</table

Privacy Policy | moll GmbH

As of March 19, 2026

Who We Are

The controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection
provisions is:

moll Furniture GmbH

7 Rechberg Street

73344 Gruibingen

Germany

07335-181-0

moll

moll

Contacting the Data Protection Officer at
Data Protection Officer

The data protection officer for the controller is:

DataCo, LLC

86 Nymphenburger Street

80636 Munich

Germany

+49 89 7400 45840
www.dataguard.de

General Information on Data Processing

On this page, we provide information about how we process your personal data on
the website.

How we collect and use your personal data depends on how you interact with us or which services you use. We collect, use, or share your personal data only if we have a legitimate purpose and a
legal basis for doing so.

What do we mean by "legal basis"?

Consent ( Art. 6(1)(a) GDPR) – You have given us your consent to process your personal data for the
specific purpose that we have explained to you. You have the right to withdraw your consent at any time. To do so, please contact the Data Protection Officer using the contact information provided below.

Contract ( Art. 6(1)(
1)(b) of the GDPR) – We need to use your data to fulfill a contract you have with us. Alternatively, it is necessary to use your data because we asked you to provide it or because you took certain steps yourself before entering into this contract
.

Legal obligation ( Art. 6(1)(c) of the GDPR) – We must use your data to comply with the law.

Vital interests (Art. 6(1)(d) GDPR) – The processing
of your data is necessary to protect your vital interests or those of another person. For example, to protect you from serious physical harm.

Public task ( Art. 6(1)(e) GDPR) – The processing
of your data is necessary for the performance of a task carried out in the public interest or because it is covered by a statutory duty, e.g., for a statutory function.

Legitimate interests ( Art. 6(1)(f) of the General Data Protection Regulation (
) – The processing of your data is necessary to support a legitimate interest that we or another party has, provided that your own interests do not override those interests.

Please note that we may not be able to provide you with access to our online store at
if your data is being processed in connection with the performance of a contract or a legal obligation and you do not provide the requested data.

Your rights

If your personal data is processed
, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

1. The right of access (Art. 15 GDPR)

You have the right to request confirmation from us as to whether we are processing personal data concerning
. If this is the case, you have the right to access this data and to receive the following information:

  • Purposes of processing
  • Categories of personal
    data
  • Recipients or categories of recipients
  • Planned retention period or the criteria for determining this period
  • the existence of the rights to rectification, erasure, restriction, or
    objection
  • Right to file a complaint with the competent supervisory authority
  • Source of the data (if collected from a third party)
  • Whether automated decision-making, including profiling, is used, along with
    meaningful information about the logic involved, the scope, and the expected effects
  • Transfer of personal data to a third country or an international organization, if applicable

2. Right to
Rectification (Art. 16 GDPR)

If your personal data is inaccurate or incomplete, you have the right to request that it be corrected or supplemented without delay.

3. Right to restrict processing
(Art. 18 GDPR)

If any of the following conditions are met, you have the right to request that the processing of your personal data be restricted:

  • You dispute the accuracy of
    your personal data, for a period that allows us to verify the accuracy of the personal data.
  • In the event of unlawful processing, you may object to the erasure of the personal data and
    request, instead, that the use of the personal data be restricted.
  • We no longer need your personal data for the purposes of processing, but you need your personal data to assert,
    exercise, or defend your legal claims, or
  • after you have objected to the processing, for the duration of the assessment of whether our legitimate grounds override your interests.

4. Right to
Erasure (“Right to be Forgotten”) (Art. 17 GDPR)

If any of the following grounds apply, you have the right to request the immediate erasure of your personal data:

  • Your data is no longer necessary for
    for the purposes for which it was originally collected.
  • You have withdrawn your consent and there is no other legal basis for the processing.
  • You object to the processing of your personal data (
    ) and there are no overriding legitimate grounds for the processing, or you object pursuant to Article 21(2) of the GDPR.
  • Your personal data is being processed unlawfully.
  • The erasure is necessary to
    comply with a legal obligation under Union law or the law of the Member State to which we are subject.
  • The personal data was collected in connection with the information society services offered, in accordance with Article 8(1) of the
    GDPR.

Please note that the above reasons do not apply if the processing is necessary:

  • To exercise the right to freedom of expression and information;
  • To comply with a legal obligation or to perform a task carried out in the public interest to which we are subject.
  • For reasons of public interest in the field of public health.
  • For archival purposes in the public interest, scientific or historical research purposes, or for statistical purposes, as provided for in the
    .
  • to assert, exercise, or defend legal claims.

5. Right to data portability
(Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, or to request that it be transferred to another controller.

6. Right to object to
certain processing activities (Art. 21 GDPR)

You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data carried out on the basis of Article 6(1)(e) or (f) of the GDPR
. This also applies to profiling based on these provisions.

If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data by
for the purpose of such marketing; this also applies to profiling to the extent that it is related to such direct marketing.

7. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy
, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates the GDPR.


The supervisory authority to which the complaint was submitted shall inform the complainant of the status and outcome of the complaint, including the possibility of seeking judicial remedy under Article 78 of the GDPR.

A
list of the local supervisory authorities in Germany can be found on the website of the Federal Data Protection Commissioner at the following link: https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html

Sharing of Data and International Transfer

As explained in this Privacy Policy, we use various service providers to help us deliver our services and ensure the security of your data. When we use these service providers, it is necessary for us to share your
personal data with them.

We have entered into agreements with all service providers to whom we disclose your data, requiring them to protect your data.

If your personal data is transferred outside the EU
, we ensure that your personal data receives an equivalent level of protection, either because the country to which your data is transferred has an “adequate” data protection standard as defined by the European Commission, or by applying
other safeguards, such as an enhanced contractual arrangement, i.e., the Standard Contractual Clauses (SCCs) adopted by the European Commission.

