect your data in the following ways:
  • Directly: When you provide your information through contact forms, registrations, purchases, or subscriptions.
  • Indirectly: Through cookies and tracking technologies as you browse our website.
  1. For what purposes do we use your personal data?
    We use your personal data for the following purposes:
  • Service management: To process your request, complete purchases, provide support, and send relevant information about our products and services.
  • Enhancing user experience: To personalize and optimize our website content according to your preferences and needs.
  • Marketing and communications: To send you commercial communications, newsletters, and product updates, provided that you have given your consent.
  • Compliance with the law: To meet our legal obligations, such as compliance with tax regulations and data protection laws.
  • Fraud prevention: To detect and prevent fraud or abuse in our services.
  1. What is the legal basis for processing your data?
    In accordance with the General Data Protection Regulation (GDPR), we process your personal data on the following legal bases:
  • Consent: When you provide personal data for a specific purpose, such as subscribing to a newsletter or registering for our services.
  • Contract: For the management and execution of contracts for products and services you acquire from us.
  • Legitimate interest: For data analysis aimed at improving website functionality and security, as well as fraud prevention.
  • Legal obligation: To comply with applicable laws, such as tax regulations.

9. Who can your data be shared with?
Your personal data will not be sold or rented to third parties. However, we may share your data with the following types of third parties under certain circumstances:

  • Service providers: Companies that help us perform essential functions, such as payment processors, cloud storage services, and data analytics.
  • Authorities and government agencies: When necessary to fulfill our legal obligations, such as in response to judicial or tax-related requests.
  • Other companies within the REICH group: For internal administrative and operational purposes.

Accordingly, REICH may share the acquired data with the aforementioned third parties in compliance with Article 6 (1) (b), (c), or (f) of the GDPR.

10. How do we protect personal data?
At REICH, we constantly strive to provide you with the best service and are committed to continuously implementing new processes to strengthen data protection. Therefore, we have established the following security measures:

  • We adopt appropriate security measures to protect your personal information from unauthorized access, alteration, loss, or destruction, following the standards set by the GDPR and applicable German legislation.
  • Our personnel with access to your personal data are subject to confidentiality obligations and the requirements established by data protection regulations.
  • Third parties with access to your information are also bound by confidentiality obligations.
  • We notify any security incidents and take the corresponding corrective measures.

11. How long do we retain your data?
We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, as well as to comply with our legal obligations. Once these purposes are fulfilled, we will delete or anonymize your data.

12. Consequences of providing your personal data
If you choose not to provide the mandatory personal data required for the stated purposes, please note that we may not be able to adequately provide the service or product you requested, nor apply security measures appropriately.

13. Your Rights Regarding Your Personal Data
You have the following rights regarding your personal data, which you may exercise at any time:

  • Right of access: You may request information about the personal data we hold about you (Article 15 of the GDPR).
  • Right to rectification: You may request that we correct any inaccurate or incomplete personal data (Article 16 of the GDPR).
  • Right to erasure: You may request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected (Article 17 of the GDPR).
  • Right to data portability: You may request that your data be transferred to another provider in a structured and commonly used format (Article 20 of the GDPR).
  • Right to object: You may object to the processing of your personal data for direct marketing purposes (Article 21 of the GDPR).
  • Right to restriction of processing: You may request that we restrict the use of your data under certain circumstances (Article 18 of the GDPR).

If you wish to exercise any of these rights, please contact us at [email protected] with the subject line “Exercise of GDPR rights,” clearly indicating which right you wish to exercise and attaching a copy of your identification document or any valid form of ID.
We will respond to your request within a maximum of 30 days, extendable by an additional 60 days in complex cases, in accordance with Article 12.3 of the GDPR.

In addition to the aforementioned rights, you also have the right to lodge a complaint with the competent supervisory authority if you believe that the processing of your personal data violates the GDPR (Article 77 of the GDPR).

14. International Data Transfers
If your information is transferred outside the European Union, we will ensure that appropriate safeguards are in place to protect your data, such as the use of standard contractual clauses approved by the European Commission.
Despite careful selection and the commitment of service providers, the high European level of data protection cannot necessarily be guaranteed in these countries. If data is transferred to the U.S., for example, there is a risk that U.S. authorities may process it for surveillance and monitoring purposes without effective legal remedies or enforceable rights for data subjects.

If we use service providers in third countries, we take additional measures in accordance with Articles 44 and following of the GDPR to ensure an adequate level of data protection when transferring personal data, thereby ensuring that the transfer is generally permissible and that the specific requirements for transfer to a third country are met.

REICH, as the controller of the website, in accordance with Regulation (EU) 2016/679 of April 27, 2016 (GDPR) concerning the protection of natural persons regarding the processing of personal data and the free movement of such data, and in compliance with other applicable personal data protection regulations, and with Law 34/2002 of July 11 on Information Society Services and Electronic Commerce (LSSICE), informs you that it has implemented the appropriate security measures.

In this regard, the following principles apply, aligned with the European data protection regulation:

  • Lawfulness, fairness, and transparency: We will always request your consent before processing your personal data.
  • Data minimization: We will only request the data necessary for the purposes for which we collect it.
  • Storage limitation: Data will be retained no longer than necessary for the stated purpose.
  • Integrity and confidentiality: Your data will be processed ensuring adequate security and confidentiality.

15. Privacy for Minors
To use the website, users must be over 18 years old. Therefore, we do not collect information from minors.
If you are a minor, please do not provide us with personal data without the consent of your parents or legal guardians. If we detect that we have collected information from a minor without such consent, we will delete it immediately.

16. Data Processing Responsibility
The owner of this website, as the controller of the personal data it collects and manages, declares that it adopts appropriate technical and organizational measures to ensure that such processing is carried out in accordance with the General Data Protection Regulation (Regulation (EU) 2016/679). These measures are applied considering the nature, scope, context, and purposes of the processing, as well as the potential risks to the rights and freedoms of data subjects.

17. Record of Processing Activities
REICH maintains an up-to-date record of personal data processing activities in accordance with Article 30 of the GDPR.

18. Contact
If you have any questions or concerns regarding this policy or the processing of your personal data, you can contact us at [email protected]

19. Amendments to this Policy
We reserve the right to update or modify this Personal Data Protection Policy at any time. We will notify you of any changes via a notice on our website or through other appropriate means.

Last updated: July 10, 2025