for Bands, Brands & Fans

Privacy policy

Coverstories GmbH

Effective: May 2025

We are pleased about your interest in our website. Protecting your privacy is very important to us. Below, we provide information on the processing of personal data on this website in accordance with the European General Data Protection Regulation (GDPR) and the Liechtenstein Data Protection Act (DSG).

1. Controller

Responsible for data processing on this website:


COVERSTORIES GMBH

Im Rossfeld 47, 9494 Schaan, Liechtenstein

Email: il.seirotsrevocobfsctd-57f141@ppilihp

Phone: +423 789 19 73

According to Art. 37 GDPR, a Data Protection Officer (DPO) is not required for our company and has therefore not been appointed.

2. General information on data processing

We process personal data only when legally permitted or if you have given your consent. Data processing is carried out in particular:

• to provide our website

• to handle orders in our online shop

• to organise workshops and coaching sessions

• to communicate with you

3. Legal basis for processing

According to Art. 6(1) GDPR, we process your data based on:

• Consent (lit. a), e.g. for contact forms or newsletters

• Contract performance (lit. b), e.g. for orders or workshop bookings

• Legal obligation (lit. c), e.g. for retention duties

• Legitimate interest (lit. f), e.g. for web analytics or IT security

4. Collection and storage of personal data

a) When visiting the website


The following data are automatically collected (server log files):

• IP address (anonymised)

• Date and time of access

• File name requested

• Browser type/version

• Operating system

• Referrer URL


Log files are stored for security purposes for a maximum of 30 days and are then automatically deleted.

Purpose: Technical stability and IT security. Legal basis: Art. 6(1)(f) GDPR.


b) When ordering, booking or contacting us


We may process:

• Full name

• Address

• Email address

• Phone number (optional)

• Payment details

• Message or booking content


Legal basis: Art. 6(1)(b) GDPR (contract), or Art. 6(1)(a) GDPR (consent).

5. Recipients of personal data

Personal data may be transferred to:

• Payment providers (e.g. Stripe, PayPal)

• Shipping providers (e.g. GLS, Post)

• IT and hosting services

• Tax consultants or public authorities as required by law

6. Cookies

This website uses cookies – small text files stored on your device.

• Essential cookies: Required for site functionality

• Optional cookies (only with consent): For analytics or personalization


When you first visit our site, a cookie consent banner allows you to accept or reject non-essential cookies.

Optional cookies are stored for a maximum of 12 months. You can withdraw your consent at any time via the cookie banner or by deleting cookies in your browser settings.

Legal basis: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interest)

7. Third-party services and content

Our website uses various external services and plugins which may process personal data. Below is an overview:


7.1 OpenStreetMap


For map display, we use OpenStreetMap. IP addresses may be sent to OpenStreetMap servers.

More: https://wiki.osmfoundation.org/wiki/Privacy_Policy


7.2 WordPress components


If you post a comment, we store your input, IP address and browser info for spam detection. Gravatar (profile images) may receive a hashed version of your email.

More: https://automattic.com/privacy/


7.3 Activity Log


For registered users, we track content-related activities like post creation or editing. This supports transparency and site security.


7.4 MailPoet newsletter


When subscribing to our newsletter, your name, email address and IP are stored. MailPoet may set cookies and track opens/clicks anonymously.

Newsletter subscriptions use a double opt-in process. After signing up, you will receive a confirmation email containing a link. By clicking this link, you confirm that you are the rightful owner of the email address.

More: https://automattic.com/privacy/


7.5 WooCommerce (online shop)


When you shop, we process personal data such as name, address, email, IP and payment details. Cookies help maintain your shopping cart.

Order data is stored in accordance with tax and business retention laws.


7.6 Payment services: Stripe & PayPal


We use Stripe and PayPal for payment processing. Data like your name, address, order value and IP may be transferred.

Privacy policies:

• Stripe: https://stripe.com/privacy

• PayPal: https://www.paypal.com/de/webapps/mpp/ua/privacy-full


7.7 Complianz consent tool


We use Complianz to manage cookie consent. Your anonymised IP is stored locally.

More: https://complianz.io/privacy-statement/


7.8 Google for WooCommerce


This plugin may transmit personal data to Google – e.g. for product ads or analytics.

More: https://policies.google.com/privacy


7.9 The Events Calendar


When creating or importing events, venues or organisers (e.g. via Eventbrite or Meetup), related data is stored.

This data remains on the website, unless you actively use external interfaces such as Google Maps, PayPal or Eventbrite.

By default, data remains local unless APIs like Google Maps, PayPal or Zoom are activated.

8. Data transfer to third countries

We only transfer data to countries outside the EEA when appropriate safeguards are in place (e.g. EU Standard Contractual Clauses). Your data is always protected.

9. Data retention

We store personal data only as long as necessary for the intended purpose or for the legally required period (e.g. 10 years for invoicing data).

10. Your rights

You have the right to:

• Access your stored data (Art. 15 GDPR)

• Rectify inaccurate data (Art. 16 GDPR)

• Delete data (“right to be forgotten”, Art. 17 GDPR)

• Restrict processing (Art. 18 GDPR)

• Data portability (Art. 20 GDPR)

• Object to processing (Art. 21 GDPR)

• Withdraw consent (Art. 7(3) GDPR)


No automated decision-making or profiling as defined in Article 22 GDPR takes place on our website.

Please email your request to: il.seirotsrevocobfsctd-1da9e1@ppilihp

11. Right to lodge a complaint

If you believe your data is being processed unlawfully, you may contact the data protection authority:


Data Protection Office Liechtenstein

Kirchstrasse 8, 9490 Vaduz

Email: il.vllobfsctd-414fb9@ssd.ofni

Web: https://www.datenschutzstelle.li

12. Data security

We use appropriate technical and organisational security measures to protect your data from loss, destruction or unauthorised access. Communication with our website is encrypted (SSL/HTTPS).

13. Changes to this Privacy Policy

We may update this privacy policy to reflect changes in law or our services. The latest version is always available on our website.