For example, when we use U.S. service providers, we rely on either the SCCs or the EU-U.S. Data Protection Framework, depending on the provider
You can request a copy of the SCCs we have entered into with our service providers by sending an email to the address provided in this Privacy Policy.

Hosting the website and generating log files

1. Description and Scope of Data Processing

Every time our website is accessed, our system automatically collects data and information
from the computer system of the accessing device.

The following data is collected in this process:

  • Information about the browser type and version
  • The user's operating system
  • Date and time of access
  • Websites from which the user's system
    accesses our website
  • Websites accessed by the user's system via our website

This data is stored in the log files
on our system.

This does not apply to the user’s IP addresses or other data that would allow the data to be linked to a specific user. This data is not stored together with other personal
data belonging to the user.

This data is not stored together with the user's other personal data.

2. Purpose of data processing

Data is stored in log files to ensure the proper functioning of the website. We also use this data to optimize the website and ensure the security of our IT systems. In this context, the data is not analyzed for
marketing purposes.

3. Legal basis for data processing

The legal basis for the temporary storage of data and log files is Article 6(1)(f) of the GDPR.

4. Duration of data retention

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of data collected for the purpose of providing the website, this occurs when the respective session ends.

In the case of
, data stored in log files is deleted after seven days at the latest. Storage beyond this period is possible. In such cases, users’ IP addresses are deleted or anonymized so that the client from which the request originated can no longer be identified.

5. Right to object

The collection of data for the purpose of providing the website and the storage of such data in log files is essential for the operation of the website. The user may object to this. Whether the objection
is successful must be determined through a balancing of interests.

Use of Cookies

1. Description and Scope of Data Processing

When you visit
our website, we use technical tools for various functions, in particular cookies, which may be stored on your device. When you visit our website and at any time thereafter, you can choose whether to allow cookies in general or
which specific additional features you would like to enable. You can make changes in your browser settings or via our Consent Manager.

Cookies are text files or pieces of information stored in a database on your hard drive
and associated with the browser you are using, allowing the entity that sets the cookie to receive certain information. Below, we describe the types of cookies we use:

We use
technically necessary cookies that are required for the technical functioning of the website. Without these cookies, our website cannot be displayed (correctly) or certain features will not work.

The following data is stored and transmitted by
using technically necessary cookies:

  • Items in the shopping cart
  • Login information
  • Search terms entered
  • Frequency of page views
  • Using
    Website Features

We use cookies on our website that are not technically necessary. Cookies that are not technically necessary are text files that do not
serve solely to ensure the website’s functionality, but also collect other data.

The following data is processed through the use of cookies that are not technically necessary:


  • 's website Internet users
  • Date and time the website was accessed
  • Tracking of browsing behavior

2. Purpose of data processing

The purpose of using technically necessary cookies is to ensure the functionality of our website. Some features of our website cannot be provided without the use of cookies
. For these features, it is necessary for the browser to be recognized even after changing pages.

We require the following technically necessary cookies for the following applications:

  • Shopping cart
  • Website functionality

The use of non-essential cookies on
is intended to improve the quality of our website, its content, and thereby our reach and efficiency. By setting these cookies, we learn how the website is used and can thus continuously optimize our offerings. Specifically, these cookies on
serve the following purposes:

This website uses third-party website tracking technologies to provide and improve our services.

3. Legal basis for data processing

For
The storage of information on the end user’s device and/or access to information already stored on the end user’s device is governed by the provisions of the Telecommunications and Telemedia Data Protection Act (TTDSG). If the
setting and reading of cookies is technically necessary, this is done to ensure the functionality of our website. In this case, the storage of and access to cookies on your device is based on Section 25(2)(2) TTDSG. This
storage and access to the information on your device serve to facilitate your use of our website and to enable us to offer you our services as you have requested. Some features of our website also do not function without the
use of these cookies and therefore could not be offered. Cookies are generally deleted after the session ends (e.g., logging out or closing the browser) or after a specified period has elapsed. Information regarding different retention periods for
cookies can be found in the following sections of this Privacy Policy.

To the extent that cookies are used that are not technically necessary, this is done on the basis of your explicit consent, which you can provide via the cookie banner at
. In this case, the legal basis for the storage of and access to information is Section 25(1) of the TTDSG in conjunction with Article 6(1)(a) and Article 7 of the GDPR. You may revoke your consent at any time with future effect or subsequently grant it again by configuring your cookie settings accordingly at
. Alternatively, you can prevent the storage of cookies by adjusting the settings of your browser software. Please note that the browser settings you make only apply to the browser currently in use at
. If personal data is processed following the storage of and access to the information on your device, the provisions of the GDPR apply. You can find information on this in the
following sections of this privacy policy.

4. Objection and Deletion

You can withdraw your consent to the use of cookies at any time and manage your consent preferences via the following link:
moll moll

Registration

1. Description and Scope of Data Processing

On our website, we offer users the
opportunity to register by providing personal data. The data is entered into a form, transmitted to us, and stored. The data is not shared with third parties. The following data is collected as part of the
registration process:

  • Email address
  • Last name
  • First name
  • Address
  • Phone / cell phone number
  • Date and
    Registration time

As part of the registration process, the user’s consent to the processing of this data is obtained.

2. Purpose of Data Processing at

User registration is required to fulfill a contract with the user or to take steps prior to entering into a contract.

3. Legal basis for data processing

The legal basis for the processing of data is Article 6(1)(a) of the GDPR, provided the user has given consent.

If the processing by
serves to document the performance of a contract to which the user is a party or the implementation of pre-contractual measures, the additional legal basis for the processing of the data is Article 6(1)(b) of the GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected.

