Privacy Policy
Effective Date: October 1, 2023
Last Reviewed: October 1, 2023
PRIVACY POLICY (USA)
We appreciate your visit to our website and thank you for your interest in our company, our products and our web pages. Protecting your privacy when using our web pages is important to us. This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Therefore, please take note of the following information.
1) Basic Information about handling personally identifiable information (PII)
1.1 Our privacy policy was last edited in September 2022.
1.2 You may visit our website without your having to release any PII. For each access to our website usage data will be transmitted by the respective internet browser and are stored in log files, the so called server log files such as date and time of the call, name of the accessed page, data volume transferred and the name of the inquiring provider. Those data cannot be attributed to a particular person and are exclusively intended to ensure a smooth operation of our website and to improve our offer.
1.3 PII is only collected if you voluntarily disclose such data to us for the purpose of concluding a contract or opening a customer account. It is evident from the respective input form which data are collected. Closing your customer account shall be possible at any time and may be effected through a message to the contact address described below. We store and use the data you disclose to us for the purpose of contract processing. Upon complete fulfilment of the contract or closing of your customer account, your data will be blocked with care for tax and commercial retention periods and will be deleted will be deleted after final processing of your inquiry, if you so desire, provided that legal retention periods will not be barred by a deletion.
1.4 We collect information from you when you register on our site, place an order, subscribe to a newsletter, respond to a survey, fill out a form, Use Live Chat, Open a Support Ticket or enter information on our site. Those data will be stored and processed exclusively for the purpose of responding to your order or your enquiry or of getting in contact with you and for the connected technical administration.
2) What personal information do we collect from the people that visit our blog, website or app?
2.1 When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, credit card information, social security number or other details to help you with your experience.
2.2 We collect information from you when you register on our site, place an order, subscribe to a newsletter, respond to a survey, fill out a form, Use Live Chat, Open a Support Ticket or enter information on our site.
3) How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
- To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested
- To improve our website in order to better serve you
- To allow us to better service you in responding to your customer service requests.
- To administer a contest, promotion, survey or other site feature.
- To quickly process your transactions
- To ask for ratings and reviews of services or products
- To follow up with them after correspondence (live chat, email or phone inquiries)
4) How do we protect your information?
4.1 Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. We use regular Malware Scanning.
4.2 Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL)technology. We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information. All transactions are processed through a gateway provider and are not stored or processed on our servers.
5) Cookies
Our website uses so-called “cookies” serving to make our Internet presence more user-friendly, effective and secure – for instance to accelerate navigation on our platform. Furthermore, cookies allow us to measure the frequency of website visits as well as general navigation. Cookies are small text files stored on your computer system. Please note that some of these cookies are transferred from our server to your computer system, mostly so-called “session cookies”. “Session cookies” are characterized by being automatically deleted from your hard drive upon the end of the browser session. Other cookies remain on your computer system and allow us to recognize your computer system during your next visit (so-called permanent cookies). You may certainly decline these cookies at any time provided your browser permits this. Please note that once your browser is set to decline cookies (from our website) certain features of this website may not be available or restricted. Look at your browser’s Help Menu to learn the correct way to modify your cookies.
6) Third-party disclosure and transfer of data
6.1 We do not sell, trade, or otherwise transfer to outside parties your PII, unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.
6.2 For the purpose of contract fulfillment, PII collected by us are transferred to the transport company commissioned with the delivery, provided this is required for delivering the goods. For the processing of payments we pass on your payment data to the authorized banking institution.
6.3 However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
6.4 When choosing the payment method payment PayPal, we transmit your accounting data to PayPal 2211 North First Street, San Jose, California 95131 (hereinafter referred to as “PayPal”) within the framework of payment processing.
7) Third-party links
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
8) Remarketing with Google AdSense
We have implemented Remarketing with Google AdSense
Opting out: Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
9) Google Display Network Impression Reporting
We have implemented Remarketing with Google Display Network Impression Reporting
Opting out: Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
10) Google Analytics
We use Google Analytics and third-party cookies such as DoubleClick cookie.
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.
Opting out: Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
11) We comply with the California Online Privacy Protection Act (CalOPPA)
11.1 CalOPPA is the first state law (California) in the United States to require commercial websites and online services to post a privacy policy. According to CalOPPA, we agree to the following:
11.2 Users can visit our site anonymously. Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website. Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on the page specified above.
11.3 You will be notified of any Privacy Policy changes on our privacy policy page. You can change your personal information by emailing us
11.4 However, We do not honor Do Not Track signals and Do Not Track, plant cookies when a Do Not Track (DNT) browser mechanism is in place.
