Privacy policy
–––––––––––––––––––––––––––
Data Protection Declaration
–––––––––––––––––––––––––––
1) Information on the Collection of Personal Data and Contact Details of the Controller
1.1 We are pleased that you are visiting our website and thank you for your interest. On the following pages, we inform you about the handling of your personal data when using our website. Personal data is all data with which you can be personally identified.
1.2 The controller in charge of data processing on this website, within the meaning of the General Data Protection Regulation (GDPR), is Dirk & Nils Peschek GbR, Weingartstr. 06, 41464 Neuss, Germany, Phone.: +49 (0)173 7315361, e-mail: dnpgems@gmail.com. The controller in charge of the processing of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.
1.3 The controller has designated a data protection officer. He can be reached as follows: "Nils Peschek, Bergheimer Str. 151, 41464 Neuss, dnpgems@gmail.com"
2) Data Collection When You Visit Our Website
2.1 When using our website for information only, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data that is technically necessary for us to display the website to you:
- Our visited website
- Date and time at the moment of access
- Amount of data sent in bytes
- Source/reference from which you came to the page
- Browser used
- Operating system used
- IP address used (if applicable: in anonymized form)
Data processing is carried out in accordance with Art. 6 (1) point f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files subsequently, if there are any concrete indications of illegal use.
2.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the controller). You can recognize an encrypted connection by the character string https:// and the lock symbol in your browser line.
3) Hosting & Content Delivery Network
3.1 Shopify
For the hosting of our website and the display of the page content, we use the system of the following provider: Shopify International Limited, Victoria Buildings, 2nd floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland
Data is also transferred to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada
All data collected on our website is processed on the provider's servers. We have concluded an order processing agreement with the provider, ensuring the protection of our site visitors' data and prohibiting unauthorised disclosure to third parties.
In case of data transfer to Canada, an adequate level of data protection is guaranteed by an adequacy decision of the European Commission.
3.2 Cloudflare
We use a content delivery network offered by the following provider: Cloudflare Inc., 101 Townsend St. San Francisco, CA 94107, USA
This service enables us to deliver large media files such as graphics, page content or scripts faster via a network of regionally distributed servers. The processing is carried out to protect our legitimate interest in improving the stability and functionality of our website pursuant to Art. 6 (1) point f GDPR. We have concluded an order processing agreement with the provider, ensuring the protection of our site visitors' data and prohibiting unauthorised disclosure to third parties.
For data transfers to the USA, the provider participates in the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.
4) Cookies
In order to make your visit to our website more attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your end device. In some cases, these cookies are automatically deleted again after the browser is closed (so-called "session cookies"), in other cases, these cookies remain on your end device for longer and allow page settings to be saved (so-called "persistent cookies"). In the latter case, you can find the duration of the storage in the overview of the cookie settings of your web browser.
If personal data is also processed by individual cookies set by us, the processing is carried out either in accordance with Art. 6 (1) point b GDPR for the performance of the contract, in accordance with Art. 6 (1) point a GDPR in the case of consent given or in accordance with Art. 6 (1) point f GDPR to safeguard our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the page visit.
You can set your browser in such a way that you are informed about the setting of cookies and you can decide individually about their acceptance or exclude the acceptance of cookies for certain cases or in general.
Please note that the functionality of our website may be limited if cookies are not accepted.
5) Contacting Us
5.1 WhatsApp Business
We offer visitors to our website the opportunity to contact us via the WhatsApp news service of WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. For this purpose, we use the so-called "Business Version" of WhatsApp.
If you contact us via WhatsApp in connection with a specific business transaction (e.g. an order placed), we will store and use the mobile telephone number you use at WhatsApp and - if provided - your first name and surname in accordance with Art. 6 para. 1 lit. b. GDPR to process and answer your request. Based on the same legal basis, we will ask you via WhatsApp to provide further data (order number, customer number, address or e-mail address), if necessary, in order to be able to allocate your enquiry to a specific transaction.
If you use our WhatsApp contact for general enquiries (e.g. about the range of services, availability or our website), we will store and use the mobile phone number you use at WhatsApp and - if provided - your first and last name in accordance with Art. 6 Para. 1 lit. f GDPR based on our justified interest in the efficient and prompt provision of the requested information.
Your data will always be used only to answer your request via WhatsApp. Your data will not be passed on to third parties.
Please note that WhatsApp Business gains access to the address book of the mobile device we use for this purpose and automatically transfers telephone numbers stored in the address book to a server of the parent company Meta Platforms Inc. in the USA. To operate our WhatsApp Business account, we use a mobile device whose address book saves only the WhatsApp contact data of those users who have also contacted us via WhatsApp.
This ensures that each person whose WhatsApp contact data is stored in our address book has already consented to the transmission of his WhatsApp telephone number from the address books of his chat contacts in accordance with Art. 6 Para. 1 lit. a GDPR when using the app on his device for the first time by accepting the WhatsApp terms of use. The transmission of data of such users who do not use WhatsApp and/or have not contacted us via WhatsApp is therefore excluded.
For the purpose and scope of data collection and the further processing and use of data by WhatsApp, as well as your rights and setting options for protecting your privacy, please refer to WhatsApp's data protection information: https://www.whatsapp.com/legal/?eea=1#privacy-policy
In the course of the above-mentioned processing, data may be transferred to servers of Meta Platforms Inc. in the USA.
For data transfers to the USA, the provider participates in the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.
5.2 When you contact us (e.g. via contact form or e-mail), personal data is collected. Which data is collected in the case of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or for establishing contact and for the associated technical administration.
