Privacy Policy

1. Data Controller

The Data Controller is Kymply GmbH, with registered office at Maximilianstraße 45, 80539 Munich, Germany, VAT DE 287 459 163, Share Capital €25,000.

For any information regarding the processing of personal data, you can contact the Data Controller:

• Email: info@kymply.com
• Address: Maximilianstraße 45, 80539 Munich, Germany

2. Types of Data Collected

Kymply GmbH collects the following categories of personal data:

• Navigation data: IP addresses, browser type, operating system, pages visited
• Voluntarily provided data: name, surname, email, address, phone number
• Payment data: necessary to process orders (handled by secure external providers)
• Cookies and similar technologies: to improve the browsing experience

3. Purposes of Processing

Personal data is processed for the following purposes:

• Order and shipping management
• Customer service and complaint handling
• Tax and accounting compliance
• Sending commercial communications (with prior consent)
• Statistical analysis and service improvement
• Fraud prevention and site security

4. Legal Basis for Processing

Data processing is based on:

• Contract: for the execution of requested orders and services
• Legal obligation: for tax and regulatory compliance
• Consent: for sending marketing communications
• Legitimate interest: for security and fraud prevention

5. Processing Methods

Data processing is carried out using IT and telematic tools, with organizational and logical methods strictly related to the indicated purposes. Data is protected by technical and organizational security measures adequate to guarantee a level of security appropriate to the risk.

6. Data Communication and Disclosure

Personal data may be communicated to:

• Couriers and shippers for product delivery
• Banking and payment institutions for transactions
• Tax consultants and accountants for legal compliance
• Competent authorities for legal obligations
• IT and hosting service providers

Data will not be disclosed or sold to third parties for marketing purposes without explicit consent.

7. Extra-EU Data Transfer

Some services used (such as cloud services) may involve the transfer of data outside the European Union. In such cases, we ensure that providers guarantee adequate protection measures compliant with GDPR.

8. Retention Period

Personal data will be kept for:

• Order data: 10 years for tax obligations
• Marketing data: until consent is withdrawn
• Navigation data: maximum 12 months
• Technical cookies: session duration
• Analytics cookies: maximum 14 months

9. Data Subject Rights

Pursuant to EU Regulation 2016/679 (GDPR), the data subject has the right to:

• Access: obtain confirmation and information about processing
• Rectification: correct inaccurate or incomplete data
• Erasure: request data deletion ("right to be forgotten")
• Restriction: restrict processing in certain circumstances
• Portability: receive data in a structured format
• Objection: object to processing for legitimate reasons
• Withdraw consent: withdraw consent at any time

To exercise these rights, contact the Data Controller at info@kymply.com.

10. Cookie Policy

The site uses technical cookies necessary for functioning and analytics cookies to improve the user experience. For more information, consult our Cookie Policy.

11. Minors

The services of Kymply GmbH are not intended for minors under 18 years of age. We do not knowingly collect personal data from minors without parental consent.

12. Privacy Policy Changes

The Data Controller reserves the right to modify this Privacy Policy at any time. Changes will be published on this page with an indication of the update date.

13. Complaints

The data subject has the right to lodge a complaint with the Federal Commissioner for Data Protection and Freedom of Information (BfDI - www.bfdi.bund.de) if they believe that the processing violates GDPR.