Privacy Notice
Table of Contents
At commercetools, protecting your privacy is a top priority. This Privacy Notice outlines how we collect, use, protect, and share your personal data when you visit our website or interact with our services. “Personal data,” also referred to as “personal information” or “information about you,” means any information that identifies or can be used to identify you—such as your name, address, email, or business contact details. Terms like “you,” “user,” or “customer” refer to any individual whose data we may process.
I. Name and contact details of the Controller
commercetools GmbH
Adams-Lehmann-Str. 44
80797 Munich
Email: info@commercetools.com
Phone: +49 (89) 99 82 996-0
(hereinafter "commercetools", "we", "us").
Depending on the service or purpose, a different commercetools Group company may act as the data controller. You can find the full list of our Group companies here.
We have entered into joint controllership arrangements between our group companies. A detailed overview is available here.
II. Contact details of the Data Protection Officer
Holzhofer Consulting GmbH
Martin Holzhofer
Lochhamer Str. 31
82152 Planegg
Email: info@commercetools.com
Phone: +49 (89) 99 82 996-0
If you have questions about data protection, please contact privacy@commercetools.com.
III. Privacy Notice for visitors to our website
In accordance with Articles 13 and following of the GDPR, we are providing this notice to inform you about the collection and use of personal data on our websites. commercetools operates a number of websites, including but not limited to: commercetools.com, modern-commerce-day.com and elevate.commercetools.com.
These, along with related subdomains such as docs.commercetools.com, are collectively referred to as “the websites.” This privacy notice explains how and why we process personal data collected through these websites. Please note that certain websites not listed here may have their own separate Privacy Notice.
1. Data Processing Details
This section outlines the purposes for which personal data is processed, the categories of data involved, and the corresponding legal basis for each processing activity in accordance with the GDPR.
| Purpose of Processing | Data Categories | Legal Basis |
|---|---|---|
| Processing of access and analytics data to ensure the security, stability, and functionality of our websites, while also helping us optimize their performance | Technical and device data (e.g., IP address, browser, OS, screen size), access and usage data (e.g., timestamps, data volume, status codes, referrers, usage patterns), and country-level location information. | Legitimate Interests – Art. 6(1)(f) GDPR, Section 25 (2) no. 2 TDDDG |
| Cookies and related technologies to improve user experience, security, and effectiveness | Cookies (first-party and third-party, including technically necessary, functional, performance-related, marketing-related, and social media cookies), related technologies (e.g., scripts) Technical and device information, Access and usage data, Location data |
Technically necessary: Legitimate Interests – Art. 6(1)(f) GDPR, Section 25 (2) no. 2 TDDDG Others (non-essential): Consent – Art. 6(1)(a) GDPR, Section 25 (1) TDDDG |
| Contact form inquiries to handle your inquiry, any follow-up questions, and support | User identification and metadata (user UUID, job title, company name, first and last name, email address, phone number, region, planned project or demand, individual message, descriptions / text messages) | Legitimate Interests – Art. 6(1)(f) GDPR |
| Newsletter registration & content download | User identification and metadata (first and last name, email address, contact details and preferences, demographic information | Consent – Art. 6(1)(a) GDPR |
| Registering for a trial version | User identification and metadata (user UUID, job title, company name, first and last name, email address, phone number, region, planned project or demand) | Contractual Obligations in regards to offer provision – Art. 6(1)(b) GDPR Legitimate Interests – Art. 6(1)(f) GDPR Optional newsletter: Consent – Art. 6(1)(a) GDPR |
| Event registration and online events | User identification and metadata, Technical and device information, Access and usage data through the third-party service Bizzabo Inc. | Legitimate Interests – Art. 6(1)(f) GDPR |
| Usage and registration for the Training Center at learn.commercetools.com | User identification and metadata, Profile and authentication info | Legitimate Interests – Art. 6(1)(f) GDPR Contractual Obligations in regards to offer provision – Art. 6(1)(b) GDPR |
Where we process personal data based on our legitimate interest, we have concluded with regard to our assessment that the rights and freedoms of the data subjects do not override our legitimate interest.
Non-essential cookies and similar technologies (e.g., for analytics and advertising like Google or LinkedIn Analytics) require your consent and can be managed in the "Cookie Settings".