The legal basis for processing data is our legitimate interest in responding to your request in accordance with Art. 6 (1) point f GDPR. If your contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 (1) point b GDPR. Your data will be deleted after final processing of your enquiry; this is the case if it can be inferred from the circumstances that the facts in question have been finally clarified, provided there are no legal storage obligations to the contrary.
6) Data Processing When Opening a Customer Account and for Contract Processing
Pursuant to Art. 6 (1) point b GDPR, personal data will continue to be collected and processed to the extent required in each case if you provide us with this data when opening a customer account. The data required for opening an account can be found in the input mask of the corresponding form on our website. Deletion of your customer account is possible at any time and can be done by sending a message to the above address of the person responsible. After deletion of your customer account, your data will be deleted, provided that all contracts concluded via it have been fully processed, no legal retention periods are opposed and no legitimate interest on our part in the continued storage exists.
7) Commentary Function
Within the scope of the commentary function on this website, in addition to your comment, information on the time of writing the comment and the name of the commentator you have chosen is stored and published on the website. Furthermore, your IP address is logged and stored. This IP address is stored for security reasons in case the person concerned violates the rights of third parties or posts illegal content by submitting a comment. We need your e-mail address to contact you if a third party should object to your published content as unlawful. The legal basis for the storage of your data is Art. 6 (1) point b and f GDPR. We reserve the right to delete comments if they are objected to as unlawful by third parties.
8) Use of Client Data for Direct Advertising
8.1 Clever Push
On this website, you have the option of subscribing to regular push notifications with information about our offering.
For this purpose, we use the services of the following provider: CleverPush UG (haftungsbeschränkt), Tondernstr. 1, 22049 Hamburg, Germany
In the course of the subscription, with which you give your express consent to receive push notifications and related processing pursuant to Art. 6 (1) point a GDPR, your browser ID and end device ID are collected, stored and used by the provider for the correct mapping and display of the notifications.
Subject to your express consent pursuant to Art. 6 (1) point a GDPR, the provider also carries out a statistical evaluation of push integrations and interactions, whereby further information (e.g. time of page access, IP address) is collected and analysed, but not combined with other data records.
You can revoke your consent to data processing for receiving push notifications and statistical performance measurement at any time with effect for the future by deactivating the service in your browser settings or - depending on the operating system - by interacting with the respective push notification to unsubscribe.
We have concluded an order processing agreement with the provider, which ensures the protection of our website visitors' data and prohibits unauthorised disclosure to third parties.
8.2 Get Response
On this website, you have the option of subscribing to regular push notifications with information about our offering.
For this purpose, we use the services of the following provider: GetResponse" operated by GetResponse Sp. z o.o., Arkonska 6, A3, Gdansk (80-387), Poland
In the course of the subscription, with which you give your express consent to receive push notifications and related processing pursuant to Art. 6 (1) point a GDPR, your browser ID and end device ID are collected, stored and used by the provider for the correct mapping and display of the notifications.
Subject to your express consent pursuant to Art. 6 (1) point a GDPR, the provider also carries out a statistical evaluation of push integrations and interactions, whereby further information (e.g. time of page access, IP address) is collected and analysed, but not combined with other data records.
You can revoke your consent to data processing for receiving push notifications and statistical performance measurement at any time with effect for the future by deactivating the service in your browser settings or - depending on the operating system - by interacting with the respective push notification to unsubscribe.
We have concluded an order processing agreement with the provider, which ensures the protection of our website visitors' data and prohibits unauthorised disclosure to third parties.
8.3 PushOwl
On this website, you have the option of subscribing to regular push notifications with information about our offering.
For this purpose, we use the services of the following provider: Creatorbox Softwares Private Limited 80 Feet Road, Koramangala, 4th Block, Bangalore- 560034, Karnataka, India
In the course of the subscription, with which you give your express consent to receive push notifications and related processing pursuant to Art. 6 (1) point a GDPR, your browser ID and end device ID are collected, stored and used by the provider for the correct mapping and display of the notifications.
Subject to your express consent pursuant to Art. 6 (1) point a GDPR, the provider also carries out a statistical evaluation of push integrations and interactions, whereby further information (e.g. time of page access, IP address) is collected and analysed, but not combined with other data records.
You can revoke your consent to data processing for receiving push notifications and statistical performance measurement at any time with effect for the future by deactivating the service in your browser settings or - depending on the operating system - by interacting with the respective push notification to unsubscribe.
We have concluded an order processing agreement with the provider, which ensures the protection of our website visitors' data and prohibits unauthorised disclosure to third parties.
9) Processing of Data for the Purpose of Order Handling
9.1 Insofar as necessary for the processing of the contract for delivery and payment purposes, the personal data collected by us will be passed on to the commissioned transport company and the commissioned credit institution in accordance with Art. 6 Para. 1 lit. b GDPR.
If we owe you updates for goods with digital elements or for digital products on the basis of a corresponding contract, we will process the contact data (name, address, e-mail address) provided by you when placing the order in order to inform you personally by suitable means of communication (e.g. by post or e-mail) about upcoming updates within the legally stipulated period of time within the framework of our statutory duty to inform pursuant to Art. 6 Para. 1 lit. c GDPR. Your contact details will be used strictly for the purpose of informing you about updates owed by us and will only be processed by us for this purpose to the extent that this is necessary for the respective information.
In order to process your order, we also work together with the following service provider(s), who support us in whole or in part in the execution of concluded contracts. Certain personal data is transferred to these service providers in accordance with the following information.
9.2 Passing on Personal Data to Shipping Service Providers
- Deutsche Post
We use the following provider as transport service provider: Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn, Germany
We pass on your e-mail address and/or telephone number to the provider in accordance with Art. 6 (1) point a GDPR prior to delivery of the goods for the purpose of coordinating a delivery date or for delivery notification, if you have given your express consent in the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to the supplier for the purpose of delivery in accordance with Art. 6 (1) point b GDPR. The transmission only takes place to the extent necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the supplier or the delivery announcement is not possible.
