Privacy policy

Data Protection / Data Privacy

1. Name and contact information of the controller for the purposes of Art. 4 Sec. 7 of the General Data Protection Regulation (GDPR)

The following data protection and data privacy information applies to the processing of personal data by:

Merten Hirsch
One Million Dogs
Hohnser Weg 6
31848 Bad Münder OT Brullsen

Telephone: +49 176. 95 27 32 17

Regarding all topics of data protection and privacy you can contact us at

2. Collection of general data and information

a) Websites

The websites of One Million Dogs ( and collect a series of general data and information when a data subject or automated system calls up the website. This general data and information are stored in the server log files. Collected may be

(1) an Internet protocol address (IP address),
(2) the date and time of access to the Internet site,
(3) the website from which an accessing system reaches our website (so-called referrers),
(4) the browser types and versions used,
(5) the operating system used by the accessing system,
(6) the Internet service provider of the accessing system, and
(7) any other similar data and information that may be used in the event of attacks on our information technology systems.

When using these general data and information, One Million Dogs does not draw any conclusions about the data subject. Rather, this information is needed to

(1) deliver the content of our website correctly,
(2) optimize the content of our website,
(3) ensure the long-term viability of our information technology systems and website technology, and
(4) other administrative purposes.

The personal data is therefore collected with the aim of increasing the data protection and data security, according to Art. 6 Sec. 1 lit. f GDPR and to ensure an optimal level of protection for the personal data we process.

b) Processing of personal data upon registration and for the performance of contracts

We collect, process and use your personal data upon registration on our websites and for the establishment and performance of contracts according and on the legal basis of Art. 6 Sec. 2 lit. b GDPR. The data collected results from the input forms that we keep ready for you when ordering - also as a "guest" - or when creating a customer account. You can have your customer account deleted at any time. After deleting your customer account, the data will continue to be stored, taking into account the retention periods under tax and commercial law, and will be deleted after they have expired, unless there is still a legitimate interest in storing the data. We also save and use the data you have provided for the performance of your contract with us. After the contract has been fully processed and taking into account the aforementioned retention periods under commercial and tax law, your personal data will be deleted, unless there is still a legitimate interest in storage.

3. Transmission of personal data to third parties

Transmission of your personal data to third parties for purposes other than those listed below does not take place.

We only transmit your personal data to third parties if:

  • you have given express consent to this according to Art. 6 Sec. 1 lit. a GDPR,
  • the transmission is required to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data according to Art. 6 Sec. 1 S.lit. f GDPR
  • there is a legal requirement or obligation for the transmission according to Art. 6 Sec. 1 lit. c GDPR and
  • it is necessary for the performance of the contract with you according to Art. 6 Sec. 1 lit. b GDPR.

On our websites we offer payment via PayPal. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal").

If you choose to pay via PayPal, the payment details you have entered will be transmitted to PayPal.

The transfer of your data to PayPal is based on Art. 6 Sec. 1 lit. a GDPR (consent) and Art. 6 Para. 1 lit. b GDPR (processing to fulfill a contract). You have the option of withdrawing your consent to data processing at any time. A revocation does not affect the effectiveness of data processing operations in the past.

4. Cookies

We do not use cookies on On we only use technically necessary cookies. The cookies we use on are named and explained in detail below, these cookies are technically necessary for the website to function:

Name of the cookie: session_id.sig
Purpose: Necessary for validation of the session and for storing the session ID.
Expiry: 1 year
Provider: Strato AG

Name of the cookie: session_id
Purpose: Necessary for storing the so-called shopping cart.
Expiry: 1 year
Provider: Strato AG

Cookies are small files that your browser automatically creates and that do not damage your device. The cookies do not contain any viruses, Trojans or other malware. Information is stored in the cookie that results in connection with the specific device used. However, this does not mean that we are immediately aware of your identity. The use of cookies serves on the one hand to make the use of our offer more pleasant for you. We use so-called session cookies to recognize that you have already visited individual pages on our website. These are automatically deleted after leaving our site. In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your device for a specific period of time. If you visit our site again to use our services, it is automatically recognized that you have already visited us and what inputs and settings you have made so that you do not have to re-enter them. On the other hand, we use cookies to statistically record the use of our website and to evaluate it for you in order to optimize our offer. These cookies enable us to automatically recognize when you visit our website that you have already visited it before. These cookies are automatically deleted after a defined period of time. The data processed by cookies is necessary for the purposes mentioned to safeguard our legitimate interests and those of third parties in accordance with Art. 6 Sec. 1 lit. f GDPR. Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, if you completely deactivate cookies, you may not be able to use all the functions of our website.

5. Google Web Fonts

Our websites use so-called web fonts, which are provided by Google, for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers.

For more information on Google Web Fonts, see

and Google's privacy policy:

6. Duration of storage and routine erasure of personal data

Your personal data will be processed in accordance with the respective legal, e.g. retention periods under tax law or commercial law. After these legal deadlines have expired, the data will be deleted, unless they are still required for the fulfillment or initiation of the contract or there is a legitimate interest in further storage.

7. Your rights

You have the right

  • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data, if we have not collected it, as well as the existence of automated decision-making including profiling and, if necessary, meaningful information on their details
  • to immediately request the correction of incorrect or incomplete personal data stored by us in accordance with Art. 16 GDPR
  • to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless processing is required to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims
  • to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to have it deleted and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have objected to processing in accordance with Art. 21 GDPR
  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another person responsible
  • to revoke your consent given to us at any time in accordance with Art. 7 Sec. 3 GDPR. As a result, we are no longer allowed to continue the data processing based on this consent in the future
  • to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters. You can find a list of data protection officers and their contact details in Germany at

8. Right to withdraw data protection consent

If your personal data are processed on legitimate interests in accordance with Art. 6 Sec. 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided there are reasons for this arising from your particular situation or the objection is directed against direct mail. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation. If you would like to exercise your right of revocation or objection, an email to is sufficient.

9. Data security

We use SSL (Secure Sockets Layer) to communicate with your web browser with the highest level of encryption supported by your browser when you visit our website. Usually this is a 256 bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed key or lock symbol in the lower status bar of your browser. We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

10. Version and amendment

This data protection and privacy policy is currently valid (Version of November 16th 2020). Due to the further development of our website and offers or changes in legal or regulatory requirements, it may be necessary to change this data protection declaration. You can call up and print out the current data protection and privacy policy at any time at and