This applies to data collected during the registration process for the purpose of fulfilling a contract or
taking pre-contractual measures once the data is no longer necessary for the performance of the contract. Even after the contract has been concluded, it may still be necessary to store the contractual partner’s personal data in order to
comply with contractual or legal obligations.

5. Right to withdraw consent

As a user, you can cancel your registration at any time. You can have the data stored about you modified at any time by contacting
.

Specifically, you can request deletion in the following ways:

Changes can be made via your account; to delete your account, please send an email tomoll

If the data is necessary for the performance of a contract or for the implementation of pre-contractual measures
, early deletion of the data is only possible to the extent that no contractual or legal obligations preclude such deletion.

Online Store

We offer an online store on our website.

For this purpose, we use the following online store software:

WooCommerce, provided by
Bubblestorm Management (Pty) Ltd, 373–375 Albert Road, n/a, Cape Town, South Africa (hereinafter referred to as WooCommerce).

For more information, please refer to the provider's privacy policy:

https://automattic.com/privacy/

The website
and the online store are hosted on external servers by a service provider we have contracted.

Our service provider is:

WordPress – CTL

The servers automatically collect and store information
in so-called server log files, which your browser automatically transmits when you visit the website. The information stored is:

  • Information about the browser type and the version of
    being used
  • The user's operating system
  • Date and time of access
  • Websites from which the user's system accesses our website
  • Websites accessed by the user's system via our website

This data is not combined with other data sources. This data is collected on the basis of Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in the technically error-free display and
optimization of its website—for this purpose, server log files must be collected.

We have entered into a data processing agreement with the relevant service provider, in which we require the service provider to protect user data and
not to disclose it to third parties.

The website's server is located in Germany.

Payment Options

1. Description and Scope of Data Processing

We offer our customers various payment options for processing their orders. To do this, we redirect
customers to the platform of the relevant payment service provider, depending on the payment option selected. Once the payment process is complete, we receive the customers’ payment data from the payment service providers or our bank and process this data in our
systems for invoicing and accounting purposes.

Payment via GiroPay
You have the option to complete the payment process using the
payment service provider GiroPay.

Based on online banking with a PIN and TAN, GiroPay enables payment via online bank transfer. To pay with GiroPay, all you need is an online banking checking account with a participating bank or
Sparkasse. Once the payment is successful, the merchant receives a payment guarantee from the buyer’s bank and can then send you goods or services.

When paying via GiroPay, your payment details will be transmitted to
GiroPay GmbH, An der Welle 4, 60322 Frankfurt/Main as part of the payment processing.

As a general rule, GiroPay GmbH does not process users’ transaction data. Transaction data refers to the data required to process the payment initiated by the user.

When users of GiroPay services initiate a payment, GiroPay GmbH does not collect any transaction data related to that payment. In particular, GiroPay GmbH does not collect any information regarding whether the user has initiated a payment,
nor regarding the amount or purpose of the payment. This information is generally collected and further processed only by the user’s account-holding institution. The user’s account-holding institution is the controller within the meaning of the GDPR with regard to
data processing in the context of the payment transaction.

GiroPay GmbH collects transaction data only in isolated cases and only at the user’s request, for the purpose of processing inquiries regarding a payment made by the user via
(payment inquiries) or in response to user inquiries about technical issues.

“For more information about GiroPay’s privacy policy, please click here:

https://www.GiroPay.de/rechtliches/datenschutzerklaerung/

Payment via Klarna

You have the option to complete the
payment process using the payment service provider Klarna.

Klarna is a payment service provider that offers purchase on account or installment payments.

Klarna's European operating company is Klarna Bank AB
(publ), Sveavägen 46, 111 34 Stockholm, Sweden.

If you select “Purchase on Account” or “Installment Purchase” as a payment option when using Klarna, your personal data will be automatically transmitted to Klarna. At
the personal data transmitted to Klarna includes, in particular:

  • First name
  • Last name
  • Address
  • Date of Birth
  • Gender
  • Email address
  • IP address
  • Phone/cell phone number
  • Bank details
  • Credit card number, including expiration date and CVC code
  • Number of items
  • Item number
  • Information about goods and/or services
  • Transaction amount and tax liabilities

The purpose of sharing this data is, in particular, identity verification,
payment processing, and fraud prevention. The personal data exchanged between Klarna and us may be shared by Klarna with credit reporting agencies.

The purpose of this transfer is to verify identity and
creditworthiness. Klarna may also disclose personal data to affiliated companies (Klarna Group) and service providers or subcontractors to the extent necessary to fulfill contractual obligations or where the data is to be processed on Klarna’s behalf
.

For more information about how Klarna processes your data, please see Klarna’s Privacy Policy at:

https://www.klarna.com/de/datenschutz/

Payment by credit card

You can complete the payment process using a credit card
.

If you have chosen to pay by credit card, your payment information will be shared with payment service providers for processing. All payment service providers comply with the requirements of the Payment Card Industry (PCI) Data Security Standards
and have been certified by an independent PCI Qualified Security Assessor.

When paying by credit card, the following information is regularly transmitted:

  • Purchase amount
  • Date and time of the
    purchase
  • First name and last name
  • Address
  • Email address
  • Credit card number
  • Credit card validity period
  • Security Code (CVC)
  • IPAdresse</ p>
  • Phone number / Cell phone number

Payment data is shared with the following payment service providers:

  • Payrexx, provided by PAYREXX AG, Burgstrasse 20, 3600 Thun, Switzerland. For more information about how Payrexx processes your data, please visit
    or consult Payrexx’s privacy policy at: https://payrexx.com/de/legal/privacy-policy.

Payment via PayPal

You have the option to complete the payment process through the payment service provider PayPal. In addition to direct payment, PayPal also offers payment on account, direct debit, credit card, and installment plans.

European
PayPal is operated by PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg.