The consent can be revoked at any time with effect for the future vis-à-vis the responsible person named above or vis-à-vis the provider.
- DHL
We use the following provider as transport service provider: Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn, Germany
We pass on your e-mail address and/or telephone number to the provider in accordance with Art. 6 (1) point a GDPR prior to delivery of the goods for the purpose of coordinating a delivery date or for delivery notification, if you have given your express consent in the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to the supplier for the purpose of delivery in accordance with Art. 6 (1) point b GDPR. The transmission only takes place to the extent necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the supplier or the delivery announcement is not possible.
The consent can be revoked at any time with effect for the future vis-à-vis the responsible person named above or vis-à-vis the provider.
- DHL Express
We use the following provider as transport service provider: DHL Express Germany GmbH, Heinrich-Brüning-Str. 5, 53113 Bonn, Germany
We pass on your e-mail address and/or telephone number to the provider in accordance with Art. 6 (1) point a GDPR prior to delivery of the goods for the purpose of coordinating a delivery date or for delivery notification, if you have given your express consent in the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to the supplier for the purpose of delivery in accordance with Art. 6 (1) point b GDPR. The transmission only takes place to the extent necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the supplier or the delivery announcement is not possible.
The consent can be revoked at any time with effect for the future vis-à-vis the responsible person named above or vis-à-vis the provider.
- DPD
We use the following provider as transport service provider: DPD Deutschland GmbH, Wailandtstraße 1, 63741 Aschaffenburg, Germany
We pass on your e-mail address and/or telephone number to the provider in accordance with Art. 6 (1) point a GDPR prior to delivery of the goods for the purpose of coordinating a delivery date or for delivery notification, if you have given your express consent in the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to the supplier for the purpose of delivery in accordance with Art. 6 (1) point b GDPR. The transmission only takes place to the extent necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the supplier or the delivery announcement is not possible.
The consent can be revoked at any time with effect for the future vis-à-vis the responsible person named above or vis-à-vis the provider.
- FedEx
We use the following provider as transport service provider: FedEx Express Germany GmbH, Langer Kornweg 34 k, 65451 Kelsterbach, Germany
We pass on your e-mail address and/or telephone number to the provider in accordance with Art. 6 (1) point a GDPR prior to delivery of the goods for the purpose of coordinating a delivery date or for delivery notification, if you have given your express consent in the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to the supplier for the purpose of delivery in accordance with Art. 6 (1) point b GDPR. The transmission only takes place to the extent necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the supplier or the delivery announcement is not possible.
The consent can be revoked at any time with effect for the future vis-à-vis the responsible person named above or vis-à-vis the provider.
- GLS
We use the following provider as transport service provider: General Logistics Systems Germany GmbH & Co. OHG, GLS Germany-Straße 1 – 7, 36286 Neuenstein, Germany
We pass on your e-mail address and/or telephone number to the provider in accordance with Art. 6 (1) point a GDPR prior to delivery of the goods for the purpose of coordinating a delivery date or for delivery notification, if you have given your express consent in the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to the supplier for the purpose of delivery in accordance with Art. 6 (1) point b GDPR. The transmission only takes place to the extent necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the supplier or the delivery announcement is not possible.
The consent can be revoked at any time with effect for the future vis-à-vis the responsible person named above or vis-à-vis the provider.
- Hermes
We use the following provider as transport service provider: Hermes Logistik Gruppe Deutschland GmbH, Essener Straße 89, 22419 Hamburg, Germany
We pass on your e-mail address and/or telephone number to the provider in accordance with Art. 6 (1) point a GDPR prior to delivery of the goods for the purpose of coordinating a delivery date or for delivery notification, if you have given your express consent in the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to the supplier for the purpose of delivery in accordance with Art. 6 (1) point b GDPR. The transmission only takes place to the extent necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the supplier or the delivery announcement is not possible.
The consent can be revoked at any time with effect for the future vis-à-vis the responsible person named above or vis-à-vis the provider.
- PostNL
We use the following provider as transport service provider: Koninklijke post NL BV, Waldorpstraat 3, 2521CA The Hague, Netherlands
We pass on your e-mail address and/or telephone number to the provider in accordance with Art. 6 (1) point a GDPR prior to delivery of the goods for the purpose of coordinating a delivery date or for delivery notification, if you have given your express consent in the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to the supplier for the purpose of delivery in accordance with Art. 6 (1) point b GDPR. The transmission only takes place to the extent necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the supplier or the delivery announcement is not possible.
The consent can be revoked at any time with effect for the future vis-à-vis the responsible person named above or vis-à-vis the provider.
- TNT
We use the following provider as transport service provider: TNT Express GmbH, Haberstraße 2, 53842 Troisdorf, Germany
We pass on your e-mail address and/or telephone number to the provider in accordance with Art. 6 (1) point a GDPR prior to delivery of the goods for the purpose of coordinating a delivery date or for delivery notification, if you have given your express consent in the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to the supplier for the purpose of delivery in accordance with Art. 6 (1) point b GDPR. The transmission only takes place to the extent necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the supplier or the delivery announcement is not possible.
The consent can be revoked at any time with effect for the future vis-à-vis the responsible person named above or vis-à-vis the provider.
- Trans-o-flex
We use the following provider as transport service provider: trans-o-flex Express GmbH & Co. KGaA, Hertzstraße 10, 69469 Weinheim, Germany
We pass on your e-mail address and/or telephone number to the provider in accordance with Art. 6 (1) point a GDPR prior to delivery of the goods for the purpose of coordinating a delivery date or for delivery notification, if you have given your express consent in the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to the supplier for the purpose of delivery in accordance with Art. 6 (1) point b GDPR. The transmission only takes place to the extent necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the supplier or the delivery announcement is not possible.
