Data protection

Home / Data protection

--------------------
Data protection
--------------------


1) Information about the collection of personal data and contact details of the person responsible
1.1 We are pleased that you visit our website and thank you for your interest. In the following we inform you about the handling of your personal data when using our website. Personal data is all data that personally identifies you.
1.2 Responsible for the data processing on this website within the meaning of the General Data Protection Regulation (DSGVO) is Friess, Barbara & Acker, Jens GbR, Soderstücker Weg 1, 65510 Hünstetten, Germany, Tel .: +49 (0) 6438 9236829, E-Mail : [email protected]. The person responsible for the processing of personal data is the natural or legal person who, alone or in concert with others, decides on the purposes and means of processing personal data.
1.3 For reasons of security and to protect the transfer of personal data and other confidential content (for example, orders or inquiries to the person responsible), this website uses an SSL or Internet connection. TLS encryption. You can recognize an encrypted connection by the string "https: //" and the lock icon in your browser bar.

2) Data collection when visiting our website
In the case of merely informative use of our website, ie if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following information that is technically necessary for us to display the website:
- Our visited website
- Date and time at the time of access
- Amount of data sent in bytes
- Source / reference from which you came to the site
- Browser used
- Operating system used
- used IP-adress (possibly in anonymous form)
The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO based on our legitimate interest in improving the stability and functionality of our website. A transfer or other use of the data does not take place. However, we reserve the right to retrospectively check the server logfiles should concrete evidence point to unlawful use.

3) cookies
In order to make the visit to our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of the browser session, ie after closing your browser (so-called session cookies). Other cookies remain on your device and allow us or our affiliate (third-party cookies) to recognize your browser the next time you visit it (so-called persistent cookies). If cookies are set, they collect and process specific user information, such as browser and location data as well as IP address values, to an individual extent. Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie.
Some of the cookies are used to simplify the ordering process by storing settings (for example, remembering the contents of a virtual shopping cart for later visit to the website). If personal data are also processed by individual cookies we use, the processing will be carried out in accordance with Art. 6 para. 1 lit. b DSGVO either for the execution of the contract or in accordance with Art. 6 para. 1 lit. f DSGVO for safeguarding our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the page visit.
We may work with advertising partners to help us make our web site more interesting to you. For this purpose, in this case, when you visit our website, cookies from partner companies are stored on your hard disk (third-party cookies). If we cooperate with aforementioned advertising partners, you will be informed individually and separately about the use of such cookies and the scope of the information collected in the following paragraphs.
Please note that you can set your browser so that you are informed about the setting of cookies and individually decide on their acceptance or can exclude the acceptance of cookies for specific cases or in general. Each browser differs in the way it manages the cookie settings. This is described in the Help menu of each browser, which explains how to change your cookie settings. These can be found for the respective browser under the following links:
Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
Firefox: https://support.mozilla.org/en/kb/cookies-allow-and-dispose
Chrome: https://support.google.com/chrome/answer/95647?hl=en&hlrm=en
Safari: https://support.apple.com/en-us/guide/safari/sfri11471/mac
Opera: https://help.opera.com/en/latest/web-preferences/#cookies
Please note that if you do not accept cookies, the functionality of our website may be limited.

4) contact
When contacting us (for example via contact form or e-mail), personal data is collected. Which data are collected in the case of a contact form can be seen from the respective contact form. These data are stored and used solely for the purpose of answering your request or for establishing contact and the associated technical administration. The legal basis for the processing of this data is our legitimate interest in answering your request in accordance with Art. 6 para. 1 lit. f DSGVO. If your contact is aimed at the conclusion of a contract, then additional legal basis for processing is Art. 6 para. 1 lit. b DSGVO. Your data will be deleted after final processing of your request. This is the case if it can be inferred from the circumstances that the matter in question has been finally clarified and provided that no statutory storage requirements are in conflict.

5) Data processing when opening a customer account and for contract execution
According to Art. 6 para. 1 lit. b DSGVO, personal data will continue to be collected and processed if you provide it to us for the purpose of concluding a contract or opening a customer account. The data collected is shown in the respective input forms. A deletion of your customer account is possible at any time and can by a message to the o.g. Address of the responsible person. We store and use the data you have provided for the execution of the contract. After completion of the contract or cancellation of your account your data will be locked with regard to tax and commercial law retention periods and erased after these periods, unless you have expressly consented to further use of your data or a lawful further data using our site reserved which we will inform you accordingly below.

6) Data processing for order processing
6.1 In order to process your order, we cooperate with the following service providers who assist us wholly or partially in the execution of concluded contracts. Certain personal data will be transmitted to these service providers in accordance with the following information.
The personal data collected by us will be passed on to the transport company commissioned with the delivery within the scope of the contract, insofar as this is necessary for the delivery of the goods. We will pass on your payment details to the commissioned bank as part of the processing of payments, if this is necessary for the processing of payments. If payment service providers are used, we will inform you explicitly below. The legal basis for the transfer of the data is Art. 6 para. 1 lit. b DSGVO.
6.2 Use of payment service providers (payment services)
- giropay
If payment is made via "giropay", payment will be processed via giropay GmbH, An der Welle 4, 60322 Frankfurt / Main, to whom we will pass on your information communicated during the ordering process in addition to the information about your order. The transfer of your data takes place in accordance with Art. 6 para. 1 lit. b DSGVO exclusively for the purpose of payment processing and only insofar as it is necessary for this purpose. Further information about the privacy policy of giropay GmbH can be found at the following Internet address: https://www.giropay.de/rechtliches/datenschutz-agb/.
- Klarna
If a Klarna payment service is selected, payment is processed via Klarna Bank AB (publ) [https://www.klarna.com], Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter referred to as "Klarna"). In order to facilitate the processing of the payment, your personal data (first and last name, street, house number, postal code, city, gender, e-mail address, phone number and IP address) as well as data related to the order (eg invoice amount, article, type of delivery) for the purpose of identity and credit checks to Klarna, provided that they are provided in accordance with Art. 6 para. 1 lit. a DSGVO in the context of the order process expressly consented. To which credit agencies your data can be forwarded, you can see here:
https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies
The credit information can contain probability values ​​(so-called score values). As far as score values ​​are included in the results of the credit rating, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of score values ​​includes, but is not limited to, address data. The received information about the statistical probability of a payment default uses Klarna for a balanced decision on the creation, implementation or termination of the contractual relationship.
You can revoke your consent at any time by sending a message to the controller or to Klarna. However, Klarna may continue to be entitled to process your personal data, if this is necessary for the contractual payment.
Your personal details will be in accordance with the applicable data protection regulations and in accordance with the information in Klarnas Data Protection Policy for data subjects based in Germany https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy
or for those affected in Austria https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy
treated.
- Mollie
If you choose a payment method of the payment service provider Mollie, payment will be processed by the payment service provider Mollie BV, Keizersgracht 313, 1016 EE Amsterdam, Netherlands, to whom we will provide your information provided during the ordering process along with information about your order (name, address, IBAN, BIC, invoice amount, currency and transaction number) according to Art. 6 para. 1 lit. b Pass on DSGVO. The transfer of your data takes place exclusively for the purpose of payment processing with the payment service provider Mollie and only insofar as it is necessary for this purpose.
- Paypal
For payments via PayPal, credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "installment payment" via PayPal, we will transfer your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"), further. The disclosure is made in accordance with Art. 6 para. 1 lit. b DSGVO and only insofar as this is necessary for the payment process.
