top of page

1) Introduction & Contact Details of the Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we inform you how we handle your personal data when you use our website. Personal data refers to any information by which you can be personally identified.

1.2 The controller for data processing on this website under the GDPR is:
Andreas Schmidt
Avant‑Garde‑Cinema
Corinthstraße 59
10245 Berlin, Germany
Phone: +49 172 3961954
Email: info@avantgardecinema.de

A controller is a natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data.

2) Data Collection When You Visit Our Website

2.1 When you use our website for information only—i.e., you do not register or otherwise send information—we collect only the data your browser transmits to the server (“server log files”). When you access our website, we collect the following technically necessary data:

  • The webpage visited

  • Date and time of access

  • Amount of data sent in bytes

  • Referrer URL (the page from which you came)

  • Browser type used

  • Operating system used

  • IP address (possibly anonymized)

Processing occurs under Article 6(1)(f) GDPR, based on our legitimate interest in improving the stability and functionality of our site. We do not share or otherwise use this data, but reserve the right to review log files later if there are concrete signs of illegal use.

2.2 For security reasons and to protect the transmission of personal or confidential data (e.g., orders or inquiries), this website uses SSL/TLS encryption. You can recognize an encrypted connection by “https://” and the padlock icon in your browser.

3) Hosting & Content Delivery Network

3.1 Our website is hosted and served by a provider using servers located exclusively within the EU, either directly or via subcontractors. All data collected on our website is processed on those servers. We have a data processing agreement with the provider to prevent unauthorized sharing of visitor data.

3.2 Fastly
We use the Content Delivery Network (CDN) service provided by Fastly Inc., 475 Brannan St. #300, San Francisco, CA 94107, USA. This speeds up delivery of media like graphics, content, and scripts via regionally distributed servers. Processing is based on our legitimate interest (Article 6(1)(f) GDPR) in improving site stability and functionality. We have a processing agreement with Fastly to protect visitor data.

For any data transfers to the U.S., Fastly subscribes to the EU‑US Data Privacy Framework, ensuring compliance with EU data protection levels via an adequacy decision by the European Commission.

4) Cookies

To make our site attractive and allow certain functionalities, we use cookies—small text files stored on your device. Some are deleted after closing your browser (“session cookies”), others remain longer to remember settings (“persistent cookies”). You can see retention periods in your browser’s cookie settings.

If any cookies process personal data, this occurs under Article 6(1)(b) GDPR (for performance of a contract), Article 6(1)(a) GDPR (if consent is given), or Article 6(1)(f) GDPR (for our legitimate interest in optimal site functionality). You can configure your browser to notify you about cookie settings or reject them. Please note that disabling cookies may limit functionality of our website.

5) Contact

5.1 Wix Chat

This website uses the live chat system from:
Wix HQ, Nemal Tel Aviv St 40, Tel Aviv‑Yafo, Israel.

Data transmitted via chat is processed under Article 6(1)(b) GDPR (for contract initiation/performance) or Article 6(1)(f) GDPR (for our legitimate interest in visitor support). Data is deleted once the matter is resolved, unless legal retention obligations apply. We may also use cookies to create pseudonymized usage profiles under Article 6(1)(f) GDPR—these do not identify you personally. You can prevent cookie usage via your browser settings, though site functionality may be limited. You may object to profiling at any time for the future.

Data is also transferred to:
Wix Inc., 500 Terry A. Francois Boulevard, San Francisco, CA 94158, USA.
We also have a processing agreement in place. Wix participates in the EU-US Data Privacy Framework, ensuring an adequate level of protection.

5.2 Contact Forms / Emails

When you contact us via a form or email, personal data is processed solely to handle your inquiry, under Article 6(1)(f) GDPR (our legitimate interest). If your inquiry is contract-related, Article 6(1)(b) GDPR also applies. Data is deleted once the matter is resolved, unless legal retention obligations exist.

6) Processing Data When Creating a Customer Account

Under Article 6(1)(b) GDPR, we collect and process only the data necessary for account creation. Required data fields are indicated in the online form. You may delete your account at any time by contacting us. After deletion, your data will be erased once any contracts are fully completed, legal retention periods expired, and no legitimate interest remains.

