Data protection
Data protection
Collection, storage, transfer and deletion of personal data as well as the type and purpose of their use
a) Visiting the website
When you visit our website, information is automatically sent to the server on our website in a so-called server log file. This information, in particular your IP address, date and time of access, name and URL of the retrieved file, website from which access is made, browser used, the operating system of your computer and the name of your access provider are stored temporarily.
This access data is used to ensure a smooth connection to the website, to ensure comfortable use of our website, to evaluate system security and stability and for other administrative purposes. The legal basis for data processing is Article 6 Paragraph 1 Clause 1 Letter f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person.
b) Contact, contract processing and creation of a customer account
We process personal data that we receive from you for appropriate processing and for the mutual fulfillment of obligations from the business relationship (contacting, ordering) including general contract initiation, contract implementation and termination of contractual relationships (Art. 6 Para. 1 lit. b DSGVO). to have. We also process this data on the basis of legal requirements (Art. 6 Para. 1 S. 1 lit. c GDPR), such as for the fulfillment of commercial or tax law storage obligations or the fulfillment of reporting or information obligations to authorities.
The data processing in connection with the opening of a customer account takes place on the basis of your consent (Art. 6 Para. 1 S. 1 lit. a DSGVO). You can delete the customer account at any time.
The processing of personal data is required as described to carry out the business relationship with the business partner. These are essentially contact details and data required for business transactions (bank and payment data), information from publicly available sources, if applicable, and other data whose processing is required within the framework of the execution of a contractual relationship or is provided voluntarily.
We offer our services on platforms operated by third parties. In this context, the data protection information of the respective provider applies in addition to our data protection information. This applies in particular with regard to the methods used on the platforms for measuring reach and for interest-based marketing.
Further information on the processing of your data, in particular on the transfer to service providers for the purpose of payment and shipping processing, can be found in points c) and d) below.
After the contract has been fully processed or your customer account has been deleted, your data will usually be deleted after the retention periods under tax and commercial law have expired, unless you have expressly consented to further use of your data or we reserve the right to use the data beyond this, which is permitted by law.
c) Dispatch processing
In order to fulfill the contract, service providers are commissioned with the processing of personal data with regard to logistics and transport (Art. 6 Para. 1 lit. b DSGVO). They are contractually obliged to comply with data protection regulations. In this context, the data protection information of the respective provider applies in addition to our data protection information.
d) payment processing
We work together with banks and other payment service providers (collectively “payment service providers”) to process the payment of orders. Depending on the payment method, we forward your payment information to these payment service providers in order to fulfill the contract. In some cases, the payment service providers collect the data required for processing the payment themselves, e.g. B. on your own website or via a technical integration in the ordering process. The legal basis for this data processing is Article 6 Paragraph 1 Clause 1 Letter a GDPR, Article 6 Paragraph 1 Clause 1 Letter b GDPR and Article 6 Paragraph 1 Clause 1 Letter f GDPR.
The data processed by the payment service provider is regularly inventory data, in particular name, address, bank details, e-mail address, telephone number or other data required for payment processing. The transmitted data may be transmitted by the payment service providers to credit agencies. The purpose of this transmission is to check identity and creditworthiness. The payment service providers may also pass on your data to third parties if this is necessary to fulfill contractual obligations or if the data is to be processed on behalf of them.
The terms and conditions and data protection notices of the respective payment service providers apply to the payment transactions, which can be accessed within the respective websites or transaction applications.
Further information can also be found in the data protection declarations of our service providers:
PayPal
PayPal (Europe) S.à rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg
https://www.paypal.com/de/webapps/mpp/ua/privacy-full
Klarna
Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden https://www.klarna.com/de/datenschutz/
Amazon Pay
Amazon Payments Europe SCA 5, Rue Plaetis – 2338 Luxembourg
https://pay.amazon.com/de/help/201751600
Google Pay
Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de
Apple Pay
Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland
https://support.apple.com/de-de/HT203027
Woocommerce Payments
https://woocommerce.com/document/woocommerce-paypal-payments/
Mastercard
Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium
https://www.mastercard.de/de-de/datenschutz.html
Visas
Visa Europe Services Inc., 1 Sheldon Square, London W2 6TT, UK
https://www.visa.de/bedingungen/visa-privacy-center.html
American Express
American Express Europe SA, Theodor-Heuss-Allee 112, 60486 Frankfurt am Main
https://www.americanexpress.com/de/legal/online-datenschutzerklarung.html
e) Information letter by e-mail
The data processing in connection with the sending of information letters by e-mail takes place on the basis of your consent (Art. 6 Para. 1 S. 1 lit. a DSGVO). You can unsubscribe at any time.
