Privacy Policy

Who are we and what is the scope of this Privacy Policy?

As the data controller, SellerX Commerce GmbH (“we”, “us”, “our” or “kwmobile”) processes certain personal data in order to enable you to make use of our e-commerce shop situated on our website as well as to enjoy our products. This Privacy Policy describes our personal data processing operations and provides you information of your rights related to your personal data. The specific processing activities described in this Privacy Policy may vary depending on how you interact with our website and services and which functions you use.

This Privacy Policy applies to all websites operated under our domain (DOMAIN), including our e-commerce store and related activities such as, organizing delivery and carrying out marketing operations. Kindly observe that in some cases our websites may include links to external third-party websites which are neither operated by us nor covered by this Privacy Policy. To learn more about the data processing operations carried out by these third parties we advise you to review their privacy policies.

Furthermore, if you order our products through a third-party website (e.g., Amazon) such third parties may process your personal data for their own purposes and act as the data controller. For further information regarding their data processing operations please see their applicable privacy policies.

For more information about the cookies and similar technologies we use, please see our Cookie Policy.

If you are based in the United Kingdom (“UK”), this Privacy Policy applies to you and your personal data is processed in accordance with the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018. References to articles of the “GDPR” in this Privacy Policy shall be read as references to the corresponding articles of the UK GDPR. Where this Privacy Policy refers to a German statutory provision (e.g., § 7(3) UWG), the equivalent UK provision applies (in the case of soft opt-in marketing, Regulation 22 of the Privacy and Electronic Communications (EC Directive) Regulations 2003 (“PECR”)).

What personal data do we process, for what purposes and based on which lawful bases?

Provision of services

It is necessary for kwmobile to process your contact information including name, phone number, email address and delivery address data, as well as your payment and order information (e.g., payment method, product information, order date and shipping method) in order to:

  • Execute the purchase contracts including dispatch, delivery and payment processing;
  • Respond to inquiries, manage your account and provide other customer service;
  • Manage claims and process returns, complaints and warranty claims;
  • Provide non-promotional service communications to you relating to e.g., technical, security-related topics and contractual matters (e.g., fraud warnings, account blocking or contractual changes);
  • Provide further services requested by you.

The lawful basis for processing this data for the purposes listed above is the performance of a contract in accordance with Art. 6(1)(b) GDPR.

In certain cases, we may also carry out credit checks to assess the risk of non-payment. For this purpose, we may process limited identity data such as your date of birth and share relevant information with credit agencies where permitted by law. The lawful basis for such processing is our legitimate interest in preventing payment defaults pursuant to Art. 6(1)(f) GDPR.

Marketing

We also process your contact information, including email address and phone number, for marketing purposes. To the extent that the content of marketing communications is personalized, we may also process your order history (i.e., products bought before) as well as your interests as indicated by the cookies you have accepted (for further information see our Cookie Policy). The marketing operations include:

  • Sending newsletters, reminders, product updates, recommendations, promotional offers and other promotional communications to your email address;
  • Communicating promotional messages to you via text messages and WhatsApp or Facebook Messenger applications;
  • Targeting promotional content to you and to third parties on social media platforms including Facebook, Instagram and TikTok;
  • Sending push notifications, including marketing communications, to you.

The applicable lawful basis for marketing communications and social media targeting is either consent (Art. 6(1)(a) GDPR) or legitimate interests of kwmobile to provide direct marketing (Art. 6(1)(f) GDPR / UK GDPR). Where we send marketing emails based on legitimate interests, this is limited to existing customer marketing in accordance with applicable law (e.g., § 7(3) UWG in Germany; Regulation 22(3) of the Privacy and Electronic Communications (EC Directive) Regulations 2003 (“PECR”) in the United Kingdom). Kindly observe that push notifications require your consent which is also the lawful basis for processing any personal data collected to provide such notifications.

When you first sign up for the services, kwmobile wishes to process your data for marketing communications and social media targeting operations in order to provide you information relating to similar products or services in which you have shown interest. kwmobile gives you the option to object to our use of your personal data for marketing operations, through the unsubscribe links or by changing the marketing settings in your profile, if applicable. In the event we instead ask for you to opt-in to our marketing operations or you do so later in your profile or through functions of our website (e.g., to receive a notification once an out-of-stock product is back), the lawful basis for processing is your consent.

In order to enhance your experience, provide you with tailored communications and promotions as well as to enable you to collect loyalty points and receive personalized discounts, we collect certain information to assign you to a customer segment and create you a client profile. In addition to the personal data defined above, including your name and address information, the assigned segment and created profile are based on:

  • Your purchase history;
  • Your device and network information;
  • Your actions on our website and on third-party websites, provided you have accepted cookies;
  • Your interaction with our communications, including social media pages via pixels and personalized URLs;
  • Your birthday if you have provided it.

