Privacy Policy

1. Data Controller

The data controller within the meaning of the General Data Protection Regulation (GDPR) is:

4 Kings GmbH
Osterstr. 33
31134 Hildesheim
Email: kontakt@nordpaneele.de
Phone: +49 (0) 5121 123456

2. Collection and Processing of Personal Data

We collect personal data when you voluntarily provide it to us in the context of an order, inquiry, or sample request. This includes in particular:

• Name and address
• Email address
• Phone number
• Payment information (processed by Stripe)
• Order history

The legal basis for processing is Art. 6(1)(b) GDPR (performance of a contract) and Art. 6(1)(f) GDPR (legitimate interest in responding to inquiries).

3. Cookies

Our website uses cookies. These are small text files stored on your device. Some cookies are technically necessary (e.g., shopping cart session), while others help us improve the user experience (analytics cookies).

Technically necessary cookies are set on the basis of Art. 6(1)(f) GDPR. We only set analytics cookies with your explicit consent pursuant to Art. 6(1)(a) GDPR. You may revoke your consent at any time.

4. Payment Service Provider (Stripe)

We use the service of Stripe Inc., 510 Townsend Street, San Francisco, CA 94103, USA, for processing payments. Your payment data (e.g., credit card number) is transmitted directly to Stripe and is not stored by us. Stripe is PCI DSS Level 1 certified. The legal basis is Art. 6(1)(b) GDPR.

Stripe's Privacy Policy: https://stripe.com/de/privacy

5. Email Delivery (Resend)

We use the service Resend, Inc. for sending transactional emails (order confirmations, shipping notifications). Your email address is transmitted to Resend insofar as this is necessary for sending the messages. The legal basis is Art. 6(1)(b) GDPR.

6. Hosting (Hetzner)

Our website is hosted by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. Hetzner processes access data (IP address, time of access, pages visited) in server log files on our behalf. Processing is based on Art. 6(1)(f) GDPR. The servers are located exclusively in Germany.

7. CDN (Cloudflare)

We use the Content Delivery Network (CDN) of Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA, to improve the loading speed and security of our website. Data is delivered via a global server network. Cloudflare processes IP addresses and technical access data. An EU Commission adequacy decision and a data processing agreement are in place. The legal basis is Art. 6(1)(f) GDPR.

8. Data Subject Rights

You have the following rights with regard to your personal data:

• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object (Art. 21 GDPR)

You also have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data.

9. Currency and Amendments

This privacy policy is currently valid. Due to the further development of our website or changes in legal requirements, it may become necessary to amend this privacy policy. The current version can be accessed at any time on this page.

Last updated: April 8, 2026