11.5 It’s also important to note that we allow third-party behavioral tracking
12) Fair Information Practices
12.1 In order to be in line with Fair Information Practices we will take the following responsive action: Should a data breach occur we will notify you via email within 7 business days
12.2 We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
13) We comply with the CAN SPAM Act
13.1 The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
13.2 We collect your email address in order to:
Send information, respond to inquiries, and/or other requests or questions
Process orders and to send information and updates pertaining to orders.
Send you additional information related to your product and/or service
Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
13.3 To be in accordance with CANSPAM, we agree to the following:
Not use false or misleading subjects or email addresses.
Identify the message as an advertisement in some reasonable way.
Include the physical address of our business or site headquarters.
Monitor third-party email marketing services for compliance, if one is used.
Honor opt-out/unsubscribe requests quickly.
14) Childrens Online Privacy Protection Act Compliance
We are in compliance with the requirements of COPPA (Childrens Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old or older.
15) Information on Customer Rights and Contacts
You are entitled to obtain information on your saved data free of charge and on how to correct, block or delete this data where applicable. Please contact us with any further inquiries about the collection, processing or use of your personal data. The same shall apply for obtaining information, your requests to block, delete or correct your personal data as well as for withdrawals of granted consents. You can find our contact address in our legal notice.
16) ichat
We do not currently utilize any chat feature.
17) Contact via Telephone Hotline
When contacting us via our hotline, personal data may be collected and processed. The telephone number you use when calling may be recorded.
In addition, our hotline staff may request your name and e-mail address. If you have created a customer account with us under the e-mail address you provided, our hotline staff can associate your e-mail address to this customer account and access the data stored in the customer account. The stored data includes your full name, your address, your payment details, your orders, products saved by you as favorites, as well as notes on previous inquiries and previous correspondence.
The essential contents of the conversation concerning your request may be recorded by our hotline staff in the form of a written note for the further processing of your request, which we can access if we contact you again.
The data collected when contacting us via our hotline is collected and processed exclusively for the purpose of processing your request, including the associated further communication and technical administration/support.
The legal basis for processing the data is our legitimate interest in responding to your request pursuant to Art. 6 (1) lit. f DSGVO. If the purpose of your call is to enter into a contract with us or you have questions regarding an existing contract with us, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO.
Your data will be deleted upon completion of the processing of your request.
This is the case if it is clear from the circumstances that the matter in question has been conclusively resolved and provided that there are no conflicting statutory retention obligations.
PRIVACY POLICY (Europe)
Data Protection Declaration
1) Information on the Collection of Personal Data and Contact Details of the person responsible.
1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data is all data with which you can be personally identified.
1.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the person responsible), this website uses an SSL or. TLS encryption. You can recognize an encrypted connection by the character string “https: //” and the lock symbol in your browser line.
2) Data Collection When You Visit Our Website
When using our website for information only, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called “server log files”). When you visit our website, we collect the following data that is technically necessary for us to display the website to you:
- Our visited website
- Date and time at the moment of access
- Amount of data sent in bytes
- Source/reference from which you came to the page
- Browser used
- Operating system used
- IP address used (if applicable: in anonymized form)
Data processing is carried out in accordance with Art. 6 (1) point of GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files subsequently, if there are any concrete indications of illegal use.
3) Cookies
In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted again after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and enable us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies). If cookies are set, they collect and process specific user information such as browser and location data as well as IP address values. Persistent cookies are automatically deleted after a specified period, which can differ depending on the cookie.
In some cases, cookies are used to simplify the ordering process by saving settings (e.g. remembering the content of a virtual shopping cart for a later visit to the website). If personal data is also processed by individual cookies implemented by us, the processing takes place in accordance with Art. 6 Para. 1 lit. b GDPR either to carry out the contract or in accordance with Art. 6 Para. 1 lit. f GDPR to safeguard our legitimate interests the best possible functionality of the website as well as a customer-friendly and effective design of the page visit.
We may work with advertising partners who help us to make our website more interesting for you. For this purpose, cookies from partner companies are also stored on your hard drive when you visit our website (third-party cookies). If we work with the aforementioned advertising partners, you will be informed individually and separately about the use of such cookies and the scope of the information collected within the following paragraphs.
Please note that you can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies in certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of every browser, which explains how you can change your cookie settings. You can find these for the respective browser under the following links:
Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Firefox: https://support.mozilla.org/de/kb/cookies- allow-and-reject
Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en
Safari: https://support.apple.com/kb/ph21411?locale=de_DE
Opera: https : //help.opera.com/en/latest/web-preferences/#cookies
Please note that if you do not accept cookies, the functionality of our website may be restricted.
