Privacy Policy

Last updated: 01/01/2026
Operator: fonts.xyz
Business Address: Ossastrasse, 12045 Berlin, Germany
Email: support@fonts.xyz

fonts.xyz (“we”, “our”, “us”) is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website or purchase our products. We comply with the EU General Data Protection Regulation (“GDPR”) and all relevant German data protection laws.

Data Controller

fonts.xyz [Insert Street Address] 10115 Berlin, Germany Email: support@fonts.xyz

Personal Data We Collect

Data you provide

• Account information: name, email address, password
• Order information: billing address, purchase details, VAT ID (if applicable)
• Payment information: processed via third-party providers (we do not store full card numbers)
• Communication data: messages sent to customer support

Data collected automatically

• IP address
• Browser type, device type, operating system
• Pages visited, referring URLs, time spent
• Cookies and similar technologies (see Section 7)

Data from third-party sources

• Payment processors (e.g., Stripe)
• Analytics providers (e.g., Google Analytics, Plausible)
• Email service providers (e.g., Mailjet)

Purposes and Legal Bases for Processing

• Purpose | Legal Basis (GDPR)
• Processing your order, delivering products | Art. 6(1)(b) – Contract
• Managing your customer account | Art. 6(1)(b) – Contract
• Sending service-related emails | Art. 6(1)(b) – Contract
• Answering support requests | Art. 6(1)(f) – Legitimate interest
• Marketing emails (with opt-in) | Art. 6(1)(a) – Consent
• Fraud prevention & security | Art. 6(1)(f) – Legitimate interest
• Website analytics | Art. 6(1)(a) – Consent (via cookie banner)

How We Share Your Data

We only share personal data with:

• Payment processors
• Cloud hosting providers
• Email service providers
• Analytics providers
• Legal authorities when required
• We do not sell your personal data.

International Data Transfers

If your data is transferred outside the EU/EEA, we ensure safeguards such as:

• Standard Contractual Clauses (SCCs)
• Transfers to providers certified under the EU–US Data Privacy Framework

Data Retention

• Order/billing data: 10 years (German tax law)
• Account data: until deletion
• Marketing data: until consent withdrawn
• Server logs: typically 30–90 days

Cookies and Tracking Technologies

We use cookies to: Enable essential website functionality Process purchases and remember cart items Perform analytics Provide personalized content

You can manage cookies through: our cookie banner browser settings “Do Not Track” preferences

Your Rights Under GDPR

You have the right to:

• Access your data (Art. 15)
• Rectify incorrect data (Art. 16)
• Erase data (Art. 17)
• Restrict processing (Art. 18)
• Object to processing (Art. 21)
• Data portability (Art. 20)
• Withdraw consent at any time (Art. 7)
• File a complaint with the Berlin Commissioner for Data Protection (BlnBDI)

To exercise your rights, contact: support@fonts.xyz

Security Measures

We implement:

• SSL encryption
• Authentication & access controls
• Encrypted backups
• Minimal data storage
• Regular security audits
• No method of storage or transmission is completely secure, but we follow industry best practices.

Third-Party Services Used

• Payment processors (Stripe, PayPal)
• Analytics tools (Google Analytics, Plausible)
• Email services (Mailchimp, Sendgrid)
• Hosting providers (AWS, Hetzner)

These third parties process data under their own privacy policies.

Children’s Privacy

Our services are not intended for persons under 18 years. We do not knowingly collect data from children.

Changes to This Privacy Policy

We may update this Privacy Policy periodically. Updates take effect when published on this page.

Contact Information

fonts.xyz
Ossastrasse 12045
12045 Berlin, Germany
Email: support@fonts.xyz.