PayPal reserves itself for the payment methods credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "installment" via PayPal the execution of a credit check. If necessary, your payment data will be processed in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of the legitimate interest of PayPal in the determination of their solvency to credit bureaus passed. The result of the credit check for statistical probability of default is used by PayPal for the purpose of deciding on the provision of the respective payment method. The credit information can contain probability values ​​(so-called score values). As far as score values ​​are included in the results of the credit rating, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of score values ​​includes, but is not limited to, address data. Further data protection information, among other things to the used credit reference agencies, please refer to the privacy policy of PayPal: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may continue to be entitled to process your personal data if this is necessary for the contractual payment process.
- IMMEDIATELY
If the payment method "IMMEDIATELY" is selected, the payment is processed via the payment service provider SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter "IMMEDIATELY"), to which we provide your information communicated in the course of the ordering process in addition to the information about your order in accordance with Art. 6 para. 1 lit. b Pass on DSGVO. The Sofort GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). The transfer of your data is exclusively for the purpose of processing payments with the payment service provider SOFORT and only insofar as it is necessary for this. Further information on the privacy policy of SOFORT can be found at the following Internet address: https://www.klarna.com/sofort/datenschutz.
7) Web analysis services
Google (Universal) Analytics
Google Universal Analytics with demographics
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google Analytics uses so-called cookies, which are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website (including the shortened IP address) is usually transmitted to and stored by Google on a server, in which case it may also be transmitted to the servers of Google LLC. come in the US.
This website uses Google Analytics exclusively with the extension "_anonymizeIp ()", which ensures anonymization of the IP address by curtailment and excludes a direct personal reference. The extension will truncate your IP address beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a server of Google LLC.in the USA and shortened there. In these exceptional cases, this processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO based on our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes.
Google will use this information on our behalf to evaluate your use of the website, to compile reports on website activity and to provide us with other services related to website activity and internet usage. The IP address provided by Google Analytics within the framework of Google Analytics will not be merged with other data provided by Google.
You can prevent the storage of cookies by setting your browser software accordingly. However, please be aware that if you do this you may not be able to use the full functionality of this website. In addition, you may prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading the browser plug-in available at the following link and install:
https://tools.google.com/dlpage/gaoptout?hl=de
As an alternative to the browser plug-in or within browsers on mobile devices, please click on the following link to set an opt-out cookie, which will prevent Google Analytics from entering this website in the future (this opt-out cookie only works in this browser and only for this domain, delete your cookies in this browser, you must click this link again): <a onclick = "alert ('Google Analytics has been disabled');" href = "javascript: gaOptout ()"> Disable Google Analytics </a>
In the case of transmission of personal data to the Google LLC. Based in the US, Google LLC has become. is certified for the us European Data Protection Convention "Privacy Shield", which ensures compliance with the data protection standard in force in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list
This website also uses Google Analytics for cross-device analysis of visitor traffic conducted through a user ID. When a page is called up for the first time, the user is assigned a unique, permanent and anonymized ID, which is set across all devices. This makes it possible to assign interaction data from different devices and from different sessions to a single user. The user ID does not contain any personal data and does not transmit it to Google.
Data collection and storage via the user ID can be contradicted at any time with effect for the future. To do this, you'll need to disable Google Analytics on any system you use, such as another browser or your mobile device.
This website also uses the "demographics" feature of Google Analytics. This can be used to generate reports that include statements about demographic data such as age, gender, and the interests of site visitors. This data comes from interest-based advertising from Google, the Google Display Network, as well as third-party visitor data. You can disable this feature at any time through the ad settings in your Google Account, or generally prohibit the collection of your data by Google Analytics as shown immediately.
You can deactivate it using a Google browser plugin (https://tools.google.com/dlpage/gaoptout?hl=de). As an alternative to the browser plug-in or within browsers on mobile devices, please click on the following link to set an opt-out cookie that will prevent Google Analytics from entering this website in the future (this opt-out cookie only works in this browser and only for this domain, delete your cookies in this browser, you must click this link again): <a onclick = "alert ('Google Analytics has been disabled');" href = "javascript: gaOptout ()"> Disable Google Analytics </a>
More information about Google (Universal) Analytics can be found here: https://support.google.com/analytics/answer/2838718?hl=en&ref_topic=6010376