Information on the cookies used:
| Name | Purpose | Storage | Type of cookie | |
| _ga | Registers a unique ID that is used to generate statistical data on how the visitor uses the website. | 2 year | first-party cookie | |
|
Registers a unique ID that is used to generate statistical data on how the visitor uses the website. | 2 years | first-party cookie | |
|
This cookie is used for Google Analytics to limit the request rate. | 1 day | first-party cookie | |
|
This cookie is used for Google Analytics to limit the request rate. | 1 day | first party cookie | |
| _gid | This cookie is used for Google Analytics to distinguish between users. | 1 day | first party cookie | |
| _fbp | First-party cookie | |||
| PAPVisitorId | First-party cookie | |||
| _gcl_au | First party cookie | |||
| __cfduid | First party cookie | |||
| fbId | First-party cookie | |||
| __csrf_token-4 | First party cookie | |||
| session-4 | First-party cookie | |||
| ATN | Third-party cookie | |||
| test_cookie | Third-party cookie | |||
| fr | Third-party cookie | |||
| LocalStorage | ||||
| PAPVisitorId | ||||
4) Contacting
When you contact us (e.g. using the contact form or email), personal data is collected. Which data is collected in the case of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of answering your request or for establishing contact and the associated technical administration. The legal basis for the processing of the data is our legitimate interest in answering your request in accordance with Art. 6 Paragraph 1 lit.f GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Article 6 (1) (b) GDPR. Your data will be deleted after the final processing of your request; this is the case if it can be inferred from the circumstances that the matter in question has been finally clarified and provided that there are no statutory retention requirements.
5) Data Processing When Opening a Customer Account and for Contract Processing
In accordance with Article 6 (1) (b) GDPR, personal data will continue to be collected and processed if you provide them to us for the execution of a contract or when opening a customer account. Which data is collected can be seen from the respective input forms. A deletion of your customer account is possible at any time and can be done by sending a message to the above address of the person responsible. We save and use the data you have provided to process the contract. After the contract has been fully processed or your customer account has been deleted, your data will be blocked with due regard to tax and commercial retention periods and deleted after these periods have expired, unless you have expressly consented to further use of your data or we reserve the right to further use your data as permitted by law about which we will inform you accordingly below.
6) Comment Function
As part of the comment function on this website, in addition to your comment, information about the time the comment was created and the name of the commentator you have chosen are saved and published on the website. Your IP address is also recorded and saved. The IP address is stored for security reasons and in the event that the person concerned violates the rights of third parties by submitting a comment or posts illegal content. We need your e-mail address in order to contact you if a third party should object to your published content as unlawful. The legal basis for the storage of your data is Art. 6 Para. 1 lit.b and f GDPR. We reserve the right to delete comments if third parties complain that they are illegal.
7) Use of Your Data for Direct Mail
7.1 Registration for our e-mail newsletter
If you register for our e-mail newsletter, we will regularly send you information about our offers. The only mandatory information for sending the newsletter is your email address. The provision of any further data is voluntary and is used in order to be able to address you personally. We use the so-called double opt-in procedure to send the newsletter. This means that we will only send you an e-mail newsletter if you have expressly confirmed to us that you consent to the sending of the newsletter. We will then send you a confirmation email asking you to click on a link to confirm that you want to receive the newsletter in the future.
By activating the confirmation link, you give us your consent for the use of your personal data in accordance with Article 6 (1) (a) GDPR. When you register for the newsletter, we save your IP address entered by the Internet Service Provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later point in time. The data collected by us when registering for the newsletter are used exclusively for the purpose of advertising via the newsletter. You can unsubscribe from the newsletter at any time using the link provided in the newsletter or by sending a message to the person responsible mentioned above. After you have unsubscribed, your e-mail address will be deleted from our newsletter distribution list immediately, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration to inform.
7.2 Sending the e-mail newsletter to existing customers
If you have given us your e-mail address when purchasing goods or services, we reserve the right to regularly send you offers for similar goods or services from our range by e-mail. We do not need to obtain any separate consent from you for this. In this respect, the data processing takes place solely on the basis of our legitimate interest in personalized direct mail in accordance with Art. 6 Para. 1 lit. f GDPR. If you initially objected to the use of your e-mail address for this purpose, we will not send you an e-mail. You are entitled to object to the use of your e-mail address for the aforementioned advertising purpose at any time with effect for the future by notifying the person responsible named at the beginning. For this you only have to pay transmission costs according to the basic tariffs. After receipt of your objection, the use of your e-mail address for advertising purposes will be stopped immediately.
7.3 Sending newsletters via MailChimp
Our e-mail newsletters are sent via the technical service provider http: //www.klaviyo .com /, to which we pass on the data you provided when registering for the newsletter . This transfer takes place in accordance with Art. 6 Para. 1 lit. f GDPR and serves our legitimate interest in the use of a promotionally effective, secure and user-friendly newsletter system . Please note that your data is usually transferred to a Klaviyo server in the USA and stored there.
