Privacy Policy

Last updated: October 2025

This Privacy Policy explains how HoldTheCotton (“we”, “us”, “our”) collects, uses, and shares your personal data when you visit www.holdthecotton.com (the “Site”) or purchase from us.

1) Controller & Contact

Controller: HoldTheCotton – Boris Pfennig (sole proprietor)
Address: Marktplatz 16, 86558 Hohenwart, Bavaria, Germany
Email: info@holdthecotton.com

If you have questions or requests regarding your personal data, contact us via the email above.

2) Personal data we collect

a) Device information (when you browse the Site)

  • Browser type, IP address, time zone, cookie identifiers, pages or products viewed, referring/exit pages, and how you interact with the Site.

  • Collected via cookies, log files, and similar technologies (pixels/tags).

b) Order information (when you buy or attempt to buy)

  • Name, billing and shipping address, email, phone number, payment information (e.g., last 4 digits/token from the payment provider; we do not store full card numbers), order details.

c) Communication & account (if applicable)

  • Messages you send us (e.g., support emails), your preferences (e.g., newsletter/marketing consent), and account details if you create an account.

3) How we use your data

We process your personal data to:

  • Fulfil orders and provide the service (process payments, arrange production and shipping, provide invoices/order confirmations, handle returns and support).

  • Operate, secure, and improve the Site (analytics, troubleshooting, fraud prevention).

  • Communicate with you (order updates, service messages).

  • [Optional] Marketing: send updates about products/services if you’ve consented (you can opt out any time).

4) Legal bases (EU/EEA)

Where the GDPR applies, we rely on:

  • Contract (Art. 6(1)(b) GDPR): to process and deliver your order.

  • Legitimate interests (Art. 6(1)(f)): to secure our Site, prevent fraud, improve our services.

  • Consent (Art. 6(1)(a)): for cookies/analytics/marketing where required.

  • Legal obligation (Art. 6(1)(c)): to keep necessary records (e.g., tax/accounting).

5) Sharing your data

We share personal data with service providers that help us run our business, for example:

  • Shopify (store platform & hosting). Learn more: zPayment providers (e.g., card processors, PayPal/Apple Pay etc.) to process payments securely.

  • MarketPrint (Fulfillment in Germany) to produce and ship your order and to handle returns on our behalf.

  • [Optional] Analytics/Ads partners (see §6) if you enable these features.

We may also disclose data if required to comply with laws, lawful requests, or to protect our rights.

6) Cookies, analytics & ads

We use cookies to make the Site work, to measure performance, and (if enabled) for marketing.

  • Essential cookies: required for the Site and checkout.

  • [Optional] Analytics (e.g., Google Analytics): to understand traffic and improve the Site. Learn more: https://policies.google.com/privacy

  • [Optional] Advertising/retargeting: only if you enable it and, where required, after consent.

Managing cookies: You can change your browser settings to refuse cookies or use our cookie banner (if implemented). Note that some features may not function without cookies.

Do Not Track: We currently do not alter our data practices when we see a “DNT” signal.

7) International transfers

Your data may be processed outside your country (including outside the EU/EEA). Where required, we use appropriate safeguards (e.g., EU Standard Contractual Clauses) to protect your data.

8) Data retention

We retain order records and necessary information for as long as needed to provide the service and to meet legal, tax, and accounting requirements. We keep other data only as long as necessary for the purposes described above.

9) Your rights (EU/EEA & UK)

Subject to law, you can request:

  • Access to your personal data

  • Correction (rectification)

  • Deletion (erasure)

  • Restriction or objection to certain processing

  • Portability of data you provided to us

  • Withdrawal of consent at any time (where processing is based on consent)

To exercise your rights, contact info@holdthecotton.com. You also have the right to complain to your local data protection authority.

10) Minors

HoldTheCotton products are suitable for all ages. However, in compliance with EU data protection laws, our website and checkout are not intended for children under 16 without parental consent. We do not knowingly collect personal information from minors.

11) Changes

We may update this Privacy Policy from time to time (e.g., to reflect changes in our practices or legal requirements). We will post the new version with an updated “Last updated” date.

12) Contact

Questions or requests about this Policy?
Email: info@holdthecotton.com

Address: HoldTheCotton – Boris Pfennig, Marktplatz 16, 86558 Hohenwart, Bavaria, Germany