Privacy Policy


  1. Responsibility for the processing of your personal data within the meaning of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG) is:


Everyfitday Grzegorz Hebrowski

Oberwerder Damm 11-21

20539 Hamburg, Germany

  1. In order to ensure full transparency of data processing processes, this privacy policy sets out what data the user may collect, what it may be used for and to whom it may be shared.
  2. Please read these terms and conditions, from which you can learn how we handle your personal data.


  1. The Controller collects information provided voluntarily by the Customers. However, the provision of marked personal data is a condition for placing an order, while the consequence of not ordering will be the inability to order products in the store.
  2. Moreover, The Controller may record the information about connection parameters, like IP addresses, for technical purposes, for server administration and for collection of general, statistical demographic information (e.g. about the region from which the connection comes), and also for security purposes.
  3. The Controller shall make an extra effort in order to protect privacy and information about the Customers provided to him. The Controller shall exercise due diligence when selecting and applying appropriate technical measures, including those of programming and organizational nature, in order to protect the processed data, and in particular he shall protect the data from unauthorized access, disclosure, loss and destruction, unauthorized modification, and also from their processing with the breach of the applicable provisions of law.
  4. Personal data will be processed in accordance with the principles of art. 5 GDPR.

Personal data will be:

  1. processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);
  2. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; (‘purpose limitation’);
  3. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
  4. accurate and, where necessary, kept up to date (‘accuracy’);
  5. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; (‘storage limitation’);
  6. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
  1. On all websites through which personal data is entered, we use standard SSL (Secure Sockets Layer) encryption.
  2. If content, tools or other means from other providers (hereinafter collectively referred to as “third-party providers”) are used within the framework of this data protection declaration and whose registered office is in a third country, it should be assumed that the transfer of data to the countries of residence of the third-party providers takes place. Third countries are countries where the GDPR is not directly applicable, i.e. in principle in countries outside the EU or the European Economic Area. The transfer of data to third countries takes place if there is an adequate level of data protection, user consent or other legal permission.
  1. The basis for the processing of the Customer’s Personal Data is primarily the necessity to perform the contract to which he is a party or the need to take action at his request prior to its conclusion (Article 6 par 1 ( b) of GDPR).
  2. After expressing separate consent, data may also be processed for the purpose of sending commercial information by electronic means or making telephone calls for direct marketing purposes (Article 6 par. 1 (a) GDPR).
  3. In other purposes, the Customer’s Personal Data may be processed on the basis of:
  1. applicable law when processing is necessary to fulfill the legal obligation of the Controller e.g. when based on tax regulations or accounting one, The Administrator settles concluded sales contracts (Article 6 (1) (c) GDPR);
  2. indispensable for purposes other than those mentioned above resulting from legitimate interests pursued by the Controller or by a third party, in particular to determine, assert or defend claims, market and statistical analyses Article 6 (1) (f) GDPR).
  1. Personal data processed for purposes related to the purchase will be processed for the period necessary to complete the purchase and order, after which the data subject to archiving will be stored for the period appropriate for the limitation of claims. Personal data processed for marketing purposes covered by the consent statement will be processed until the consent is revoked.
  2. The recipients of the data may be:

Forwarding companies, accountants, suppliers of goods, providers of IT solutions, payment processing companies, marketing companies, telecommunications service providers, authorized state bodies.

  1. The applicable data protection law grants you comprehensive rights of data subjects (right to information and intervention) vis-à-vis the controller with regard to the processing of your personal data, as we inform you below:
  1. Right to information in accordance with Art. 15 GDPR;
  2. Right to rectification in accordance with Art. 16 GDPR;
  3. Right to erasure in accordance with Art. 17 GDPR;
  4. Right to restriction of processing in accordance with Art. 18 GDPR;
  5. Right to information in accordance with Art. 19 GDPR;
  6. Right to data portability in accordance with Art. 20 GDPR;
  7. Right to lodge a complaint under Art. 77 GDPR;
  8. Right to withdraw your consent in accordance with Art. 7 para. 3 GDPR: You have the right to withdraw your consent to data processing at any time with effect for the future. In the event of revocation, we will immediately delete the data concerned, unless further processing may be based on the legal basis of the processing without consent.

  1. We use cookies on our website. Cookies are small files that are stored on your device and store certain settings and data to be exchanged with our system through your browser. Basically, there are two different types of cookies, so-called session cookies, which are deleted immediately after closing the browser and temporary/permanent cookies, which are stored on the device for a longer period of time or for an indefinite period. This memory helps us to properly design our website and our offers and facilitates their use, for example by storing certain entries from you in such a way that you do not have to repeat them constantly.
  2. If you agree to the use of cookies, the legal basis for processing is the declared consent in accordance with § 6 section 1 sentence 1 letter a) GDPR.
  3. Otherwise, the data processed by means of cookies will be processed on the basis of our legitimate interests (e.B.g. in conducting business activities of our online offer and improving it) or, if the use of cookies is necessary for the fulfillment of our contractual obligations, both in accordance with § 6 paragraph 1 sentence 1 letter f) GDPR.
  4. You can adjust your cookie settings at any time. You can set your web browser in such a way that the storage of cookies on your device is generally prohibited or whenever you are asked if you agree to the setting of cookies. Once you have set cookies, you can also delete them at any time. You can find out how it works in detail in the help function of the browser. There are special explanations for safari, Firefox, Microsoft Internet Explorer and Google Chrome web browsers.
  5. Google Analytics
  1. Google Analytics is a web analytics service provided by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics uses cookies to enable an analysis of the use of the website and its subpages. The information generated by the cookie is usually transmitted to a Google server in the USA and stored there. In this case, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before the transfer to the USA; in exceptional cases, the full IP address will be transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. Cookies stored by Google Analytics are deleted after 14 months at the latest. Further information on data protection and the terms of use of Google Analytics can be found at: https://www. and
  2. To deactivate Google Analytics, download the following link to download and install the browser plug-in:
  3. The legal basis for the use of the web analysis service Google Analytics is Art. 6 Para. 1 lit. f GDPR.