Klaviyo uses this information to send and statistically evaluate the newsletter on our behalf. For the evaluation, the e-mails sent contain so-called web beacons or tracking pixels, which represent one-pixel image files that are stored on our website. In this way it can be determined whether a newsletter message has been opened and which links have been clicked. With the help of the web beacons, Klaviyo automatically creates general, non-personal statistics about the reaction behavior to newsletter campaigns. On the basis of our legitimate interest in the statistical evaluation of the newsletter campaigns to optimize advertising communication and better focus on recipient interests , the web beacons in accordance with Art. 6 Para. 1 lit f. GDPR also collect data from the respective newsletter recipient ( Email address, time of retrieval, IP address, browser type and operating system) and used. These data allow individual conclusions to be drawn about the newsletter recipient and are processed by Mailchimp to automatically generate statistics that show whether a specific recipient has opened a newsletter message.
If you want to deactivate the data analysis for statistical evaluation purposes , you must unsubscribe from the newsletter.
Klaviyo can also use this data in accordance with Article 6 (1) (f) GDPR due to its own legitimate interest in the needs-based design and optimization of the service as well as for market research purposes, for example to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write to them itself or to pass them on to third parties.
To protect your data in the USA, we have concluded a data processing order (“Data Processing Agreement”) with Klaviyo on the basis of the standard contractual clauses of the European Commission in order to enable the transmission of your personal data to MailChimp. If you are interested, this data processing contract can be viewed at the following Internet address: https://mailchimp.com/legal/forms/data-processing-agreement
You can view Klaviyo data protection regulations here: https://www.klaviyo.com/legal/dpa
8) Data Processing for Order Processing
8.1 To process your order, we work together with the following service provider (s) who support us in whole or in part in the execution of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.
The personal data collected by us will be passed on to the transport company commissioned with the delivery as part of the contract processing, as far as this is necessary for the delivery of the goods. We will pass on your payment data to the commissioned credit institution as part of the payment processing, if this is necessary for the payment processing. If payment service providers are used, we will explicitly inform you about this below. The legal basis for forwarding the data is Article 6 (1) (b) GDPR.
8.2 Transfer of personal data to shipping service providers
– DHL
If the goods are delivered by the transport service provider DHL (Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn), we will give your e-mail address in accordance with Article 6 (1) (a) GDPR prior to delivery the goods to DHL for the purpose of agreeing a delivery date or to announce the delivery, provided that you have given your express consent in the ordering process. Otherwise, we will only pass on the name of the recipient and the delivery address to DHL for the purpose of delivery in accordance with Article 6 (1) (b) GDPR. It will only be passed on if this is necessary for the delivery of the goods. In this case, prior coordination of the delivery date with DHL or the delivery notification is not possible.
The consent can be revoked at any time with effect for the future vis-à-vis the person responsible or the transport service provider DHL.
– UPS
If the goods are delivered by the transport service provider UPS (United Parcel Service Deutschland Inc. & Co. OHG, Görlitzer Straße 1, 41460 Neuss), we will give your email address before the goods are delivered in accordance with Art. 6 Paragraph 1 a GDPR for the purpose of agreeing a delivery date or to announce the delivery to UPS, provided you have given your express consent in the ordering process. Otherwise we will only pass on the name of the recipient and the delivery address to UPS for the purpose of delivery in accordance with Article 6 (1) (b) GDPR. The transfer only takes place if this is necessary for the delivery of the goods. In this case, prior coordination of the delivery date with UPS or the transmission of status information of the shipment delivery is not possible.
The consent can be revoked at any time with effect for the future vis-à-vis the person responsible or vis-à-vis the transport service provider UPS.
8.3 Use of payment service providers (payment service provider)
– Amazon Pay
If you select the payment method “Amazon Pay”, the payment is processed by the payment service provider Amazon Payments Europe sca, 5 Rue Plaetis, L-2338 Luxembourg (hereinafter: “Amazon Payments”), to whom we provide the information and information you provided during the ordering process about your order in accordance with Art. 6 Para. 1 lit. b GDPR. Your data will only be passed on for the purpose of processing payments with the payment service provider Amazon Payments and only to the extent that it is necessary for this. You can find more information about the data protection provisions of Amazon Payments at the following Internet address: https://pay.amazon.com/de/help/201751600
– PayPal
When paying via PayPal, credit card via PayPal, direct debit via PayPal or – if offered – “purchase on account” or “installment payment” via PayPal, we give your payment data to PayPal (Europe) Sarl et Cie. , SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”). The transfer takes place in accordance with Art. 6 Para. 1 lit. b GDPR and only insofar as this is necessary for payment processing.
PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or – if offered – “purchase on account” or “payment in installments” via PayPal . For this purpose, your payment data may be passed on to credit agencies in accordance with Article 6 (1) (f) GDPR on the basis of PayPal’s legitimate interest in determining your solvency. PayPal uses the result of the credit check with regard to the statistical probability of default for the purpose of deciding whether to provide the respective payment method. The credit report can contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. For more information on data protection, including the credit agencies used, please refer to PayPal’s privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual payment processing.
– Secupay
If you decide to pay by credit card from the payment service provider secupay, the payment will be processed by the payment service provider secupay AG, Goethestraße 6, 01896 Pulsnitz, to whom we will provide the information you provided during the ordering process along with the information about your order in accordance with Art. 6 Para. 1 lit . b pass on GDPR. Your data will only be passed on for the purpose of processing payments with the payment service provider secupay and only to the extent that it is necessary for this.
If you choose the payment methods “purchase on account” via secupay or “direct debit” via secupay, you will be asked to provide your personal data (first and last name, street, house number, postcode, place, date of birth, email address, telephone number) in the order process , Bank code and account number). In order to preserve our legitimate interest in determining the solvency of our customers, we will send this data to secupay AG, Goethestr. For the purpose of a credit check in accordance with Art. 6 Para. 1 lit. 6, 01896 Pulsnitz (“secupay”). On the basis of the personal data you have provided and other data (such as shopping cart, invoice amount, order history, payment experience), Secupay checks whether the payment option you have selected can be granted with regard to payment and / or bad debt risks. In addition to internal secupay criteria in accordance with Art. 6 Para. 1 lit.
– infoscore Consumer Data GmbH (arvato), Rheinstrasse 99, D-76532 Baden-Baden, Tel .: +49 (0) 7221-5040-1000, Fax: -1001
– Creditreform Boniversum GmbH, Hellersbergstrasse 11, D-41460 Neuss, Tel .: +49 (0) 2131-109-501, Fax: -557
– EOS Payment Solutions GmbH, Steindamm 80, 200 Hamburg
The credit report can contain probability values (so-called score values). As far as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data.
You can object to this processing of your data at any time by sending a message to the person responsible for data processing or to Secupay. However, Secupay may still be entitled to process your personal data if this is necessary for the contractual payment processing.
9) Use of Social Media: Social Plug-ins
9.1 AddThis bookmarking as a standard plug-in
We do not utilize any plugins.
9.2 Facebook as a standard plug-in
We do not utilize any Facebook plugins.
9.3 Instagram
To advertise our products and services as well as to communicate with interested parties or customers, we operate a company presence on the Instagram platform.
We are jointly responsible for this social media platform with Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2 Ireland.
The data protection officer of Instagram can be reached via a contact form: https://www.facebook.com/help/contact/
We have regulated the joint responsibility in an agreement regarding the respective obligations within the meaning of the GDPR. This agreement, from which the mutual obligations arise, can be accessed under the following link:
https://www.facebook.com/legal/terms/page_controller_addendum
The legal basis for the resulting and subsequently reproduced processing of personal data is Art. 6 Para. 1 lit. f GDPR. Our legitimate interest lies in the analysis, communication, sales and promotion of our products and services.
The legal basis can also be the consent of the user in accordance with Art. 6 Para. 1 lit. a GDPR to the platform operator. According to Art. 7 Para. 3 GDPR, the user can revoke his consent to this at any time by notifying the platform operator for the future.
When you visit our online presence on the Instagram platform, Facebook Ireland Ltd. as the operator of the platform in the EU processes user data (e.g. personal information, IP address, etc.).
This user data is used for statistical information about the use of our company presence on Instagram. Facebook Ireland Ltd. uses this data for market research and advertising purposes and to create user profiles. Based on these profiles, Facebook Ireland Ltd. For example, it is possible to advertise users within and outside of Instagram based on their interests. If the user is logged into their Instagram account at the time of access, Facebook Ireland Ltd. also link the data with the respective user account.
If the user makes contact via Instagram, the personal data entered by the user on this occasion will be used to process the request. The user’s data will be deleted by us, provided that the user’s request has been finally answered and there are no legal retention requirements, such as in the subsequent contract processing.
To process the data, Facebook Ireland Ltd. possibly also set cookies.
If the user does not agree to this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. Cookies that have already been saved can also be deleted at any time. The settings for this depend on the respective browser. In the case of Flash cookies, processing cannot be prevented via the settings of the browser, but through the corresponding setting of the Flash player. Should the user prevent or restrict the installation of cookies, this may mean that not all Facebook functions can be used to their full extent.
More information on the processing activities, their prevention and the deletion of the data processed by Instagram can be found in Instagram’s data policy:
https://help.instagram.com/
It cannot be ruled out that the processing by Facebook Ireland Ltd. also via Facebook Inc., 1601 Willow Road, Menlo Park, California 94025 in the USA.
9.4 Twitter
We do not utilize any Twitter plugins.