If you select PayPal as your payment method, the information required for the payment process will be automatically transmitted to PayPal
.

This specifically involved the following data:

  • Name
  • Address
  • Email address
  • Phone / Cell phone number
  • IPAdresse</ p>
  • Bank details
  • Card number
  • Expiration Date and CVC Code
  • Number of items
  • Item number
  • Data on goods and services
  • Transaction amount and tax liabilities
  • Information about past purchasing behavior

The data transmitted to PayPal may be shared by PayPal with credit reporting agencies. The purpose of this sharing is
to verify identity and creditworthiness.

PayPal may also share your data with third parties to the extent necessary to fulfill contractual obligations or where the data is to be processed on its behalf. When your
personal data is transferred within companies affiliated with PayPal, the Binding Corporate Rules approved by the relevant supervisory authorities apply. You can find them here:

https://www.paypal.com/de/webapps/mpp/ua/bcr

Other data transfers may be based on contractual safeguards. For more information, please contact
PayPal.

All PayPal transactions are subject to PayPal's Privacy Policy. You can find it at:


https://www.paypal.com/de/webapps/mpp/ua/privacy-full/

Payment via Apple Pay

You can pay using Apple Pay, provided by Apple Inc.,
One Apple Park Way, Cupertino, CA 95014, USA.

When you pay with Apple Pay, the following personal data is transmitted to Apple:

  • Zip code or equivalent information for calculating
    taxes and postage.
  • Merchant-specific account number.
  • Mailing address or email address
  • Device-specific information, Apple ID, and location (if Location Services are enabled for Wallet) for evaluating the
    Fraud prevention on the device.
  • Display fraud prevention ratings on the device (not the underlying data).
  • A postal address identifier used to verify address consistency during transactions.
  • IP address
    (if available) for fraud prevention.
  • Information about participating merchants, including merchant-specific account numbers.

For more information about data processing when paying with Apple Pay, visit
here: https://www.apple.com/au/legal/privacy/data/en/apple-pay/

Payment via Google
Pay

You can make payments via Google Pay. Google’s European operating company is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

When you use Google Payments to complete a
transaction, Google collects information about the transaction, including the date, time, and amount of the transaction, the merchant’s location and description, a description of the goods or
services, a photo you wish to associate with the transaction, the names and email addresses of the seller and the buyer (or the sender and the recipient), the type of payment method used, your description of the reason for the
transaction, and the offer associated with the transaction, if any.

For more information about how Google processes data when you make a payment via Google Pay, please visit: https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=en

2. Purpose of data processing

The transmission of payment data to payment service providers is necessary to process
the payment, for example, when you purchase a product and/or use a service.

3. Legal basis for data processing

The legal basis for data processing is Article 6(1)(b) of the GDPR, as the processing
of the data is necessary for the performance of the purchase agreement that has been concluded.

4. Duration of storage

All payment data, as well as data regarding any chargebacks that may occur, will be stored only for as long as is necessary for
to process payments, handle chargebacks, collect outstanding debts, and prevent fraud.

In addition, payment data may be stored beyond this period, provided and
as long as this is necessary to comply with statutory retention periods or to investigate a specific case of misuse.

Your personal data will be deleted from
once the statutory retention periods have expired, i.e., after 10 years at the latest.

5. Exercising Your Rights

If the data is necessary for the performance of a contract or for the implementation of pre-contractual measures, early deletion of the data is only possible to the extent that no contractual or legal
obligations preclude such deletion.

Shipping service provider

1. Description and Scope of Data Processing

If you order products or services on our
website that require a shipping provider for delivery, you will receive an order and shipping confirmation via email, as well as—depending on the shipping provider—a notification that your
package has arrived and/or a notification regarding the package’s arrival and available delivery options.

The data is transmitted to the following service providers:

  • DPD Deutschland GmbH, Wailandtstraße 1, 63741 Aschaffenburg, Germany
  • L. Wackler Wwe. Nachf. GmbH, Louis-Wackler-Str. 2, 73037 Göppingen DPD Deutschland GmbH, Wailandstr. 1, 63741 Aschaffenburg

The data transmitted typically consists of:

  • Name
  • Address
  • Email address

2. Purpose of data processing

The purpose of processing personal data
is to enable shipping service providers to notify recipients of shipment status via email, thereby increasing the likelihood of successful delivery.

3. Legal basis for data processing by

The legal basis for the transfer of your email address to the respective shipping service provider and its use is your consent pursuant to Article 6(1)(a) of the GDPR.The legal basis for the transfer of your address data (first name,
last name, address) to the respective shipping service provider is Article 6(1)(b) of the GDPR, as the processing of the data is necessary for the performance of the concluded purchase contract.

4. Duration of storage

The data transmitted to
is deleted by the respective shipping provider once the package has been delivered.

5. Right to object

The user can cancel the notification service provided by the shipping carrier at any time. For this
purpose, each email contains a corresponding opt-out link.

Email Contact

1. Description and Scope of Data Processing

On
of our website, you can contact us using the email address provided. In this case, the user’s personal data transmitted via email will be stored.

The data is used exclusively for processing the
conversation.

2. Purpose of data processing

If you contact us via email, this also constitutes the necessary legitimate interest in processing the data.

3. Legal basis for data processing by

The legal basis for processing the data transmitted when you send an email is Article 6(1)(f) of the GDPR. Our legitimate interest is to provide the best possible response to the inquiry you submit via email.

If the purpose of the email contact is to conclude a contract, the additional legal basis for the processing is Article 6(1)(b) of the GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve
the purpose for which it was collected. For personal data sent via email, this is the case once the relevant conversation with the user has ended. The conversation is considered ended when it can be inferred from the circumstances
that the matter in question has been conclusively resolved.

Any additional personal data collected during the submission process will be deleted no later than seven days after submission.

