With this statement we inform you about the nature and extent, as well as the purpose and legal basis of the processing of personal data on this website and on any online presence in social networks. In addition, we communicate here our information and notification obligations for the use of personal data in our house.
NAME AND ADDRESS OF THE RESPONSIBLE PERSON
The person responsible within the meaning of the General Data Protection Regulation (DSGVO) and other national data protection laws of the member states as well as other data protection regulations is the company named in the imprint.
CONTACT THE DATA PROTECTION OFFICER
We are not obligated to order a data protection officer. For questions about privacy please contact us at: email@example.com
Understanding the processing of personal data
We only collect and process the personal data of our users to the extent necessary for the provision of a functional website or the provision of services by our company. The processing takes place only with their consent, or if it permits or commits a legal regulation.
The security of your personal data is a high priority for us. We therefore protect your data through technical and organizational measures to prevent misuse of the use. We regularly review the measures taken and adapt these to current technical conditions. In addition, we commit all employees to confidentiality in accordance with §28 DSGVO.
Purposes and legal basis of processing, transfer to third parties and abroad
We process your data for the following purposes:
Fulfillment of new or existing contractual relationships or for the implementation of pre-contractual measures, e.g. the creation of offers
Sending marketing information
Editing requests, e.g. as part of our core activity or for letters of application
Provision of telemedia, e.g. our website or e-mail
In doing so, we process the data on the basis of the legal basis of Art. 6 para. 1 DSGVO:
Art. 6 para. 1 lit. a GDPR: processing operations based on their consent
Art. 6 para. 1 lit. b DSGVO: processing operations to fulfill a contract or precontractual measures, e.g. a purchase or service contract or the solicitation of an offer
Art. 6 para. 1 lit. c DSGVO: processing operations to which we are legally obliged, e.g. the storage for tax reasons
Art. 6 para. 1 lit. DSGVO: processing operations that we carry out based on our legitimate interests, e.g. the disclosure of their data to postal service providers for the purpose of sending mail or to a tax consultant. This includes the storage of website usage information for the purpose of optimizing our website.
The disclosure of their data to third parties is based on the above permits and occurs only in the context of a contract processing contract or if other confidentiality obligations exist, this includes professional secret carriers or shipping service providers. If a transfer to third countries outside the European Economic Area takes place, there is a corresponding adequacy decision in accordance with Article 45 GDPR of the respective third country (for example for Switzerland) or corresponding guarantees of the recipients under Art. 46 GDPR, e.g. a certification under the Privacy Shield for companies in the US.
Duration of storage, deletion of personal data
Personal data will only be processed and stored for the period required to fulfill the processing purposes. After fulfillment of the purpose, your data will be deleted or blocked by us, as long as we are no longer subject to a statutory storage obligation.
We send newsletters with promotional content to our customers. The legal basis for the shipment is either the consent in accordance with Art. 6 para. 1 lit. a, if you have entered yourself into the newsletter via the newsletter function. The entry is made with the double opt-in method, i. You will receive a confirmation e-mail in which you must click on a confirmation link. You can object to the consent at any time, this includes each newsletter a logout function.
If we have saved your name, we will use it for the address. If possible, we will send the newsletter gender-specific.
We use the external service provider Mailchimp to send the newsletter. For this purpose, the data will be transferred to the USA. The provider meets the criteria of the Privacy Shield.
The provider maintains a database in which we can see information about the registration and deregistration and a contradiction or revocation of a consent.
The logging serves to safeguard our legitimate interest in accordance with Art. 6 para. 1 lit. f DSGVO, to provide a user-friendly and legally compliant newsletter, e.g. in relation to proof requirements.
E-mail advertising if you do not subscribe to the newsletter and your right to opt out If we receive your e-mail address in connection with the sale of a product or service and you have not opted out and you are not a consumer who has his habitual residence in Poland, we reserve the right to regularly email you offers for products from our product range that are similar to those you have already purchased. This serves the protection of our legitimate interests in promoting and advertising our products to customers that are overriding in the process of balancing of interests. You can opt out of this use of your email address at any time by sending a message to the contact option specified below or by using the opt-out link in the advertising email, without incurring any costs beyond the cost of transfer calculated at the base rates.
Use of our online shop and customer registration
As part of the registration, or unregistered use as a guest, our online shop system, we process the data of our customers and prospects for the purpose of ordering, billing and delivery of goods.
Processing takes place on the basis of a contract or pre-contractual measures according to Art. 6 para. 1 lit. b DSGVO for the execution of the order, billing and delivery, and in accordance with Art. 6 para. 1 lit. c DSGVO regarding the storage obligation.
In order to prevent abuse, we save the filing date and time and the IP address in accordance with Art. 6 para. 1 lit. c DSGVO, i. to safeguard our legitimate interest.