The consent can be revoked at any time with effect for the future vis-à-vis the responsible person named above or vis-à-vis the provider.
- UPS
We use the following provider as transport service provider: United Parcel Service Deutschland Inc. & Co. OHG, Görlitzer Straße 1, 41460 Neuss, Germany
We pass on your e-mail address and/or telephone number to the provider in accordance with Art. 6 (1) point a GDPR prior to delivery of the goods for the purpose of coordinating a delivery date or for delivery notification, if you have given your express consent in the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to the supplier for the purpose of delivery in accordance with Art. 6 (1) point b GDPR. The transmission only takes place to the extent necessary for the delivery of the goods. In this case, prior coordination of the delivery date with the supplier or the delivery announcement is not possible.
The consent can be revoked at any time with effect for the future vis-à-vis the responsible person named above or vis-à-vis the provider.
9.3 Use of Payment Service Providers
- Amazon Pay
Online payment methods from the following provider are available on this website: Amazon Payments Europe s.c.a., 38 avenue John F. Kennedy, L-1855 Luxembourg
If you select a payment method of the provider for which you make an advance payment (e.g. credit card payment), your payment data provided during the ordering process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6 (1) point b GDPR. In this case, your data will only be passed on for the purpose of processing payment with the provider and only to the extent necessary for this purpose.
- Apple Pay
If you choose the payment method "Apple Pay" of Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, the payment processing is carried out via the "Apple Pay" function of your terminal device operated with iOS, watchOS or macOS by debiting a payment card deposited with "Apple Pay". Apple Pay uses security features built into the hardware and software of your device to protect your transactions. In order to release a payment, it is therefore necessary to enter a code previously defined by you and to verify it using the "Face ID" or "Touch ID" function of your terminal.
For the purpose of payment processing, your information provided during the ordering process, along with information about your order, will be transmitted to Apple in encrypted form. Apple then encrypts this data again with a developer-specific key before the data is transmitted to the payment service provider of the payment card stored in Apple Pay for payment processing. The encryption ensures that only the website from which the purchase was made can access the payment information. After the payment is made, Apple sends your device account number and a transaction-specific dynamic security code to the originating website to confirm the payment.
If personal data is processed in the described transmissions, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 Para. 1 lit. b GDPR.
Apple retains anonymised transaction data, including the approximate amount of the purchase, the approximate date and time and whether the transaction was completed successfully. Anonymisation completely excludes any personal reference. Apple uses the anonymised data to improve Apple Pay and other Apple products and services.
When you use Apple Pay on iPhone or the Apple Watch to complete a purchase made through Safari on Mac, the Mac and the authorization device communicate through an encrypted channel on Apple's servers. Apple does not process or store this information in any format that can identify you personally. You can disable the ability to use Apple Pay on your Mac in your iPhone preferences. Go to "Wallet & Apple Pay" and disable "Allow payments on Mac".
For more information about Apple Pay privacy, please visit the following web address: https://support.apple.com/en-gb/HT203027
- giropay
Online payment methods from the following provider are available on this website: paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main, Germany
If you select a payment method of the provider for which you make an advance payment (e.g. credit card payment), your payment data provided during the ordering process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6 (1) point b GDPR. In this case, your data will only be passed on for the purpose of processing payment with the provider and only to the extent necessary for this purpose.
- Google Pay
If you choose the payment method "Google Pay" of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), the payment processing is carried out via the "Google Pay" application of your mobile device running at least Android 4.4 ("KitKat") and having an NFC function by charging a payment card deposited at Google Pay or a payment system verified there (e.g. PayPal). For the release of a payment via Google Pay in the amount of more than 25,- € the prior unlocking of your mobile device by the respective verification measure (e.g. face recognition, password, fingerprint or pattern) is required.
For the purpose of payment processing, your information provided during the ordering process, together with the information about your order, will be forwarded to Google. Google then transmits your payment information stored in Google Pay in the form of a unique transaction number to the source website, which is used to verify a payment. This transaction number does not contain any information about the real payment data of your means of payment deposited with Google Pay, but is created and transmitted as a uniquely valid numeric token. For all transactions via Google Pay, Google acts merely as an intermediary to process the payment transaction. The transaction is carried out exclusively in the relationship between the user and the source website by debiting the means of payment deposited with Google Pay.
If personal data are processed in the described transmissions, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 para. 1 lit. b GDPR.
Google reserves the right to collect, store and evaluate certain transaction-specific information for each transaction made via Google Pay. This includes the date, time and amount of the transaction, the merchant's location and description, a description provided by the merchant of the goods or services purchased, photos that you have attached to the transaction, the name and email address of the seller and buyer or the sender and recipient, the payment method used, your description of the reason for the transaction and, if applicable, the offer associated with the transaction.
According to Google, this processing is carried out exclusively in accordance with Art. 6 para. 1 lit. f GDPR on the basis of the legitimate interest in proper accounting, verification of transaction data and optimisation and maintenance of the functionality of the Google Pay service.
Google also reserves the right to combine the processed transaction data with other information which is collected and stored by Google when using other Google services.
The terms of use of Google Pay can be found here:
https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=googlepaytos&ldl=en
Further information on data protection at Google Pay can be found at the following Internet address:
https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=en
- Klarna
Online payment methods from the following provider are available on this website: Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden
If you select a payment method of the provider for which you make an advance payment (e.g. credit card payment), your payment data provided during the ordering process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6 (1) point b GDPR. In this case, your data will only be passed on for the purpose of processing payment with the provider and only to the extent necessary for this purpose.