5. Option:
to file an objection

If a user contacts us via email, they may object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

All personal data
that was stored when you contacted us will be deleted in this case.

Contact Form

1. Description and Scope of Data Processing

Our website
features a contact form that can be used to contact us electronically. If a user chooses this option, the data entered in the form will be transmitted to us and stored.

At
the following data is stored when the message is sent:

  • Email address
  • Last name
  • First name
  • Phone / cell phone number
  • Product interest
  • Date and time

2. Purpose of data processing

We process the personal data provided in the contact form or at
via the email address provided solely for the purpose of responding to your inquiry.

The other personal data processed during the submission process is used to prevent misuse of the contact form and to ensure the security of our IT systems at
.

3. Legal basis for data processing

The legal basis for processing the data transmitted when you send an email is Article 6(1)(f) of the GDPR (
). Our legitimate interest is to provide the best possible response to your inquiry submitted via the contact form. If the email contact is aimed at concluding a contract, the additional legal basis for processing is Article 6(1)(b)
of the GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For personal data entered in the contact form and data sent to
via email, this is the case once the respective conversation with the user has ended. The conversation is considered ended when it can be inferred from the circumstances that the matter in question has been conclusively resolved.


Any additional personal data collected during the mailing process will be deleted no later than seven days after the mailing.

5. Right to object

If a user contacts us via the contact form at
, they may object to the storage of their personal data at any time.

Specifically, you can file your objection in the following ways:

By email to the Data Protection Officer atmoll

All personal data
that was stored when you contacted us will be deleted in this case.

Corporate identities

Instagram:

Instagram, a division of Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

On our company page, we provide information and offer Instagram users
the opportunity to communicate.

If you participate in an activity on our company Instagram page (e.g., comments, posts, likes, etc.), you may be making personal data (e.g., your real name or photo from your
user profile) public.

However, since we generally have little or no influence over how Instagram processes your personal data, we cannot make any definitive statements regarding the purpose and scope of the processing of your
data.

We use our company’s social media presence to communicate and exchange information with (potential) customers. In particular, we use our company’s social media presence for:

Information about moll
Products, information about the moll company, information on related topics, contests

Publications on the company's website may include the following content:

  • Product Information
  • Contests
  • Customer contact


users are free to share personal information through their activities.

To the extent that we process your personal data to analyze your online behavior, offer you contests, or conduct lead generation campaigns, this is done on
based on your explicit consent, Article 6(1)(a) and Article 7 of the GDPR.

The legal basis for processing personal data for the purpose of communicating with customers and prospective customers is Article 6(1)(f) of the GDPR. In this context,
our legitimate interest lies in responding to your inquiry in the best possible way and in providing the requested information.

If the purpose of contacting you is to enter into a contract, the additional legal basis for the processing of
is Article 6(1)(b) of the GDPR.

The data generated by the company's website is not stored in our own systems.

You
may object at any time to the processing of your personal data that we collect in connection with your use of our company website and exercise your rights as a data subject, as outlined in the “Your Rights” section of this Privacy Policy
. To do so, please send us an informal email tomoll. For more information on the processing of your personal data by Instagram and the corresponding options for objection, please see here:

Instagram: https://help.instagram.com/519522125107875

Pinterest:

Pinterest Europe Ltd., Palmerston House, 2nd Floor,
Fenian Street, Dublin 2, Ireland

On our company page, we provide information and give Pinterest users the opportunity to interact.

If you participate in an activity on our company’s Pinterest page (e.g.,
comments, posts, likes, etc.), you may be making personal data (e.g., your real name or profile photo) publicly available.

However, since we generally have little to no influence over how Pinterest processes your personal data at
, we cannot make any definitive statements regarding the purpose and scope of that processing.

We use our company’s social media profiles to communicate and exchange information with (potential) customers
. In particular, we use our company’s social media profiles for:

Information about moll , information about the moll company, information on related topics, contests

The content published on the company's website,
, may include the following:

  • Product Information
  • Contests
  • Customer contact

Users are free to disclose personal information through their activities.

To the extent that we process your personal data to analyze your online behavior on
, offer you contests, or conduct lead generation campaigns, we do so based on your explicit consent, in accordance with Article 6(1)(a) and Article 7 of the GDPR.

The legal basis for the processing of personal data for the purpose of
communicating with customers and prospective customers is Article 6(1)(f) of the GDPR. Our legitimate interest in this regard is to respond to your inquiry in the best possible way and to provide you with the requested information.

If the purpose of contacting
is to enter into a contract, the additional legal basis for the processing is Article 6(1)(b) of the GDPR.

The data generated by the company's website is not stored in our own systems.

You may object at any time to the processing of your personal data that we collect in connection with your use of our website and exercise your rights as a data subject, as
outlined in the “Your Rights” section of this Privacy Policy. To do so, please send us an informal email tomoll. For more information on the processing of your personal data by Pinterest and the corresponding options for objection, please visit
here:

Pinterest: https://policy.pinterest.com/de/privacy-policy

YouTube:

YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, United States

On our company page, we provide information and give YouTube users the opportunity to communicate.

If you engage in any activity on our
YouTube channel (e.g., comments, posts, likes, etc.), you may be making personal information (e.g., your real name or profile photo) publicly available.

However, since we generally have little or no
influence over how YouTube processes your personal data, we cannot make any definitive statements regarding the purpose and scope of that processing.

We use our company’s social media presence for
communication and information exchange with (potential) customers. In particular, we use our company’s social media presence for:
information about moll , information about the moll company, information on related topics, and contests

At
, the content published on the company's website may include the following:

  • Product Information
  • Contests
  • Customer contact

Users are free to disclose personal information through their activities.

