PRIVACY POLICY
Last updated: 06 May 2026
The Blind Cut website is owned and operated by The Blind Cut ("we," "us," "our," or the "shop"), which acts as the data controller of your personal data.
We have adopted this Privacy Policy to explain how we process the information collected through The Blind Cut, and to provide the reasons why we must collect certain personal data about you. Please read this Privacy Policy carefully before using The Blind Cut website.
We take the protection of your personal data seriously and undertake to guarantee its confidentiality and security in line with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
1. DATA CONTROLLER
The data controller responsible for the processing of your personal data is:
The Blind Cut
Email: mexicanbarber@theblindcut.com
2. PERSONAL INFORMATION WE COLLECT
When you visit The Blind Cut, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies installed on your device. As you browse the site, we also collect information about the individual web pages or products you view, what websites or search terms referred you to the site, and how you interact with the site. We refer to this automatically collected information as "Device Information."
When you place an order, register an account, contact us, or sign up for our newsletter, we collect personal data you provide directly, which may include:
- First name and last name
- Email address
- Postal address (billing and shipping)
- Telephone number
- Payment information (processed by our payment provider — we do not store full card details)
- Order details (products, quantities, customizations)
- Any messages or correspondence you send us
3. WHY WE PROCESS YOUR DATA AND LEGAL BASES
We process your personal data only as much as is necessary to operate the shop and to fulfill our obligations to you. The legal bases under the GDPR are:
- PERFORMANCE OF A CONTRACT (Art. 6(1)(b) GDPR) — processing necessary to fulfill your order, ship products, handle returns or claims, and provide customer support.
- LEGAL OBLIGATION (Art. 6(1)(c) GDPR) — to comply with tax, accounting, and commercial law obligations under German law (e.g., retention of invoices and order records).
- LEGITIMATE INTEREST (Art. 6(1)(f) GDPR) — to operate, secure, and improve our website, prevent fraud, and analyze usage in aggregate form.
- CONSENT (Art. 6(1)(a) GDPR) — for newsletters, optional cookies, and any other processing where we ask for your specific consent. You can withdraw consent at any time.
4. DATA RETENTION
We retain your personal data only as long as necessary for the purposes for which it was collected, or as required by law:
- Order, invoice, and tax-relevant data: 10 years (as required by German commercial and tax law — § 257 HGB and § 147 AO).
- Account data: as long as your account is active, plus a reasonable archival period.
- Newsletter data: until you withdraw your consent.
- Website analytics and device information: typically up to 14 months unless legitimate interest justifies a longer period.
After the retention period expires, your data is deleted or anonymized.
5. SHARING YOUR DATA — RECIPIENTS AND PROCESSORS
We do not sell or rent your personal data. We share data with third parties only as needed to operate the shop:
- HOSTING PROVIDER: Hostinger, which hosts the website infrastructure.
- PAYMENT PROVIDERS: such as Stripe, PayPal, or similar — processing your payment data under their own privacy terms.
- SHIPPING CARRIERS: to deliver your order (DHL, DPD, or similar).
- TAX AND ACCOUNTING ADVISORS: to fulfill our legal obligations.
- LAW ENFORCEMENT OR AUTHORITIES: where required by law.
Each of these recipients is bound by data protection obligations and processes your data only for the specific purpose for which it was shared.
6. INTERNATIONAL DATA TRANSFERS
Some of our service providers may be based outside the European Economic Area (EEA) — for example, payment processors or hosting infrastructure with servers in countries such as the United States. Where this is the case, we ensure that appropriate safeguards are in place, such as the European Commission's Standard Contractual Clauses (SCCs) or an adequacy decision, in line with Chapter V of the GDPR.
7. COOKIES
The website uses cookies to help personalize your online experience. By accessing The Blind Cut, you agree to the use of required cookies.
A cookie is a text file that is placed on your device by a web server. Cookies cannot be used to run programs or deliver viruses to your device. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie.
We use:
- REQUIRED COOKIES: necessary for the operation of the website (e.g., session, cart, security). These do not require your consent as they are strictly necessary.
- OPTIONAL COOKIES: used for analytics, marketing, or third-party integrations. These are only set with your explicit consent through our cookie banner. You can change or withdraw your consent at any time.
By accepting required cookies, you also accept third-party cookies that may be set via third-party services (e.g., embedded video players or payment widgets) that are integrated into our website.
8. YOUR RIGHTS
If you are a resident of the European Economic Area or the United Kingdom, you have the following rights regarding your personal data:
- The right to be informed
- The right of access (Art. 15 GDPR)
- The right to rectification (Art. 16 GDPR)
- The right to erasure / "right to be forgotten" (Art. 17 GDPR)
- The right to restrict processing (Art. 18 GDPR)
- The right to data portability (Art. 20 GDPR)
- The right to object (Art. 21 GDPR)
- Rights in relation to automated decision-making and profiling (Art. 22 GDPR)
- The right to withdraw consent at any time (where processing is based on consent)
To exercise any of these rights, please contact us at mexicanbarber@theblindcut.com. We will respond within one month, in line with Art. 12 GDPR.
9. RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY
If you believe we are processing your personal data unlawfully, you have the right to lodge a complaint with a data protection supervisory authority. For data subjects in Germany, the competent authority for The Blind Cut (based in Konstanz, Baden-Württemberg) is:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg (LfDI BW)
Lautenschlagerstraße 20
70173 Stuttgart, Germany
Website: https://www.baden-wuerttemberg.datenschutz.de
You may also lodge a complaint with the supervisory authority of your country of residence within the EEA.
10. CHILDREN'S PRIVACY
The Blind Cut is not directed at children under the age of 18. We do not knowingly collect personal data from minors. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at mexicanbarber@theblindcut.com and we will delete the information.
11. INFORMATION SECURITY
We store information you provide on secure servers in a controlled environment, protected against unauthorized access, use, modification, or disclosure. We maintain reasonable administrative, technical, and physical safeguards to protect your personal data. However, no data transmission over the internet or wireless network can be guaranteed to be 100% secure.
12. LINKS TO OTHER WEBSITES
Our website may contain links to other websites that are not owned or controlled by us. We are not responsible for the privacy practices of those websites or third parties. We encourage you to read the privacy statements of any website that may collect personal information from you.
13. LEGAL DISCLOSURE
We will disclose any information we collect, use, or receive if required or permitted by law — for example, to comply with a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
14. CHANGES TO THIS POLICY
We may update this Privacy Policy at any time. The current version will always be posted on this page with the date of last update. Continued use of the site after changes constitutes acceptance of the updated Policy.
15. CONTACT INFORMATION
If you have any questions about this Privacy Policy, or wish to exercise any rights related to your personal data, you may contact us at: