[Re: Privacy Compliance Officer Sandra Hofmann]
Franz-Joseph-Str. 11 München DE 80801 Germany
PERSONAL INFORMATION WE COLLECT
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information”.
We collect Device Information using the following technologies:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.
In order to make the visit to our website attractive and to enable the use of certain functions, to display suitable products or for market research, we use so-called cookies on various pages. This serves to safeguard our legitimate interests, which predominate in the context of a weighing up of interests, in order to optimize the presentation of our offer in accordance with Art. 6 (1) sentence 1 lit. f GDPR. Cookies are small text files that are automatically stored on your device. Some of the cookies we use are deleted after the end of the browser session, ie after closing your browser (so-called session cookies). Other cookies remain on your device and allow us to recognize your browser on your next visit (persistent cookies). The duration of the storage can be found in the overview in the cookie settings of your web browser. You can set your browser so that you are informed about the setting of cookies and individually decide on their acceptance or exclude the acceptance of cookies for specific cases or in general. Each browser differs in the way it manages the cookie settings. This is described in the Help menu of each browser, which explains how to change your cookie settings. These can be found for the respective browser under the following links:
Internet Explorer™: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
Opera™ : http://help.opera.com/Windows/10.20/de/cookies.html
Additionally, when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers), email address, and phone number. Additionally, when you purchase or attempt to make a purchase through the Site using PayPal, we collect PayPal email address. We refer to this information as “Order Information”.
Our website accepts payments via PayPal. The provider of this service is PayPal (Europe) S.à.r.l & Cie, S.C.A. (22-24 Boulevard Royal, L-2449 Luxembourg.
If you select payment via PayPal, the payment data you provide will be supplied to PayPal based on Art. 6 (1) (a) (Consent) and Art. 6 (1) (b) GDPR (Processing for contract purposes). You have the option to revoke your consent at any time with future effect. It does not affect the processing of data previously collected.
HOW DO WE USE YOUR PERSONAL INFORMATION?
We use the Order Information that we collect generally to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to:
- Communicate with you;
- Screen our orders for potential risk or fraud; and
- When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
- Handle disputes
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
Additionally, we use Device Information for behavioral advertising including retargeting with advertisements that may interest you using the advertising platforms offered by Facebook incl. Instagram, Youtube, Google.
SHARING YOUR PERSONAL INFORMATION
We share your Personal Information with third parties to help us use your Personal Information, as described above. For example, we use Shopify to power our online store--you can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy.
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful requests for information we receive, or to otherwise protect our rights.
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by using the links below:
- Facebook: https://www.facebook.com/settings/?tab=ads
- Google: https://www.google.com/settings/ads/anonymous
- Bing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
Google AdWords Remarketing
Google Adwords promotes this site on Google's search results and on third-party websites. For this purpose, when visiting our website, the so-called Remarketing cookie is set by Google, which automatically allows using a pseudonymous CookieID and based on the pages you visit an interest-based advertising. This serves to safeguard our legitimate interests, which predominate in the context of a weighing up of interests, in the optimal marketing of our website in accordance with Art. 6 para. 1 sentence 1 lit. f DSGVO. After the expiration and end of the use of Google AdWords Remarketing by us, the data collected in this context will be deleted.
Additional processing will only take place if you have agreed with Google that your web and app browsing history will be linked to your Google Account by Google and information from your Google Account will be used to personalize your ads on the web see. In this case, when you log in to Google during the page visit of our website, Google uses your data with Google Analytics data to create and define audience lists for cross-device remarketing. To do this, Google will temporarily associate your personal information with Google Analytics data to create audiences.
Google AdWords Remarketing is an offer from Google LLC (www.google.com).
Google LLC is headquartered in the US and is certified under the EU-US Privacy Shield. A current certificate can be viewed here. Under the agreement between the US and the European Commission, the latter has established an appropriate level of data protection for companies certified under the Privacy Shield.
You can disable the remarketing cookie through this link. In addition, you can inform yourself about the setting of cookies and make adjustments to the Digital Advertising Alliance.
Our website measures conversions using visitor action pixels from Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook").
These allow the behavior of site visitors to be tracked after they click on a Facebook ad to reach the provider's website. This allows an analysis of the effectiveness of Facebook advertisements for statistical and market research purposes and their future optimization.
You can also deactivate the custom audiences remarketing feature in the Ads Settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You will first need to log into Facebook.
If you do not have a Facebook account, you can opt out of usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.
If you're logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.
If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a) DSGVO. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the "unsubscribe" link in the newsletter. The data processed before we receive your request may still be legally processed.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members' area) remain unaffected.
This website uses the services of MailChimp to send newsletters. This service is provided by Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
MailChimp is a service which organizes and analyzes the distribution of newsletters. If you provide data (e.g. your email address) to subscribe to our newsletter, it will be stored on MailChimp servers in the USA.
MailChimp is certified under the EU-US Privacy Shield. The Privacy Shield is an agreement between the European Union (EU) and the US to ensure compliance with European privacy standards in the United States.
We use MailChimp to analyze our newsletter campaigns. When you open an email sent by MailChimp, a file included in the email (called a web beacon) connects to MailChimp's servers in the United States. This allows us to determine if a newsletter message has been opened and which links you click on. In addition, technical information is collected (e.g. time of retrieval, IP address, browser type, and operating system). This information cannot be assigned to a specific recipient. It is used exclusively for the statistical analysis of our newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to your interests.
