Data Protection Regulation
Responsible for the processing of data is:
Datenschutz-Experten UG (haftungsbeschränkt) & Co. KG
Thank you for visiting our online shop. Protection of your privacy is very important to us. Below you will find extensive information about how we handle your data.
1. ACCESS DATA AND HOSTING
You may visit our website without revealing any personal information. With every visit on the website, the web server stores automatically only a so-called server log file which contains e.g. the name of the requested file, your IP address, the date and time of the request, the volume of data transferred and the requesting provider (access data), and documents the request. These access data are analysed exclusively for the purpose of ensuring the smooth operation of the website and improving our offer. This serves according to Art. 6 (1) 1 lit. f GDPR the protection of our legitimate interests in the proper presentation of our offer that are overriding in the process of balancing of interests. All access data are deleted no later than seven days after the end of your visit on our website.
2. DATA COLLECTION AND USE FOR PROCESSING THE CONTRACT, ESTABLISHING CONTACT AND FOR OPENING A CUSTOMER ACCOUNT
We collect personal data that you voluntarily submit to us when you place an order or contact us (e.g. via contact form or by email). Mandatory fields are marked as such because we absolutely need those data to perform the contract or process your contact request and you would otherwise not be able to complete your order or send the contact request. It is evident in each input form what data are collected. We use the data that you disclose to us to perform the contract and process your enquiries according to Art. 6 (1) (b) GDPR.
3. DATA PROCESSING FOR THE PURPOSE OF SHIPMENT
We forward your data to the shipping company within the scope required for the delivery of the ordered goods according to Art. 6 (1) (b) GDPR.
4. DATA PROCESSING FOR THE PURPOSE OF PAYMENT
As part of the payment process in our online shop, we work together with these partners: technical service provider, credit institution, payment service provider.
4.1 DATA PROCESSING FOR THE PURPOSE OF TRANSACTION PROCESSING
4.2 DATA PROCESSING FOR THE PURPOSE OF FRAUD PREVENTION AND OPTIMISATION OF OUR PAYMENT PROCESSES
We may forward other data to our service providers, which they use for the purpose of fraud prevention and to optimise our payment processes (e.g. invoicing, processing of contested payments, accounting support) together with the data necessary to process the payment as our processors.
This serves to safeguard our legitimate interests in fraud prevention or an efficient payment management in accordance with Art. 6 (1) (f) GDPR that are overriding in the process of balancing of interests.
4.3 CREDIT ASSESSMENT
In cases where we make deliveries before payment, e.g. in the case of a purchase on invoice, we will have to obtain information about your identity and creditworthiness using the services of specialised service providers (credit reference agencies) for the purpose of contract formation according to Art. 22 (2) (a) GDPR. To this end, we will transfer your personal data needed for the credit assessment to:
Creditsafe Deutschland GmbH
Schreiberhauer Straße 30
After full implementation of the contract and after expiry of the tax and commercial legal retention periods, your data processed for this purpose will be deleted, unless you have expressly consented to further use of your data or we reserve the right to use your data for other purposes which are permitted by law and about which we inform you in this notice.
5. MARKETING VIA E-MAIL
SENDING REVIEW REQUESTS BY E-MAIL
6. COOKIES AND FURTHER TECHNOLOGIES
In order to make visiting our website attractive and to enable the use of certain functions, to display suitable products or for market research, we use technologies on various pages, including so-called cookies. Cookies are small text files that are automatically stored on your end device. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your end device and enable us to recognise your browser during your next visit (persistent cookies). We use such technologies that are strictly necessary for the use of certain functions of our website (e.g. shopping cart function). These technologies are used to collect and process IP addresses, time of visit, device and browser information as well as information on your use of our website (e.g. information on the contents of the shopping basket). This serves to safeguard our legitimate interests in an optimised presentation of our offer in accordance with Art. 6 (1) (f) GDPR that are overriding in the process of balancing of interests.
You can find the cookies settings for your browser by clicking on the following links: Microsoft Edge™ [https://support.microsoft.com/de-de/help/4027947/microsoft-edge-delete-cookies] / Safari™ [https://support.apple.com/de-de/guide/safari/sfri11471/12.0/mac/10.14] / Chrome™ [https://support.google.com/chrome/answer/95647?hl=de&hlrm=en] / Firefox™ [https://support.mozilla.org/de/products/firefox/protect-your-privacy/cookies] / Opera™ [https://help.opera.com/de/latest/web-preferences/#cookies]
We integrated the Matomo component from the provider InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand into our website. Matomo is a software tool for the web analysis, i.e. collection and analysis of data on the behaviour of visitors to websites. Amongst other things, data is collected on which website the data subject accessed a website from (so-called referrer), which subpages of the website were accessed and how often and for how long a subpage was viewed. This is used to optimize websites and to carry out a cost-benefit analysis of Internet advertising.
