Privacy Policy

Last updated: February 1st 2026

1. Data Protection at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website.
Personal data means any data with which you can be personally identified.

Detailed information on data protection can be found in the sections below of this Privacy Policy.

Data Collection on This Website

Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. The operator’s contact details can be found in the section “Information on the Controller” of this Privacy Policy.

How do we collect your data?
On the one hand, your data is collected when you provide it to us. This may include, for example, data you enter into a contact form, place an order, or submit when subscribing to a newsletter.
Other data is collected automatically or after your consent by our IT systems when you visit the website. This primarily includes technical data (e.g. browser type, operating system, cookies, analytics data).

What do we use your data for?

  • to ensure the proper functioning of the website

  • to process orders

  • to communicate with users

  • to analyze user behavior

  • to comply with legal obligations

What rights do you have regarding your data?
You have the right at any time to obtain information about your stored personal data, its correction or deletion, restriction of processing, data portability, and to object to the processing of your personal data.

2. Information on the Controller

Controller within the meaning of the GDPR:

Drori Wines by Naomi Henkel-Guembel
Naomi Henkel-Guembel
Kirchheimer Str. 23

85652 Pliening

Email: hello@droriwines.com

3. Hosting

This website is operated using Squarespace.

The provider is:
Squarespace Ireland Ltd.
Le Pole House, Ship Street Great
Dublin 8, Ireland

Squarespace processes personal data (e.g. IP addresses, log files) as part of providing and securing the website.

The use of Squarespace is based on Art. 6(1)(f) GDPR (legitimate interest in the secure and reliable presentation of our website).

A data processing agreement pursuant to Art. 28 GDPR has been concluded.

Further information:
https://www.squarespace.com/privacy

4. Cookies and Consent Management (TTDSG)

This website uses cookies and similar technologies.

  • Necessary cookies are required for the operation of the website.

  • Optional cookies (e.g. analytics cookies) are only set with your consent.

Legal bases:

  • Art. 6(1)(a) GDPR (consent)

  • Section 25(1) TTDSG (access to end-user devices)

You may withdraw your consent at any time.

5. Analytics Tools

This website uses web analytics tools to evaluate user behavior and improve our offerings.

The data collected may include:

  • pages visited

  • duration of visits

  • device and browser information

  • anonymized IP address

These tools are used only after consent.

Legal basis: Art. 6(1)(a) GDPR

6. Email Communication & Newsletter

If you subscribe to our newsletter or contact us by email, we process your data exclusively for this purpose.

  • Subscription is voluntary (double opt-in recommended)

  • You may unsubscribe at any time

Legal basis: Art. 6(1)(a) GDPR

7. Orders & Payment Processing

When placing an order, we process:

  • name

  • address

  • contact details

  • order data

Payment processing is carried out via external payment service providers. We do not store complete payment details.

Legal basis: Art. 6(1)(b) GDPR

8. Recipients of Personal Data

Personal data is only disclosed to:

  • technical service providers (hosting, email, analytics)

  • payment service providers

  • public authorities, where legally required

9. Data Retention

Personal data is deleted as soon as the purpose for processing no longer applies, unless statutory retention obligations require otherwise.

10. Your Rights Under the GDPR

You have the right to:

  • access (Art. 15 GDPR)

  • rectification (Art. 16 GDPR)

  • erasure (Art. 17 GDPR)

  • restriction of processing (Art. 18 GDPR)

  • data portability (Art. 20 GDPR)

  • objection (Art. 21 GDPR)

11. Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority.

12. SSL / TLS Encryption

This website uses SSL/TLS encryption to protect the transmission of confidential data.

13. Contact

If you have any questions regarding data protection, please contact us by email at
hello@droriwines.com
or by post at the address stated above.