The data we collect are customer master data, contract data and any customer communication.
As part of the visit to the website, we store cookies via the shopping cart and the login status.
According to Art. 25 GDPR, we only collect data that is absolutely necessary for processing the order.
We only pass the data on to third parties, if necessary also abroad, if this is necessary for the processing of the billing, or delivery or if this is legally obligatory or permitted.
If you have created a user account in the context of the order, you can in the profile of the account other, voluntary information in the context of a consent acc. Art. 6 para. 1 lit. a.
You have the option of having the customer account deleted, provided that no retention requirements for commercial or tax reasons prevent this.
If you have created an online account with us, the account will be deleted after 10 years according to the statutory storage obligation or archiving obligation.
To improve our online offer, i. to safeguard our legitimate interest in accordance with Art. 6 para. 1 lit. c DSGVO, we incorporate fonts (“Google Fonts”) provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
The use of Google Fonts also collects and possibly collects data about the use of fonts from Google.
Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Using the Facebook pixel
Our Facebook site uses the so-called “Facebook Pixel” of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland. Facebook is certified according to the Privacy Shield ((https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active)
The Facebook Pixel allows us to target our ads only to users who are particularly eligible for our products, i. only those users who have shown interest in our shop or similar products of other providers. For this we forward to Facebook areas of interest and topics (“Custom Audiences”).
By using the Facebook pixel, we are also able to understand statistical information about user behavior, i.a. whether a user has reached our website via Facebook.
You have the option of blocking user-specific advertising in your Facebook profile. The settings apply to your profile and are therefore independent of the browser used or the platform used: https://www.facebook.com/settings?tab=ads.
Collection of access data and log files
We collect access data (log files) on every server access on the basis of our legitimate interests in accordance with Art. 6 para. 1 lit. f. DSGVO. This includes the name of the retrieved web page, the date and time of the retrieval, transferred file and data volume, message about the success or failure of the retrieval, browser type and browser version, the operating system, referrer URL (the previously visited page) and their IP address.
Log files are collected for security purposes (for example, to investigate crimes) and stored for a period of 7 days and then deleted. If data are still required for evidence, they will be exempted from the cancellation until the final clarification of the incident.
To ensure a fast and stable connection, we have outsourced the hosting to an external service provider. This process the above-mentioned log data according to our specifications. The disclosure is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f DSGVO i.V.m. Art. 28 GDPR.
Cookies are files stored by the Internet browser on the user’s computer system. When accessing this website, cookies will be stored in the browser memory of the data subject.
You can prevent the storage of cookies in the browser, the page may u.U. however, they only work to a limited extent. It makes more sense at this point to set the deletion of all cookies after the end of each browser session, which works on our site without restriction and a recognition at the next visit with all positive and negative consequences.
We use URL Shorteners (Bitly) through social media, which provide information on the platform they have accessed from us, from which country they have accessed this link, a date on which the link was clicked as well as information about the number of times a link is used.
We use technical cookies, as this is technically necessary for the operation of the service offered in accordance with Art. 6 (1) lit. f DSGVO, i. to safeguard our legitimate interest.
Technical cookies are used to recognize a user when the website is called up again and so, for example. made language settings, a shopping cart or similar Save beyond a surfing session.
In addition, we use tracking cookies to obtain statistical evaluations about the usage behavior of our website. The legal basis for this is also the preservation of our legitimate interest in accordance with Art. 6 (1) lit. f DSGVO. The tracking cookies include:
This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, your IP address will be shortened by Google beforehand within member states of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible. In addition, you may prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading the browser plug-in available under the following link and install: http://tools.google.com/dlpage/gaoptout
Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
We have completed the mandatory privacy agreement with Google in writing. See also www.google.de/analytics/terms/de.html
When making contact (eg via contact form, e-mail, telephone or via social networks), the personal data of the user for processing the contact request according to. Art. 6 para. 1 lit. b DSGVO, i. to fulfill a contract or precontractual measures. If necessary, your data will be transferred to a customer management program (CRM system). Please note that we are committed to e-mail archiving according to the GoBD; a complete deletion of e-mails sent to us (from our archive system) is therefore not possible.
Information transmitted via our contact form on our website is securely encrypted in accordance with the requirements of TMG §13 (7).
Transfer of personal data
Your data will be forwarded to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of the goods. To process payments, we pass on your payment data to the bank responsible for the payment.
In addition, we conduct credit checks, in particular with regard to credit card misuse within the scope of our legitimate interest in accordance with Art. 6 para. 1 lit. c DSGVO by.