The lawful basis for creating these segments and profiles as well as using them to personalize the services and marketing communications is our legitimate interests to carry out personalized marketing and your legitimate interests to receive personalized discounts and recommendations based on your interests in accordance with Art. 6(1)(f) GDPR.

You have the right to object at any time to the processing of your personal data for direct marketing purposes pursuant to Art. 21 GDPR. If you object, we will stop processing your personal data for such purposes.

Blog

We may operate a blog on our website. This enables you to interact with our blog and other readers by submitting your comments as well as by subscribing to notifications when new comments or blog articles are posted. If you choose to leave a comment the personal data processed is your name or your chosen username (pseudonym) that is publicly available on the website as well as your email address and IP address which are processed in a non-public manner. The lawful basis for processing such data is our legitimate interests in accordance with Art. 6(1)(f) GDPR to enable you to interact with our bloggers and other commentators and your legitimate interests to do so. Where you decide to subscribe to comment notifications the lawful basis is consent as per Art. 6(1)(a) GDPR.

Community

We hope you are happy with our products and welcome your feedback and suggestions for improvements or new products. For this purpose, we may operate a client community on Facebook. We process group insights metrics about the group, including member activity and engagement within the group in order to e.g., understand how you engage within the group, see who the most active group members are and to learn which posts have the most engagement. The lawful basis for processing such group information is our legitimate interests in accordance with Art. 6(1)(f) GDPR to interact with our clients in order to create better products and your legitimate interests to engage with us and provide feedback.

We have created a referral program where you recommend us and our products to your friends. To do so you can either share your personal code with your friends or submit your friends’ contact details, and they will be notified through the given channel (e.g., via email). The lawful basis for such processing is our legitimate interests to get in touch with potential new clients, your legitimate interests to send your friend recommendations and your friends’ legitimate interests to receive recommendations that might interest them. We will inform your friend of your referral and provide adequate information about our privacy practices in the first communication. We will contact your friend only once unless they actively engage with the communication. In the event your friend does not become a client, we will not store their contact details. If you choose to share your code and your friend uses it or if you are the friend using the code, we will maintain this information in your customer profile to provide you with the discounts or other benefits related to the use of the code.

Other purposes

We may also use the categories of personal data mentioned above as well as further data, that can be defined as personal data, collected by our essential cookies or otherwise for the following purposes:

  • Maintenance of security of our website and services, including preventing data breaches;
  • Fraud prevention;
  • Research and development of our website and services, provided that the data is in a summarized, pseudonymized or anonymized form;
  • Compliance with laws or court orders (e.g., to carry out applicable anti-money laundering or know your customer checks);
  • Establishment, exercise or defense of legal claims.

For these operations we rely on our legitimate interests to detect and prevent fraud, maintain the security of our services and improve the same as well as to pursue or defend legal claims in accordance with Art. 6(1)(f) GDPR. Where we need to process your personal data in order to comply with legal obligations e.g., applicable laws and regulations or court orders the applicable lawful basis for processing is legal obligation as per Art. 6(1)(c) GDPR.

From where do we get your personal data and with whom do we share it?

In general, we process personal data that is directly provided by you to us or that is derived from your use of our services. Our business operations also require us to engage service providers who assist us in providing our services and products to you. In this context, we may share your personal data with such service providers where necessary and subject to appropriate contractual and security safeguards. Such service providers may include:

  • E-commerce platforms (e.g., Shopify);
  • Payment service providers;
  • Credit check agencies, where applicable;
  • Customer service and relationship management platforms;
  • Customer support services (e.g., chat providers);
  • Marketing platforms and services, including social media platforms and conversion tracking services (e.g., Meta);
  • Delivery companies;
  • Collection service providers, where applicable;
  • Loyalty, reward and referral program providers;
  • Companies belonging to the same group as us;
  • Advisors, auditors or insurance companies;
  • Third parties in connection with a business transaction (e.g., a merger, acquisition or liquidation).

Furthermore, in the event we are obliged by law or by court decision to disclose your personal data or where we need to do so to establish, exercise or defense legal claims, we may forward your data to prosecution authorities or other relevant third parties.

Are you obliged to provide the personal data and which are the possible consequences of failure to provide such data?

Unless stated otherwise in the explanations above regarding the applicable legal bases, you are not obliged to provide or disclose personal data to us. However, in the cases referred to in Art. 6(1)(b) GDPR, the personal data is necessary for entering into or performing a contract. If you do not provide us with the relevant personal data, it will be impossible for us to enter into, or perform, the contract. If you do not provide us with the data in the cases referred to in Art. 6(1)(a) and (f) GDPR, you will not be able to use the respective parts of our services.

Do third parties act as joint controllers?

The essential contents of the Art. 26 GDPR arrangement are available upon request.