They help us analyze site usage, track behavior, and deliver personalized ads. You can withdraw consent anytime via privacy@commercetools.com or through provided opt-out options (e.g., newsletter unsubscribe links).
2. Automated decision making including profiling
commercetools GmbH does not engage in automated individual decision-making, including profiling, as outlined in Articles 22(1) and 22(4) of the GDPR.
3. Data transfer to a third country
Personal data may be transferred to countries outside the European Union and European Economic Area (“Third Countries”) when necessary for administering, developing, or operating IT systems. Such transfers only occur if appropriate safeguards are in place, including an adequacy decision by the European Commission, an approved certification mechanism with binding commitments from the recipient, or the use of Standard Contractual Clauses (SCCs) adopted by the European Commission.
When you use our website(s), personal data may be transferred to third countries (particularly the USA) through the use of third-party services. The names of these providers and links to their respective Privacy Notices are available here.
4. Recipients of data and data sources
To process personal data for the purposes described, we engage various data processors, including IT and server service providers for website hosting and infrastructure maintenance, as well as marketing and analytics partners and other external vendors. These processors act on our behalf, adhere to our instructions, and are contractually bound to comply with applicable data protection laws in accordance with Art. 28 GDPR. In addition, we may share personal data with affiliated companies within the commercetools Group or disclose it where required by law. You can find the full list of our Group companies here. The data is collected directly from you.
5. Retention Period or Criteria for Determining Storage Duration
Personal data is stored only as long as necessary to fulfill its intended purpose or as required by law. Once the purpose is no longer relevant or retention periods expire, the data is deleted in compliance with legal requirements.
Data used for advertising purposes is stored until you object, withdraw consent, or it becomes legally impermissible to use it. Other data is stored as long as needed to fulfill specific purposes (e.g., contract fulfillment) and deleted when no longer necessary.
Connection data (access logs) are automatically deleted shortly after use, with anonymized logs stored for 31 days. Logs required for evidence preservation are excluded from deletion until the matter is resolved.
IV. Privacy Notice for our customers, prospective customers and partners
The following information is to be provided pursuant to Art. 13 et seq. GDPR where personal data are collected from our customers and prospective customers.
Our offer is addressed exclusively to entrepreneurs, tradesmen, freelancers and public institutions. Contracts with consumers according to Sec. 13 of the German Civil Code are not concluded.
1. Data Processing Details
This section outlines the purposes for which personal data is processed, the categories of data involved, and the corresponding legal basis for each processing activity in accordance with the GDPR.
| Purpose of Processing | Data Categories | Legal Basis |
|---|---|---|
| Handling of inquiries and preparation of offers | Identity and Contact Information (title, first and last name, company/organization, position, business address, email, phone number(s), IP address, signature), Communication and Interaction Data (individual messages, product/service interests, conversation notes, communication related to downloads, inquiries and requests), Contract and Transaction Data | Contractual Obligations – Art. 6(1)(b) GDPR Legitimate Interests – Art. 6(1)(f) GDPR |
| Implementation and execution of contracts | Identity and Contact Information, Communication and Interaction Data, Contract and Transaction Data (orders placed, project details, transacted inquiries, data necessary for managing a contractual relationship, information provided voluntarily), Training and Event Participation (participants’ data and course-related details), Payment and Billing Information (customer's name and contact details, company, field of activity, company address, phone number) | Contractual Obligations – Art. 6(1)(b) GDPR Legitimate Interests – Art. 6(1)(f) GDPR |
| Implementation of marketing activities, including quality assurance (e.g., customer surveys), email marketing (such as newsletters), event invitations, and follow-ups on downloaded whitepapers. | Identity and Contact Information, Communication and Interaction Data, Opportunity Data, such as Company demographics (e.g., industry, size, location, revenue), Interaction history (e.g., email opens, website visits, webinar registrations, content downloads), Publicly available business profiles (e.g., from LinkedIn, company websites, or business directories) | Consent – Art. 6(1)(a) GDPR Legitimate Interests – Art. 6(1)(f) GDPR (e.g., direct marketing under certain conditions) |
| Recording and analysis of video calls to improve our sales processes and gain insights for enhancing both sales strategies and feedback discussions, incl. with the means of artificial intelligence, where applicable | Communication and Interaction Data (e.g., Video recordings, Conversation notes) | Consent – Art. 6(1)(a) GDPR Legitimate Interests – Art. 6(1)(f) GDPR |
| Creation and administration of accounts | Identity and Contact Information, Communication and Interaction Data, Contract and Transaction Data | Contractual Obligations – Art. 6(1)(b) GDPR Legitimate Interests – Art. 6(1)(f) GDPR (when not contractually required) |
Where your consent is required, you may withdraw it at any time without providing reasons and with future effect by contacting privacy@commercetools.com or using available opt-out options (e.g., newsletter unsubscribe links).
