Legal Notice
This website is provided by:
Lindsey Wang
d/b/a POLYGONIA creations
Wilhelm-Kuhnert-Str. 17, 81543 Munich, Germany
phone +49 1577 1188072, email: lindsey [ at ] polygonia-creations.com
Notice on alternative dispute resolution for consumers:
We are required to inform you that the online dispute resolution platform provided by the EU Commission is available at http://ec.europa.eu/consumers/odr/ . We are, however, not obliged to and do not commit to use alternative dispute resolution entities to engage in alternative dispute resolution procedures.
Sources and copyright notices for photographs and drawings:
Lindsey Wang, Cle FW Photography, JT Tomcik, Tobias Balghuber, local.phil, Maximilian Schachtner, Sophian Petitprez, Niklas Maximilian Bühler, Georg Stirnweiß
Design:
Lindsey Wang, POLYGONIA creations
Copyright:
The content of this website is protected by German copyright law. Any reproduction, distribution, communication to the public beyond the limitations and exceptions under copyright law is subject to express permission by the relevant author.
Privacy policy
This Privacy Policy provides you with information on the processing of personal data according to Article 13 of the EU General Data Protection Directive (GDPR).
We may revise this privacy policy from time to time to reflect technical developments or changes regarding the purposes for which we process personal data. The last revision was made in January 2024.
1. Controller
Lindsey Wang d/b/a POLYGONIA creations, Wilhelm-Kuhnert-Str. 17, 81543 München, phone +49 1577 1188072 , email: lindsey [ at ] polygonia-creations.com
2. Purposes and legal bases of the processing of personal data
2.1 Visiting our website
You can visit our website without registration or otherwise providing personal data.
2.1.1 Cookies and similar technologies
Our website is hosted by Squarespace (cf. section 3.2 below). Squarespace enables us to use cookies and similar technologies on our website.
Cookies are short text files which are stored in your computer by your browser for the duration of the browser session and erased immediately at the end of the browser session (“session cookies”) or are valid for a defined period (“permanent cookies”); permanent cookies will be stored in your computer for the period of validity and will be deleted after this period has expired.
2.1.2 Legal framework
The legal framework for cookies described below applies to storing information in the local storage of your browser accordingly.
Cookies include “essential/functional cookies”, which are necessary to provide the functionality of our website including customer accounts, shopping cart and checkout, and “analytics/performance cookies”, which are used to analyse how visitors use our website and our e-commerce services.
2.1.2.1 Consent for analytics cookies and similar technologies
Irrespective of whether a cookie contains personal data (information relating to an identified or identifiable natural person), we are allowed to use analytics cookies only with your consent. We ask you to give that consent with the cookie banner which is displayed when you access our website. If a cookie is used to collect personal data with your consent, the legal basis is Article 6(1)(a) GDPR.
As required by Article 7(3) GDPR, you can withdraw your consent at any time, for example by deleting the cookies belonging to our website in your browser. This will also delete the cookie that stores the information that you have given consent for analytics cookies. As a result, the cookie banner will be displayed when you revisit our website.
2.1.2.2 Admissibility of functional cookies
We may use functional cookies without your consent. The legal basis is Article 6(1)(f) GDPR (pursuit of legitimate interests); we use functional cookies to provide a user-friendly website and optimise our e-commerce services.
You can prevent the use of cookies by disabling cookies in the privacy preferences of your browser; please note that in this case you will not be able to use all features of our website.
In a similar way, we can have your browser collect and store information in the browser local storage.
2.1.3 Functional cookies and similar technologies that we use
The following table lists the names of the functional cookies and similar technologies that we use along with a description of their purpose, type, and duration.
_acloggedin
Supports login by Acuity Scheduling client if the client has an account; Cookie; January 1, 2025
_client_acloggedin
Supports login by Acuity Scheduling client if the client has an account; Cookie; January 1, 2025
_dd_cookie_test
Tests if cookies are supported; Cookie; Expires instantly
_dd_s
Tracks browser errors; Cookie; Four hours
_dd_site_test
Tests if cookies are supported; Cookie; Expires instantly
_grecaptcha
Helps reduce spam in Acuity Scheduling; Local storage; No expiry
CART
Shows when a visitor adds a product to their cart; Cookie; Two weeks
CHECKOUT_WEBSITE
Identifies the correct site for checkout when checkout on your domain is disabled; Cookie; Session
client_username
Remembers a logged in Acuity Scheduling client's username between visits; Cookie; One year
clientUser
Stores the Acuity Scheduling client's username, OAuth2 Access Token, and OAuth2 Refresh Token. This cookie is required for functionality of logged-in clients; Cookie; 30 days
Commerce-checkout-state
Stores state of checkout while the visitor is completing their order in PayPal; sessionstorage; Session
Crumb
Prevents cross-site request forgery (CSRF); Cookie; Session
hasCart
Tells Squarespace that the visitor has a cart; Cookie; Two weeks
Locked
Prevents the password-protected screen from displaying if a visitor enters the correct site-wide password; Cookie; Session
orderStatusSessionToken
Authenticates a visitor who logs into an order status page; Cookie; One year
PHPSESSID
Securely authenticates a visitor during their checkout in Acuity Scheduling; Cookie; One month
RecentRedirect
Prevents redirect loops if a site has custom URL redirects. Redirect loops are bad for SEO; Cookie; 30 minutes
remember_client
Remembers Acuity Scheduling client’s login details if they have an account; Cookie; 365 days
siteUserCrumb
Prevents cross-site request forgery (CSRF) for logged in site users; Cookie; Three years
SiteUserInfo
Identifies a visitor who logs into a customer account; Cookie; Three years
SiteUserSecureAuthToken
Authenticates a visitor who logs into a customer account; Cookie; Three years
squarespace-announcement-bar
Prevents the announcement bar from displaying if a visitor dismisses it; localstorage; Persistent
squarespace-likes
Shows when you've already "liked" a blog post; localstorage; Persisten
squarespace-popup-overlay
Prevents the promotional pop-up from displaying if a visitor dismisses it; localstorage; Persistent
squarespace-video-player-options
Remembers video player selected preferences ( volume, playback speed, and quality) for videos uploaded directly to Squarespace; localstorage; Persistent
ss_cookieAllowed
Remembers if a visitor agreed to placing analytics cookies on their browser if a site is restricting the placement of cookies; Cookie; 30 days
ss_sd
Ensures that visitors on the Squarespace 5 platform remain authenticated during their sessions; Cookie; Session
Test
Investigates if the browser supports cookies and prevents errors; Cookie; Session
TZ
Enables a Acuity Scheduling client’s appointments to display correctly based on their time zone preferences; localstorage; Persistent
2.1.4 Analytics cookies that we use
The following table lists the names of the analytics cookies we use – provided you have given your consent (cf. section 2.1.2 above) – along with their purpose and duration.