To the extent that we process your
personal data to analyze your online behavior, offer you contests, or conduct lead generation campaigns, we do so on the basis of your explicit consent, in accordance with Article 6(1)(a) and Article 7 of the GDPR.

The legal basis for processing personal data for the purpose of communicating with customers and prospective customers is Article 6(1)(f) of the GDPR. Our legitimate interest in doing so is to provide the best possible response to your inquiry and to be able to provide the requested
information.

If the purpose of contacting you is to enter into a contract, the additional legal basis for the processing is Article 6(1)(b) of the GDPR.

The data generated by the company's website is not stored in our own systems.

You may object at any time to the processing of your personal data that we collect in connection with your use of our website
and exercise your rights as a data subject, as outlined in the “Your Rights” section of this Privacy Policy. To do so, please send us an informal email tomoll. For more information about the processing of your personal data
by YouTube and the corresponding options for objecting, please see here:

YouTube: https://policies.google.com/privacy?
gl=DE&hl=en

Content delivery
networks

CloudFlare

1. Description and Scope of Data Processing

We use features of the CloudFlare Content
Delivery Network provided by CloudFlare Germany GmbH, Rosental 7, 80331 Munich, Germany (hereinafter referred to as “CloudFlare”) on our website. A Content Delivery Network (CDN) is a network of regionally distributed servers connected via the Internet that is used to deliver content—in particular
large media files such as videos. CloudFlare offers web optimization and security services that we use to improve our website’s loading times and to protect it from misuse. When you visit our website
a connection is established with CloudFlare’s servers, for example, to retrieve content. As a result, personal data may be stored and analyzed in server log files, primarily the user’s activity (specifically which pages were visited)
and device and browser information (specifically the IP address and operating system). Further information regarding the collection and storage of data by CloudFlare can be found here:

https://www.cloudflare.com/de-de/privacypolicy/

2. Purpose of data processing

CloudFlare's features are used to deliver and accelerate
online applications and content.

3. Legal basis for data processing

This data is collected on the basis of Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in ensuring the technically flawless display of
and in optimizing its website—to this end, server log files must be collected.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this
Privacy Policy or as required by law.

5. Right to object

For information on how to exercise your rights with respect to CloudFlare, please visit:

https://www.cloudflare.com/de-de/privacypolicy/

Integrated third-party services

We use various service providers to deliver the services we offer through our website.

If such services are required for additional services, enhanced
features, or other purposes, your personal data will only be transferred to service providers if you give your consent.

Here you can revoke your consent to the use of integrated
third-party services at any time and manage your consent settings:moll

Using Bing
Ads

1. Scope of the processing of personal data

We use the Bing Ads conversion tracking tool provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (hereinafter referred to as “Microsoft”). Bing Ads stores a
cookie on your computer if you have accessed our website via a Bing Ads advertisement. This may result in the storage and analysis of personal data, primarily the user’s activity (specifically, which pages were visited
and which elements were clicked), device and browser information (specifically, the IP address and operating system), data regarding the displayed advertisements (specifically, which advertisements were shown and whether the user clicked on them)
as well as data from advertising partners (in particular, pseudonymized user IDs). We only receive the total number of users who clicked on a Bing ad and were then redirected to the conversion page.
For more information on how Microsoft processes
data, please visit:
https://privacy.microsoft.com/de-de/privacystatement

2. Purpose of data processing

This allows Microsoft Bing and us to track whether someone clicked on an ad, was redirected to our website, and reached a predefined landing page (conversion page).

3. Legal basis for the processing
of personal data

The legal basis for the processing of users’ personal data is, in principle, the user’s consent pursuant to Article 6(1)(a) of the GDPR.

4. Duration of storage

Your personal information
will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g., for tax and accounting purposes.

5. Right of Withdrawal and Right to Request Removal

You
have the right to withdraw your consent under data protection law at any time. Withdrawing your consent does not affect the lawfulness of processing carried out on the basis of your consent prior to its withdrawal.
You can prevent the collection and
processing of your personal data by Microsoft by blocking the storage of third-party cookies on your computer, using the “Do Not Track” feature of a compatible browser, disabling the execution of script code in your browser
or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can use the following link to disable the use of your personal data by Microsoft:
https://account.microsoft.com/privacy/ad-settings/
For more information on options to object to or have your data removed by Microsoft, please visit:
https://privacy.microsoft.com/de-de/privacystatement.

Use of Facebook Pixel

1. Scope of the processing of personal data

We at
use the Facebook Pixel provided by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, and its representative in the European Union, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal H, D2 Dublin, Ireland (hereinafter referred to as “Facebook”) on our website. With its
help, we can track users’ actions after they have viewed or clicked on a Facebook advertisement. This allows personal data to be stored and analyzed, primarily the user’s activity (specifically which pages
have been visited and which elements have been clicked on), device and browser information (specifically the IP address and operating system), data about the ads displayed (specifically which ads were shown and whether the user
clicked on them), and data from advertising partners (specifically pseudonymized user IDs). This allows us to measure the effectiveness of Facebook ads for statistical and market research purposes.
In doing so, data may be transferred to Facebook servers in the U.S.

The data collected in this way is anonymous to us, meaning we do not see the personal data of individual users. However, this data is stored and processed by Facebook. Facebook may link this data to your Facebook account
and also use it for its own advertising purposes, in accordance with Facebook’s Data Use Policy.
For more information on how Facebook processes this data, please visit:
https://de-de.facebook.com/policy.php

2. Purpose of data processing

The Facebook Pixel is used to analyze and optimize advertising campaigns.

3. Legal basis for the processing
of personal data

The legal basis for the processing of users’ personal data is, in principle, the user’s consent pursuant to Article 6(1)(a) of the GDPR.

4. Duration of storage

Your personal information
will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g., for tax and accounting purposes.

