Privacy policy

Controller: Wunder Maker, Kevin Schlieper, Lissi-Kaeser-Straße 28, 80797 München, Germany. Email: support@wundermaker.shop.

Information processed

Depending on how the store is used, information can include contact and delivery details, order and payment-related records, support messages, optional return reasons, return tracking and refund records, device and storefront usage information, uploaded photos, names and other customization details, and generated preview and production files.

Why information is processed

Information is processed to operate the store; provide the customization and complete-book preview; create, take payment for and fulfill orders; administer guarantee, return and refund requests; provide support; prevent duplicate reimbursement, fraud and other misuse; meet accounting and other legal duties; and, where permission or another legal basis applies, understand or market the service.

Depending on the activity, the legal basis can be performance of a contract or steps requested before a contract, compliance with legal duties, consent, or a legitimate interest in operating and protecting the service. Consent can be withdrawn for future processing where processing relies on consent.

Photos and personalized content

Only upload a photo or personal information when you are entitled to provide it for this purpose. Adults using the service are responsible for having the necessary authority for information about a young person or another individual.

We never store the original photo you upload. We use it only to create a digital character that looks like the person in the photo. We keep that digital character and the generated book only to create and fulfill your order. We delete them from active storage no later than 90 days after you place the order, unless we are legally required to keep them longer.

Service providers and recipients

Information can be shared as necessary with providers that support ecommerce hosting and checkout, payment processing, infrastructure and file delivery, personalization and image generation, printing and fulfillment, parcel delivery, support, fraud prevention and consent-based analytics or advertising. Shopify processes information as part of providing the storefront and checkout. Delivery details are shared with production and delivery providers when an order is placed.

For a guarantee or return request, the necessary order and contact details can also be shared with the return carrier, and refund data is processed by Shopify and the applicable payment provider. A reason for dissatisfaction is optional and is used for support and service-quality analysis when provided.

Some providers may process information outside the European Economic Area. Where required, an appropriate transfer mechanism is used by the responsible provider or controller.

Storage

Information is kept only for as long as necessary for the relevant service, support, operational or legal purpose. Different records can have different retention periods.

Generated characters, preview images and other personalization files are deleted earlier when they are no longer needed and, once an order is placed, no later than 90 days after the Shopify order was placed. The immutable print artifact is also deleted from active storage no later than that same deadline, regardless of fulfillment or delivery status. A documented legal hold or another mandatory legal duty can require physical retention for longer, but does not restore customer or provider access after the normal deadline. After deletion, only non-image audit hashes plus manifest, policy and version metadata may be retained.

Encrypted backups are limited to seven daily generations. An expired file may therefore remain inaccessible in a backup for approximately seven additional days. Restore reconciliation deletes expired files before application access is enabled.

Cookies and similar technologies

Shopify and configured service providers may use cookies or similar technologies needed to operate the store. Optional analytics or marketing technologies are used subject to the choices and legal requirements that apply to the visitor. Available choices can be managed through the storefront consent controls or browser settings.

Your rights

Subject to applicable law, individuals may have rights to request access, correction, deletion, restriction, portability or objection, and to withdraw consent. A complaint can also be made to a competent data-protection supervisory authority. Requests can be sent to support@wundermaker.shop; identity may need to be verified before a request is completed.

Changes and questions

This policy can be updated when the service or legal requirements change. Questions about privacy or this policy can be sent to the contact address above.