Privacy Policy

Privacy Policy

Last updated: March 12, 2026

This Privacy Policy explains how DAW LibrarY processes personal data when you visit our website, create a customer account, contact us, subscribe to our newsletter, or purchase digital products from our store.

1. Controller

DAW LibrarY
Händelstr. 18
65193 Wiesbaden
Germany
E-mail: support@daw-library.com

2. Categories of personal data

2.1 Server log data

When you visit our website, technical access data may be processed automatically by our hosting environment. This may include:

  • IP address
  • date and time of access
  • requested URL
  • referrer URL
  • browser type and browser version
  • operating system
  • error information and server events

2.2 Customer account and order data

If you create an account or place an order, we may process:

  • first and last name
  • e-mail address
  • billing details
  • company / VAT details, if provided
  • ordered products, invoices, order history and payment status

2.3 Contact requests

If you contact us via contact form or e-mail, we process the data you provide, such as:

  • name
  • e-mail address
  • subject
  • message content

2.4 Newsletter data

If you subscribe to our newsletter, we process your e-mail address and, where required, proof of consent and subscription timestamp.

2.5 Cookies and consent data

We use technically necessary cookies to operate the store, maintain sessions, store cart contents, protect forms and remember language or account preferences. Where optional cookies or similar technologies are used, they are processed on the basis of your consent where legally required. We may also store your consent decision.

3. Purposes and legal bases

We process personal data for the following purposes and legal bases under Art. 6 GDPR:

  • Art. 6(1)(b) GDPR – to provide the website functions, manage customer accounts, process orders, provide digital downloads and respond to pre-contractual inquiries.
  • Art. 6(1)(c) GDPR – to comply with legal obligations, including tax, accounting and record-keeping obligations.
  • Art. 6(1)(f) GDPR – for website security, fraud prevention, abuse prevention, system administration and support handling.
  • Art. 6(1)(a) GDPR – where consent is required, especially for newsletters and optional analytics cookies / technologies.

4. Recipients of data

We disclose personal data only where necessary and only to the extent required for the relevant purpose. Recipients may include:

  • Hosting and e-mail provider: Alfahosting GmbH
  • Payment provider: PayPal (Europe) S.à r.l. et Cie, S.C.A.
  • Analytics provider: Google Ireland Limited / Google LLC in connection with Google Analytics
  • Tax advisers, legal advisers or public authorities, where required by law or necessary for legal enforcement

5. Google Analytics

Provided that you have given the required consent, we use Google Analytics to analyze the use of our website and improve our services. Google Analytics may use cookies and similar technologies and process information about your use of the website, your device, your browser and your interactions with our pages.

According to Google, Google Analytics for EU users does not log or store IP addresses. Nevertheless, data processing by Google may involve international data transfers.

6. International data transfers

Some service providers may process personal data outside the European Economic Area. Where this occurs, we ensure an appropriate level of protection through suitable safeguards, such as an adequacy decision of the European Commission or standard contractual clauses, where required.

7. Storage periods

We keep personal data only for as long as necessary for the respective purpose and as long as statutory retention obligations require. In particular:

  • Server logs: for a limited technical and security period
  • Customer account data: for as long as the account exists or until deletion is requested, unless statutory retention duties apply
  • Order, invoice and accounting data: for the period required by applicable commercial and tax law
  • Contact requests: until the request has been fully handled and thereafter only as long as needed for documentation or legal defense
  • Newsletter data: until you unsubscribe or withdraw your consent
  • Consent records: for as long as necessary to document compliance

8. Your rights

Under the GDPR, you have the right, subject to the applicable legal requirements, to:

  • request access to your personal data;
  • request rectification of inaccurate data;
  • request erasure of your data;
  • request restriction of processing;
  • object to processing based on legitimate interests;
  • withdraw consent at any time with effect for the future;
  • receive your data in a structured, commonly used and machine-readable format where applicable.

9. Right to lodge a complaint

If you believe that the processing of your personal data violates data protection law, you have the right to lodge a complaint with a supervisory authority. You may contact in particular:

Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Gustav-Stresemann-Ring 1
65189 Wiesbaden
Germany
E-mail: poststelle@datenschutz.hessen.de

10. Contact for privacy matters

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at: support@daw-library.com

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical or operational changes. The current version published on this website applies.