5. Right of Withdrawal and Right to Request Removal

You
have the right to withdraw your consent under data protection law at any time. Withdrawing your consent does not affect the lawfulness of the processing carried out on the basis of your consent prior to its withdrawal.
You can prevent the collection and
processing of your personal data by Facebook by blocking the storage of third-party cookies on your computer, using the “Do Not Track” feature of a compatible browser, disabling the execution of script code in your
browser, or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
For more information on options to object to or remove data from Facebook, please visit:
https://de-de.facebook.com/policy.php

Use of Google AdWords

1.
Scope of the processing of personal data

We use Google AdWords, provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and its representative in the European Union, Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland
(hereinafter referred to as “Google”). We use this service to display advertisements. In doing so, Google places a cookie on your computer. This may result in the storage and analysis of personal data, primarily the user’s activity (in particular, which pages on
have been visited and which elements have been clicked), device and browser information (in particular the IP address and the operating system), data about the advertisements displayed (in particular which advertisements were shown and whether the user clicked on them
), and also data from advertising partners (in particular pseudonymized user IDs).
Further information on the processing of data by Google is available here:
https://policies.google.com/privacy?gl=DE&hl=de

2. Purpose of data processing

We are only provided with the total number of users who responded to our ad.
No information is shared that could be used to identify you. This data is not used for tracking purposes.

3. Legal basis for the processing of personal data

The legal basis for the processing of users' personal
data is, in principle, the user's consent pursuant to Article 6(1)(a) of the GDPR.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy at
or as required by law, e.g., for tax and accounting purposes.

5. Right of Withdrawal and Right to Request Removal

You have the right to withdraw your consent under data protection law at any time.
Withdrawing your consent does not affect the lawfulness of processing carried out on the basis of your consent prior to withdrawal.
You can prevent Google from collecting and processing your personal data by disabling the
preventing the storage of third-party cookies on your computer, using the “Do Not Track” feature of a compatible browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can use the following link
to disable Google’s use of your personal data:
https://adssettings.google.de
Further information on
Options for objecting to and removing data from Google can be found at:
https://policies.google.com/privacy?gl=DE&hl=de

Use of Google Analytics 4 (GA 4)

 

1. Scope of the processing of personal data

We use Google Analytics, a web analytics service provided by Google
Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”).

Google Analytics tracks, among other things, how website visitors use our site. Google places cookies on your device for this purpose. During your visit, user behavior is recorded in
in the form of “events.” This may result in the storage and analysis of personal data, including:

  • First visit to the website
  • Interaction with the website, user journey
  • Clicks
    on external links
  • Video usage
  • File downloads
  • Ad impressions and clicks
  • Scroll behavior (when reaching the bottom of the page)
  • Searches on the website
  • Language selection
  • Page views
  • Location (Region)
  • Your IP address (in abbreviated form)
  • Technical information about your browser and the devices you use (e.g., language settings,
    screen resolution)
  • Your Internet service provider
  • Referrer URL

By default, IP address anonymization is enabled in GA 4. This means that your IP address is truncated by Google within the member states of the
European Union or other signatory states to the Agreement on the European Economic Area. In exceptional cases, the full IP address is transmitted to a Google server in the U.S. and truncated there. Google states that the IP address transmitted by your browser
is not merged with other Google data within the scope of Google Analytics.

For more information about how Google processes data, please visit: https://policies.google.com/privacy

2. Purpose of data processing

We use GA 4 to analyze the use of our website and to generate reports on activity on our
website. These reports help us analyze our website’s performance and target advertisements to people who have already shown an initial interest by visiting our site.

3. Legal basis for the processing
of personal data

The legal basis for the processing of users’ personal data is, in principle, the user’s consent pursuant to Article 6(1)(a) of the GDPR.

4. Duration of storage

After two months,
will delete your personal data. This deletion occurs automatically once pro .

5. Right of withdrawal, right to object, and right to rectification

You have the right to withdraw your consent under data protection law at any time. Withdrawing your consent via
does not affect the lawfulness of the processing carried out on the basis of your consent prior to its withdrawal. You can withdraw your consent via our
Cookie Consent Tool.

You can prevent Google from collecting and processing your personal data by blocking third-party cookies on your computer, using the “Do Not Track”feature of a browser that supports
, disable the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net) or Ghostery (https://www.ghostery.com) in your browser.

For more information on how to object to or have your data removed from Google, please visit: https://policies.google.com/technologies/partner-sites

You can also prevent Google from collecting the data generated by the cookie and related to your use of the
website (including your IP address), as well as from processing this data, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de

You can use the following link to disable Google's use of your personal data: https://adssettings.google.de

Use of YouTube

1. Scope of the processing of personal data

We use the YouTube plugin operated by Google, YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, and its representative in the European Union, Google Ireland
Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”). We use the YouTube plugin to embed YouTube videos on our website. When you visit our website, your browser establishes a connection with the servers of
YouTube. This may result in the storage and analysis of personal data, primarily the user’s activity (specifically which pages were visited and which elements were clicked on) as well as device and browser information
(specifically the IP address and the operating system).
We have no influence over the content of the plugin. If you are logged into your YouTube account during your visit, YouTube can associate your visit to our website with that account. When you interact with
this plug-in, the corresponding information is transmitted directly to YouTube and stored there.
For more information on how Google processes this data, please visit:
https://policies.google.com/privacy?gl=DE&hl=de

2. Purpose of data processing

The YouTube plugin is used to improve user-friendliness and to ensure an
attractive presentation of our website.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is, in principle, the user’s consent pursuant to Article 6
(1)(a) of the GDPR.

4. Duration of storage

Your personal information will be retained for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g.,
for tax and accounting purposes.