Where we process personal data based on our legitimate interest, we have concluded with regard to our assessment that the rights and freedoms of the data subjects do not override our legitimate interest, particularly in the context of improving our services and supporting business operations. Examples include responding to inquiries, managing user accounts not tied to a contract and direct marketing without separate consent (as permitted by Article 95 of the GDPR, as well as Section 7(3) of the German Act against Unfair Competition) unless you’ve objected. You may object to this processing at any time with future effect by contacting us at the same address.
2. Automated decision making including profiling
commercetools GmbH does not engage in automated individual decision-making, including profiling, as outlined in Articles 22(1) and 22(4) of the GDPR.
3. Data transfer to a third country
Personal data may be transferred to countries outside the European Union and European Economic Area (“Third Countries”) when necessary for administering, developing, or operating IT systems. Such transfers only occur if appropriate safeguards are in place, including an adequacy decision by the European Commission (Article 45 GDPR), an approved certification mechanism under Article 42 GDPR with binding commitments from the recipient, or the use of Standard Contractual Clauses (SCCs) adopted by the European Commission under Article 93(2) GDPR.
Data transfers to countries outside the EU/EEA ("Third Countries") may occur as part of pre-contractual measures, contract execution, and ongoing operations. This includes transfers to commercetools Group affiliates for global sales, marketing, support, customer relationship management, and IT services. Personal data may also be shared with third-party providers outside the EU/EEA for services such as CRM software, marketing and lead generation, customer communication tools, such as ABM software and communication platforms, contract management, and video call recording and analysis.
4. Recipients of data and data sources
To process personal data for the purposes described, we engage various service providers as processors, including those for hosting and operating online video conferencing and remote support tools, hosting web and email servers, managing account-related email communications, and providing CRM systems, ABM tools, lead generation, communication platforms, and video analysis services. These service providers process information about you on our behalf and on the basis of our instructions and are contractually obliged to comply with the applicable data protection laws in accordance with Art. 28 GDPR.
In addition, we may share personal data with non-processor recipients such as financial institutions and payment providers, legal counsel for claim enforcement or defense, tax consultants for accounting purposes, and debt collection agencies and courts when necessary to pursue claims. If such a transfer occurs, you will be informed in advance. Data may also be shared with affiliated companies within the commercetools Group.
We process personal data from prospective and existing customers, as well as business partners, in the course of our business activities. This data may be collected directly from you, from publicly accessible sources (such as public registers, press articles, or websites), or from third parties like credit agencies and address service providers. We may also receive your contact details via third-party platforms, including social networks and sales enablement tools, either from publicly available information or data you have provided directly.
5. Retention Period or Criteria for Determining Storage Duration
Personal data is retained only for as long as necessary to fulfill the purposes outlined in this notice or to comply with legally required retention periods. Data collected from inquiries about our products and services is stored in accordance with statutory retention obligations, particularly those arising from commercial and tax law, including §§ 147 AO and 257 HGB.
For contractual relationships, we retain your data for the duration of the contract. After termination, we keep your data until we receive the tax assessment notice for the year in which the contract ended. If the assessment notice is not final, data will be retained until any related company audit is completed. Additionally, data may be stored for the duration of legal proceedings or as necessary to assert, exercise, or defend legal claims.
Where legal retention periods apply, we are required to retain data until those periods expire. Once expired, the data is deleted in accordance with legal requirements.
Data used for advertising purposes is stored until you object to its use, withdraw your consent, or when legal permission to use it no longer exists. Any other personal data is retained only as long as necessary to fulfill the specific purpose for which it was collected, after which it will be deleted.
6. Security
commercetools takes appropriate technical and organizational measures (TOMs) to protect personal data from loss, destruction, manipulation and unauthorized access. Information about our security measures can be found here.
