Privacy Policy
Last updated: 02.07.2026
This Privacy Policy explains how BELLINGER ("we", "us") processes personal data when you visit this website and place an order.
1. Controller
BELLINGER
Anne Bellinger
Midgårdsgade 9
2200 Copenhagen N
Denmark
Email: hello@annebellinger.com
Represented by: Anne Bellinger
If you have any questions about this policy or how your data is handled, contact us at the email above.
2. Hosting and Server Log Files
This website is hosted by Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USA.
Every time you visit this site, Vercel's infrastructure automatically processes certain technical information for security and stability purposes, including:
- IP address
- Date and time of the request
- Browser type and operating system
- The page you requested and referring URL
This data is stored temporarily in server log files and is not merged with any other data we hold. It is processed on the basis of our legitimate interest (Art. 6(1)(f) GDPR) in ensuring the security, stability, and proper functioning of the website.
Because Vercel is a US-based provider, this involves a transfer of data outside the EU/EEA. Vercel relies on the EU Standard Contractual Clauses and, where applicable, the EU-U.S. Data Privacy Framework as a legal basis for this transfer. Vercel's privacy notice: https://vercel.com/legal/privacy-notice
3. Cookies
We do not use analytics, advertising, or tracking cookies. The only cookies set on this site are those strictly necessary for the checkout process, placed by our payment provider Stripe (see below) to prevent fraud and complete your transaction.
These cookies are exempt from consent under Section 25(2) TDDDG (Germany's Telecommunications-Digital Services Data Protection Act) and the ePrivacy Directive, because they are technically necessary to provide the service you actively request (completing a purchase). No cookie consent banner is required for this reason — but if that ever changes (e.g. you add analytics, ads, or embedded fonts/scripts from third parties), this section and a consent mechanism will need to be updated.
4. Payment Processing via Stripe
To process payments, we use Stripe ([Stripe Payments Europe, Limited, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland] / Stripe, Inc., 354 Oyster Point Blvd, South San Francisco, CA 94080, USA — confirm which Stripe entity you've contracted with).
When you place an order, the following data is transmitted to Stripe:
- Name
- Billing and/or shipping address
- Email address
- Payment details (card number, IBAN, etc. — entered directly into Stripe's interface; we do not see or store full payment details ourselves)
- Order amount and order reference
Legal basis: processing is necessary for the performance of a contract with you (Art. 6(1)(b) GDPR) — we cannot fulfil your order without this data.
International transfer: Stripe processes data outside the EU/EEA. Stripe relies on Standard Contractual Clauses and, where applicable, the EU-U.S. Data Privacy Framework as safeguards. For certain purposes (e.g. fraud prevention, regulatory/AML compliance), Stripe acts as an independent controller, not just our processor. Stripe's own privacy policy explains this in detail: https://stripe.com/privacy
We do not store your payment or card data on our own systems.
5. Order Data and Retention
Even though we don't maintain a customer database or marketing lists, order-related data (invoices, transaction records) must be retained for legally mandated periods under German commercial and tax law:
- 6 years for commercial correspondence (§ 257 HGB)
- 10 years for invoices and accounting records (§ 147 AO)
This data is retained solely to meet these legal obligations (Art. 6(1)(c) GDPR) and is not used for any other purpose. Depending on your setup, this record-keeping may happen on Stripe's side (as your payment/invoicing processor) rather than on your own servers — but you're still responsible for making sure it happens somewhere.
6. Your Rights
Under the GDPR, you have the right to:
- Access the personal data we (or our processors) hold about you (Art. 15)
- Rectify inaccurate data (Art. 16)
- Erasure of your data, where legally possible (Art. 17) — note this may be limited by the retention obligations in Section 5
- Restrict processing under certain conditions (Art. 18)
- Data portability (Art. 20)
- Object to processing based on legitimate interest (Art. 21)
To exercise any of these rights, contact us at hello@annebellinger.com.
You also have the right to lodge a complaint with a data protection supervisory authority. The authority responsible for us is:
Datatilsynet
Carl Jacobsens Vej 35
2500 Valby
Denmark
Email: dt@datatilsynet.dk
7. Data Security
This site uses TLS/SSL encryption for all data transmitted between your browser and our server.
8. Changes to This Policy
We may update this policy if our processing activities change (e.g. if we add new tools or services). The current version always applies; check the "last updated" date above.
9. Contact
BELLINGER hello@annebellinger.com