top of page

Privacy Policy — KAT IVA. Art

Last updated: 30/11/2025

This Privacy Policy explains how we (“KAT IVA. Art”) collect, use, and safeguard your personal data when you visit our website, make a purchase in our online shop, subscribe to our newsletter, or interact with us in any other way. We are committed to protecting your privacy in accordance with the EU General Data Protection Regulation (“GDPR”).

1. Data Controller

KAT IVA. Art
Am Domblick 16
53177 Bonn
Germany
Email: hello@kativa-art.com

2. Personal Data We Collect

We collect the following categories of personal data:

2.1 Data you provide

  • Name

  • Email address

  • Shipping and billing address

  • Payment information (processed securely by payment providers)

  • Phone number (optional)

  • Message content from the contact form

  • Newsletter subscription data (email address)

2.2 Data collected automatically

When you visit our website, certain data is automatically collected by Wix or your browser:

  • IP address

  • Device information

  • Browser type and version

  • Operating system

  • Date and time of access

  • Referring URLs

  • Pages visited

  • Session data (e.g., page interactions)

This data is used for website functionality, analytics, and security.

3. Cookies & Tracking Technologies

Our website uses cookies and similar technologies provided primarily by Wix.com Ltd. These include:

  • Essential cookies (required for website and shop functionality)

  • Analytics cookies (Wix Analytics; no Google Analytics used)

  • Functional cookies (e.g., for login sessions or language settings)

  • Marketing cookies (e.g., through social media plugins)

You can control cookie settings via your browser and through the website’s cookie banner (if enabled).

4. Legal Bases for Processing

We process your data based on:

  • Art. 6(1)(b) GDPR – to perform a contract (purchases, customer service)

  • Art. 6(1)(a) GDPR – your consent (newsletter, cookies, social media plugins)

  • Art. 6(1)(f) GDPR – legitimate interest (website security, analytics, fraud prevention)

  • Art. 6(1)(c) GDPR – legal obligations (tax documentation)

5. How We Use Your Data

We use your personal data for the following purposes:

  • To provide and operate the online shop

  • To process and fulfill your orders

  • To provide customer support

  • To manage your account (if applicable)

  • To send transactional emails (order confirmations, shipping updates)

  • To send newsletters and promotional content (only with your consent)

  • To analyze site performance and improve the user experience

  • To prevent fraud and ensure website security

  • To comply with legal obligations

6. Newsletter Subscription

When subscribing to our newsletter, we collect your email address.
Wix may use a double opt-in process depending on the configuration of your settings.
If you are unsure or this varies by region, the following wording is fully compliant:

We only send newsletters after you have explicitly registered and consented. Depending on your location and interface settings, Wix may use a double opt-in process, which means you will receive an email to confirm your subscription. You can unsubscribe at any time by clicking the link at the bottom of each newsletter.

Newsletter emails are sent through the Wix Email Marketing system.

7. Contact Form

If you contact us via the contact form, we store and process the information you submit for the purpose of responding to your inquiry. This data is handled by Wix as our hosting provider.

8. Payment Processing

We offer several payment methods. These are processed by external providers acting as independent controllers:

PayPal

PayPal (Europe) S.à r.l. et Cie, S.C.A.
Processing includes payment details, device information, and fraud prevention data.

Credit Card Payments (via Wix Payments)

Credit card data is processed by Wix and its authorized payment partners. We do not receive or store your full credit card information.

Klarna

Klarna Bank AB (publ)
Klarna may perform an identity or credit check depending on the selected payment method.

Google Pay & Apple Pay

These services process payment information directly in accordance with their own privacy policies; we do not access sensitive data.

All payment providers operate under strict PCI DSS standards.

9. Social Media Plugins

Our website may include plugins or integrations for:

  • Facebook

  • Instagram

When you interact with these social media features, your browser may establish a connection to the respective platforms. Data such as IP address, device information, and page visits may be transmitted.

This happens only with your consent (Art. 6(1)(a) GDPR), if such plugins are loaded through a consent banner.

10. Wix.com Ltd. as Service Provider

Our website, shop system, hosting, analytics, and newsletter functions are provided by:

Wix.com Ltd.
40 Namal Tel Aviv St.
Tel Aviv 6350671, Israel

Wix processes data on our behalf and may store data on servers in the EU, Israel, and other regions.
Israel is recognized by the EU as having an adequate level of protection (Art. 45 GDPR).

Wix also uses subcontractors (e.g., CDN, analytics, payment providers).
A complete and updated list can be found in Wix’s privacy documentation.

11. Data Retention

We retain your personal data only as long as necessary:

  • Order information: 10 years (legal retention for tax/commerce law)

  • Contact form messages: until resolved or deleted

  • Newsletter data: until you unsubscribe

  • Analytics data: as per Wix’s retention policies

  • Account data: until you request deletion

12. Data Transfers Outside the EU / EEA

Some of our service providers (such as Wix or payment providers) may transfer data to countries outside the EU/EEA.
These transfers occur based on:

  • Adequacy decisions (e.g., Israel)

  • Standard Contractual Clauses (SCCs)

  • Other GDPR-compliant safeguards

13. Your Rights Under the GDPR

You have the following rights:

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to object (Art. 21 GDPR)

  • Right to withdraw consent at any time (Art. 7 GDPR)

To exercise any of these rights, contact us at:

📩 hello@kativa-art.com

If you believe your rights have been violated, you also have the right to file a complaint with your local data protection authority.

14. Security Measures

We use appropriate technical and organizational measures to protect your personal data, including:

  • Secure server hosting (Wix)

  • Encrypted connections (HTTPS/SSL)

  • Access control

  • Regular monitoring for vulnerabilities

15. No Data Collection From Minors

Our website and services are not intended for individuals under 16 years of age, and we do not knowingly collect data from minors.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.
The updated version will be indicated by a new “Last updated” date.

bottom of page