Unless otherwise specified below, the provision of your personal data is neither required by law or contract, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide will have no consequences. This applies only to the extent that no indication to the contrary is made in the subsequent processing operations.
“Personal data” means any information relating to an identified or identifiable natural person.
Your data may be transferred to third countries outside the European Union for which the EU Commission has issued an adequacy decision. Insofar as there is no adequacy decision by the EU Commission, such as e.g. for transfers to the U.S., data transfers are based on, among other things, standard contractual clauses as appropriate safeguards for the protection of personal data, available at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de
Contact
Responsible
Contact us if you wish. Responsible for data processing is: Ralf Natale, Im Oberried 15, 61194 Niddatal Germany, 0179/3923757, [email protected]
Initiative contact of the customer by e-mail
If you initiate business contact with us by e-mail, we collect your personal data (name, e-mail address, message text) only to the extent provided by you. The data processing is used to process and respond to your contact request.
If the contact serves the implementation of pre-contractual measures (e.g. consultation in case of interest in purchase, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
If the contact is made for other reasons, this data processing is based on Art. 6 para. 1 lit. f DSGVO from our overriding legitimate interest in processing and responding to your request. In this case, you have the right, for reasons arising from your particular situation, to exercise this right at any time based on Art. 6 para. 1 lit. f DSGVO based processing of personal data concerning you.
We will only use your e-mail address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when using the contact form
When using the contact form, we collect your personal data (name, e-mail address, message text) only to the extent provided by you. The data processing serves the purpose of contacting us.
If the contact serves the implementation of pre-contractual measures (e.g. consultation in case of interest in purchase, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
If the contact is made for other reasons, this data processing is based on Art. 6 para. 1 lit. f DSGVO from our overriding legitimate interest in processing and responding to your request. In this case, you have the right, for reasons arising from your particular situation, to exercise this right at any time based on Art. 6 para. 1 lit. f DSGVO based processing of personal data concerning you.
We will only use your e-mail address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Customer account orders
Customer account
When opening a customer account, we collect your personal data to the extent specified there. The purpose of data processing is to improve your shopping experience and to simplify order processing. The processing is carried out on the basis of Art. 6 para. 1 lit. a DSGVO with your consent. You may revoke your consent at any time by notifying us, without affecting the lawfulness of the processing carried out on the basis of the consent until revocation. Your customer account will be deleted afterwards.
Your data may be transferred to third countries outside the European Union for which the EU Commission has issued an adequacy decision. Insofar as there is no adequacy decision by the EU Commission, such as e.g. for transfers to the U.S., data transfers are based on, among other things, standard contractual clauses as appropriate safeguards for the protection of personal data, available at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de
Reviews
Advertising
Use of the e-mail address for sending newsletters
We use your e-mail address independently of the contract processing exclusively for our own advertising purposes for newsletter dispatch, provided that you have expressly consented to this. The processing is carried out on the basis of Art. 6 para. 1 lit. a DSGVO with your consent. You may revoke your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation. You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your e-mail address will then be removed from the distribution list.
Your data will be passed on to a service provider for e-mail marketing within the scope of order processing. The data will not be passed on to other third parties.
Payment service provider
When paying via the payment method of a third-party provider, the data required for payment processing is transmitted to PayPal. This processing is based on Art. 6 para. 1 lit. b GDPR. For the execution of this payment method, the data may then be passed on by PayPal to the respective provider. This processing is based on Art. 6 para. 1 lit. b GDPR. Local third-party providers can be, for example:
– Sofort (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany)
– giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main
When paying via the payment method purchase on account, the data required for payment processing are first transmitted to PayPal. For the execution of this payment method, the data will then be transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; “Ratepay”) in order to fulfill the contract with you with the selected payment method. This processing is based on Art. 6 para. 1 lit. b GDPR. If necessary, Ratepay carries out a credit check on the basis of mathematical-statistical procedures (probability or score values) using credit agencies according to the procedure already described above. The data processing serves the purpose of credit assessment for a contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f DSGVO from our overriding legitimate interest in protection against payment default when Ratepay makes advance payments. For more information on data protection and which credit agencies Ratpay uses, please visit https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.