The software is operated on the server of the controller responsible for processing, the log files, which are sensitive with regard to data protection, are solely stored on this server.
Matomo places a cookie on your operating system. The placement of this cookie enables us to analyze the use of our website. Each time one of the individual pages of this website is accessed, the browser on your operating system is automatically prompted by the Matomo component to transfer data to our server for the purposes of online analysis. As part of this technical process, we obtain knowledge of personal data such as the data subject’s IP address, which, amongst other things, serves tracing the origin of visitors and clicks.
Cookies are used to store personal information, such as access time, location from which the access was initiated and the frequency of visits to our websites. Whenever you visit our website, this personal information, including the IP address of the Internet connection you use, is transmitted to our server. We store this personal data. We do not disclose this personal data third parties.
You can prevent the placement of cookies by our website at any time by means of the appropriate setting in the web browser being used and in doing so, permanently object to the placement of cookies. Such a setting in the web browser being used would also prevent Matomo from placing a cookie in your operating system. Furthermore, a cookie that has already been placed by Matomo can be deleted at any time via your web browser or other software programs.
You also have the option of objecting to the collection of data generated by Matomo relating to the use of this website and to prevent such a collection. To do so, you must place an opt-out cookie. If your operating system is deleted, formatted or reinstalled at a later date, you need to reinstall the opt-out cookie. However, installing the opt-out cookie could also result in you not being able to use all functions of our website anymore.
These processing operations only take place if explicit consent is given according to art. 6 sec. 1 lit. a GDPR.
7. INTEGRATION OF THE TRUSTED SHOPS TRUSTBADGE
This is necessary to safeguard our legitimate prevailing interests in an optimal marketing by ensuring the safety of your purchase according to Article 6 (1) f GDPR. The Trustbadge and the services advertised with it are an offer of the Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany. The Trustbadge is made available by a CDN provider (Content-Delivery-Network) as part of order processing. The Trusted Shops GmbH uses also service provider from the USA. An adequate level of data protection is guaranteed. Further information to the data security of the Trusted Shops GmbH can be found here [https://www.trustedshops.co.uk/imprint/].
When the Trustbadge is called up, the web server automatically saves a server log file which contains, for example, your IP address, the date and time of the call, the amount of data transferred and the requesting provider (access data) and documents the call. Individual access data are stored in a security database for the analysis of security problems. The log files are automatically deleted 90 days after creation at the latest.
Further personal data will be transferred to Trusted Shops GmbH if you decide to use Trusted Shops products after completing an order or have already registered for use. The contractual agreement made between you and Trusted Shops applies. For this purpose personal data is automatically collected from the order data. Whether or not you are already registered as a Trusted Shops customer is automatically checked by means of a neutral parameter, the e-mail address hashed by cryptological one-way function. The e-mail address is converted to this hash value, which cannot be decrypted by Trusted Shops before it is transmitted. After checking for a match, the parameter is deleted automatically.
The Trusted Shops Trustbadge is integrated on this website to display our Trusted Shops Trustmark and the collected reviews as well as to offer Trusted Shops products to buyers after an order.
8. SOCIAL MEDIA
OUR ONLINE PRESENCE ON FACEBOOK, TWITTER, YOUTUBE, INSTAGRAM, XING, LINKEDIN
If you have given your consent to the respective social media provider in accordance with Art. 6 (1) (a) GDPR, when you visit our online presence on the social media mentioned above, your data will be automatically collected and stored for market research and advertising purposes, from which user profiles are created using pseudonyms. These can be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. Cookies are usually used for this purpose. For detailed information on the processing and use of data by the respective social media provider, as well as a contact option and your rights and settings options for the protection of your privacy, please refer to the provider's privacy policies linked below. Should you still require assistance in this regard, please contact us.
Facebook [http://www.facebook.com/about/privacy/] is provided by Facebook Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland (hereafter "Facebook Ireland") The information automatically collected by Facebook Ireland about your use of our online presence on Facebook is usually transferred to a server of Facebook, Inc, 1601 Willow Road, Menlo Park, California 94025, USA and stored there. There is no adequacy decision for the United States by the European Commission. Our cooperation is based on standard data protection clauses adopted by the European Commission. Data processing in the context of a visit to a Facebook fan page is based on an agreement between joint controllers in accordance with Art. 26 GDPR. Further information (information on Insights data) can be found here [http://www.facebook.com/legal/terms/information_about_page_insights_data].
