Privacy Policy

1. Data Controller

The data controller within the meaning of the General Data Protection Regulation (GDPR) is:

4 Kings GmbH
Osterstr. 33
31134 Hildesheim
Email: kontakt@nordpaneele.de
Phone: +49 176 28367959

2. Collection and Processing of Personal Data

We collect personal data when you voluntarily provide it to us in the context of an order, inquiry, or sample request. This includes in particular:

• Name and address
• Email address
• Phone number
• Payment information (processed by Mollie)
• Order history

The legal basis for processing is Art. 6(1)(b) GDPR (performance of a contract) and Art. 6(1)(f) GDPR (legitimate interest in responding to inquiries).

3. Cookies

Our website uses cookies. These are small text files stored on your device. Some cookies are technically necessary (e.g., shopping cart session), while others help us improve the user experience (analytics cookies).

Technically necessary cookies are set on the basis of Art. 6(1)(f) GDPR. We only set analytics cookies with your explicit consent pursuant to Art. 6(1)(a) GDPR. You may revoke your consent at any time.

4. Payment Service Provider (Mollie)

We use the service of Mollie B.V., Keizersgracht 126, 1015 CW Amsterdam, Netherlands, for processing payments. Your payment data (e.g., credit card number) is transmitted directly to Mollie and is not stored by us. Mollie is PCI DSS Level 1 certified. As Mollie is based in the EU, processing takes place within the scope of the GDPR. The legal basis is Art. 6(1)(b) GDPR.

Mollie's Privacy Policy: https://www.mollie.com/de/legal/privacy

5. Email Delivery (Resend)

We use the service Resend, Inc. for sending transactional emails (order confirmations, shipping notifications). Your email address is transmitted to Resend insofar as this is necessary for sending the messages. The legal basis is Art. 6(1)(b) GDPR.

6. Hosting (Hetzner)

Our website is hosted by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. Hetzner processes access data (IP address, time of access, pages visited) in server log files on our behalf. Processing is based on Art. 6(1)(f) GDPR. The servers are located exclusively in Germany.

7. Web Analytics with Google Analytics 4

Where you have given your consent, we use Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses cookies and similar technologies to analyse how our website is used (e.g. pages visited, time spent, approximate location based on your truncated IP address). This information is generally transmitted to and stored on Google servers; a transfer to the USA may occur. The legal basis is your consent pursuant to Art. 6(1)(a) GDPR, which you may withdraw at any time with effect for the future via our cookie settings.

8. Meta Pixel and Conversions API

Where you have given your consent, we use the Meta Pixel and the Conversions API provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. These allow us to measure the effectiveness of our advertising and to show you interest-based ads on Meta platforms (e.g. Facebook and Instagram). In addition to the client-side pixel, we also transmit selected event data (e.g. page views and purchases) to Meta server-side via the Conversions API. This processes data such as your truncated or hashed IP address, your hashed email address and information about the content you viewed. A transfer to the USA may occur. The legal basis is your consent pursuant to Art. 6(1)(a) GDPR.

9. Microsoft Clarity

Where you have given your consent, we use Microsoft Clarity, an analytics service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA. Clarity helps us better understand and improve the use of our website through the pseudonymised recording of session activity (e.g. mouse movements, clicks and scrolling) and through heatmaps. Entries into form fields are masked by default. A transfer to the USA may occur. The legal basis is your consent pursuant to Art. 6(1)(a) GDPR.

10. Trusted Shops

Our website includes the Trusted Shops trust element (Trustbadge) of Trusted Shops AG, Subbelrather Str. 15C, 50823 Cologne, Germany, to display our trust mark and any customer reviews and to offer buyers Trusted Shops Buyer Protection. When the Trustbadge loads, Trusted Shops processes your IP address and technical browser information. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in a secure and trustworthy presentation of our offering).

11. Address Autocomplete (Google Places)

During the order process we offer address autocomplete based on the Google Places API of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. As soon as you start typing in the address field, your input is transmitted to Google in order to show you matching address suggestions. This makes data entry easier and reduces errors. A transfer to the USA may occur. The legal basis is Art. 6(1)(b) GDPR (taking steps prior to entering into a contract) as well as our legitimate interest in an error-free order process (Art. 6(1)(f) GDPR).

12. Data Subject Rights

You have the following rights with regard to your personal data:

• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object (Art. 21 GDPR)

You also have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data.

13. Currency and Amendments

This privacy policy is currently valid. Due to the further development of our website or changes in legal requirements, it may become necessary to amend this privacy policy. The current version can be accessed at any time on this page.

Last updated: May 21, 2026