Welcome
Welcome to whokilledbambi.net. If you are here, you probably have an excellent taste in unique items. Because we value your trust just as much as a rare first-edition punk record, we take your privacy incredibly seriously. No creepy tracking, no selling your soul to third-party data brokers. Just the essentials needed to get our highlights from our hands into yours.
Since we operate out of Germany, the ironclad rules of the General Data Protection Regulation (GDPR / DSGVO) apply. Here is the lowdown on what happens to your data when you hang out here.
TL;DR: We only collect what we absolutely need to ship your items or answer your questions. We don't spy on you. Period.
1. Who is responsible here? (The Controller)
The person pulling the strings behind this website, deciding what gets collected, and making sure it stays safe is:
Gabba Gabba Hey GmbH
Rosenthaler Straße 40
10178 Berlin, Germany
Email: HiThere@whokilledbambi.org
If you have any burning questions about your data, just drop us a line. No bureaucratic forms required.
2. What data we collect & why
A. When you just look around (server log files)
Our web server automatically logs a tiny bit of technical stuff every time you visit. It's basic internet physics. This includes:
- Your anonymized IP address (so we know a human arrived, but not exactly who)
- Date and time of your visit
- Which exact page you looked at
- Your browser type and operating system (so the site actually renders correctly)
Legal basis: Art. 6 (1) (f) GDPR (our legitimate interest in keeping this website stable, secure, and crash-free).
B. When you buy a highlight or send an inquiry
Since this is a curated space for rare pieces and not a giant corporate automated factory, you either click a direct payment button or shoot us a message. To fulfill your order or answer your request, we need:
- Your name
- Your shipping & billing address
- Your email address
- Your payment information (processed securely, see below)
Legal basis: Art. 6 (1) (b) GDPR (necessary to fulfill a contract with you or take steps before entering into one).
3. Who else sees your data? (Third parties)
We don't hoard data, and we certainly don't sell it. However, unless you want to walk to Berlin to pick up your item personally, we have to share the bare minimum with a few trusted partners:
- Shipping heroes: DHL, UPS, or whichever courier we trust to handle your package with care gets your name and address.
- Payment processors: If you use a direct payment link (like Stripe or PayPal), you handle the payment directly on their secure servers. We never see, touch, or store your credit card numbers or banking passwords. They just send us a digital thumbs-up saying "Paid!" so we can ship your item.
- Our host: The server where this HTML site lives handles the data traffic securely under a strict Data Processing Agreement (DPA).
4. How long do we keep it?
We keep your inquiries only as long as needed to handle your request. However, if you buy an item, German tax law (Finanzamt) demands that we keep the invoice and transaction records for up to 10 years. We can't argue with the taxman, sorry!
5. Your rights (you are the boss)
Under the GDPR, you have the ultimate power over your personal data. You have the right to:
- Ask us what data we have on you (right of access)
- Fix it if something is wrong (right to rectification)
- Tell us to delete it (right to erasure — as long as the taxman doesn't require it)
- Take it with you (right to data portability)
- Complain to a data privacy authority if you think we messed up (though we really hope you'll talk to us first!)
6. Cookies and tracking
This is a clean, hand-crafted HTML site, so we keep tracking to an absolute minimum. We do use Google Analytics to get a rough sense of how many people stop by and which pages they like — but only after you give us the thumbs-up via the cookie banner. If you click "no crumbs for you," Google Analytics never loads, full stop.
Google Analytics may set cookies and process some technical data (like your approximate region and device type) on Google's servers. We don't use this data to build creepy ad profiles or sell anything to you based on it — it's purely so we know whether anyone's actually reading this stuff. You can withdraw your consent at any time by clearing your browser's site data and reloading the page, which brings the cookie banner back.
Legal basis: Art. 6 (1) (a) GDPR (your consent, given via the cookie banner).
7. SSL encryption (safety first)
To protect your data while it travels through the web, this site uses modern SSL/TLS encryption. You can tell by the little padlock icon next to our URL in your browser bar. It means your connection to us is private and secure.
Now that the legal formalities are out of the way, go back to enjoying the unique pieces! Thanks for reading.