Privacy Police

 

 

Privacy Policy for Steam ‘n’ Soul

Effective Date: June 8, 2025
Applicable Law: General Data Protection Regulation (GDPR), German Federal Data Protection Act (BDSG)

1. Data Controller

Matthias Gottwald
Steam ‘n’ Soul
Sandgasse 10
69117 Heidelberg
Germany
Email: info@steamandsoul.com

2. Scope of This Privacy Policy

This Privacy Policy applies to the website https://steamandsoul.com and its related services, including the podcast, online shop, contact forms, newsletter subscriptions, analytics tools, and cookie tracking technologies. It outlines how personal data is collected, used, stored, and protected.

3. Legal Bases for Processing

We process personal data strictly according to the following legal bases:

  • Art. 6(1)(a) GDPR – Consent (e.g., for newsletter, analytics)

  • Art. 6(1)(b) GDPR – Contract performance (e.g., shop orders)

  • Art. 6(1)(c) GDPR – Legal obligation (e.g., retention periods)

  • Art. 6(1)(f) GDPR – Legitimate interest (e.g., site security)

4. Categories of Data Collected

Automatically collected when visiting the website:

  • IP address (anonymized if using analytics)

  • Browser and device type

  • Operating system

  • Date, time, and duration of access

  • Referrer URL

  • Pages viewed

Voluntarily provided via forms or actions:

  • Name and email (contact forms, newsletter)

  • Shipping and billing address (shop)

  • Payment information (via payment providers)

  • Podcast interaction data (non-personal)

5. Use of Cookies and Tracking Tools

We use cookies to:

  • Enable essential site functions (strictly necessary cookies)

  • Analyze usage behavior (only with consent)

  • Integrate third-party content (e.g., embedded podcast players)

Cookie consent is managed via a GDPR-compliant consent management tool. You can adjust preferences at any time.

6. Newsletter Subscription

If you subscribe to our newsletter, we collect and store your email address. Each email includes an opt-out link. Consent can be withdrawn at any time by clicking the unsubscribe link or contacting us directly.

7. Payment and Shipping Providers

When you place an order in our online shop, your personal data is transmitted to our service providers solely for the purpose of processing the transaction:

  • Stripe / PayPal (Payment)

  • DHL / Postal Services (Shipping)

These processors act under Art. 28 GDPR and provide adequate data protection guarantees.

8. Hosting and Technical Services

This website is hosted by IONOS SE, Germany. Hosting and email services operate under a GDPR-compliant data processing agreement. Server logs are retained securely and anonymized where possible.

9. Data Transfers Outside the EU

Data transfers outside the European Economic Area (EEA) only occur:

  • With your explicit consent, or

  • Based on EU-approved Standard Contractual Clauses (SCCs), or

  • When an adequacy decision exists (e.g., for the U.S. via Data Privacy Framework)

Scroll to Top