This Privacy Policy explains how HAUS.JACOB (hereinafter 'we', 'us', or 'our') collects, uses, discloses, and protects your personal data when you visit or make a purchase from https://hausjacob.com (the 'Site'). It is drafted in accordance with the General Data Protection Regulation (EU) 2016/679 ('GDPR') and the German Federal Data Protection Act (BDSG).
HAUS.JACOB GmbH
Wolfratshauser Str. 52
81379 Munich
Germany
Email: support@hausjacob.com
SituationData categoriesBrowsing the SiteIP address, device/browser information, date/time, referring URL, pages viewed (server log files)Cookies & similar technologiesUnique cookie ID, consent status, usage patternsContact / enquiry formName, email, phone (optional), message contentAccount creation (if offered)Login credentials, profile informationOrdersBilling & delivery address, ordered products, payment method, transaction IDNewsletter signupEmail address, consent timestampPayment processingTokenised payment information – actual card/PayPal data is handled solely by the payment providerSocial media & embedsPublic profile information if you interact with our social channels
PurposeLegal basisDisplay the Site and ensure stability & securityArt. 6 (1)(f) – legitimate interestStore preferences / enable webshop functionsArt. 6 (1)(b) – performance of a contract; Art. 6 (1)(a) – consent (non‑essential cookies)Respond to enquiriesArt. 6 (1)(b) or (f)Fulfil orders, process payments & shipmentsArt. 6 (1)(b)Send marketing newslettersArt. 6 (1)(a) – consentComply with legal obligations (tax, accounting)Art. 6 (1)(c)
We share personal data with third parties only when necessary:
Hosting provider: GoDaddy Operating Company, LLC, (EU‑based servers)
Email & CRM: Google Workspace (Google Ireland Ltd. → Google LLC USA via SCC/EU-US DPF)
Payment providers: PayPal (Europe) S.à r.l. (Luxembourg)
Shipping partners: DHL Paket GmbH, UPS Europe
Analytics & marketing: Google Ireland Ltd., Meta Platforms Ireland Ltd. – data may be transferred to the USA under the EU‑US Data Privacy Framework or SCCs (Art. 46 GDPR)
Processors are bound by contracts pursuant to Art. 28 GDPR.
Where data is transferred outside the European Economic Area, we rely on:
An adequacy decision (e.g. UK, EU‑US DPF), or
EU Standard Contractual Clauses plus supplementary measures.
We store personal data only as long as required:
Server logs: 14 days
Order data: 10 years (tax law)
Contact enquiries: 12 months
Newsletter consent proof: until withdrawal + 3 years (statute of limitation)
Under the GDPR you have the right to:
Access your data (Art. 15)
Rectify inaccurate data (Art. 16)
Erasure ('right to be forgotten', Art. 17)
Restrict processing (Art. 18)
Data portability (Art. 20)
Object to processing based on legitimate interests or direct marketing (Art. 21)
Withdraw consent at any time (Art. 7 (3))
Please contact us via privacy@haus-jacob.com to exercise these rights.
You also have the right to lodge a complaint with a supervisory authority, e.g. the Bavarian Data Protection Authority (BayLDA).
We implement technical and organisational measures (TOMs) such as HTTPS/TLS encryption, pseudonymisation, access controls, regular backups and staff training to protect your data.
No automated decision‑making or profiling that produces legal effects takes place on this Site.
We may update this Privacy Policy to reflect legal, technical or business changes. The 'Last updated' date will be revised accordingly. Significant changes will be communicated via banner or email where appropriate.
Last updated: June 2025