When selecting a payment method of the provider with which the provider makes advance payments (such as invoice purchase or instalment purchase or direct debit), you will also be asked to provide certain personal data (first name and surname, street, house number, postcode, city, date of birth, e-mail address, telephone number, if applicable data on alternative means of payment) during the ordering process.
In order to safeguard our legitimate interest in determining the solvency of our customers, this data is passed on to the provider by us for the purpose of a credit check in accordance with Art. 6 (1) point f GDPR. On the basis of the personal data provided by you as well as further data (such as shopping cart, invoice total, order history, payment history), the provider checks whether the payment option selected by you can be granted with regard to payment and/or bad debt risks.
In addition to internal provider criteria, identity and creditworthiness information from the following credit agencies may also be included in the decision-making process as part of the application review in accordance with Art. 6 (1) point f GDPR:
https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies
The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data.
You can object to this processing of your data at any time by sending a message to us or to the provider. However, the provider may still be entitled to process your personal data if this is necessary for the contractual processing of payments.
- Paypal
Online payment methods from the following provider are available on this website: PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg
If you select a payment method of the provider for which you make an advance payment, your payment data provided during the ordering process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6 (1) point b GDPR. In this case, your data will only be passed on for the purpose of processing payment with the provider and only to the extent necessary for this purpose.
When selecting a payment method of the provider with which the provider makes advance payments, you will also be asked to provide certain personal data (first name and surname, street, house number, postcode, city, date of birth, e-mail address, telephone number, if applicable data on alternative means of payment) during the ordering process.
In order to safeguard our legitimate interest in determining the solvency of our customers, this data is passed on to the provider by us for the purpose of a credit check in accordance with Art. 6 (1) point f GDPR. On the basis of the personal data provided by you as well as further data (such as shopping cart, invoice total, order history, payment history), the provider checks whether the payment option selected by you can be granted with regard to payment and/or bad debt risks.
The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data.
You can object to this processing of your data at any time by sending a message to us or to the provider. However, the provider may still be entitled to process your personal data if this is necessary for the contractual processing of payments.
- Paypal Checkout
This website uses PayPal Checkout, an online payment system from PayPal, which consists of PayPal's own payment methods and local payment methods from third-party providers.
When paying via PayPal, credit card via PayPal, direct debit via PayPal or - if offered - "Pay Later" via PayPal, we pass on your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") as part of the payment processing. The transfer takes place in accordance with Art. 6 Para. 1 lit. b GDPR and only insofar as this is necessary for the payment processing.
For the payment methods credit card via PayPal, direct debit via PayPal or - if offered - "Pay later" via PayPal - PayPal reserves the right to conduct a credit check. For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 Para. 1 lit. f GDPR on the basis of PayPal's legitimate interest in determining your solvency. PayPal uses the result of the credit check in terms of the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method. The creditworthiness information may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual processing of payments.
If you select the PayPal payment method "purchase on account", your payment data will first be transferred to PayPal in preparation for payment, whereupon PayPal will forward them to Ratepay GmbH, Franklinstraße 28-29, 10587 Berlin ("Ratepay") in order to carry out the payment. The legal basis in each case is Art. 6 para. 1 lit. b GDPR. In this case, RatePay carries out an identity and creditworthiness check on its own behalf to determine solvency in accordance with the principle already mentioned above and passes on your payment data to credit agencies on the basis of the legitimate interest in determining solvency in accordance with Art. 6 Para. 1 lit. f GDPR. A list of the credit agencies that Ratepay may use can be found here: https://www.ratepay.com/legal-payment-creditagencies/
When using the payment method of a local third party provider, your payment data will first be forwarded to PayPal for the preparation of the payment in accordance with Art. 6 (1) lit. b GDPR. Depending on your selection of an available local payment method, PayPal will then transfer your payment data to the corresponding provider in order to carry out the payment in accordance with Art. 6 Para. 1 lit. b GDPR:
- Apple Pay (Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Irland)
- Google Pay (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland)
- Klarna (Klarna Bank AB ((publ), Sveavägen 46, 11134 Stockholm, Sweden))
- iDeal (Currence Holding BV, Beethovenstraat 300 Amsterdam, Netherlands)
- bancontact (Bancontact Payconiq Company, Rue d'Arlon 82, 1040 Brussels, Belgium)
- blik (Polski Standard Płatności sp. z o.o., ul. Czerniakowska 87A, 00-718 Warsaw, Poland)
- eps (PSA Payment Services Austria GmbH, Handelskai 92, Gate 2
1200 Vienna, Austria)
- MyBank (PRETA S.A.S, 40 Rue de Courcelles, F-75008 Paris, France)
- Przelewy24 (PayPro SA, Kanclerska 15A, 60-326 Poznań, Poland).
For further information on data protection, please refer to PayPal's privacy policy: https://www.paypal.com/de/legalhub/paypal/privacy-full?locale.x=en_DE
- Shopify Payments
Online payment methods from the following provider are available on this website: Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland
If you select a payment method of the provider for which you make an advance payment (e.g. credit card payment), your payment data provided during the ordering process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6 (1) point b GDPR. In this case, your data will only be passed on for the purpose of processing payment with the provider and only to the extent necessary for this purpose.
- Instant Transfer via Klarna
Online payment methods from the following provider are available on this website: Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden
If you select a payment method of the provider for which you make an advance payment (e.g. credit card payment), your payment data provided during the ordering process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6 (1) point b GDPR. In this case, your data will only be passed on for the purpose of processing payment with the provider and only to the extent necessary for this purpose.