For more information on data processing when using PayPal, please refer to the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Use of Consent Manager
We use the Consent Management Tool Consentmanager by Consentmanager AB (Håltegelvägen 1b, 72348 Västerås, Sweden; “Consentmanager”) on our website.
The tool allows you to give consent to data processing via the website, in particular the setting of cookies, as well as to exercise your right to withdraw consent already given.
Data processing serves the purpose of obtaining and documenting required consents for data processing and thus complying with legal obligations.
Cookies can be used for this purpose. The following information, among others, may be collected and transmitted to Consentmanager: Date and time of the page view, information about the browser you are using and the device you are using, anonymized IP address, opt-in and opt-out data. This data will not be passed on to other third parties.
The data processing is carried out for the fulfillment of a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR.
You can find more information on data protection at Consentmanager at: https://www.consentmanager.net/privacy.php
Advertising tracking analysis
Use of Google Analytics
We use the Google Analytics web analytics service provided by Google Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves the purpose of analyzing this website and its visitors, as well as for marketing and advertising purposes. For this purpose, Google will use the information obtained on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The following information, among others, may be collected: IP address, date and time of page view, click path, information about the browser you are using and the device you are using, pages visited, referrer URL (website from which you accessed our website), location data, purchase activity. The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google.
Google Analytics uses technologies such as cookies, web storage in the browser and tracking pixels, which allow an analysis of your use of the website. The information generated by this about your use of this website is usually transferred to a Google server in the USA and stored there. There is no EU Commission adequacy decision for the USA. The data transfer is carried out, among others, on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, viewable at: https://policies.google.com/privacy/frameworks and https://business.safety.google/adsprocessorterms/. Both Google and U.S. government agencies have access to your data. Your information may be linked by Google to other information, such as your search history, your personal accounts, your usage data from other devices, and any other information Google may have about you.
IP anonymization is activated on this website. This means that your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.
The use of cookies or similar technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You may revoke your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation.
For more information on terms of use and data privacy, please visit https://www.google.com/analytics/terms/de.html or https://www.google.de/intl/de/policies/ and https://policies.google.com/technologies/cookies?hl=de.
Use of the Facebook Pixel
We use the remarketing function “Custom Audiences” of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland “Facebook”) on our website.
Meta Platforms Ireland and we are jointly responsible for the collection of your data and the transmission of this data to Facebook when the service is integrated. This is based on an agreement between us and Meta Platforms Ireland on the joint processing of personal data, which defines the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum. Thereafter, we are responsible in particular for complying with the information obligations under Articles 13, 14 GDPR, for complying with the security requirements of Article 32 GDPR with regard to the correct technical implementation and configuration of the Service, and for complying with the obligations under Articles 33, 34 GDPR to the extent that a personal data breach affects our obligations under the Joint Processing Agreement. Meta Platforms Ireland has the responsibility to enable data subject rights under Art. 15 – 20 GDPR, to comply with the security requirements of Art. 32 GDPR with respect to the security of the Service, and to comply with the obligations under Art. 33, 34 GDPR to the extent that a personal data breach affects Meta Platforms Ireland’s obligations under the Joint Processing Agreement.
The application serves the purpose of targeting visitors to the website with interest-based advertising on the social network Facebook. For this purpose, Facebook’s remarketing tag was implemented on the website. Via this tag, a direct connection to the Facebook servers is established when visiting the website. This transmits to the Facebook server which of our pages you have visited. Facebook associates this information with your personal Facebook user account. When you visit the Facebook social network, you are then shown personalized, interest-based Facebook ads. Your data may be transferred to the USA. There is no EU Commission adequacy decision for the USA. The data transfer is based, among other things, on standard contractual clauses as appropriate safeguards for the protection of personal data, available at: https://www.facebook.com/legal/EU_data_transfer_addendum.
The use of cookies or similar technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You may revoke your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation.
For more information about the collection and use of data by Facebook, about your rights in this regard and options for protecting your privacy, please refer to Facebook’s privacy policy at https://www.facebook.com/about/privacy/.
Use of Google AdSense
We use the AdSense function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website. The data processing serves the purpose of renting advertising space on the website and targeting visitors to the website with interest-based advertising on these. By means of this function, visitors to the Provider’s website are shown personalized, interest-based advertisements from the Google Display Network. In doing so, Google uses cookies that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. There is no EU Commission adequacy decision for the USA. The data transfer is carried out, among others, on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, viewable at: https://policies.google.com/privacy/frameworks and https://business.safety.google/adscontrollerterms/. Google may transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
The use of cookies or similar technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You may revoke your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation.