Twitter [http://twitter.com/en/privacy] is provided by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland ("Twitter"). The information automatically collected by Twitter about your use of our online presence on Twitter is generally transmitted to and stored on a server at Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. There is no adequacy decision for the United States by the European Commission. Our cooperation is based on standard data protection clauses adopted by the European Commission.
Instagram [http://help.instagram.com/519522125107875] is provided by Facebook Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland (hereafter "Facebook Ireland") The information automatically collected by Facebook Ireland about your use of our online presence on Instagram is typically transferred to and stored on a server at Facebook, Inc, 1601 Willow Road, Menlo Park, California 94025, USA. There is no adequacy decision for the United States by the European Commission. Our cooperation is based on standard data protection clauses adopted by the European Commission. Data processing in the context of a visit to an Instagram fan page is based on an agreement between joint controllers in accordance with art. 26 DSGVO. Further information (information on Insights data) can be found here [http://www.facebook.com/legal/terms/information_about_page_insights_data].
YouTube [https://policies.google.com/privacy?hl=en] is provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (hereafter "Google"). The information automatically collected by Google about your use of our online presence on YouTube is generally transferred to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA and stored there. There is no adequacy decision for the United States by the European Commission. Our cooperation is based on standard data protection clauses adopted by the European Commission.
LinkedIn [http://www.linkedin.com/legal/privacy-policy]is provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn"). The information LinkedIn automatically collects about your use of our online presence on LinkedIn is generally sent to a server at LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA and stored there. There is no adequacy decision for the United States by the European Commission. Our cooperation is based on standard data protection clauses adopted by the European Commission.
Xing [https://privacy.xing.com/en/privacy-policy] is provided by New Work SE, Dammtorstraße 30, 20354 Hamburg.
Being the data subject, you have the following rights according to:
* art. 15 GDPR, the right to obtain information about your personal data which we process, within the scope described therein;
* art. 16 GDPR, the right to immediately demand rectification of incorrect or completion of your personal data stored by us;
* art. 17 GDPR, the right to request erasure of your personal data stored with us, unless further processing is required * to exercise the right of freedom of expression and information;
* for compliance with a legal obligation;
* for reasons of public interest or
* for establishing, exercising or defending legal claims;
* art. 18 GDPR, the right to request restriction of processing of your personal data, insofar as * the accuracy of the data is contested by you;
* the processing is unlawful, but you refuse their erasure;
* we no longer need the data, but you need it to establish, exercise or defend legal claims, or
* you have lodged an objection to the processing in accordance with art. 21 GDPR;
* art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request its transmission to another controller;
* art. 77 GDPR, the right to complain to a supervisory authority . As a rule, you can contact the supervisory authority at your habitual place of residence or workplace or at our company headquarters.
9. E-MAIL ADVERTISING WITH REGISTRATION FOR NEWSLETTER
If you register for our newsletter, we use the data required for this or separately provided by you in order to regularly send you our e-mail newsletter based on your consent in accordance with art. 6 para. 1 S. 1 lit. GDPR.
You can unsubscribe from the newsletter at any time and you can either send a message to the contact option described below or use a link provided in the newsletter. After unsubscribing, we will delete your e-mail address unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and which we will inform you about in this declaration.
10. CONTACT POSSIBILITIES AND YOUR RIGHTS
If you have any questions about how we collect, process or use your personal data, want to enquire about, correct, restrict or delete your data, or withdraw any consents you have given, or opt-out of any particular data use, please contact our in-house data protection officer:
Data protection Officer:
Right to object
If we process personal data as described above to protect our legitimate interests that are overriding in the process of balancing of interests, you may object to such data processing with future effect. If your data are processed for direct marketing purposes, you may exercise this right at any time as described above. If your data are processed for other purposes, you have the right to object only on grounds relating to your particular situation.
After you have exercised your right to object, we will no longer process your personal data for such purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
This does not apply to the processing of personal data for direct marketing purposes. In such a case we will no longer process your personal data for such purposes.
Datenschutzerklärung [https://shop.trustedshops.com/de/rechtstexte/] erstellt mit dem Trusted Shops [https://shop.trustedshops.com/de/] Rechtstexter in Kooperation mit FÖHLISCH Rechtsanwälte [https://foehlisch.com].