Reliable DHL Shipping
140,000+ happy customers
14-day free returns
Secure payment methods
Reliable DHL Shipping
As of: March 2026
1. Data Controller and Contact
Responsible for data processing on this website:
smartport AG Gotthardstrasse 14, CH-6300 Zug, Switzerland
Represented by: Patrick Scherzinger (Board Member)
Email: [email protected]
EU Representative pursuant to Art. 27 GDPR and DSA Representative:
smartport Marketplace B.V. Keizersgracht 452, NL-1016GD Amsterdam, Netherlands
Represented by: Patrick Scherzinger (Managing Director) Trade Register: KVK 98714783
2. Overview
smartport operates an online marketplace on which professional third-party vendors (Sellers) offer their products for sale. This Privacy Policy informs you about the type, scope, and purpose of the collection and processing of personal data on our platform (smartport.com, smartport.de).
3. Data We Collect
3.1 When Visiting the Website (automatically)
IP address (truncated, if analytics is active)
Browser type and version, operating system
Referrer URL, pages visited, date and time of access
Device information (screen resolution, device type)
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in technical provision and security of the website).
3.2 When Creating a Customer Account
Name, email address
Password (stored encrypted)
Phone number (optional)
Legal basis: Art. 6(1)(b) GDPR (performance of contract).
3.3 When Placing Orders
First and last name, email address
Shipping and billing address
Phone number (for shipping notifications)
Ordered products, order value
Payment information (transmitted directly to the payment service provider, see Section 5)
IP address at the time of the order (fraud prevention)
Legal basis: Art. 6(1)(b) GDPR (performance of contract), Art. 6(1)(f) GDPR (fraud prevention).
3.4 When Subscribing to the Newsletter
Email address
Legal basis: Art. 6(1)(a) GDPR (consent). You may unsubscribe at any time.
3.5 When Using the Contact Form / Chatbot
Name, email address
Content of the message
Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in responding to enquiries).
3.6 For Returns
Order data, reason for return
Photographs of damaged goods, if applicable
Legal basis: Art. 6(1)(b) GDPR (performance of contract).
4. Cookies and Consent Management
Our website uses cookies. On your first visit, a cookie banner is displayed where you can choose:
Essential cookies: Technically necessary for the functionality of the website (shopping cart, login, language settings). These are set without consent.
Analytics cookies: Only with your explicit consent (Google Analytics via Google Tag Manager). Without consent, no analytics cookies are set.
You can revoke your consent at any time by deleting your browser cookies. The cookie banner will be displayed again on your next visit.
Legal basis: Art. 6(1)(a) GDPR (consent) for analytics cookies; Art. 6(1)(f) GDPR (legitimate interest) for essential cookies.
5. Sharing with Third Parties and Data Processors
We only share your personal data to the extent necessary for contract performance, on the basis of consent, or legitimate interests. We use the following service providers:
5.1 Payment Processing – Mollie B.V.
Data: Name, address, email, payment data, order amount
Purpose: Secure payment processing
Location: Keizersgracht 126, 1015CW Amsterdam, Netherlands
Privacy policy: https://www.mollie.com/privacy
Legal basis: Art. 6(1)(b) GDPR
Available payment methods: Credit card (Visa, Mastercard, Amex), PayPal, Apple Pay, Google Pay, Klarna, SOFORT, giropay, EPS, Bancontact, iDEAL & Bank transfer. Payment data is transmitted directly to Mollie and is not stored on our servers.
5.2 E-Commerce Platform – Shopify Inc.
Data: Product, order, and customer data
Purpose: Product management, order processing, customer account management
Location: 151 O’Connor Street, Ottawa, Ontario, K2P 2L8, Canada
Privacy policy: https://www.shopify.com/legal/privacy
Legal basis: Art. 6(1)(b) GDPR
Shopify complies with EU Standard Contractual Clauses for data transfers to third countries.
5.3 Third-Party Sellers (Marketplace Vendors)
Data: Name, delivery address, ordered products, order number
Purpose: Shipping and delivery of ordered products
Legal basis: Art. 6(1)(b) GDPR
Sellers on our platform only receive the data necessary for order fulfilment. We contractually require our sellers to use this data solely for order processing and to comply with applicable data protection regulations.
5.4 Shipping and Returns – DHL / Deutsche Post
Data: Name, address, email (for tracking notifications if applicable)
Purpose: Creation of return labels, shipment tracking
Privacy policy: https://www.dhl.de/en/toolbar/footer/privacy.html
Legal basis: Art. 6(1)(b) GDPR
5.5 Web Analytics – Google Tag Manager / Google Analytics
Data: Anonymised IP address, page views, session duration, device and browser information
Purpose: Analysis of user behaviour to improve our website
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Privacy policy: https://policies.google.com/privacy
Legal basis: Art. 6(1)(a) GDPR (only after explicit consent)
Google Analytics is only activated after consent via our cookie banner. Without consent, no analytics data is transmitted to Google. We use IP anonymisation.
