PRIVACY POLICY

E-Commerce Shop

Last Updated: December 2025
Effective Date: 08.12.2025

1. INTRODUCTION

Lunina ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and otherwise process personal data in connection with our website and services.

This policy applies to all visitors and customers of our website and complies with the General Data Protection Regulation (GDPR), the ePrivacy Directive, and other applicable data protection laws in the European Union and beyond.

2. DATA CONTROLLER & CONTACT INFORMATION

Data Controller:
Lunina
Am Birnstiel 10
Jena, 07745
Germany

Contact Details:
Email: emsupply.shop@gmail.com
Phone: +49 152 5191 0809
Website: www.lunina.store

3. DATA WE COLLECT

3.1 Information You Provide Directly

• Account Information: First name, last name, E-Mail address, password, phone number, date of birth

• Address Information: Billing address, shipping address, postal code

• Payment Information: Payment method details (processed securely by third-party providers, not stored on our servers)

• Communication Data: Messages, customer inquiries, customer service interactions, feedback

• Profile Data: Preferences, wishlist items, reviews, product ratings

• Survey Data: Responses to surveys and feedback forms

3.2 Information Collected Automatically

• Technical Data: IP address, browser type and version, device type, OS, device ID

• Usage Data: Pages visited, products viewed, search queries, clicks, scrolls, time spent

• Cookie Data: Information from cookies and tracking technology

• Location Data: General IP-based location

• Analytics Data: Traffic sources, referral information, conversion data

3.3 Information from Third Parties

Examples include:

• Payment processors

• Shipping providers

• Social media integrations

• Marketing partners

• Business partners

4. LEGAL BASIS FOR PROCESSING (GDPR)

Includes:

• Contract performance
• Legal obligation
• Legitimate interest
• Consent
• Public interest

5. HOW WE USE YOUR DATA

Includes:

• Order processing and essential services

• Compliance and legal obligations

• Marketing (with consent)

• Analytics and improvement

• Personalization

• Business development

6. COOKIES & TRACKING TECHNOLOGIES

6.1 What Are Cookies?

6.2 Types of Cookies

• Essential

• Analytics

• Marketing

• Preference

• Functional

6.3 Third-Party Cookies

Examples include:

• Google Analytics

• Meta / Facebook Pixel

• PayPal / Stripe

• Shipping providers

• Email service providers

6.4 Cookie Management

Instructions for browser settings and consent banner.

Cookie consent is managed via a consent tool with revocation option at any time. Newsletter sending uses double opt-in.

7. DATA SHARING & RECIPIENTS

Shared only with:

• Service providers (payment, logistics, email, hosting, analytics)

• Legal/regulatory authorities

• Business transfers (mergers, acquisitions)

Never sold or rented.

Payment providers like PayPal, Stripe, or Klarna process your data according to their own privacy policies, which are linked in the checkout process.

8. DATA RETENTION

Examples:

• Account data: duration of account + 3 years

• Orders: 7 years (legal requirement)

• Payment: not stored

• Marketing subscription: until unsubscribed

• Cookies: 1–24 months

• Analytics: 26 months

• Support messages: 2 years

Deletion requests processed within 30 days.

9. YOUR RIGHTS UNDER GDPR

Includes rights to:

• Access

• Rectification

• Erasure

• Restrict processing

• Portability

• Object

• Withdraw consent

• File complaints

Contact for requests:
emsupply.shop@gmail.com

10. DATA SECURITY

Measures include:

• HTTPS encryption

• Secure storage

• Password hashing

• Access control

• Logging

• Firewalls and intrusion detection

• Staff training

• Vendor security management

Payment Security

• PCI-DSS compliant processors

• No storage of card data

• Tokenization

Data Breaches

Notifications within 72 hours.
Report issues to: emsupply.shop@gmail.com
Phone: +49 152 5191 0809

Our website is hosted on servers in Germany/EU. An order processing agreement exists with the hosting provider.

11. CHILDREN'S PRIVACY

No data collected from children under 13.
Deletion if discovered.

12. THIRD-PARTY LINKS & SERVICES

Not responsible for external privacy practices.

13. INTERNATIONAL DATA TRANSFERS

Transfers may occur to:

• United States

• United Kingdom

• Other regions where providers operate

Safeguards include:

• Standard Contractual Clauses

• DPAs

• Adequacy decisions

• Consent where needet

Data transfers occur only with required safeguards or explicit consent (Art. 49 GDPR).

14. MARKETING COMMUNICATION

Emails

Requires opt-in.
Unsubscribing anytime.

Transactional Emails

Order, payment, and security notifications always sent.

SMS & Push

Only if opted in.

15. COOKIE & PERSONALIZATION PREFERENCES

Includes cookie preference center and account settings.

16. ADDITIONAL RIGHTS FOR CERTAIN REGIONS

California (CCPA)

Right to know, delete, opt-out, non-discrimination, correction.
Requests: emsupply.shop@gmail.com

Other US States

Similar rights where applicable.

UK GDPR

Equivalent protections.

17. POLICY UPDATES

Material changes announced via email or website notice.
Version: 1.0 (December 2025)

18. CONTACT US

General Inquiries

Email: emsupply.shop@gmail.com
Phone: +49 152 5191 0809
Address:
Lunina
Am Birnstiel 10
Jena, 07745
Germany

Data Protection Requests

Email: emsupply.shop@gmail.com
Subject: "Data Protection Request – Lunina"

Report a Data Breach

Email: emsupply.shop@gmail.com (mark as "URGENT")
Phone: +49 152 5191 0809

END OF PRIVACY POLICY

Document Info:

• Effective Date: 08.12.2025

• Last Updated: December 2025

• Version: 1.0

• Language: English

• Compliance: GDPR, CCPA, UK GDPR, ePrivacy Directive