Privacy

We take the protection of your personal data seriously. This Privacy Policy explains what personal data we process when you use this website and our services, for which purposes, on which legal bases, how long we keep the data, and what rights you have under the GDPR. Where German e-commerce and telecom rules apply, we also consider the relevant requirements for cookies and similar technologies.

The controller within the meaning of the GDPR is:
Möbel Lippold MC GmbH / MACE HERITAGE
Frankfurter Straße 123
63303 Dreieich, Germany
Phone: +49 152 0256 0286
Email: mc@moebel-lippold.com

“Personal data” means any information relating to an identified or identifiable natural person. We process personal data in particular on the basis of Art. 6(1)(b) GDPR (contract / pre-contractual steps), Art. 6(1)(c) GDPR (legal obligation), Art. 6(1)(f) GDPR (legitimate interests), and Art. 6(1)(a) GDPR (consent). Where we store or access information on your device (e.g., cookies), additional rules apply; in Germany, this is primarily governed by § 25 TTDSG.

 

When you visit our website, your browser automatically transmits data that may be stored in server log files. This may include the requested page/URL, date and time, IP address, referrer URL, browser type/version, operating system, transmitted data volume and requesting provider. We process this data to ensure technical operation, prevent misuse and attacks, and troubleshoot errors. Legal basis is Art. 6(1)(f) GDPR (legitimate interest). Log data is retained only as long as necessary and then deleted or anonymised unless legal retention obligations apply.

If you contact us, we process the data you provide (e.g., name, email address, phone number, message content and, if applicable, order references) to respond to your enquiry. Legal basis is Art. 6(1)(b) GDPR if the enquiry relates to a contract or pre-contractual steps; otherwise Art. 6(1)(f) GDPR (legitimate interest in efficient communication). Data is deleted once the enquiry is fully handled unless statutory retention obligations apply.

If you contact us via WhatsApp, we process your phone number, name (if displayed) and the communication content. WhatsApp is part of the Meta group; international transfers (e.g., to the USA) cannot be ruled out. We process this data to handle your enquiry (Art. 6(1)(b) GDPR) or based on our legitimate interest in customer-friendly communication (Art. 6(1)(f) GDPR). If you prefer, you can contact us by email instead. Please avoid sending sensitive information via WhatsApp.

When you create a customer account or place an order, we process data necessary for contract fulfilment such as name, billing and delivery address, email address, phone number (where required for delivery coordination), order details, payment status and shipping information. Legal basis is Art. 6(1)(b) GDPR. Where statutory retention obligations apply (e.g., accounting and tax rules), processing is also based on Art. 6(1)(c) GDPR.

We share personal data with service providers only where necessary to fulfil the contract or operate the website. This may include hosting and IT providers, payment service providers, shipping and logistics partners, and (where used) review and trust services. Providers act either as processors under Art. 28 GDPR or as separate controllers (for example, certain payment providers), depending on their role.

If you choose a payment method, we transmit the information necessary for payment processing to the selected payment provider (e.g., name, address, order amount, and transaction data). Some payment providers may perform risk checks or credit assessments and may involve credit bureaus; in such cases, the payment provider acts as a separate controller. Legal basis is Art. 6(1)(b) GDPR (contract) and Art. 6(1)(f) GDPR (prevention of payment default). The privacy information of the respective payment provider applies and is made available during checkout.

For delivery, we share the data required for shipment with the chosen carrier or freight partner (typically name, delivery address, and where required, email address and/or phone number for delivery coordination and tracking information). Legal basis is Art. 6(1)(b) GDPR (contract). If you request optional shipment notifications by email, this may be based on Art. 6(1)(b) GDPR or, where configured as optional, on consent (Art. 6(1)(a) GDPR).

 

We use cookies and similar technologies. Strictly necessary cookies may be used to provide essential site functions and security. Non-essential cookies (for example analytics or marketing) are used only if you consent via our cookie banner. You can change or withdraw your consent at any time with effect for the future via the cookie settings.

Consent management may store and process your consent status, timestamps and technical information required to record and enforce your choices. Legal bases are Art. 6(1)(c) GDPR (where required to document consent) and Art. 6(1)(f) GDPR (legitimate interest in compliant consent management), as applicable, and for device access the relevant cookie rules (Germany: § 25 TTDSG where applicable).

If enabled and you have consented, we use Google Analytics to analyse how visitors use our website and to improve performance and user experience. This may involve online identifiers (cookie IDs), device information, page views, interactions and approximate location data. International transfers (e.g., to the USA) cannot be ruled out depending on configuration. Legal basis is consent (Art. 6(1)(a) GDPR and, where applicable, the relevant cookie/device access rules).

We may use Google Tag Manager to manage website tags. Tag Manager itself is primarily used for administration and does not necessarily create user profiles on its own; however, it may process technical information (such as IP address) as part of its operation and can be used to load other tools. If Tag Manager is used to load analytics or marketing tags, those tags are activated only based on your consent where required.

If a live chat feature is enabled, we process the data you enter and technical data required to provide the chat. Depending on the setup, the legal basis is your consent (Art. 6(1)(a) GDPR) or, where the chat is used to handle a contract-related request, Art. 6(1)(b) GDPR.

If you submit reviews or ratings, we process the data you provide (such as name or nickname, email address for verification, and review content). The legal basis is consent (Art. 6(1)(a) GDPR) or our legitimate interest in transparent customer feedback (Art. 6(1)(f) GDPR), depending on the specific implementation.

After a purchase, we may invite you to leave a review using third-party rating platforms where configured (for example Händlerbund “Käufersiegel” or Shopauskunft). You can object to such invitations at any time where legally applicable. If a trust widget is used (for example Trustami), it may load aggregated reviews and process technical access data (such as IP address and log data) to display the widget. Legal basis is Art. 6(1)(f) GDPR (legitimate interest in reputation and trust marketing) unless consent is required by the specific technical setup.

We may use your postal address to send information about our products and services by mail where legally permitted. Legal basis is Art. 6(1)(f) GDPR (legitimate interest in direct marketing). You can object at any time and we will stop processing your address for this purpose.

We send newsletters only if you have expressly consented. We process your email address (and any optional information you provide) to send the newsletter. Legal basis is consent (Art. 6(1)(a) GDPR). You can unsubscribe at any time via the unsubscribe link in the newsletter or by contacting us.

If we use privacy-friendly sharing buttons (for example via solutions that only transmit data after you click), data is typically transferred to the respective platform only when you actively use the function. Please note that social media platforms process data as separate controllers under their own policies.

If we embed maps or external content, the respective provider may process technical data (such as your IP address) to display the content. Where cookies or similar technologies are used for such embedding, we use the integration only with your consent where required. Legal basis is consent (Art. 6(1)(a) GDPR) or legitimate interest (Art. 6(1)(f) GDPR) depending on the integration and legal requirements.

 

We keep personal data only as long as necessary for the purpose of processing. Contract and invoice data is retained for the duration of statutory retention periods under accounting and tax laws. After these periods expire, data is deleted unless a further legal basis applies. Enquiry data is typically deleted after completion, unless statutory retention obligations apply.

You have the right to access (Art. 15 GDPR), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), and to object (Art. 21). Where processing is based on consent, you can withdraw your consent at any time with effect for the future (Art. 7(3) GDPR).

If we process your personal data based on legitimate interests (Art. 6(1)(f) GDPR), you may object at any time for reasons arising from your particular situation. If you object to processing for direct marketing, we will stop processing your data for that purpose immediately.

Last update: May 2025. We update this Privacy Policy when our tools, processes or legal requirements change.