After you have unsubscribed, we will delete your e-mail address from the list of recipients, unless you have expressly consented to further use of your data in accordance with Article 6 Paragraph 1 Sentence 1 lit is permitted and about which we will inform you in this statement.
cookies
The websites use cookies. Cookies are text files that are filed and stored on a computer system. Numerous websites and servers use cookies. Most cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which websites and servers can be assigned to the specific internet browser in which the cookie was stored. This enables the visited websites and servers to distinguish the individual browser of the person concerned from other internet browsers that contain other cookies. A specific internet browser can be recognized and identified via the unique cookie ID. Through the use of cookies, we can provide the users of this website with more user-friendly services that would not be possible without the cookie setting. By means of a cookie, the information and offers on our website can be optimized for the user. As mentioned above, cookies enable us to recognize the users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, the user of a website that uses cookies does not have to re-enter their access data each time they visit the website because this is done by the website and the cookie stored on the user’s computer system. Another example is the cookie of a shopping cart in the online shop. This remembers the items that a customer has placed in the virtual shopping cart via a cookie. The person concerned can prevent the setting of cookies by our website at any time by means of a corresponding setting in the Internet browser used and thus object to the setting of cookies. Furthermore, cookies that have already been set can be deleted via the appropriate settings in the respective Internet browser. This is possible in all common internet browsers. If the person concerned deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable. The person concerned can prevent the setting of cookies by our website at any time by means of a corresponding setting in the Internet browser used and thus object to the setting of cookies. Furthermore, cookies that have already been set can be deleted via the appropriate settings in the respective Internet browser. This is possible in all common internet browsers. If the person concerned deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable. The person concerned can prevent the setting of cookies by our website at any time by means of a corresponding setting in the Internet browser used and thus object to the setting of cookies. Furthermore, cookies that have already been set can be deleted via the appropriate settings in the respective Internet browser. This is possible in all common internet browsers. If the person concerned deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable. This is possible in all common internet browsers. If the person concerned deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable. This is possible in all common internet browsers. If the person concerned deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable.
social media
We maintain online presences within social networks. We expressly draw your attention to the fact that the providers store the data of their users (e.g. personal information, IP address, etc.) in accordance with their data usage guidelines and use it for business purposes. We have no influence on the data collection and its further use by the social networks. You can find out more about the processing of data by the social networks under the following links:
Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland
https://www.facebook.com/about/privacy/
Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland
https://help.instagram.com/519522125107875
youtube
Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland
https://policies.google.com/privacy?hl=de
Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland
https://twitter.com/privacy?lang=en
data subject rights
You have the right:
- to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a Right of appeal, the origin of your data, if not collected from us, and the existence of automated decision-making including profiling and, if necessary, meaningful information about their details;
- in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us;
- According to Art. 17 GDPR, to request the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims is required;
- According to Art. 18 GDPR, to request the restriction of the processing of your personal data, insofar as you dispute the accuracy of the data, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you use them to assert, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 GDPR;
- in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request transmission to another person responsible;
- pursuant to Art. 7 Para. 3 GDPR, to revoke the consent you have given to us at any time. As a result, we are no longer allowed to continue the data processing based on this consent for the future and
- to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.
Right to object
If your personal data is processed on the basis of legitimate interests in accordance with Article 6 Paragraph 1 Clause 1 Letter f GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR, provided there are reasons for this, which arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which we will implement without specifying a particular situation.
data security
Within the website visit, we use the widespread SSL (Secure Socket Layer) method in connection with the respective highest level of encryption. You can tell whether an individual page of our website is transmitted in encrypted form by the closed representation of the key or lock symbol in the lower status bar of your browser.
We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
Data Protection Officer
The external data protection officer is:
BANSBACH GmbH
accounting firm
tax consulting company
Gänsheidestrasse 67 – 74
70184 Stuttgart
Email: frage@datenschutz.schmittgall-gruppe.de
Updating and changing this data protection declaration
This data protection declaration is currently valid and has the status of August 2021.
Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration from our website at any time.