10) Use of Social Media: Videos
Use of Youtube Videos
This website uses the YouTube embedding function to display and play videos from the provider “ YouTube ”, which belongs to Google LLC., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).
The extended data protection mode is used here, which, according to the provider, does not start storing user information until the video (s) are played. If the playback of embedded YouTube videos is started, the provider “ YouTube ” uses cookies to collect information about user behavior. According to information from “ YouTube ”, these are used, among other things, to record video statistics, improve user-friendliness and prevent abusive practices. If you are logged in to Google, your data will be assigned directly to your account when you click on a video. If you do not want the assignment to your profile on YouTube, you must log out before activating the button. Google saves your data (even for users who are not logged in) as usage profiles and evaluates them. Such an evaluation is carried out in accordance with Article 6 (1) (f) GDPR on the basis of Google’s legitimate interests in displaying personalized advertising, market research and / or the needs-based design of its website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.
Regardless of whether or not the embedded videos are played, a connection to the Google “DoubleClick” network is established every time this website is accessed, which can trigger further data processing operations beyond our control.
You can find more information on data protection at “YouTube” in the provider’s data protection declaration at: https://www.google.de/intl/de/policies/privacy
11) Online-Marketing
11.1 Google AdSense
This website uses Google AdSense, a web advertising service provided by Google LLC., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). Google AdSense uses so-called “DoubleClick DART Cookies” (“Cookies”). These are text files that are saved on your computer and that enable your use of the website to be analyzed. In addition, Google AdSense also uses so-called “web beacons” (small invisible graphics) to collect information, which can be used to record, collect and evaluate simple actions such as visitor traffic on the website. The information generated by the cookie and / or web beacon (including your IP address) about your use of this website is usually transferred to a Google server in the USA and stored there.
Google uses the information obtained in this way to evaluate your usage behavior with regard to the AdSense ads. The IP address transmitted by your browser as part of Google AdSense will not be merged with other Google data. The information collected by Google may be transferred to third parties if this is required by law and / or if third parties process this data on behalf of Google.
The described processing of data takes place in accordance with Art. 6 Para. 1 lit. f GDPR for the purpose of targeted advertising to the user by advertising third parties, whose advertisements are displayed on this website based on the evaluated user behavior. At the same time, the processing serves our financial interest in exploiting the economic potential of our website by displaying personalized third-party advertising content for a fee.
You can find more information about Google’s data protection provisions at the following Internet address: https://www.google.de/policies/privacy/
You can permanently deactivate cookies for ad preferences by preventing them by setting your browser software accordingly or by downloading and installing the browser plug-in available under the following link:
https://www.google.com/settings/ads/plugin?hl=de
Please note that certain functions of this website may not be able to be used or only to a limited extent if you have deactivated the use of cookies.
11.2 Use of Google AdWords Conversion Tracking
This website uses the online advertising program “Google AdWords” and, as part of Google AdWords, the conversion tracking of Google LLC., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). We use the Google AdWords offer to draw attention to our attractive offers with the help of advertising materials (so-called Google AdWords) on external websites. In relation to the data from the advertising campaigns, we can determine how successful the individual advertising measures are. We are interested in showing you advertising that is of interest to you, making our website more interesting for you and achieving a fair calculation of advertising costs.
The conversion tracking cookie is set when a user clicks on an AdWords ad placed by Google. Cookies are small text files that are stored on your computer system. These cookies generally lose their validity after 30 days and are not used for personal identification. If the user visits certain pages on this website and the cookie has not yet expired, we and Google can see that the user clicked on the ad and was redirected to this page. Every Google AdWords customer receives a different cookie. Cookies cannot therefore be tracked via the websites of AdWords customers. The information obtained using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers find out the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information with which users can be personally identified. If you do not want to participate in tracking, you can block this usage by deactivating the Google conversion tracking cookie in your internet browser under user settings. You will then not be included in the conversion tracking statistics. We use Google AdWords because of our legitimate interest in targeted advertising in accordance with Article 6 (1) (f) GDPR.
You can find more information about Google’s data protection provisions at the following Internet address: https // www.google.de / policies / privacy /
You can permanently deactivate cookies for ad preferences by preventing them by setting your browser software accordingly or by downloading and installing the browser plug-in available under the following link:
https://www.google.com/settings/ads/plugin?hl=de
Please note that certain functions of this website may not be able to be used or only to a limited extent if you have deactivated the use of cookies.
12) Web Analysis Services
12.1 Google (Universal) Analytics
– Google Analytics
This website uses Google Analytics, a web analysis service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). Google Analytics uses so-called “cookies”, text files that are stored on your computer and that enable your use of the website to be analyzed. The information generated by the cookie about your use of this website (including the shortened IP address) is usually transmitted to a Google server in the USA and stored there.