5. Right of Withdrawal and Right to Request Removal

You have the right to withdraw your consent under data protection law at any time. Withdrawing your consent does not affect the lawfulness of the processing carried out on the basis of your consent
up until the time of withdrawal.
You can prevent the collection and processing of your personal data by Google by blocking the storage of third-party cookies on your computer, using the “Do
Not Track” feature of a compatible browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or
Ghostery (https://www.ghostery.com) in your browser.
You can use the following link to disable Google’s use of your personal data:

https://adssettings.google.de
For more information on how to object to or have your data removed from Google, please visit:
https://policies.google.com/privacy?gl=DE&hl=de

Implementation of
by Google Tag Manager

1. Scope of the processing of personal data

We use Google Tag Manager (https://www.google.com/intl/de/tagmanager/) provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and its representative in the European Union, Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin,
Ireland (hereinafter referred to as “Google”). Google Tag Manager allows tags from Google and third-party services to be managed and embedded in a website in a consolidated manner. Tags are small code elements on a website that serve, among other things,
to measure visitor numbers and behavior, track the impact of online advertising and social media channels, implement remarketing and targeting, and test and optimize websites. When a user visits the website,
the current tag configuration is sent to the user’s browser. It contains instructions on which tags should be triggered. Google Tag Manager triggers other tags, which may in turn collect data. You can find information on this in the
sections regarding the use of the relevant services in this privacy policy. Google Tag Manager does not access this data.
For more information about Google Tag Manager, visit https://www.google.com/intl/de/tagmanager/faq.html and Google’s Privacy Policy: https://policies.google.com/privacy?hl=de

2. Purpose of data processing

The purpose of processing personal data is to ensure the systematic and transparent management of, as well as the efficient integration of, the services provided by
third-party providers.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is, in principle, the user’s consent pursuant to Article 6(1)(a) of the GDPR.

4.
Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law. Advertising data in server logs is anonymized by
by Google, which, according to its own statements, deletes parts of the IP address and cookie information after 9 or 18 months, respectively.

5. Right of Withdrawal and Right to Request Removal

You have the right to withdraw your consent under data protection law at any time by contacting
. Withdrawing your consent does not affect the lawfulness of processing carried out on the basis of your consent prior to its withdrawal.
You can prevent Google from collecting and processing your personal data by visiting
preventing the storage of third-party cookies on your computer, using the “Do Not Track” feature of a compatible browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can
also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link
:
https://tools.google.com/dlpage/gaoptout?hl=de
 You canuse the following linkto disable the use of your
personal data by Google:
https://adssettings.google.de
Further information on options for objecting to and removing
data from Google can be found at:
https://policies.google.com/privacy?gl=DE&hl=de

Use of Usercentrics

1. Scope of the processing of personal data

We use the Usercentrics Consent Management Platform provided by Usercentrics GmbH, Rosental 4, 80331 Munich, Germany (hereinafter referred to as “Usercentrics”). Usercentrics enables us to obtain, manage, and
document users’ consent to data processing in compliance with legal requirements. To this end, Usercentrics places cookies on the user’s device. The following data is processed in this process:
– Date and time of the visit
– Device information
– Browser information
– Anonymized IP address
– Opt-in
and opt-out data
The data is processed geographically within the European Union.
Further information on the processing of data by Usercentrics is available here:
https://usercentrics.com/de/datenschutzerklaerung/

2. Purpose of data processing

The processing of personal data is necessary to comply with the legal obligations of
under the GDPR and the BDSG.

3. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is Article 6(1)(f) of the GDPR. Our legitimate interest lies in the purposes listed under 2.
.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy, unless consent to its storage has been revoked
or as required by law.

5. Right to Object and Request Rectification

You can prevent Usercentrics from collecting and processing your personal data by blocking the storage of cookies from
on your computer, use the “Do Not Track” feature of a browser that supports it, disable the execution of script code in your browser, or install a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
For more information on opting out and
removal options regarding Usercentrics, please visit:
https://usercentrics.com/de/datenschutzerklaerung/

Use of Microsoft Advertising

1. Scope of the processing of personal data

We use features of the
Microsoft Advertising plugin from Microsoft Corporation, One Microsoft Way, 98052, Redmond, Washington, USA (hereinafter referred to as “Microsoft”).
With Microsoft Advertising, ads for a company—for example, to acquire new customers—can be placed on Bing
. When users arrive at our site via this ad, we receive the total number of users who have been redirected to this landing page.
In doing so, cookies from Microsoft are stored on your device.
In particular,
the following personal data is processed by Microsoft:
– IP address
– Device and browser information
– A user ID assigned by Microsoft
– Referrer URL (the website from which you accessed our website)
In this process, data
is processed on Microsoft servers in the United States.
Further information on the processing of data by Microsoft is available here:
https://privacy.microsoft.com/de-de/privacystatement

2. Purpose of data processing

We use Microsoft Advertising to analyze, evaluate, and optimize ads for advertising purposes.

3.
Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is, in principle, the user’s consent pursuant to Article 6(1)(a) of the GDPR.

4. Duration of storage

Your personal information will be retained for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, such as for tax and accounting purposes.

5. Right of Withdrawal and
Option to Rescind

You have the right to withdraw your consent under data protection law at any time. Withdrawing your consent does not affect the lawfulness of any processing carried out on the basis of your consent prior to its withdrawal.

You can prevent Microsoft from collecting and processing your personal data by blocking third-party cookies on your computer, using the “Do Not Track” feature of a compatible browser, or visiting
disabling script execution in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can object to the processing of your personal data for advertising purposes here at Microsoft: http://choice.microsoft.com/de-DE/opt-out
For more information on options to object to and have your data removed by Microsoft, please visit:
https://privacy.microsoft.com/de-de/privacystatement

This privacy policy was created with the assistance of DataGuard.

All prices include statutory VAT.

Updating...
Shopping cart
  • There are no products in the shopping cart.

Continue shopping