info@together-human.com
+49 1761 033 02 72

Privacy Policy

Privacy Policy

1. General Provisions

1.1. This Privacy Policy (“Policy”) explains how personal data of users of the website TOGETHER HUMAN (hereinafter — the “Site”), available at https://together-human.com, is collected, processed, and protected in accordance with the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

1.2. By accessing or using the Site, the user confirms their unconditional acceptance of this Policy.

1.3. If the user does not agree with the terms of this Policy, they must stop using the Site.


2. Data Controller

2.1. The Data Controller responsible for processing personal data is:

Julia Dubenkov
📩 E-mail: info@together-human.com
📞 Phone: +49 1761 033 02 72
🌐 Website: together-human.com
📍 Address for correspondence: Im Kirchenfelde 5, 31157, Sarstedt, Germany

2.2. The Controller processes personal data strictly in accordance with GDPR and BDSG.


3. Personal Data We Collect

Data provided by the user:
  • first and last name (when placing an order or contacting support);
  • email address;
  • phone number;
  • shipping address;
  • billing information and order details;
  • social media profiles (if voluntarily submitted).

Automatically collected data:
  • IP address;
  • cookie files;
  • browser type and version;
  • device information;
  • pages viewed and time spent on the Site;
  • referrer URL and traffic sources.

3.2. Data is provided voluntarily by the user when:
  • placing an order;
  • creating an account (if applicable);
  • subscribing to newsletters;
  • contacting customer support;
  • interacting with Site features.


4. Cookies and Tracking Technologies

4.1. The Website uses cookies and similar technologies required for proper functionality, analytics and user experience improvement.

4.2. Types of cookies:
Essential cookies — required for basic Website functions (legal basis: Art. 6(1)(f) GDPR).
Analytics cookies — used only with explicit user consent (Art. 6(1)(a) GDPR; §25 TTDSG).
Marketing cookies — activated only with consent.

4.3. Users may withdraw consent or change cookie settings at any time via browser settings or the Website’s cookie banner.

4.4. Disabling non-essential cookies may limit some Website features.


5. Purposes of Processing

Personal data is processed for the following purposes:
  • processing and fulfilling orders;
  • delivering products to customers;
  • communicating with users regarding orders, payments, and delivery;
  • sending order status updates;
  • performing accounting, tax, and legal obligations;
  • sending marketing communications and newsletters (with explicit consent);
  • improving the performance and usability of the Site;
  • preventing fraud and ensuring transaction security;
  • complying with legal obligations under EU and German law.


6. Legal Basis for Processing

Processing is based on:
  • Art. 6(1)(b) GDPR – performance of a sales contract;
  • Art. 6(1)(a) GDPR – user’s voluntary consent (e.g., newsletter subscription);
  • Art. 6(1)(c) GDPR – compliance with legal obligations;
  • Art. 6(1)(f) GDPR – legitimate interests of the Controller (e.g., improving the Site, fraud prevention).


7. Data Storage and Protection

7.1. The Controller implements appropriate technical and organizational measures to protect data from unauthorized access, destruction, alteration, or disclosure.

7.2. Personal data is stored:
  • for the duration required to fulfill the order;
  • for the legally required period of accounting and tax documentation (usually 6–10 years under German tax law);
  • until consent is withdrawn — for data processed based on consent (e.g., newsletters).


8. Sharing Personal Data with Third Parties

8.1. Personal data may be shared only when necessary to fulfill contractual or legal obligations, including with:
  • payment service providers;
  • courier and postal services;
  • email marketing services (if user has subscribed);
  • accounting and tax services;
  • IT and hosting providers.

8.2. All third-party processors comply with GDPR and operate under signed Data Processing Agreements (DPAs).

8.3. Data is never sold or shared with third parties for advertising purposes without explicit consent.


9. Data Processors

9.1. The Website may engage external service providers (“Data Processors”) who process personal data on behalf of the Operator in accordance with Art. 28 GDPR.

9.2. Data Processors may include:
– hosting and server providers;
– payment service providers;
– shipping and logistics companies;
– email and newsletter providers;
– accounting and invoicing services;
– website analytics and marketing tools (only with user consent);
– IT support services.

9.3. All Data Processors act only under the Operator's instructions and are contractually obligated to comply with GDPR requirements.


10. International Data Transfers

10.1. Some service providers used by the Website may be located outside the European Economic Area (EEA). In such cases, personal data may be transferred to third countries.

10.2. All international transfers comply with Chapter V GDPR and include one or more of the following safeguards:
– Standard Contractual Clauses (SCC);
– adequacy decisions by the European Commission;
– additional technical/organizational protection measures.

10.3. No data is transferred to third countries without appropriate protection.


11. Cookies and Tracking Technologies

The Site uses cookies for:
  • proper operation of the shopping cart and checkout;
  • analytics and traffic measurement;
  • remembering user preferences;
  • improving user experience.

The user may disable cookies in the browser settings at any time.

Please note: disabling cookies may affect certain Site functionality.


12. User Rights (GDPR)

The user has the following rights:
  • Right of access to their personal data;
  • Right to rectification of inaccurate or incomplete data;
  • Right to erasure (“right to be forgotten”);
  • Right to restriction of processing;
  • Right to data portability;
  • Right to withdraw consent at any time;
  • Right to object to processing based on legitimate interest;
  • Right to lodge a complaint with a supervisory authority.
  • Supervisory authority in Germany: Der Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI).


13. User Consent

13.1. By submitting personal data (placing an order, subscribing to a newsletter, or filling out a contact form), the user gives consent to its processing.

13.2. Consent remains valid until the purposes of processing are achieved or until it is withdrawn.

13.3. Consent can be withdrawn at any time by sending a request to the Controller’s email.


14. Automated Decision-Making

The Website does not use automated decision-making or profiling that produces legal or significant effects on users under Art. 22 GDPR.

If such technologies are introduced in the future, this Policy will be updated.


15. Changes to This Policy

15.1. The Controller may update this Policy from time to time.

15.2. The new version becomes effective once published on the Site.


16. Liability and Special Provisions

16.1. The Controller follows GDPR principles of confidentiality and data protection.

16.2. User data is not disclosed to third parties except as permitted by this Policy or required by law.

16.3. Information on the Site does not constitute legal, medical, or professional advice.

16.4. The Controller is not responsible for damages caused by:
  • incorrect use of the Site;
  • failure to provide accurate information when placing an order;
  • actions of third-party service providers (delivery companies, payment systems, etc.), beyond the Controller’s reasonable control.


17. Contact Information

For all privacy-related questions, please contact:

Julia Dubenkov

📩 E-mail: info@together-human.com
📞 Phone: +49 1761 033 02 72
🌐 Website: together-human.com

📍 Correspondence address Im Kirchenfelde 5, 31157, Sarstedt, Germany


© 2025 TOGETHER HUMAN
All rights reserved.

Last updated: 08.12.2025.