V. Privacy Notice for our suppliers and business partners
The following information is to be provided pursuant to Art. 13 et seq. GDPR where personal data are collected from our suppliers and service providers commissioned by us.
1. Data Processing Details
This section outlines the purposes for which personal data is processed, the categories of data involved, and the corresponding legal basis for each processing activity in accordance with the GDPR.
| Purpose of Processing | Data Categories | Legal Basis |
|---|---|---|
| Establishment and maintenance of business relationships with suppliers and partners | Contact information (first and last names of contact persons, business address, phone numbers, mobile numbers, fax numbers, and email addresses), Signature data, Payment information (bank details, payment processing data, fraud prevention information), Project and contractual information (orders placed, inquiries made, project specifics, voluntarily provided data), Information from publicly accessible sources, information databases, or credit reporting agencies background checks and to assess the creditworthiness of potential or existing partners | Contractual Obligations – Art. 6(1)(b) GDPR Legitimate Interests – Art. 6(1)(f) GDPR |
Where we process personal data based on our legitimate interest, we have concluded with regard to our assessment that the rights and freedoms of the data subjects do not override our legitimate interest, particularly in the context of improving our services and supporting business operations.
2. Automated decision making including profiling
commercetools GmbH does not engage in automated individual decision-making, including profiling, as outlined in Articles 22(1) and 22(4) of the GDPR.
3. Data transfer to a third country
Personal data may be transferred to countries outside the European Union and European Economic Area (“Third Countries”) when necessary for administering, developing, or operating IT systems. Such transfers only occur if appropriate safeguards are in place, including an adequacy decision by the European Commission (Article 45 GDPR), an approved certification mechanism under Article 42 GDPR with binding commitments from the recipient, or the use of Standard Contractual Clauses (SCCs) adopted by the European Commission under Article 93(2) GDPR.
Data transfers to countries outside the EU/EEA ("Third Countries") may occur as part of pre-contractual measures, contract execution, and ongoing operations. This includes transfers to commercetools Group affiliates for global sales, marketing, support, customer relationship management, and IT services. Personal data may also be shared with third-party providers outside the EU/EEA, specially in the USA, for services in the context of contract management.
4. Recipients of data and data sources
To process personal data for the purposes described, we engage various service providers as processors, including those for hosting web-based services, email server operations, as well as software services for sales, marketing, contract management, and support. These service providers process information about you on our behalf and on the basis of our instructions and are contractually obliged to comply with the applicable data protection laws in accordance with Art. 28 GDPR.
In addition, we may share personal data with non-processor recipients such as financial institutions and payment providers, legal counsel for claim enforcement or defense, tax consultants for accounting purposes, debt collection agencies and courts when necessary to pursue claims, credit bureaus for credit reports and risk assessments, and affiliated commercetools Group companies for internal sharing within our global network.
We process personal data from suppliers and business partners as part of our business relationships. When necessary for the provision of our services, we may also use data from public sources or third parties, such as credit agencies or address providers, where legally permitted. This may include data from commercial and association registers, the press, and the internet.
5. Retention Period or Criteria for Determining Storage Duration
We retain personal data only as long as needed for the stated purposes or as required by law. Data is kept during the contract period and afterward until the tax audit for the last relevant year is complete. It may also be stored for legal claims or disputes. Once legal retention periods (mainly under §§ 147 AO and 257 HGB) expire, the data is deleted.
VI. Privacy Notice for applicants
As required by Art. 13 et seq. GDPR, we provide the following information when collecting personal data in the context of recruitment. If you click on a job offer, you will be redirected to Greenhouse, our service provider, where you can apply for a position.
1. Data Processing Details
This section outlines the purposes for which personal data is processed, the categories of data involved, and the corresponding legal basis for each processing activity in accordance with the GDPR.
