Privacy Policy

Last updated: 01.08.2025

We at Ceres International GmbH, located at Walliser Straße 7, 13407 Berlin, Germany, take the protection of your personal data very seriously. This Privacy Policy explains in detail how we collect, process, and protect your data in accordance with the provisions of the EU General Data Protection Regulation (GDPR). The controller responsible for data processing is Ceres International GmbH, represented by Amin Rafiki. You can contact us at any time by e-mail at info@ceres-int.de.

When you use our website, create an account, place an order, or contact us, we collect personal data such as your name, address, e-mail address, telephone number, payment details, and information relating to your orders. In addition, technical data such as your IP address, browser type, operating system, and device information may be collected automatically when you access our site. This data is obtained either directly from you through your interactions with us or automatically through cookies and similar tracking technologies, which are explained in our Cookie Policy.

We process your personal data exclusively for specific purposes. These include the fulfillment and processing of your orders, delivery of goods, invoicing, communication in the context of customer service, the administration of your account, the improvement of our website and services, and, where you have given your consent, the sending of marketing communications such as newsletters. The legal basis for processing is primarily Article 6(1)(b) GDPR, which permits data processing necessary for the performance of a contract, as well as Article 6(1)(a) GDPR in cases where we rely on your consent, Article 6(1)(c) GDPR for compliance with legal obligations, and Article 6(1)(f) GDPR where we pursue legitimate interests such as fraud prevention and IT security.

In order to carry out our activities efficiently, we may share your data with third parties, always in compliance with GDPR. Such recipients may include payment service providers like PayPal or Stripe, shipping companies such as DHL or UPS, IT service providers including website hosting and analytics partners, and legal authorities if we are under a legal obligation to do so. All third parties with whom we work are contractually bound by data processing agreements that meet GDPR requirements. In cases where data is transferred outside the European Economic Area (EEA), such transfer takes place only if an adequacy decision exists in accordance with Article 45 GDPR or if appropriate safeguards such as standard contractual clauses pursuant to Article 46 GDPR have been implemented.

Your personal data will be retained only for as long as necessary for the purposes for which it was collected or as required by statutory retention periods. Once these purposes have been fulfilled and no legal obligations require further storage, your data will be securely deleted or anonymized.

You have extensive rights in relation to your personal data under GDPR. These include the right to request information about the personal data we hold about you, the right to request rectification of inaccurate data, and the right to request the deletion of your data in accordance with Article 17 GDPR. You may also have the right to restrict processing, to receive your data in a portable format, and to object to certain processing activities, including processing for direct marketing purposes. Where processing is based on your consent, you may withdraw that consent at any time without affecting the lawfulness of processing carried out before the withdrawal. Furthermore, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence or where an alleged infringement has occurred.

We take appropriate technical and organizational measures to ensure the security of your personal data and to protect it against unauthorized access, accidental loss, destruction, or damage. These measures include encryption technologies such as SSL/TLS for data transmission, secure server infrastructure, and restricted access to personal data by authorized personnel only.

This Privacy Policy may be updated from time to time in order to reflect changes in our practices, new legal requirements, or technological developments. The latest version will always be available on this page and will be marked with the date of the last update. By continuing to use our website after changes have been published, you accept the updated Privacy Policy.

For all questions or requests relating to the processing of your personal data, you can contact us at any time at:
Ceres International GmbH, Walliser Straße 7, 13407 Berlin, Germany, e-mail: info@ceres-int.de.