Privacy policy

--

 

Privacy Policy

Last updated: 17 March 2026

This Privacy Policy explains how RAToM Europe ("we", "us", "our") collects, uses, and protects your personal data when you visit or make a purchase from ratom.eu or our Shopify store, in compliance with the EU General Data Protection Regulation (GDPR), the UK GDPR, the Swiss Federal Act on Data Protection (FADP), and applicable data protection laws in the EEA and Norway.


1. Data Controller

RAToM Europe
Takashi Sato
Barlowstr. 31
81927 Munich
Germany

Email: info@ratom.eu


2. Personal Data We Collect

When you visit our website or place an order, we may collect the following categories of personal data:

a) Information you provide directly

  • Name

  • Billing address

  • Shipping address

  • Email address

  • Phone number (if provided)

  • Payment-related information

  • Order details

  • Messages submitted through contact forms or customer support

b) Newsletter information

If you subscribe to our newsletter, we collect your email address and any related consent data. You can unsubscribe at any time using the unsubscribe link in each email.

c) Automatically collected information

When you use our website, certain data may be collected automatically, including:

  • IP address

  • Browser type and version

  • Device information

  • Operating system

  • Referring URL

  • Pages visited

  • Time spent on pages

  • Date and time of access


3. Purposes of Processing

We process personal data for the following purposes:

  • To operate our website and online store

  • To process and fulfill orders

  • To provide customer support

  • To communicate with you regarding your order

  • To send newsletters where you have subscribed

  • To improve website performance and user experience

  • To detect fraud, abuse, and security incidents

  • To comply with legal and tax obligations


4. Legal Bases for Processing

We process your personal data on the following legal bases under Article 6(1) GDPR:

  • Consent (Art. 6(1)(a)) – for newsletter subscriptions, analytics cookies, and marketing cookies

  • Contractual necessity (Art. 6(1)(b)) – for processing orders and related customer communication

  • Legitimate interest (Art. 6(1)(f)) – for website security, fraud prevention, responding to inquiries, and limited internal analytics where lawful

  • Legal obligation (Art. 6(1)(c)) – for invoice retention, accounting, tax, and other statutory compliance


5. Shopify and Other Service Providers

Our online store is hosted by Shopify. When you place an order, certain personal data such as your name, address, order details, and payment-related data will be processed through Shopify in order to operate the store and fulfill your purchase.

We may also use third-party service providers for:

  • Payment processing

  • Shipping and logistics

  • Email communication

  • Newsletter delivery

  • Analytics

  • Cookie consent management

  • Customer support tools

These providers process personal data only to the extent necessary to provide their services.


6. Analytics, Marketing, and Cookies

If we use analytics or marketing technologies such as Google Analytics, Meta Pixel, or similar tools, these are activated only where legally permitted and, where required, only after you provide consent via our cookie banner.

For more information about cookies and similar technologies, please see our Cookie Policy [INSERT LINK].


7. International Data Transfers

Some of our service providers may process personal data outside the EU or EEA, including in countries that may not provide the same level of data protection as your home jurisdiction.

Where such transfers occur, we use appropriate safeguards, including Standard Contractual Clauses approved by the European Commission or other lawful transfer mechanisms where applicable.


8. Data Retention

We retain personal data only for as long as necessary for the respective purpose or as required by law.

Typical retention periods include:

  • Order and invoice data: up to 10 years (German commercial and tax law)

  • Customer support inquiries: generally up to 12 months

  • Newsletter data: until you unsubscribe

  • Server logs: generally up to 30 days

  • Analytics data: according to tool settings


9. Your Rights

Subject to applicable law, you may have the following rights:

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to restriction of processing

  • Right to data portability

  • Right to object to processing based on legitimate interests

  • Right to withdraw consent at any time

  • Right to lodge a complaint with a supervisory authority

To exercise your rights, contact:
info@ratom.eu


10. Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach
Germany
www.lda.bayern.de


11. Data from Switzerland, Norway, and the United Kingdom

If you are located in Switzerland, Norway, or the United Kingdom, we process your personal data in line with applicable local data protection laws, including the Swiss FADP and UK GDPR where applicable.


12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The version published on this page is the current version. Please review it periodically.


13. Contact

If you have any questions about this Privacy Policy or our data processing practices, please contact us at:

info@ratom.eu