- Wix Payments
Online payment methods from the following provider are available on this website: Wix HQ, 6350671, Nemal Tel Aviv St 40, Tel Aviv-Yafo, Israel
If you select a payment method of the provider for which you make an advance payment (e.g. credit card payment), your payment data provided during the ordering process (including name, address, bank and payment card information, currency and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6 (1) point b GDPR. In this case, your data will only be passed on for the purpose of processing payment with the provider and only to the extent necessary for this purpose.
In case of data transfer to the provider's location, an adequate level of data protection is guaranteed by an adequacy decision of the European Commission.
9.4 Comparison with sanction lists
When establishing business relationships and processing orders, we reserve the right to compare the personal data you have provided us with data from sanctions lists of the European Union and/or its individual member states and to decide on the basis of the results of this comparison whether to enter into a business relationship or execute the order.
This data processing is carried out in accordance with Art. 6 (1) point c GDPR on the basis of our legal obligation to check and ensure that we do not enter into business relationships with sanctioned natural or legal persons and thus prevent the provision of resources to such persons.
10) Web Analysis Services
Shopify Analytics
This website uses the web analytics service provided by the following provider: Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland
Data is also transferred to: Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada
Using cookies and/or comparable technologies (tracking pixels, web beacons, algorithms for reading end device and browser information), the service collects and stores pseudonymised visitor data, including information on the end device used such as the IP address and browser information, in order to evaluate it for statistical analyses of user behaviour on our website and to create pseudonymised user profiles. Among other things, this enables the analysis of movement patterns (so-called heat maps), which show the duration of page visits and interactions with page content (e.g. text entries, scrolling, clicks and mouse-overs). Pseudonymisation generally excludes the possibility of direct personal reference. Your personal data will not be combined with data collected in any other way.
All processing described above, in particular the reading or saving of information on the end device used, is only carried out if you have given us your express consent in accordance with Art. 6 (1) point a GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the "cookie consent tool" provided on the website.
We have concluded an order processing agreement with the provider, which ensures the protection of our website visitors' data and prohibits unauthorised disclosure to third parties.
When data is transferred to Canada, an appropriate level of data protection is guaranteed by an adequacy decision of the European Commission.
11) Site Functionalities
11.1 Facebook plugins
Plugins of the social network of the following provider are used on our website: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (Facebook)
These plugins allow direct interaction with content on the social network.
In order to increase the protection of your data when visiting our website, the plugins are initially deactivated and integrated into the page by means of a so-called "2-click" or "Shariff" solution. This integration ensures that when you access a page of our website that contains such plugins, no connection is yet established with the servers of the provider.
Your browser only establishes a direct connection to the servers of the provider when you activate the plugins and thereby give your consent to the data transfer in accordance with Art. 6 (1) point a GDPR. In this process, regardless of whether you log into an existing user profile, a certain amount of information about your end device used (including your IP address), your browser and your page history is transferred to the provider and may be further processed there.
If you are logged into an existing user profile on the provider's social network, information about interactions carried out via the plugins will also be published there and displayed to your contacts.
You can revoke your consent at any time by deactivating the activated plugin by clicking on it again. However, the revocation has no influence on the data that has already been transferred to the provider.
Data can also be transferred to: Meta Platforms Inc., USA
We have concluded an order processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorised disclosure to third parties.
For data transfers to the USA, the provider participates in the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.
11.2 Integration of the Instagram feed via Flockler
On our website, we use the services of Flockler Oy, Rautatienkatu 21 B, 33100, Tampere, Finland, to display preview images of our Instagram profile. Cookies are used for this, i.e. small text files that are stored locally in the cache of your Internet browser.
The widget establishes a connection to the servers of Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland ("Instagram") when visitors visit our website. As a result, Instagram receives certain browser information, including your IP address. In individual cases, data may also be transferred to servers of Meta Platforms Inc. based in the USA.
Data may also be transferred to: Flockler Commerce, Inc, 1201 W Peachtree St NW Ste 2625 #36051, Atlanta, GA 30309, USA
All processing described above, in particular the setting of cookies for reading information on the terminal device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the "cookie consent tool" provided on the website.
For the transfer of data to the USA, the provider relies on standard contractual clauses of the European Commission, which are meant to ensure compliance with the European level of data protection.
11.3 Instagram plugins
Plugins of the social network of the following provider are used on our website: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (Instagram)
These plugins allow direct interaction with content on the social network.
In order to increase the protection of your data when visiting our website, the plugins are initially deactivated and integrated into the page by means of a so-called "2-click" or "Shariff" solution. This integration ensures that when you access a page of our website that contains such plugins, no connection is yet established with the servers of the provider.
Your browser only establishes a direct connection to the servers of the provider when you activate the plugins and thereby give your consent to the data transfer in accordance with Art. 6 (1) point a GDPR. In this process, regardless of whether you log into an existing user profile, a certain amount of information about your end device used (including your IP address), your browser and your page history is transferred to the provider and may be further processed there.
If you are logged into an existing user profile on the provider's social network, information about interactions carried out via the plugins will also be published there and displayed to your contacts.
You can revoke your consent at any time by deactivating the activated plugin by clicking on it again. However, the revocation has no influence on the data that has already been transferred to the provider.
Data can also be transferred to: Meta Platforms Inc., USA
We have concluded an order processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorised disclosure to third parties.
For data transfers to the USA, the provider participates in the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.
11.4 Pinterest plugins
Plugins of the social network of the following provider are used on our website: Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland
These plugins allow direct interaction with content on the social network.
In order to increase the protection of your data when visiting our website, the plugins are initially deactivated and integrated into the page by means of a so-called "2-click" or "Shariff" solution. This integration ensures that when you access a page of our website that contains such plugins, no connection is yet established with the servers of the provider.
