1. Introduction
This Privacy Policy describes how Silkfloat, operated by oneVest Developments GmbH (“we”, “us”, or “our”), collects, uses, stores, and protects personal data when you access or make a purchase from www.silkfloat.com.
We are committed to processing personal data in strict accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the German Federal Data Protection Act (BDSG), and relevant international privacy standards.
2. Data Controller
The data controller responsible for your personal data is:
Company: oneVest Developments GmbH
Address: Große Bleichen 35, 20354 Hamburg
Phone: +49 40 35713220
Email: camisoles@silkfloat.com
HRB: Amtsgericht Hamburg HRB 80057
3. Personal Data We Collect
We collect only the minimum necessary information required to provide our services and ensure transaction security:
3.1 Information Provided by You: Full name, billing address, shipping address, email address, telephone number, and specific order details.
3.2 Automatically Collected Data: IP address, device identifiers, browser type, and interaction data (strictly for security monitoring and site optimization).
3.3 Payment Information: All payment transactions are processed securely through Stripe. We implement industry-standard encryption and do not store or have access to your full credit card numbers or CVV codes on our servers.
4. Legal Basis for Processing
We process personal data under the following legal frameworks:
Contractual Necessity: To execute and deliver your purchase.
Legal Compliance: To meet statutory accounting and tax obligations.
Legitimate Interests: Specifically for fraud prevention, identity verification, and the security of our payment environment.
Consent: Where you have explicitly opted-in for marketing communications.
5. Purpose of Data Processing
Your data is used exclusively for:
Processing, authenticating, and fulfilling orders.
Preventing fraudulent transactions and unauthorised account access.
Managing customer support inquiries.
Ensuring compliance with international trade and tax regulations.
Improving website security and functional performance.
6. Data Sharing and Third Parties
We only share data with essential service providers who adhere to strict data processing agreements:
Payment Processors: Specifically Stripe, to ensure secure and compliant payment execution.
Logistics Partners: Professional carriers for the direct delivery of goods.
Technical Infrastructure: Secure hosting and IT security providers within the EEA or adequacy-approved jurisdictions.
Legal Authorities: Only when mandated by enforceable legal orders or for the purposes of dispute resolution and fraud mitigation.
7. International Data Transfers
When data is transferred outside the European Economic Area (EEA), we ensure a high level of protection through:
Standard Contractual Clauses (SCCs) approved by the European Commission.
Utilising providers in jurisdictions with officially recognised adequacy status.
8. Data Retention
We adhere to the storage limitation principle. Data is retained only as long as required by law:
Transaction Records: Retained for 10 years to comply with German commercial and tax law (Handelsgesetzbuch/HGB, Abgabenordnung/AO).
Customer Accounts: Retained for the duration of the active relationship and up to 3 years post-inactivity.
Security Logs: Retained for 12 months to investigate potential security incidents or unauthorised activities.
9. Your Rights
Under the GDPR, you have the right to access, rectify, or erase your data, and the right to object to or restrict certain processing activities. To exercise these rights or to withdraw consent, please contact camisoles@silkfloat.com. You also have the right to lodge a complaint with the Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit.
10. Data Security
We employ robust technical and organisational measures (TOMs), including TLS/SSL encryption and restricted access protocols, to protect your data against loss, theft, or unauthorised use. Our security framework is regularly audited to maintain compliance with payment industry safety standards.
11. Cookies and Tracking
We use cookies primarily for essential site functionality and security (e.g., maintaining your shopping cart and preventing CSRF attacks). Non-essential analytical cookies are only deployed with your prior consent.
12. Changes and Contact
We may update this policy to reflect changes in regulatory requirements.
Company: oneVest Developments GmbH
Address: Große Bleichen 35, 20354 Hamburg
Phone: +49 40 35713220
Email: camisoles@silkfloat.com
HRB: Amtsgericht Hamburg HRB 80057