| Purpose of Processing | Data Categories | Legal Basis |
|---|---|---|
| Recruitment and hiring decisions (e.g. evaluating applications, communication, legal compliance, cooperation with law enforcement, assessing qualifications and capabilities, eventual background checks, etc.) | Personal Identification and Contact Data (full name, date and place of birth, nationality, parent’s name, national ID or passport details, current and previous addresses, phone number(s), email address, social security number, tax identification number, signature), Job and Application Data (position applied for, cover letter and CV, professional qualifications and certifications, education and employment history, certificates of employment, interview notes or protocols), Communication and Technical Data (email correspondence, IP address, login and access data) | Contractual Obligations – Art. 6(1)(b) GDPR Legitimate Interests – Art. 6(1)(f) GDPR Legal Obligation – Art. 6(1)(c) GDPR |
| Voluntary data (e.g., joining talent pool) | Special Categories of Personal Data, such as Health data or disability-related information (if disclosed and relevant for the role or accommodations) and Criminal records (as part of lawful background checks) | Consent – Art. 6(1)(a) GDPR and, where applicable, Art. 9(2)(a) GDPR |
| Background and sanctions checks (e.g., criminal records, sanctions lists) | Special categories of data (e.g., criminal background), Identification data | Contractual Obligations – Art. 6(1)(b) GDPR Legitimate Interests – Art. 6(1)(f) GDPR Legal Obligation – Art. 6(1)(c) GDPR |
| Onboarding and employment preparation to facilitate onboarding and prepare employment documents | Personal Identification and Contact Data, Job and Application data transferred to HR systems | Contractual Obligations – Art. 6(1)(b) GDPR Legal Obligation – Art. 6(1)(c) GDPR |
| Use of Greenhouse career portal (ensuring functionality, troubleshooting, cookies and similar technologies) | Connection and Access Data (IP address, source port, timestamp, amount of data transferred), Request and Error Information (HTTP status code, error messages), Referral and Browser Information (referer, user agent, display screen width and height, browser language settings), Cookies and similar technologies | Legitimate Interests – Art. 6(1)(f) GDPR, Section 25 (2) no. 2 TDDDG Consent – Art. 6(1)(a) GDPR (consent for cookies/scripts), Section 25 (1) TDDDG |
Where consent is required, particularly for special categories of data under Article 9(2)(a) of the GDPR, you can withdraw your consent at any time, without providing a reason, by emailing privacy@commercetools.com. Upon withdrawal, we will stop processing the relevant data, unless retention is required by law.
When processing is required by law under Article 6(1)(c) of the GDPR, we may process your personal data to fulfill legal and regulatory obligations, such as verifying your identity and right to work, and complying with labor and anti-discrimination laws.
Where we process personal data based on our legitimate interest, we have concluded with regard to our assessment that the rights and freedoms of the data subjects do not override our legitimate interest, particularly in the context of improving our services and supporting business operations. These legitimate interests include optimizing and improving our recruitment processes, ensuring IT security (e.g., through access and activity logs), preventing fraud, and protecting the integrity of our systems. You have the right to object to this processing at any time by contacting privacy@commercetools.com.
If your application is successful, we may conduct background checks to verify your identity and legal eligibility to work. This can include criminal background checks—subject to certain conditions such as role and department—and sanctions list checks (e.g., US and EU lists relevant to our business). Criminal background check results are retained for up to 2 years, or up to 7 years for US-based checks. Sanctions checks may be repeated during your employment due to regulatory updates.
2. Automated decision
In respect of our recruiting process, we do not exercise any automated decision-making nor profiling.
3. Data transfer to a third country
3.1 Transfer of personal data outside the European Union and European Economic Area
During the recruiting process, personal data may be transferred to countries outside the European Union and European Economic Area (“Third Countries”), particularly to the United States. Such transfers only occur if appropriate safeguards are in place, including an adequacy decision by the European Commission (Article 45 GDPR), an approved certification mechanism under Article 42 GDPR with binding commitments from the recipient, or the use of Standard Contractual Clauses (SCCs) adopted by the European Commission under Article 93(2) GDPR.
Data transfers to countries outside the EU/EEA ("Third Countries") may occur in the course of maintaining the recruiting process, and as part of pre-contractual measures, contract execution, and ongoing operations. This includes transfers to commercetools Group affiliates for global sales, marketing, support, customer relationship management, and IT services. Personal data may also be shared with third-party providers outside the EU/EEA, specially in the USA, for services in the context of background check.
3.2 Transfer of personal data outside other jurisdictions
We may transfer personal data outside your jurisdiction as part of the recruiting process. This may include transferring personal data to the EU or to other jurisdictions where commercetools has affiliates.
