Privacy · GDPR / DSGVO

Privacy Policy – DE & EU
(Datenschutzerklärung)

Last updated: 22 June 2026  ·  Basis: GDPR & TDDDG

This Privacy Policy explains how personal data is processed when you visit this website or place an order from Europe or another international destination. It is provided in accordance with the EU General Data Protection Regulation (GDPR / DSGVO) and the German Telecommunications Digital Services Data Protection Act (TDDDG).

---

01. Controller

The controller for data processing relating to European and international orders is:

Controller · Art. 4(7) GDPR
Kaushambi Mate
Marshallstraße 32, 48291 Telgte, Germany
Email: contact@vernacularbranding.in
Telephone: +49 (0) 176 56815045

For orders placed in India, a separate controller applies (Envisionar Design Atelier). Please see the India Privacy Policy.

02. Hosting & server log files

This website is operated on the servers of a hosting provider:

Hosting provider: GoDaddy

When you access the website, the hosting provider automatically collects and stores information in server log files that your browser transmits, in particular the IP address, browser type and version, operating system, the referrer URL, and the date and time of access. This data is processed on the basis of our legitimate interest in the secure and stable operation of the website (Art. 6(1)(f) GDPR).

03. Image delivery network (CDN)

Images on this site are delivered through the Jetpack image CDN (“Site Accelerator”, served from i0.wp.com), operated by Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA. When images load, your IP address is transmitted to Automattic so the content can be delivered. Processing is based on our legitimate interest in fast, reliable image delivery (Art. 6(1)(f) GDPR). This may involve a transfer of data to the United States.

04. Web fonts

This site uses the typefaces Syne, DM Serif Display and Space Mono for its visual design. Where these fonts are loaded from an external font service rather than from our own server, your IP address may be transmitted to that provider in order to deliver the fonts. Processing is based on Art. 6(1)(f) GDPR.

05. Cookies

The website uses technically necessary cookies that are required for basic functions, such as the WordPress session and the shopping-cart and checkout functions of the store (WooCommerce). These cookies do not require consent (§ 25(2) TDDDG).

At the time of writing, no consent-requiring analytics, advertising or tracking cookies are used. Should such tools be introduced, this policy will be updated and your prior consent obtained where legally required (§ 25(1) TDDDG, Art. 6(1)(a) GDPR).

06. Contacting us

If you contact us by email, the data you provide (e.g. your name, email address and the content of your message) is processed to handle your enquiry. The legal basis is Art. 6(1)(b) GDPR where your request relates to a contract, otherwise our legitimate interest in answering enquiries (Art. 6(1)(f) GDPR).

07. Order processing & payment

To process an order we collect the data required for fulfilment, in particular your name, shipping and billing address and email address. Processing is based on Art. 6(1)(b) GDPR (performance of the contract) and Art. 6(1)(c) GDPR (legal retention obligations).

Stripe

Card and standard payments are processed by Stripe (Stripe Payments Europe, Ltd., based in Dublin, Ireland). Stripe processes the payment data required for the transaction (e.g. name, payment details, billing information) and acts as an independent controller for that processing. We do not store your full payment-card details. Stripe’s privacy information: https://stripe.com/privacy.

PayPal (on request)

Where PayPal is used on request, payment is processed by PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg. PayPal’s privacy information: https://www.paypal.com/de/legalhub/privacy-full.

08. Transfers to third countries

Some service providers named above (in particular Stripe and Automattic) may process data outside the European Economic Area, including in the United States. Such transfers take place on the basis of appropriate safeguards, in particular EU Standard Contractual Clauses and/or an adequacy mechanism such as the EU–U.S. Data Privacy Framework, where applicable.

09. Retention

Personal data is retained only for as long as necessary for the purposes described, or as required by statutory retention obligations (e.g. commercial and tax law). Once these periods expire, the data is deleted.

10. Your rights

Under the GDPR you have the right to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20) and to object to processing (Art. 21). Where processing is based on consent, you may withdraw that consent at any time with effect for the future. To exercise these rights, contact us at contact@vernacularbranding.in.

11. Right to lodge a complaint

You have the right to lodge a complaint with a data protection supervisory authority. The authority competent for the controller is:

Supervisory authority · North Rhine-WestphaliaLandesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW), Kavalleriestraße 2–4, 40213 Düsseldorf, Germany.

12. Encryption

This website uses SSL/TLS encryption to protect the transmission of data. You can recognise an encrypted connection by the “https://” prefix in your browser’s address bar.

13. Changes to this policy

We may update this Privacy Policy to reflect changes in our services or in legal requirements. The current version published on this page applies.

---

---