For more information and Google’s privacy policy, please visit: https://www.google.com/policies/technologies/ads/ and https://www.google.de/policies/privacy/
Plug-ins and other
Using Facebook’s single sign-on feature
We use the single sign-on function (formerly Facebook Connect) of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “Facebook”) on our website.
Meta Platforms Ireland and we are jointly responsible for the collection of your data and the transmission of this data to Facebook when the service is integrated. This is based on an agreement between us and Meta Platforms Ireland on the joint processing of personal data, which defines the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum. Thereafter, we are responsible in particular for complying with the information obligations under Articles 13, 14 GDPR, for complying with the security requirements of Article 32 GDPR with regard to the correct technical implementation and configuration of the Service, and for complying with the obligations under Articles 33, 34 GDPR to the extent that a personal data breach affects our obligations under the Joint Processing Agreement. Meta Platforms Ireland has the responsibility to enable data subject rights under Art. 15 – 20 GDPR, to comply with the security requirements of Art. 32 GDPR with respect to the security of the Service, and to comply with the obligations under Art. 33, 34 GDPR to the extent that a personal data breach affects Meta Platforms Ireland’s obligations under the Joint Processing Agreement.
This feature allows website visitors to log in to the website using their existing Facebook account. The data processing serves the purpose of verification during registration, personalization as well as interest-based advertising targeting.
To offer the function on the website, a connection to the Facebook server is established. Cookies are used for this purpose. The following information, among others, may be collected and transmitted to Facebook: IP address, browser information, referrer URL (website from which you accessed our website), location data. This applies regardless of whether you are registered or logged in to the social network. Transmission also takes place for users who are not registered or logged in. If you are connected to one or more of your social network accounts at the same time, the collected information may also be associated with your respective profiles. You can prevent this assignment by logging out of your social media accounts before visiting our website and before activating the buttons. Your data may be transferred to the USA. There is no EU Commission adequacy decision for the USA. The data transfer is based, among other things, on standard contractual clauses as appropriate safeguards for the protection of personal data, available at: https://www.facebook.com/legal/EU_data_transfer_addendum.
When using the single sign-on function, the website visitor’s Facebook profile is linked to a customer account for this website. In doing so, we receive personal data of the user through Facebook, as specified in the login process. This may include, but is not limited to, the following information: Name, address, public profile information (e.g. name, profile picture, age, gender), e-mail address, friend lists, “Like” information.
The use of cookies or similar technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You may revoke your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation.
For more information about the collection and use of data by Facebook, about your rights in this regard and options for protecting your privacy, please refer to Facebook’s privacy policy at https://www.facebook.com/about/privacy/.
Data subject rights and storage period
Duration of storage
After the contract has been fully processed, the data will initially be stored for the duration of the warranty period, thereafter taking into account statutory, in particular tax and commercial law retention periods and then deleted after expiry of the period, unless you have consented to further processing and use.
Rights of the data subject
If the legal requirements are met, you have the following rights according to Art. 15 to 20 DSGVO: the right to information, to correction, to deletion, to restriction of processing, to data portability.
In addition, according to Art. 21 para. 1 DSGVO the right to object to processing based on Art. 6 para. 1 f DSGVO, as well as against processing for the purpose of direct marketing.
Right of complaint to the supervisory authority
In accordance with Art. 77 DSGVO, you have the right to lodge a complaint with the supervisory authority if you consider that the processing of your personal data is not lawful.
You can lodge a complaint with, among others, the supervisory authority responsible for us, which you can reach at the following contact details:
Hessian Commissioner for Data Protection and Freedom of Information
PO Box 3163
65021 Wiesbaden
Tel.: +49 611 14080
Fax: +49 611 1408900 or +49 611 1408901
E-mail: [email protected]
Right of objection
If the personal data processing listed here is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f DSGVO, you have the right to object to this processing with effect for the future at any time for reasons arising from your particular situation.
After the objection has been made, the processing of the data concerned will be terminated unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the purpose of asserting, exercising or defending legal claims.
last update: 10.01.2022