Privacy policy

Status: September 2025

This privacy policy explains the nature, scope and purpose of the processing of personal data on our website.

Hemmy's finest cigars & more
Owner: Hemmy Garcia
Welfenallee 6
13465 Berlin
Germany

Phone: +49 (0)30 – 40 10 77 74
Fax: +49 (030 – 40 10 77 72
E-Mail: info@hemmys.de

Responsible for the content according to § 18 Abs. 2 MStV and § 5 TMG:
Hemmy Garcia, Welfenallee 6, 13465 Berlin, Germany

1. responsible person

Hemmy Garcia
Hemmy's finest cigars & more

Welfenallee 6
13465 Berlin
Germany

Phone: +49 (0)30 – 40 10 77 74
Fax: +49 (030 – 40 10 77 72
E-Mail: info@hemmys.de

Responsible for the content according to § 18 Abs. 2 MStV and § 5 TMG:
Hemmy Garcia, Welfenallee 6, 13465 Berlin, Germany

2. types of data processed

  • Inventory data (e.g. name, address)
  • Contact details (e.g. e-mail, telephone number)
  • Content data (e.g. text entries, photographs)
  • Contract data (e.g. products purchased, subject matter of the contract)
  • Payment data (e.g. bank details, payment history)
  • Usage data (e.g. websites visited, access times)
  • Meta and communication data (e.g. device information, IP addresses)

3. purpose of the processing

  • Provision of the online offer and its functions
  • Fulfillment of contracts and services
  • Answering contact requests and communicating with users
  • Security measures
  • Marketing and reach analysis

4. legal bases

The processing takes place on the basis of:

  • Art. 6 para. 1 lit. a GDPR (consent)
  • Art. 6 para. 1 lit. b GDPR (fulfillment of contract)
  • Art. 6 para. 1 lit. c GDPR (legal obligation)
  • Art. 6 para. 1 lit. f GDPR (legitimate interest)

5. cookies and tracking

We use cookies to ensure the functionality of our website and to optimize our offer. Technically necessary cookies are set on the basis of our legitimate interest. We only set cookies that are not technically necessary with your consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with § 25 para. 1 TTDSG. Detailed information can be found in our separate cookie statement.

6. transfer of data to third parties and processors

There is a contract with service providers for order processing in accordance with Art. 28 GDPR. Your data will only be passed on:

  • for the fulfillment of the contract,
  • on the basis of your consent,
  • to fulfill a legal obligation or
  • on the basis of legitimate interests (e.g. hosting provider, payment service provider).

In addition, payment data (e.g. name, card data, IP address) is passed on to the payment service provider Quenta (technical processing by hobex Service IT) as part of payment processing for credit card payments. Data processing takes place directly on the servers of the service provider. Data protection information from hobex: https://sit.hobex.at/en/data-protection/

7. transfers to third countries

Your data will only be transferred to third countries if

  • an adequacy decision has been issued by the EU Commission or
  • suitable guarantees (e.g. standard contractual clauses) exist.

8. your rights

You have the right to:

  • Information (Art. 15 GDPR),
  • Rectification (Art. 16 GDPR),
  • Erasure (Art. 17 GDPR),
  • Restriction of processing (Art. 18 GDPR),
  • Data portability (Art. 20 GDPR),
  • Objection (Art. 21 GDPR),
  • Withdrawal of consent (Art. 7 para. 3 GDPR).
  • You also have the right to lodge a complaint with the competent data protection supervisory authority.

9. storage period

Personal data will be deleted as soon as the purpose of storage no longer applies or statutory retention obligations have expired.

10. data security

We use technical and organizational security measures to protect your data against manipulation, loss or unauthorized access. The transmission of your data is SSL-encrypted.

11. analysis and tracking tools

etracker: This website uses the etracker service of etracker GmbH, Hamburg, to analyze usage data. The data collected is processed and stored exclusively in Germany. Usage profiles are only created in pseudonymized form.

Possibility of objection: https://www.etracker.com/datenschutz/

12. integration of third-party services and content

Google Fonts (locally integrated): We use locally integrated Google Fonts for the uniform display of fonts. In doing so No transfer of personal data to Google servers in the USA instead. The fonts are loaded directly from our own server.
More information: https://fonts.google.com/

Google Maps: Google Maps can be used to display interactive maps. Here too, data may be transferred to the USA as soon as you have consented to integration via the cookie consent banner.
Privacy policy: https://policies.google.com/privacy

Payment processing via hobex/Quenta: For credit card payments, we use the external payment service provider hobex Service IT, operational for Quenta. Sensitive payment data (e.g. credit card number, expiration date) is not entered on our website, but on external pages of the payment service provider. Temporary cookies and security mechanisms (e.g. tokenization) are used, but are not controlled by our website.
Privacy policy hobex: https://sit.hobex.at/en/data-protection/

13. changes to this privacy policy

We reserve the right to adapt this data protection declaration in order to adapt it to changed legal situations or changes to our online offer. Please inform yourself regularly about the content.

Age verification

To become part of the Hemmys family...

Do we need to make sure that you have at least 18 years are old. Please confirm your age to continue and use the website.

YES
No