This website uses Google Analytics exclusively with the extension “_ AnonymizeIP ()”, which ensures anonymization of the IP address by abbreviation and excludes direct personal reference. As a result of the extension, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address is only transmitted to a Google server in the USA and shortened there in exceptional cases. In these exceptional cases, this processing is carried out in accordance with Article 6 (1) (f) GDPR on the basis of our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes.
Google will use this information on our behalf to evaluate your use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by using the browser plug-in available under the following link in download and install:
https://tools.google.com/dlpage/gaoptout?hl=de
As an alternative to the browser plug-in or within browsers on mobile devices, please click on the following link to set an opt-out cookie that will prevent Google Analytics from collecting data on this website in the future (this opt-out cookie only works in this browser and only for this domain, if you delete your cookies in this browser, you have to click this link again) : Deactivate Google Analytics
You can find more information on how Google Analytics handles user data in Google’s data protection declaration: https://support.google.com/analytics/answer/6004245?hl=de
12.2 Screen sharing
This website does not utilize any screen sharing applications.
13) Retargeting/Remarketing/ Referral Advertising
Bing Ads (Microsoft Corporation)
This website uses the conversion tracking technology “Bing Ads” from Microsoft (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA). Microsoft Bing Ads places a cookie on your computer if you have reached our website via a Microsoft Bing ad. Cookies are small text files that are stored on your computer system. These cookies lose their validity after 180 days and are not used for personal identification. If the user visits certain pages on this website and the cookie has not yet expired, we and Microsoft can see that the user clicked on the ad and was redirected to this page (conversion page). If personal data is processed in this context, this is done in accordance with Article 6 (1) (f) GDPR due to our legitimate interest in effective marketing.
The information obtained using the conversion cookie is used to create conversion statistics, ie to record how many users reach a conversion page after clicking on an ad. This tells us the total number of users who clicked on our ad and were forwarded to a page with a conversion tracking tag. However, we do not receive any information with which users can be personally identified.
If you do not want to participate in tracking, you can object by simply deactivating the Bing Ads conversion tracking cookie in your Internet browser under user settings. You will then not be included in the conversion tracking statistics. Alternatively, you can use the deactivation page for consumers from the EU https://www.youronlinechoices.com/uk/your-ad-choices/ to check whether Microsoft’s advertising cookies are set in your browser and deactivate them.
You can find more information about the data protection provisions of Microsoft Bing Ads at the following Internet address: https://privacy.microsoft.com/de-de/privacystatement
Google AdWords remarketing
Our website uses the functions of Google AdWords Remarketing, with this we advertise this website in the Google search results as well as on third-party websites. The provider is Google LLC., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). For this purpose, Google places a cookie in the browser of your end device, which automatically enables interest-based advertising using a pseudonymous cookie ID and based on the pages you have visited. The processing takes place on the basis of our legitimate interest in the optimal marketing of our website in accordance with Art. 6 Para. 1 lit. f GDPR.
Any further data processing will only take place if you have agreed to Google that your internet and app browser history will be linked to your Google account by Google and that information from your Google account will be used to personalize advertisements that you will find on the web consider. In this case, if you are logged in to Google while visiting our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, your personal data is temporarily linked by Google with Google Analytics data in order to form target groups.
You can permanently deactivate the setting of cookies for ad preferences by downloading and installing the browser plug-in available under the following link: https://www.google.com/settings/ads/onweb/
Alternatively, you can contact the Digital Advertising Alliance at the Internet address www.aboutads.info to find out about the setting of cookies and make settings for this. Finally, you can set your browser so that you are informed about the setting of cookies and individually decide whether to accept them or to exclude the acceptance of cookies for certain cases or in general. If you do not accept cookies, the functionality of our website may be restricted.
Further information and the data protection provisions regarding advertising and Google can be viewed here:
https://www.google.com/policies/technologies/ads/
14) novomind iCHAT or similar.
We do not utilize a chatbot feature.
15) Contact via Telephone Hotline
When contacting us via our hotline, personal data may be collected and processed. The telephone number you use when calling may be recorded.
In addition, our hotline staff may request your name and e-mail address. If you have created a customer account with us under the e-mail address you provided, our hotline staff can associate your e-mail address to this customer account and access the data stored in the customer account. The stored data includes your full name, your address, your payment details, your orders, products saved by you as favorites, as well as notes on previous inquiries and previous correspondence.
The essential contents of the conversation concerning your request may be recorded by our hotline staff in the form of a written note for the further processing of your request, which we can access if we contact you again.
The data collected when contacting us via our hotline is collected and processed exclusively for the purpose of processing your request, including the associated further communication and technical administration/support.