Your browser only establishes a direct connection to the servers of the provider when you activate the plugins and thereby give your consent to the data transfer in accordance with Art. 6 (1) point a GDPR. In this process, regardless of whether you log into an existing user profile, a certain amount of information about your end device used (including your IP address), your browser and your page history is transferred to the provider and may be further processed there.
If you are logged into an existing user profile on the provider's social network, information about interactions carried out via the plugins will also be published there and displayed to your contacts.
You can revoke your consent at any time by deactivating the activated plugin by clicking on it again. However, the revocation has no influence on the data that has already been transferred to the provider.
Data can also be transferred to: Pinterest Inc., USA
We have concluded an order processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorised disclosure to third parties.
For the transfer of data to the USA, the provider relies on standard contractual clauses of the European Commission, which are meant to ensure compliance with the European level of data protection.
11.5 Reddit plugins
Plugins of the social network of the following provider are used on our website: Reddit Inc., 548 Market St., Suite 16093, San Francisco, CA 94104, USA
These plugins allow direct interaction with content on the social network.
In order to increase the protection of your data when visiting our website, the plugins are initially deactivated and integrated into the page by means of a so-called "2-click" or "Shariff" solution. This integration ensures that when you access a page of our website that contains such plugins, no connection is yet established with the servers of the provider.
Your browser only establishes a direct connection to the servers of the provider when you activate the plugins and thereby give your consent to the data transfer in accordance with Art. 6 (1) point a GDPR. In this process, regardless of whether you log into an existing user profile, a certain amount of information about your end device used (including your IP address), your browser and your page history is transferred to the provider and may be further processed there.
If you are logged into an existing user profile on the provider's social network, information about interactions carried out via the plugins will also be published there and displayed to your contacts.
You can revoke your consent at any time by deactivating the activated plugin by clicking on it again. However, the revocation has no influence on the data that has already been transferred to the provider.
We have concluded an order processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorised disclosure to third parties.
For the transfer of data to the USA, the provider relies on standard contractual clauses of the European Commission, which are meant to ensure compliance with the European level of data protection.
11.6 YouTube Videos
This website uses plugins to display and play videos from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 ESW5, Ireland
Data may also be transmitted to: Google LLC., USA.
When you call up a page of our website that contains such a plugin, your browser establishes a direct connection to the provider's servers to load the plugin. This involves certain information, including your IP address, being transmitted to the provider.
If the playback of embedded videos is started via the plugin, the provider also uses cookies to collect information about user behavior, to create playback statistics and to prevent abusive behavior.
If you are logged into a user account maintained by the provider during your visit to the site, your data will be directly assigned to your account when you click on a video. If you do not wish to have your data assigned to your account, you must log out before clicking on the play button.
All the above-mentioned processing, in particular the setting of cookies for reading out information on the end device used, only takes place if you have given us your express consent in accordance with Art. 6 (1) point a GDPR. You can revoke your consent at any time with effect for the future by deactivating this service via the "cookie consent tool" provided on the website.
For data transfers to the USA, the provider participates in the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.
11.7 Google Sign-In
On our website we provide a single sign-on function offered by the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 ESW5, Ireland
In addition to the transfer of data to the above-mentioned provider location, data may also be transferred to: Google LLC, USA
If you have an account with the provider, you can use this account data to create a user account or to register on our website.
When you visit this page, a direct connection between your browser and the provider's servers can be established via this login function, even if you do not have an account with the provider or are not logged in to one. The provider thereby receives the information that you have visited our site. The information collected in this respect (including your IP address, if applicable) is transmitted by your browser directly to a server of the provider and stored there. However, the information is not used to identify you personally and is not passed on to third parties.
These data processing operations are carried out in accordance with Art. 6 (1) point f GDPR based on our legitimate interest in a user-friendly and interactive design of our online presence.
If you click on the registration button to register with your account data by logging into the provider's website, the provider will transmit the general and publicly accessible information stored in your account (user ID, name, address, e-mail address, age, and gender) to us based on your express consent pursuant to Art. 6 (1) point a GDPR.
We store and use the data transmitted by the provider to set up a user account containing the necessary data (title, first name, surname, address data, country, email address, date of birth), if you have released that data to the provider. Conversely, data (e.g., information about your surfing or purchasing behavior) may be transferred from us to your account held with the provider based on your consent.
The consent given can be revoked at any time with effect for the future vis-à-vis us.
Further information on Google's privacy standards can be found here: https://business.safety.google/privacy/
For data transfers to the USA, the provider participates in the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.
11.8 Google Translate
This site uses the translation service "Google Translate" of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google") via an API integration.
In order for the translation to be displayed automatically after your selection of a national language, the browser you use establishes a connection to Google's servers. Google uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.
Further information on Google Translate and Google's privacy policy can be found at: https://www.google.com/policies/privacy/.
All processing described above, in particular the storage of information on the end device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 Para. 1 lit. a GDPR. Without this consent, Google Translate will not be used during your visit to the site.
You can revoke your consent at any time with effect for the future. To exercise your revocation, deactivate this service in the "Cookie Consent Tool" provided on the website.
For data transfers to the USA, the provider participates in the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.
Further information on Google's privacy standards can be found here: https://business.safety.google/privacy/
11.9 Google Customer Reviews (formerly Google Certified Dealer Program)
We cooperate with Google LLC in the framework of the "Google Customer Reviews" program. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). The program offers us the opportunity to obtain customer reviews from users of our website. After making a purchase on our website, you will be asked whether you would like to participate in a Google e-mail survey. If you give your consent pursuant to Art. 6 (1) point a GDPR, we transmit your e-mail address to Google. You will receive an email from Google Customer Reviews asking you to rate the shopping experience on our site. The feedback you provide will then be combined with our other reviews and displayed in our Google Customer Reviews logo and Merchant Center dashboard and will also be used for Google seller reviews. When using Google Customer Reviews, personal data may also be transmitted to the servers of Google LLC. in the USA.