ss_cid
Identifies unique visitors and tracks a visitor’s sessions on a site; two years
ss_cpvisit
Identifies unique visitors and tracks a visitor’s sessions on a site; two years
ss_cvisit
Identifies unique visitors and tracks a visitor’s sessions on a site (30 minutes)
ss_cvr
Identifies unique visitors and tracks a visitor’s sessions on a site (two years)
ss_cvt
Identifies unique visitors and tracks a visitor’s sessions on a site (30 minutes)
2.2 Contacting us
When you send us a message via the website or via email, we collect the personal data that you provide, including the content of your request.
We process this data for handling your request. The legal basis is Article 6(1)(b) (taking steps prior to entering into a contract; or, where the request is related to a contract that has already been entered into, the performance of that contract).
2.3 Contracts
When you place an order (on our website, on our Bandcamp microsite or by contacting us directly), we collect the personal data that you provide, including the details of your order, to process your order and performing the contract. The legal basis is Article 6(1)(b) GDPR (taking steps prior to entering into a contract; performance of the contract).
2.4 Pursuit of legitimate interests
To the extent permitted by law, we may process your personal data also for the pursuit of legitimate interests. These include the establishment, exercise or defence of legal claims, customer relations management and direct marketing. The legal basis is Article 6(1)(f) GDPR.
Please note that you have the right to object to the processing of your personal data in this context (section 6 below).
3. Recipients of personal data
3.1 Third parties
We disclose personal data to third parties only if this is necessary for the performance of a contract (including payment), if we are under a legal obligation to do so or if you have given your explicit consent.
The third parties to which we may disclose personal data for the performance of a contract include shipping providers, depending on the destination, and the payment provider that you have chosen.
3.2 We employ the following service providers which process data on our behalf according to Article 28 GDPR:
· STRATO AG, Otto-Ostrowski-Straße 7, 10249 Berlin, Germany (www.strato.de)
· Squarespace Ireland Limited, Squarespace House, Ship Street Great, Dublin 8, Ireland D08 N12C (squarespace.com)
We have concluded contracts on the processing of personal data (pursuant to Article 28(3) GDPR) with these service providers, which process personal data as processors, i.e. according to our instructions.
3.3 Compliance with a legal obligation
In addition to the situations described above, we disclose personal data to third parties only for the compliance with a legal obligation to which we are subject, for instance to the tax office or law enforcement authorities. The legal basis is Article 6(1)(c) GDPR.
3.4 Duration of storage of your personal data
We will erase your personal data once is no longer needed after handling a request or after complete performance of a contract. This does not apply for data which we are not allowed to erase yet due to a legal obligation (e.g. documents which have to be retained under tax law and commercial law) and to data which is necessary for the pursuit of legitimate interests, in particular the establishment, exercise or defence of legal claims, or customer relations management and direct marketing.
4. Your rights as data subject
Where the respective legal requirements are met, you have the following rights:
· If you have given us your consent, you may withdraw it at any time (Article 7(3) GDPR).
· You have the right to obtain information on what personal data relating to you we have store (Article 15 GDPR).
· You have the right to request the rectification of inaccurate data (Article 16 GDPR).
· You have the right to request the erasure (Article 17) or the restriction of processing (Article 18 GDPR) of data which is no longer necessary. Where there is a legal obligation to retain data, e g with regard to business correspondence under tax law and commercial law, or another statutory exception, data will not be erased, but the processing will be restricted.
· You have the right to data portability (Article 20 GDPR), i.e. the right to receive personal data which you have provided to us in a structured, commonly used and machine-readable format and to transmit this data to another controller without hindrance from us; this may include the right to have such data transmitted directly to another controller where
· If you consider that the processing of your data infringes data protection laws, you have the right to lodge a complaint with a supervisory authority (Article 77 GDPR). The supervisory authority with local jurisdiction for us is: Bayerisches Landesamt für Datenschutzaufsicht, Promenade 18, 91522 Ansbach, Germany (www.lda.bayern.de)
5. Right to object
You may at any time object to the processing of your data for direct marketing purposes.
You may at any time object to the processing of your data which is based on the pursuit of legitimate interests on grounds relating to your particular situation (Article 21 GDPR).