Where is your personal data processed?

kwmobile is a European company located in Germany. However, we transfer your personal data to other countries within the EU/EEA as well as to third countries. Where personal data is transferred to third countries, we ensure that appropriate safeguards are in place, such as: (i) adequacy decisions of the European Commission and / or, for transfers from the United Kingdom, adequacy regulations made under section 17A of the Data Protection Act 2018; (ii) participation in the EU-U.S. Data Privacy Framework and, for UK transfers, the UK Extension to the EU-U.S. Data Privacy Framework (the “UK-US Data Bridge”), where applicable; (iii) Standard Contractual Clauses pursuant to Art. 46 GDPR and, for UK transfers, the UK International Data Transfer Agreement or the International Data Transfer Addendum to the EU Standard Contractual Clauses issued by the Information Commissioner; or (iv) other appropriate safeguards permitted under applicable data protection law.

How is your personal data protected?

kwmobile has in place comprehensive technical and organizational security measures to ensure your personal data is secured. These are reviewed and updated on a regular basis to ensure they comply with the state of the art. We also review our vendors and sign appropriate agreements with them to ensure that they comply with our defined security measures.

When will we delete your data?

Personal data is stored only for as long as necessary for the respective purposes for which it was collected. In addition, certain data may be subject to statutory retention obligations under applicable commercial and tax laws (including, in Germany, § 257 HGB and § 147 AO; in the United Kingdom, retention requirements under the Companies Act 2006, the Value Added Tax Act 1994 and HMRC record-keeping rules), which may require us to retain such data for a period of up to six or ten years (as applicable). After the expiry of the applicable statutory retention periods, the relevant data will be deleted unless it is still required for the performance of a contract or for the establishment, exercise or defence of legal claims. Personal data will only be stored for as long as necessary to fulfil the respective purposes.

Do we carry out automated individual decision-making (including profiling)?

Automated individual decision-making within the meaning of Art. 22 GDPR does not take place. However, we may use profiling techniques to analyze customer preferences and personalize marketing communications.

What are your rights in relation to our data processing operations and how to contact us?

In addition to your right to receive information in form of this privacy policy, you have the following rights under the relevant legal conditions:

  • Right to access your data;
  • Right to rectify your incorrect or incomplete data;
  • Right to be forgotten (data deletion/anonymization);
  • Right to restrict processing;
  • Right to data portability;
  • Right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you; and
  • Right to lodge a complaint with a supervisory authority.

You may lodge a complaint with the supervisory authority responsible for your place of residence or with the supervisory authority responsible for us. In the United Kingdom, the relevant supervisory authority is the Information Commissioner’s Office (ICO), Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF (www.ico.org.uk).

Right to object

Furthermore, in the event we process your personal data relying on legitimate interests, you have the right to object to this processing with effect for the future. This right applies in particular where personal data is processed for direct marketing purposes. If you exercise your right to object, we will stop the processing of the relevant data. However, further processing may occur provided that we can prove comprehensive reasons for processing that override your interests, fundamental rights and fundamental freedoms, or if the processing is for the certification, exercise or defense of legal claims. If we process your personal data for direct advertising purposes, you have the right to object at any time to such processing and we will stop processing your personal data for direct marketing purposes. The objection is not subject to formal requirements, but we recommend using the opt-out mechanisms provided or contacting us as instructed below.

Right to withdrawal of consent

Pursuant to Art. 7(3)(1) GDPR, you have the right to withdraw your consent, at any time with effect for the future. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. After you have withdrawn your consent, we will delete the personal data we have processed based on your consent unless there is another legal basis for the processing of these data. The withdrawal is not subject to formal requirements, but we recommend using the consent mechanisms provided or contacting us as instructed below.

Kindly observe that we do not sell your personal data. However, in the event of a business transaction your personal data may be transferred to a new controller entity.

How to contact us?

In order to exercise your rights, please send us an email to service@kwmobile.com.

In order to ensure that personal data is not disclosed to unauthorized persons, we may request additional information to verify your identity in individual cases. Requests to exercise your rights will be processed within the time limits required by applicable law.

You can also reach us via post:
SellerX Commerce GmbH
Attn: Legal
c/o SellerX Germany GmbH
Chausseestraße 19
10115 Berlin

Kindly note that as an e-commerce operator we process your data in electronic form and therefore, upon a request to access your personal data, we provide such data in a commonly used machine-readable format (e.g., CSV or other commonly used electronic formats).

Who is our group data protection officer?

SellerX Commerce GmbH
Attn: Legal
c/o SellerX Germany GmbH
Chausseestraße 19
10115 Berlin
Email: service@kwmobile.com

When was this Privacy Policy last reviewed?

This Privacy Policy was last reviewed and updated in 11/03/2026. We retain the right to update this Privacy Policy at any time. The current version of this Privacy Policy is always available on our website.