5.6 Trusted Shops GmbH
Data: Email address, order reference, order date, product data if applicable
Purpose: Display of the Trusted Shops Trustbadge, collection of post-purchase reviews
Location: Subbelrather Str. 15c, 50823 Cologne, Germany
Privacy policy: https://www.trustedshops.de/impressum/#datenschutz
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in quality assurance and trust building)
5.7 Review Invitations – Trustpilot, Idealo, Google Reviews
Data: Email address, first name
Purpose: Sending post-purchase review invitations
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in collecting customer feedback)
You may object to receiving review invitations at any time by emailing [email protected].
5.8 Chatbot – Landbot
Data: Data entered by the user (name, email, message content)
Purpose: Automated handling of customer enquiries
Provider: Hello UMI S.L. (Landbot), Barcelona, Spain
Privacy policy: https://landbot.io/privacy-policy
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in efficient customer support)
5.9 Email Communication – Microsoft (Outlook / Microsoft 365)
Data: Email address, name, order data (for transactional emails)
Purpose: Sending order confirmations, shipping notifications, customer service communication
Provider: Microsoft Ireland Operations Ltd., One Microsoft Place, Dublin 18, Ireland
Privacy policy: https://privacy.microsoft.com
Legal basis: Art. 6(1)(b) GDPR
5.10 Error Monitoring – Sentry
Data: Technical error data (stack traces, browser version, anonymised IP)
Purpose: Detection and resolution of technical errors
Provider: Functional Software, Inc. (Sentry), San Francisco, USA
Privacy policy: https://sentry.io/privacy/
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the stability and functionality of the website)
5.11 Hosting – Railway
Data: All data processed in the course of using the platform
Purpose: Hosting the application and databases
Provider: Railway Corporation, San Francisco, USA
Privacy policy: https://railway.app/legal/privacy
Legal basis: Art. 6(1)(f) GDPR
For data transfers to the USA, we rely on EU Standard Contractual Clauses pursuant to Art. 46(2)(c) GDPR.
5.12 Address Validation
Data: Entered shipping address
Purpose: Verification and correction of delivery addresses to prevent delivery failures
Legal basis: Art. 6(1)(b) GDPR (performance of contract), Art. 6(1)(f) GDPR (fraud prevention)
6. Fraud Prevention and Risk Assessment
To protect against fraud and abusive orders, we conduct automated risk assessments of orders. The following factors may be considered:
Order value
Shipping country
Number of items ordered
Address data
This assessment results in an internal risk score that is reviewed exclusively by our staff. No automated individual decision-making within the meaning of Art. 22 GDPR takes place that produces legal effects concerning you.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in fraud prevention).
7. Data Retention
We retain your personal data only for as long as necessary for the respective purposes:
Order data: 10 years (commercial and tax law retention obligations under § 147 AO, § 257 HGB)
Customer account: Until deletion by the customer
Newsletter data: Until withdrawal of consent
Server logs: 30 days
Review invitations: 6 months
Cookie consent: 1 year
8. Your Rights
You have the following rights regarding your personal data:
Right of access (Art. 15 GDPR): Right to obtain information about your processed data
Right to rectification (Art. 16 GDPR): Right to correction of inaccurate data
Right to erasure (Art. 17 GDPR): Right to deletion of your data (“right to be forgotten”)
Right to restriction of processing (Art. 18 GDPR): Right to restrict data processing
Right to data portability (Art. 20 GDPR): Right to receive your data in a machine-readable format
Right to object (Art. 21 GDPR): Right to object to processing based on legitimate interests
Right to withdraw consent (Art. 7(3) GDPR): At any time with effect for the future
To exercise your rights, please contact us by email at [email protected].
9. Right to Lodge a Complaint
You have the right to lodge a complaint with a data protection supervisory authority regarding our processing of your personal data. In Switzerland, this is the Federal Data Protection and Information Commissioner (FDPIC). In the EU, you can contact the supervisory authority in your country of residence.
10. Data Security
We employ technical and organisational measures to protect your data from unauthorised access, loss, or misuse. These include:
SSL/TLS encryption of all data transmissions
Encrypted storage of passwords
Access restrictions and role-based permissions
Regular security updates
11. Changes to This Privacy Policy
We reserve the right to update this Privacy Policy as needed, e.g. in case of changes to our services or applicable legislation. The current version is always available on our website.