Privacy Policy
Information on the processing of personal data under the GDPR
This privacy policy informs you about the nature, scope, and purpose of the processing of personal data when visiting and using our website as well as when purchasing digital content (e.g., PDF e-books) via ForgeOfRelations.
1) Introduction and contact details of the controller
The controller for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:
Arvendis UG (limited liability)
Luis Hermanowski
Koblenzer Str. 4
57555 Mudersbach
Germany
Email: info@arvendis.de
2) Data collection when you visit our website
2.1 Server log files
When you use our website for informational purposes only, we collect only the data that your browser transmits to our server
(so-called âserver log filesâ). This includes in particular:
⢠visited page/URL
⢠date and time of access
⢠amount of data transferred
⢠referrer URL (source/reference)
⢠browser type/version
⢠operating system
⢠IP address (where applicable, in anonymized form)
Processing is carried out pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interest in improving the stability,
security, and functionality of the website. Data is generally not disclosed. We reserve the right to check log files retrospectively
if there are concrete indications of unlawful use.
2.2 TLS encryption
This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content.
You can recognize an encrypted connection by âhttps://â and the lock symbol in your browserâs address bar.
3) Technically necessary storage (Local Storage / Session Storage)
ForgeOfRelations uses â where technically necessary â storage technologies such as Local Storage and Session Storage
to provide core functions (e.g., cart, selected currency, UI preferences). This data generally remains on your device so that settings can be applied
again the next time you visit.
Where personal data is processed, this is done pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interest in a user-friendly and functional
website, or pursuant to Art. 6(1)(a) GDPR where consent is required.
You can configure your browser to restrict or delete storage data. Please note that disabling/deleting this data may limit functionality (e.g., cart).
4) Purchase process and payment (Stripe)
When you purchase digital content on ForgeOfRelations, payment processing is carried out via the payment service provider Stripe
(Stripe Payments Europe, Ltd. and/or affiliated companies). As part of the checkout process, Stripe processes the data necessary for payment
(e.g., payment information, where applicable name, email address, billing/payment details). These data are generally processed directly by Stripe.
We typically receive the information required to confirm the payment and to process the transaction (e.g., payment status, transaction/customer identifier).
Legal basis is Art. 6(1)(b) GDPR (performance of a contract / processing the purchase).
Further information can be found in Stripeâs privacy notices.
5) Provision of digital content (download / redeem code)
After successful payment, we provide the purchased digital content (e.g., PDF) for download. Optionally, a redeem code can be used
to regain access to downloads within a limited period of time (e.g., when changing devices). In this context, we process technically necessary
information to enable access and prevent misuse (e.g., assignment of the checkout session, access token/code status).
Legal basis is Art. 6(1)(b) GDPR (performance of a contract). Where misuse prevention is involved, processing may additionally be based on
Art. 6(1)(f) GDPR (legitimate interest in IT security and fraud prevention).
6) Hosting
For hosting our website and providing the page content, we use a provider that performs its services itself or via selected subcontractors.
All data collected on our website is processed on the hosting providerâs servers (in particular server log files).
Where required under data protection law, we have concluded a data processing agreement with the provider to ensure the protection of our visitorsâ data
and to prohibit unauthorized disclosure to third parties.
Our website is hosted by Namecheap, Inc., 4600 East Washington Street, Suite 305, Phoenix, AZ 85034, USA.
Personal data (e.g., server log files) may be processed on the hostâs servers.
Processing is carried out on the basis of our legitimate interest pursuant to Art. 6(1)(f) GDPR in the secure and efficient provision of our online offering.
Where personal data is transferred to the USA, this is done in accordance with applicable data protection requirements for transfers to third countries.
However, if processing takes place in the USA, a level of data protection comparable to that in the EU cannot be guaranteed. In particular, it cannot be
ruled out that US authorities may access data without effective legal remedies being available.
7) Your rights as a data subject
Applicable data protection law grants you the following rights vis-Ă -vis the controller:
⢠right of access (Art. 15 GDPR)
⢠right to rectification (Art. 16 GDPR)
⢠right to erasure (Art. 17 GDPR)
⢠right to restriction of processing (Art. 18 GDPR)
⢠right to be informed (Art. 19 GDPR)
⢠right to data portability (Art. 20 GDPR)
⢠right to withdraw consent (Art. 7(3) GDPR)
⢠right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
8) Right to object
If we process your personal data on the basis of our overriding legitimate interest (Art. 6(1)(f) GDPR), you have the right to object to this processing at any time with effect for the future on grounds relating to your particular situation (Art. 21 GDPR).
9) Storage duration of personal data
The storage duration depends on the respective legal basis, the purpose of processing, and, where applicable, statutory retention periods. Data is deleted as soon as it is no longer necessary for the purposes for which it was collected or processed and no statutory retention obligations apply.
Version of this privacy policy
As of: December 2025. We reserve the right to amend this privacy policy where necessary so that it always complies with current legal requirements or to implement changes to our services.