You can revoke your consent at any time by sending a message to the controller responsible for data processing or to Google.
For more information about Google's privacy practices with Google Customer Reviews, please visit https://support.google.com/merchants/?hl=en-GB#topic=7259123
For more information about Google Seller Ratings' privacy practices, visit this link: https://support.google.com/adwords/answer/2375474
For data transfers to the USA, the provider participates in the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.
Further information on Google's privacy standards can be found here: https://business.safety.google/privacy/
11.10 Shopsync for Shopify
This website uses the Shopify app "Shopsync" operated by ShopSync LLC, PO Box 252, Jefferson City, TN 37760, USA.
With the help of ShopSync, the newsletter service "Mailchimp" is synchronized with our Shopify account in a way that, on the one hand, updates in Mailchimp email lists (such as a newsletter recipient opting out) are also automatically stored on Shopify and, on the other hand, new contact data generated via contracts concluded on Shopify are automatically transferred to the Mailchimp email lists.
In the first case, data processing is carried out in accordance with Art. 6 para. 1 point f GDPR based on our legitimate interest in the effective and cross-system maintenance of the files of advertising addressees and the efficient observance of legally significant status changes.
In the second case, exclusively based on the user's express consent in accordance with Art. 6 para. 1 point f GDPR, following the conclusion of a contract on Shopify for inclusion in the Mailchimp list, the user's first and last name, address and email address together with transaction-related information (purchase amount, time and date of purchase) are transmitted by ShopSync to Mailchimp.
Data transferred in this way is not stored or retained by ShopSync after synchronization. All information synced between Shopify and Mailchimp is transmitted using Secure Socket Layer (SSL) technology and all information transmitted remains encrypted during the sync process.
The synchronization process requires the transfer of information over a secure connection to servers hosted by Amazon Web Services in the USA.
12) Tools and Miscellaneous
This website uses a so-called "cookie consent tool" to obtain effective user consent for cookies and cookie-based applications that require consent. The "cookie consent tool" is displayed to users in the form of an interactive user interface when they access the page, on which consent for certain cookies and/or cookie-based applications can be given by ticking the appropriate box.
Using the tool, all cookies/services requiring consent are only loaded if the respective user provides the corresponding consent by ticking the corresponding box. This ensures that such cookies are only set on the respective end device of the user if consent has been granted.
The tool sets technically necessary cookies to save your cookie preferences. Personal user data is generally not processed.
If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning or logging cookie settings, this is done in accordance with Art. 6 (1) point GDPR based on our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website.
Further legal basis for the processing is Art. 6 (1) point c GDPR. As the responsible party, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.
Further information on the operator and the setting options of the cookie consent tool can be found directly in the corresponding user interface on our website.
13) Rights of the Data Subject
13.1 The applicable data protection law grants you the following comprehensive rights of data subjects (rights of information and intervention) vis-à-vis the data controller with regard to the processing of your personal data:
- Right of access by the data subject pursuant to Art. 15 GDPR;
- Right to rectification pursuant to Art. 16 GDPR;
- Right to erasure (“right to be forgotten”) pursuant to Art. 17 GDPR;
- Right to restriction of processing pursuant to Art. 18 GDPR;
- Right to be informed pursuant to Art. 19 GDPR;
- Right to data portability pursuant to Art. 20 GDPR;
- Right to withdraw a given consent pursuant to Art. 7 (3) GDPR;
- Right to lodge a complaint pursuant to Art. 77 GDPR.
13.2 RIGHT TO OBJECT
IF, WITHIN THE FRAMEWORK OF A CONSIDERATION OF INTERESTS, WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR PREDOMINANT LEGITIMATE INTEREST, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE ON THE GROUNDS THAT ARISE FROM YOUR PARTICULAR SITUATION.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO FURTHER PROCESSING IF WE CAN PROVE COMPELLING REASONS WORTHY OF PROTECTION FOR PROCESSING WHICH OUTWEIGH YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL CLAIMS.
IF WE PROCESS YOUR PERSONAL DATA FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA WHICH ARE USED FOR DIRECT MARKETING PURPOSES. YOU MAY EXERCISE THE OBJECTION AS DESCRIBED ABOVE.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT ADVERTISING PURPOSES.
14) Duration of Storage of Personal Data
The duration of the storage of personal data is based on the respective legal basis, the purpose of processing and - if relevant – on the respective legal retention period (e.g. commercial and tax retention periods).
If personal data is processed on the basis of express consent pursuant to Art. 6 (1) point a GDPR, this data is stored until the data subject revokes his consent.
If there are legal storage periods for data that is processed within the framework of legal or similar obligations on the basis of Art. 6 (1) point b GDPR, this data will be routinely deleted after expiry of the storage periods if it is no longer necessary for the fulfillment of the contract or the initiation of the contract and/or if we no longer have a justified interest in further storage.
When processing personal data on the basis of Art. 6 (1) point f GDPR, this data is stored until the data subject exercises his right of objection in accordance with Art. 21 (1) GDPR, unless we can provide compelling grounds for processing worthy of protection which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
If personal data is processed for the purpose of direct marketing based on Art. 6 (1) point f GDPR, this data is stored until the data subject exercises his right of objection pursuant to Art. 21 (2) GDPR.
Unless otherwise stated in the information contained in this declaration on specific processing situations, stored personal data will be deleted if it is no longer necessary for the purposes for which it was collected or otherwise processed.
Copyright notice: This privacy policy has been created by the specialist lawyers of IT-Recht Kanzlei and is protected by copyright (https://www.it-recht-kanzlei.de)