Provided that you gave us your express consent to it, we reserve the right to obtain information about your identity and creditworthiness using the services of specialised service providers (credit reference agencies). To this end, we will transfer your personal data needed for the credit assessment to the following company(ies): CRIF Bürgel GmbH Radlkoferstraße 2 81373 München Germany In this process, we will apply appropriate measures to respect your rights, freedoms and legitimate interests. You can contact us via the contact option specified below to present your standpoint and contest the decision. You may revoke your consent at any time by sending a message using the contact data below. The consequence may be that we will no longer be able to offer you certain payment options.
Processing of applicant data
If you send us application documents to our application e-mail address (firstname.lastname@example.org), we will archive the information sent to us for up to 6 months in order to safeguard our legitimate interest so that we can contact you in the event of a vacancy can. After 6 months the emails will be deleted from our active system. You have the option of objecting to the storage directly or subsequently. If necessary, contact us again.
If we process personal data of you, then you are concerned in terms of the GDPR and they have the following rights to the responsible body:
Reference to the persons concerned
If we process personal data of you, then you are concerned in terms of the GDPR and they have the following rights to the responsible body:
Right to information and data portability
You have the right to request information about the personal data stored about you.
You have the right to receive the requested data in a common, machine-readable format.
Right to rectification
You have the right to ask the person responsible for the correction of incorrect personal data concerning you. Taking into account the purposes of processing, they have the right to ask for the completion of incomplete personal data.
Right to restriction
Under the following conditions they may request the restriction of the processing of personal data concerning them:
1) The accuracy of the personal data is contested by the data subject for a period of time which enables the person responsible to check the accuracy of the personal data.
2) The processing is unlawful and the data subject refuses to delete the personal data and instead requests the restriction of the use of the personal data.
3) The controller no longer needs the personal data for the purposes of processing, but the data subject requires them to assert, exercise or defend legal claims, or if
4) the data subject objects to the processing, as long as it is not certain that the legitimate reasons of the person responsible outweigh those of the data subject.
If the processing has been restricted, these personal data may be stored only with the consent of the data subject or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of significant public interest Union or a Member State. We will inform you before the restriction is lifted.
Right to delete
They may request the deletion of the processing of personal data concerning them under the following conditions:
1) The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
2) The data subject revokes their consent and there is no other legal basis for the processing.
3) The data subject objects to the processing and there are no legitimate reasons for the processing.
4) The personal data were processed unlawfully.
5) The deletion of personal data is required to fulfill a legal obligation under Union or national law to which the controller is subject.
6) The personal data has been collected in relation to the use of web services.
RIGHT TO REVOKE A DECLARATION OF CONSENT
You have the right to revoke your consent to the processing of personal data at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
Right to information
If you have the right to correct, delete or restrict the processing, we are obliged to notify all recipients to whom this information has been transmitted about the correction, deletion or restriction of the data, unless this is a disproportionate effort or impossible.
RIGHT TO OBJECTION
You have the right, at any time, to object to the processing of your personal data for reasons arising from your particular situation; this also applies to profiling based on these provisions. The controller no longer processes the personal data unless he can demonstrate compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the data subject, or the processing is for the purpose of enforcing, pursuing or defending legal claims.
If personal data are processed in order to operate direct mail, they have the right to object at any time to the processing of personal data concerning them for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct mail.
AUTOMATED DECISION ON AN INDIVIDUAL BASIS INCLUDING PROFILING
You have the right not to be subjected to a decision based solely on automated processing – including profiling – that will have legal effect or similarly affect you in a similar manner. This does not apply if the decision
1) is required for the conclusion or performance of a contract between you and the controller,
(2) is permitted by Union or Member State legislation to which the controller is subject and where such legislation contains appropriate measures to safeguard your rights and freedoms and legitimate interests, or
3) with your express consent.
Decisions pursuant to paragraph 2 may not be based on special categories of personal data pursuant to Art. 9 (1) DSGVO Paragraph 1, unless Art. 9 (2) lit. a or g DSGVO applies and appropriate measures have been taken to protect the rights and freedoms as well as the legitimate interests of the data subject.
With regard to the cases referred to in (1) and (3), the person responsible shall take appropriate measures to uphold the rights and freedoms and their legitimate interests, including at least the right to obtain the intervention of a person by the controller, to express his / her own position and heard on challenge of the decision.
RIGHT TO COMPLAIN TO A SUPERVISORY AUTHORITY
You have the right to lodge a complaint with a supervisory authority, without prejudice to any other administrative or judicial remedy, in particular in the Member State of its habitual residence, employment or the place of alleged infringement, if you consider that the processing of the personal data concerning you is against the DSGVO violates.
The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.
Non-provision of personal data
If you do not provide us with personal data that we need for contractual purposes, this non-provisioning generally means that the contract can not be closed. In individual cases, we can inform you whether a provision is legally binding or contractually required and what would be the consequences of non-provision in individual cases.