Who We Are
Our website address is: https://www.eisenbahn-bildarchiv.com.
Aurora Eisenbahn Bildarchiv is a historical railway photo archive and e-commerce platform, offering digital downloads, research tools, and related services.

---

When visitors leave comments or product reviews on the site, we collect the data shown in the form, as well as the visitor’s IP address and browser user agent string to help detect spam.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to check if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment or review, your profile picture (if available) will be visible to the public alongside your content.

---

If you upload images or documents to the website (e.g., as part of user submissions), please avoid uploading files with embedded location data (EXIF GPS). Visitors may download and extract location data from publicly shared images.

---

• If you leave a comment or review, you may opt-in to saving your name, email, and website in cookies. These are for your convenience and last for one year.
• When you log in, temporary cookies are used to confirm your browser accepts cookies. These contain no personal data and expire when the browser is closed.
• Login cookies last for two days; display preference cookies last for one year. If you select “Remember Me”, your login persists for two weeks. Logging out removes these cookies.
• If you edit or publish content, an additional cookie will be saved, containing only the post ID.

---

Articles and product pages may include embedded content (videos, images, links, etc.). Embedded content behaves as if you visited the other website directly. These websites may collect data, use cookies, and monitor your interactions, especially if you have an account with them.

---

When you purchase digital downloads:

• We collect your billing details, email address, and payment confirmation.
• Payments are securely processed via third-party providers (e.g., Stripe, PayPal). We do not store your credit card or banking details on our servers.
• Your purchase history is stored to provide access to downloads, invoices, and license management.

---

• Payment Providers: Stripe, PayPal, or other gateways you choose.
• Security & Anti-Spam Services: Automated systems (e.g., Akismet, firewall logs) to prevent fraud.
• Email Marketing: If you opt-in, your data may be processed via Mailchimp or similar tools for newsletters and abandoned cart reminders.

We do not sell or trade your personal data.

---

• Comments & Reviews: Retained indefinitely.
• Registered Accounts: We store personal information provided in your profile. You may edit or delete your data at any time (username changes excluded).
• Order Records: Retained for accounting, licensing, and legal compliance (usually 6–10 years under German law).

---

If you have an account or left comments, you can request:

• An exported file of the personal data we hold about you.
• Deletion of personal data we hold, except where legally required (e.g., financial transactions).

Requests can be sent via our contact form.

---

We implement strict security measures:

• Hourly monitoring of file changes and login attempts.
• Firewalls, malware scanning, and SSL encryption.
• Limited staff access to sensitive data, restricted by role-based permissions.

---

Emails may be routed through newsletter or transactional email providers.

Visitor comments and reviews may be checked via automated spam detection services.

Payment data is processed securely via encrypted third-party payment gateways.