4. Recipients of data and data sources
To process your personal data for recruitment purposes, we work with selected service providers, including those for hosting (e.g., the recruiting tool Greenhouse), fraud detection, contract management, and background checks. These service providers process information about you on our behalf and on the basis of our instructions and are contractually obliged to comply with the applicable data protection laws in accordance with Art. 28 GDPR.
Your data is primarily handled by our HR department and may be shared with relevant internal teams involved in the hiring process. We may also share it with affiliated companies and trusted third-party providers supporting our recruitment systems and career site—always on a need-to-know basis to ensure proper handling of your application.
We collect personal data during the application process and, where necessary for hiring, may also process data provided by third parties to conduct background checks and global sanctions list screenings.
5. Retention Period or Criteria for Determining Storage Duration
Your personal data is stored only for as long as necessary to complete the recruiting process. If no employment relationship is established, the data is typically retained for up to six months for evidentiary purposes, in order to protect us against potential legal claims. If you withdraw your consent, processing will cease immediately, and your data will be deleted in accordance with applicable legal retention requirements.
6. Information related to children
Our career site is not intended for minors in any jurisdiction. To participate in the recruiting process, you must confirm that you are of legal age according to the laws of your jurisdiction.
7. Your rights and complaints
If you believe your personal data has been mishandled, you can contact us at any time under privacy@commercetools.com. We will review your complaint and, if necessary, take appropriate action to address or correct the issue. For a full overview of your rights, please refer to Section VII: Information on Your Data Subject Rights.
8. Jurisdiction specifications
8.2 UK Applicants
Complaints
You also have the right to file a complaint with your local data protection authority. In the UK, this is the Information Commissioner’s Office (ICO), which can be contacted via their website: https://ico.org.uk/. To submit a complaint, please visit: https://ico.org.uk/make-a-complaint/.
6.3 US Applicants
Personal data we use regarding the recruiting process
Where permitted by applicable law, we may ask applicants questions regarding race/ethnic origin, gender, veteran status, or disability for the purpose of monitoring compliance with equal employment opportunity regulations. Additionally, information about criminal records may be requested, prior or after a conditional offer of employment, as informed in this Privacy Notice .
If you provide personal information about a reference or any other individual as part of your application, it is your responsibility to obtain their consent beforehand. By sharing their information, you confirm that you have received their permission to do so.
VII. Information on your data subject rights
1. Data subject rights according to the GDPR
You have several rights regarding your personal data under the General Data Protection Regulation (GDPR):
Right of Access (Art. 15 GDPR): You have the right to request access to the personal data we hold about you.
Right to Rectification (Art. 16 GDPR): You have the right to request the correction of any inaccurate or incomplete personal data.
Right to Erasure (Art. 17 GDPR): You have the right to request the deletion of your personal data, subject to certain conditions.
Right to Restriction of Processing (Art. 18 GDPR): You have the right to request the restriction of the processing of your personal data in specific circumstances.
Right to Data Portability (Art. 20 GDPR): You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another data controller.
Right to Object (Art. 21 GDPR): You have the right to object to the processing of your personal data based on legitimate interests or public interest.
Right to Withdraw Consent (Art. 7 Sec. 3 GDPR): If we are processing your personal data based on your consent, you have the right to withdraw that consent at any time.
To exercise any of these rights, please send your request via email to privacy@commercetools.com.
2. Rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
If you live in California and have a business, employment, independent contractor or application for employment relationship with us, you can request a list of third parties to whom we’ve shared your information for marketing purposes. You may make this request up to twice per year. To exercise your rights or if you have any questions about our privacy policies, you can email us at privacy@commercetools.com or write to the provided address. We will respond within 30 days.
Additionally, you can request an accounting of your personal data, ask for it to be corrected, or request its deletion by contacting us at privacy@commercetools.com. We will verify your identity and respond within 45 days by providing a paper copy of your data via mail.
We will not discriminate against you for exercising your rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). commercetools does not sell or share your personal information as defined by these laws.
3. Right to lodge a complaint with a supervisory authority
You have the right to file a complaint with a supervisory authority. The Bavarian State Office for Data Protection (Promenade 18, 91522 Ansbach, email: poststelle@lda.bayern.de, phone: +49 981 180093-0) is generally responsible for us, or you can contact your local authority.
Effective Date: May 2025
This Privacy Notice is regularly reviewed and commercetools may update it at any time, with changes posted on this website.