The legal basis for processing the data is our legitimate interest in responding to your request pursuant to Art. 6 (1) lit. f DSGVO. If the purpose of your call is to enter into a contract with us or you have questions regarding an existing contract with us, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO.
Your data will be deleted upon completion of the processing of your request.
This is the case if it is clear from the circumstances that the matter in question has been conclusively resolved and provided that there are no conflicting statutory retention obligations.
Protecting the privacy of people under the age of 16 on the Internet
Personal data from minors (under 16 years of age) are not knowingly collected or used in any form by the sample company . As a rule we do not find out the age of the visitor to our website. However, we have not taken any specific measures to protect such data to a particular degree. Without the express consent of their parents or guardians, persons under the age of 16 may not transmit any personal data.
16) Rights of the Data Subject
16.1 The applicable data protection law grants you comprehensive rights of data subjects (information and intervention rights) vis-à-vis the person responsible with regard to the processing of your personal data, about which we will inform you below:
Right to information in accordance with Art. 15 GDPR: In particular, you have a right to information about your personal data processed by us, the processing purposes, the categories of personal data processed, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned Storage period or the criteria for determining the storage period, the existence of a right to correction, deletion, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if we did not collect them from you, the Existence of automated decision-making including profiling and, if necessary, meaningful information about the logic involved and the scope and the intended effects of such processing, as well as your right to be informed about the guarantees pursuant to Art. 46 GDPR when your data is forwarded in D rittlands exist;
Right to correction according to Art. 16 GDPR: You have the right to immediate correction of incorrect data concerning you and / or completion of your incomplete data stored by us;
Right to deletion according to Art. 17 GDPR: You have the right to request the deletion of your personal data if the requirements of Art. 17 Para. 1 GDPR are met. However, this right does not exist in particular if the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
Right to restriction of processing in accordance with Art. 18 GDPR: You have the right to request that the processing of your personal data be restricted as long as the correctness of your data is checked, if you refuse to delete your data due to inadmissible data processing and instead request the Request restriction of the processing of your data if you need your data to assert, exercise or defend legal claims after we no longer need this data after the purpose has been achieved or if you have objected for reasons of your particular situation, as long as it is not certain whether our legitimate Reasons outweigh;
Right to information in accordance with Art. 19 GDPR: If you have asserted the right to correction, deletion or restriction of processing against the person responsible, the person responsible is obliged to notify all recipients to whom the personal data relating to you has been disclosed, this correction or deletion of the data or To communicate restriction of processing, unless this proves to be impossible or involves a disproportionate effort. You have the right to be informed about these recipients.
Right to data portability in accordance with Art. 20 GDPR: You have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another person responsible, insofar as this is technically feasible;
Right to revoke consent given in accordance with Art. 7 Para. 3 GDPR: You have the right to revoke your consent to the processing of data at any time with effect for the future. If you withdraw your consent, we will delete the data concerned immediately, unless further processing can be based on a legal basis for processing without consent. Withdrawing your consent does not affect the legality of the processing carried out on the basis of your consent up to the point of withdrawal;
Right to lodge a complaint in accordance with Art. 77 GDPR: If you are of the opinion that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, your place of work or the place of the alleged infringement.
In Bavaria, the competent supervisory authority is:
Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 27
91522 Ansbach
16.2 RIGHT TO OBJECT
IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR MAINLY LEGITIMATE INTEREST, YOU HAVE THE AT ANY TIME TO PROCESS YOUR PERSONAL DATA, FOR REASONS THAT WE GIVE UPON YOUR SPECIFIC SITUATION.
IF YOU MAKE USE OF YOUR RIGHT TO OBJECT, WE WILL END THE PROCESSING OF THE DATA CONCERNED. FURTHER PROCESSING IS RESERVED IF WE CAN PROVE COMPULSORY REASONS FOR PROCESSING THAT OUTSIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING OR EXPRESSION APPLIES.
IF YOUR PERSONAL DATA IS PROCESSED BY US IN ORDER TO OPERATE DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING. YOU MAY OBJECTIVE AS DESCRIBED ABOVE.
IF YOU MAKE USE OF YOUR RIGHT TO OBJECT, WE WILL END THE PROCESSING OF THE DATA AFFECTED FOR DIRECT ADVERTISING PURPOSES.
17) Duration of Storage of Personal Data
The duration of the storage of personal data is based on the respective statutory retention period (e.g. commercial and tax retention periods). After the period has expired, the relevant data will be routinely deleted, provided that they are no longer required for contract fulfillment or contract initiation and / or we have no legitimate interest in further storage.
The security of your data
The data you provide to Endor AG is protected by suitable technical and organizational means with the aim of protecting your data against accidental or deliberate manipulation, loss, destruction, access by unauthorized persons or unauthorized disclosure to third parties. Our security measures are continuously monitored and improved in line with technological developments and organizational possibilities.