Toggle Nav
My Cart
Search
Advanced Search
  • Compare Products
Menu
Account

Privacy Policy

Information about protecting your data

1. General Information

Protecting your personal data is of particular concern to us. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.

This privacy policy informs you about which data is collected when visiting the website https://lavabrum.de and how it is used.

2. Data Controller

Lavabrum Luxurium
Daniel Schulz
Kaubenheim 68
91472 Ipsheim
Germany

E-Mail: info@lavabrum.de

3. Collection and Storage of Personal Data When Visiting the Website

When accessing this website, the following information is automatically collected by the web server:

  • IP address (shortened or anonymized)
  • Date and time of the request
  • Page or file accessed
  • Browser type and version
  • Operating system
  • Referrer URL

This data is used exclusively for the technical provision, security and stability of the website. No merging with other data sources takes place.

Legal Basis: Art. 6 Abs. 1 lit. f DSGVO
Storage Duration: The data is deleted as soon as it is no longer required for the purpose of collection.

4. Hosting

This website is hosted on a virtual server by the following provider:

netcup GmbH
Daimlerstraße 25
76185 Karlsruhe
Germany

A data processing agreement pursuant to Art. 28 GDPR is in place.

Further information on data protection at netcup:
https://www.netcup.de/kontakt/datenschutzerklaerung.php

5. Use of Cloudflare (SSL / Security)

To secure the website and provide an encrypted connection, we use Cloudflare as an SSL and security service provider.

Provider:
Cloudflare, Inc.
101 Townsend St.
San Francisco, CA 94107
USA

Cloudflare acts as a reverse proxy. For technical reasons, IP addresses are processed.

Legal Basis: Art. 6 Abs. 1 lit. f DSGVO
Cloudflare is certified under the EU-U.S. Data Privacy Framework.

Further information:
https://www.cloudflare.com/privacypolicy/

6. Cookies

On https://lavabrum.de only technically necessary cookies are used that are required for the operation of the website, bookings and payment processes.

No tracking for analytical or marketing purposes takes place.

Legal Basis: Art. 6 Abs. 1 lit. f DSGVO

7. Cloudflare Turnstile (Spam Protection)

We use the "Turnstile" service by Cloudflare, Inc. (101 Townsend St, San Francisco, CA 94107, USA) on our contact page to protect against spam and automated access. Turnstile analyses user behaviour based on various characteristics (e.g. mouse movements, time spent) without setting cookies or storing personal data. No visible CAPTCHA is displayed unless automated access is suspected.

The legal basis is Art. 6(1)(f) GDPR (legitimate interest in spam protection). More information: Cloudflare Privacy Policy

8. Booking System

For appointment bookings, a self-developed booking system is used that operates exclusively on our own server.

The following personal data is processed:

  • Name
  • Email address
  • Phone number if applicable
  • Booked service and appointment

Processing is carried out exclusively for the purpose of processing the booking.

Legal Basis: Art. 6 Abs. 1 lit. b DSGVO
Storage Duration: Die Daten werden gelöscht, sobald sie für die Vertragsabwicklung nicht mehr erforderlich sind und keine gesetzlichen Onbewahrungspflichten bestehen.

9. Voucher Sales

When purchasing vouchers, personal data required for ordering, billing and delivery if applicable is processed (e.g. name, email address).

Legal Basis: Art. 6 Abs. 1 lit. b DSGVO
Storage Duration: entsprechend gesetzlicher Onbewahrungsfristen

10. Payment Providers

a) SumUp

When paying via SumUp, the data required for payment processing is transmitted directly to the payment service provider.

Provider:
SumUp Payments Limited
Block 8, Harcourt Centre
Charlotte Way
Dublin 2
Ireland

Legal Basis: Art. 6 Abs. 1 lit. b DSGVO

Further information:
https://sumup.de/datenschutz/

b) Mollie

When paying via Mollie, payment data is transmitted to the payment service provider.

Provider:
Mollie B.V.
Keizersgracht 313
1016 EE Amsterdam
Netherlands

Legal Basis: Art. 6 Abs. 1 lit. b DSGVO

Further information:
https://www.mollie.com/de/privacy

11. Calendar System

A self-hosted calendar system (Nextcloud) is used for managing and displaying available appointments, operating exclusively on our own server.

No calendar data is transmitted to third-party providers. Appointment management is handled entirely on our own infrastructure.

Legal Basis: Art. 6 Abs. 1 lit. f DSGVO

12. Disclosure of Data

Personal data is only disclosed:

  • to technical service providers (hosting, security, payment),
  • insofar as this is necessary for the fulfillment of the contract,
  • or due to statutory obligations.

13. Your Rights

You have the right at any time to:

  • Information (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection (Art. 21 GDPR)

You also have the right to lodge a complaint with a data protection supervisory authority.

14. SSL/TLS Encryption

This website uses SSL/TLS encryption for security reasons.

15. Currency

This privacy policy is current as of January 2026.
It will be updated in case of technical or legal changes.

Copyright © 2013-present Magento, Inc. All rights reserved.