7) Use of Customer Data for Direct Marketing

7.1 Newsletter Subscription

When you subscribe to our email newsletter, we send you information about our offers. The only required data is your email address; additional details are optional and used for personalization. We use double opt-in to confirm your subscription; the required legal basis is Article 6(1)(a) GDPR (consent). We record your IP address, date, and time of registration to prevent misuse. You may unsubscribe anytime via link or by contacting us; we then delete your data from our newsletter list unless you have consented to further use or unless legally permitted.

7.2 Ascend by Wix

Newsletters are delivered via Wix HQ (Israel) and Wix Inc. (San Francisco, USA). Data shared includes your signup information under Article 6(1)(f) GDPR (legitimate interest). With your consent (Article 6(1)(a)), Wix may use web beacons to analyze open rates, interactions, and device data (time, IP, browser, OS), but does not combine this with other datasets. Consent for tracking can be withdrawn at any time. We have a processing agreement, and Wix adheres to the EU-US Data Privacy Framework.

7.3 Back‑in‑Stock Notifications

For items currently sold out, you may sign up to be notified when they are available again. The only required data is your email. Double opt-in is used, and we store your IP address, date, and time of registration under Article 6(1)(a) GDPR (consent). You may unsubscribe at any time by contacting us, upon which we promptly delete your email unless you consent to further use or we are permitted to keep for legal reasons.

8) Data Processing for Order Fulfillment

8.1 For order fulfillment and payments, we transfer personal data to the delivery company and payment institution under Article 6(1)(b) GDPR. If we are required to provide updates on digital goods, we process your contact details to inform you under Article 6(1)(c) GDPR.

We cooperate with the following service providers, who receive certain data to support contractual performance:

8.2 Age-Restricted Items
To verify age for restricted goods, we use “Age Verification Pro + Ident-Check” from DHL Paket GmbH, Bonn. This involves transferring your personal data under Article 6(1)(f) GDPR, based on our legitimate interest in legal compliance and youth protection.

8.3 Payment Service Providers

  • PayPal (Europe) S.à r.l. et Cie (Luxembourg):
    If you choose a PayPal payment method, we transfer necessary payment data (name, address, bank/card details, currency, transaction ID, order content) under Article 6(1)(b) GDPR. For advance payments, you may be required to provide personal details (name, address, birthdate, etc.). We may also perform a credit check under Article 6(1)(f) GDPR, transferring those data for creditworthiness assessment. You may object at any time, but PayPal may still process data as necessary for contract fulfillment.

  • Wix Payments (Israel → USA):
    Similar data (payment details) are transmitted under Article 6(1)(b) GDPR. Wix Inc. in San Francisco may process these data under processing instructions. Transfers rely on an adequacy decision by the European Commission and standard contractual clauses.

9) Your Rights

9.1 Under applicable data protection law, you have the following rights:

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to notification (Art. 19 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to revoke consent (Art. 7(3) GDPR)

  • Right to lodge a complaint (Art. 77 GDPR)

9.2 Right to object
If we process your data based on our legitimate interests, you can object at any time for reasons related to your particular situation. If you object, we will stop processing your data unless we can prove compelling legitimate grounds or if processing is necessary for legal claims.
If your data is used for direct marketing, you may object at any time; upon objection, we will cease processing for these purposes.

10) Data Retention

Retention periods depend on the legal basis, purpose, and any statutory retention obligations (e.g., commercial or tax laws).

  • Data processed with your consent (Art. 6(1)(a)) are kept until you withdraw consent.

  • Data processed for contract performance (Art. 6(1)(b)) are retained until the relevant retention periods expire, unless needed longer for contract fulfillment or legitimate interests.

  • Data processed under legitimate interests (Art. 6(1)(f)) are retained until you object—unless we can demonstrate overriding legitimate grounds or use for legal claims.

  • Data used in direct marketing (under legitimate interests) are retained until you object.

  • Unless otherwise stated, personal data are deleted when no longer required for the purpose for which they were collected.

bottom of page