If you do not want your usage of the newsletter to be analyzed by MailChimp, you will have to unsubscribe from the newsletter. For this purpose, we provide a link in every newsletter we send. You can also unsubscribe from the newsletter directly on the website.
Data processing is based on Art. 6 (1) (a) GDPR. You may revoke your consent at any time by unsubscribing to the newsletter. The data processed before we receive your request may still be legally processed.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted from our servers and those of MailChimp. Data we have stored for other purposes (e.g. email addresses for the members' area) remains unaffected.
Completion of a data processing agreement
We have entered into a data processing agreement with MailChimp, in which we require MailChimp to protect the data of our customers and not to disclose said data to third parties. This agreement may be viewed at the following link: https://mailchimp.com/legal/forms/data-processing-agreement/sample-agreement/.
DO NOT TRACK
Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.
Data collection and use for contract processing and opening a customer account
We collect personal information if you voluntarily provide it to us as part of your order, when contacting us (for example, by contact form or e-mail) or when opening a customer account. Obligatory fields are marked as such, since in these cases we need the data for contract execution, or to process your contact or opening the customer account and you can not complete the order and/or open the account without their information, or cannot send the contact. Which data is collected, can be seen from the respective input forms. We use the data communicated by you in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR for contract handling and processing of your inquiries. After completion of the contract or deletion of your customer account, your data will be restricted for further processing and deleted after expiry of the tax and commercial retention periods, unless you have expressly consented to a further use of your data or we reserve the right to further data use, it is legally permitted about which we inform you in this statement. The deletion of your customer account is possible at any time and can be done either by a message to the contact option described below or via a designated function in the customer account.
This site is not intended for individuals under the age of 16.
This website incorporates the Google Fonts script code from Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (after: Google). This district of the world of the world of the world of interest. 6 para. 1 lit. f) GDPR.
In this framework, a connection is established between the browsers and the servers of Google. As a result, Google understands that your website has been accessed through your IP address.
Google is certified under the EU-US Privacy Shield. A current certificate can be entered here. Http://en.wikipedia.org/wiki/Automatic_Schutz_Certified companies sets an adjusted data protection level.
Our online presence on Facebook, Instagram
Our presence on social networks and platforms serves better, more active communication with our customers and prospects. We inform you about our products and ongoing promotions.
When visiting our online social media sites, your information may be collected and stored automatically for marketing research and promotional purposes. From these data, so-called usage profiles are created using pseudonyms. These can be used to e.g. Place advertisements inside and outside the platforms that are allegedly in line with your interests. For this purpose, cookies are usually used on your device. These cookies store visitor behavior and the interests of users. This is according to Art. 6 para. 1 lit. f. GDPR the preservation of our legitimate interest in optimizing the representation of our offer and effective communication with our customers and interested parties. If you are asked by the respective social media platform operators for consent (consent) to the data processing, e.g. With the help of a checkbox, the legal basis for data processing is Art. 6 para. 1 lit. a GDPR.
As far as the aforementioned social media platforms are headquartered in the US, the following applies: For the US, a decision on the adequacy of the European Commission is available. This goes back to the EU-US Privacy Shield. A current certificate for the respective company can be viewed here.
If you are a European resident, you have the right to access the personal information we hold about you and to ask that your personal information is corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below or directly through the link to your personal information.
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
As a customer, you have the following rights:
according to Art. 15 GDPR, the right to demand information on the personal data processed by us in the scope specified therein;
in accordance with Art. 16 GDPR the right to demand without delay the correction of incorrect or complete personal data stored with us;
according to Art. 17 GDPR the right to demand the deletion of your personal data stored by us, unless further processing
- to exercise the right to freedom of expression and information;
- to fulfill a legal obligation;
- for reasons of public interest or
- to assert, exercise or defend legal claims
according to Art. 18 GDPR the right to demand the restriction of the processing of your personal data, as far as
- the accuracy of the data is disputed by you;
- the processing is unlawful, but you reject its deletion;
- we no longer need the data, but you need it for asserting, exercising or defending legal claims or
- you filed an objection against the processing in accordance with Art. 21 GDPR;
according to Art. 20 GDPR the right to receive your personal data, which you have provided us, in a structured, common and machine-readable format or to request the transfer to another person responsible;
according to Art. 77 GDPR the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.
For questions about the collection, processing or use of your personal data, information, correction, blocking or deletion of data and revocation of granted consent or objection to a particular use of data, please contact us directly via the contact details in our contact information.
Your right to object
To the extent that we process personal data as explained above in order to safeguard our legitimate interests, which are predominant in the context of a weighing up of interests, you can object to this processing with effect for the future. If the processing is for the purpose of direct marketing, you can exercise this right at any time as described above. Insofar as the processing takes place for other purposes, you are only entitled to a right of objection if there are reasons that arise from your particular situation. After exercising your right to object, we will not further process your personal data for these purposes, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights, and freedom, or if the processing of the assertion, exercise or defense of Legal claims serves. This does not apply if the processing is for direct marketing purposes. Then we will not process your personal data for this purpose. ************************************ *******************************
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e‑mail at firstname.lastname@example.org or by mail using the details provided below:
[Re: Privacy Compliance Officer Sandra Hofmann]
Franz-Joseph-Str. 11 München DE 80801 Germany