Privacy Policy
Responsible party
The controller within the meaning of the General Data Protection Regulation (GDPR) is:
Tim Nowacki · Lovelab Dreamspace · Pappelallee 25 · 10437 Berlin · E-mail: info@lovelab.berlin
2. Hosting and Server Log Files
When accessing this website, the hosting provider automatically collects information in so-called server log files (including IP address, date and time of access, requested file, browser type, operating system, referrer URL). This data is used for secure and stable operation of the website and is not merged with other data sources. The legal basis is Art. 6 para. 1 lit. f GDPR (legitimate interest in the secure provision of the website). The log files are automatically deleted after a short period, unless security-related retention is required.
3. Cookies
This website uses only technically necessary cookies (e.g., session cookies, as well as the storage of your language settings and your consent decision). Statistical or tracking tools such as Google Analytics are not used. Technically necessary cookies are set on the basis of § 25 paragraph 2 TDDDG and Art. 6 paragraph 1 lit. f GDPR. You can set your browser to reject or delete cookies; however, this may impair the functionality of the website.
4. Contact
When you contact us by email, we process your details to handle your request and for any follow-up questions (Art. 6 para. 1 lit. b or f GDPR). The data will be deleted as soon as it is no longer required for the stated purpose and no statutory retention periods exist.
5. Payment Processing (Stripe)
For purchases in our shop, payment processing is handled by Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (»Stripe«). When you make a purchase, your payment details (e.g., name, card details, billing and shipping address, email address) are transmitted directly to Stripe and processed there; we do not store complete payment card data ourselves. The legal basis is Art. 6 para. 1 lit. b GDPR (performance of a contract). Stripe may transfer data to Stripe, Inc. in the USA; the transfer is secured by EU standard contractual clauses and certification under the EU-U.S. Data Privacy Framework. More information: https://stripe.com/privacy
6. Newsletter and Catalog Download (Mailchimp)
For sending our newsletter and catalog download links, we use Mailchimp, a service provided by The Rocket Science Group LLC, 675 Ponce de Leon Ave NE, Atlanta, GA 30308, USA. Your email address will be stored on Mailchimp's servers in the USA; the transfer is secured by EU standard contractual clauses and Mailchimp's participation in the EU-U.S. Data Privacy Framework. Registration is done via a double opt-in procedure: you will receive a confirmation email and will only be subscribed after confirming. The legal basis is your consent (Art. 6 para. 1 lit. a GDPR); you can revoke it at any time via the unsubscribe link in every email. The free catalog is provided on the basis of Art. 6 para. 1 lit. b GDPR; download numbers are recorded exclusively anonymously and aggregated. More information: https://mailchimp.com/legal/privacy/
7. Embedded YouTube videos
We embed videos from YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) in enhanced privacy mode (»youtube-nocookie.com«). Data (including your IP address) will only be transmitted to YouTube/Google and may be transferred to the USA when you actively start a video or agree to the embedding via the consent banner. The legal basis is your consent (Art. 6 para. 1 lit. a GDPR). More information: https://policies.google.com/privacy
8. Google Fonts
For a uniform presentation, this website uses fonts from Google Fonts (Google Ireland Limited). When you access the site, your browser loads the fonts from Google's servers, transmitting your IP address to Google. The legal basis is your consent given via the consent banner (Art. 6(1)(a) GDPR) or our legitimate interest in an appealing presentation (Art. 6(1)(f) GDPR). More information: https://policies.google.com/privacy
9. SSL Encryption
This website uses SSL/TLS encryption for security reasons. However, complete security of data transmission over the internet (e.g., for email communication) cannot be guaranteed.
10. Your Rights
You have the following rights regarding your personal data: right of access (Art. 15 GDPR), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), and objection to processing (Art. 21). You can revoke any consent you have given at any time with future effect. You also have the right to lodge a complaint with a data protection supervisory authority – for Berlin: Berliner Beauftragte für Datenschutz und Informationsfreiheit.
11. Relevance
We reserve the right to adapt this privacy policy if the legal situation or data processing changes. As of: July 2026.