8) Rights of the person concerned
8.1 The applicable data protection law grants you comprehensive data protection rights (information and intervention rights) to the person responsible with regard to the processing of your personal data, which we inform you about below:
- Right of access according to Art. 15 GDPR: In particular, you have a right to information about the personal data processed by us, the processing purposes, the categories of processed personal data, the recipients or categories of recipients to whom your data has been disclosed or will be planned storage period or the criteria for determining the storage period, the right of rectification, deletion, limitation of processing, objection to processing, complaint to a supervisory authority, the origin of your data, if they were not collected by us, the existence of automated decision-making, including profiling and, where appropriate, meaningful information about the logic involved and the scope involved and the intended effects of such processing, as well as your right to be informed, which guarantees pursuant to Art. 46 GDPR when forwarded Your data to third countries;
- Right to correction pursuant to Art. 16 GDPR: You have the right to immediate correction of incorrect data concerning you and / or completion of your incomplete data stored by us;
- Right to cancellation according to Art. 17 DSGVO: You have the right to demand the deletion of your personal data if the requirements of Art. 17 (1) GDPR are met. However, that right does not apply, in particular, where the processing is necessary for the exercise of the right to freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest or for the exercise, pursuit or defense of rights;
- Right to restriction of the processing according to Art. 18 GDPR: You have the right to demand the restriction of the processing of your personal data as long as the correctness of your data is checked, if you refuse a deletion of your data because of inadmissible data processing and instead require the restriction of the processing of your data, if you need your data for the assertion, exercise or defense of legal claims, after we no longer need these data after purpose or if you have objections based on your particular situation, as long as it is not certain, if our legitimate reasons prevail;
- Right to information in accordance with Article 19 GDPR: If you have asserted the right to rectify, delete or limit the processing to the person responsible, he / she is obliged to rectify or delete the data to all recipients to whom the personal data relating to you have been disclosed or limitation of processing, unless proving to be impossible or disproportionate. You have the right to be informed about these recipients.
- Right to data portability according to Art. 20 GDPR: You have the right to receive your personal data provided to us in a structured, standard and machine-readable format or to request transmission to another person responsible, as far as this is technically feasible ;
- Right of revocation of granted consent pursuant to Art. 7 (3) GDPR: You have the right to revoke a consent once given in the processing of data at any time with future effect. In the case of withdrawal, we will delete the data concerned immediately, as far as further processing can not be based on a legal basis for consentless processing. The revocation of consent does not affect the lawfulness of the processing effected on the basis of the consent until the revocation;
- Right to complain under Art. 77 GDPR: If you consider that the processing of personal data concerning you is contrary to the GDPR, you have the right to complain to a supervisory authority, in particular in any other administrative or judicial remedy the Member State of your whereabouts, your place of work or the place of the alleged infringement.
8.2 OPPOSITION RIGHT
IF, IN THE CONTEXT OF INTEREST ACCOUNTABILITY, WE PROCESS YOUR PERSONAL DATA BASED ON OUR PRESENT AUTHENTIC INTERESTS, YOU HAVE THE RIGHT OF REASONING, FOR REASONS OBTAINED FROM YOUR SPECIFIC SITUATION, TO CONTRADICT WITH THIS PROCESS, AND CONTRIBUTE TO THE FUTURE.
MAKE USE OF YOUR OPPOSITION RIGHT, WE FINISH THE PROCESSING OF THE AFFECTED DATA. FURTHER PROCESSING REMAINS SUBJECT TO DIFFERENCES WHEN WE MAY PROVIDE IMPERATIVE REASONABLE REASONS FOR PROCESSING THAT EXCEED ITS INTERESTS, FUNDAMENTAL RIGHTS AND FUNDAMENTAL FREEDOMS, OR IF THE PROCESSING OF THE PROVISIONS, EXERCISE OR DEFENSE OF LEGAL PROCEEDINGS IS DONE.
IF YOUR PERSONAL DATA IS PROCESSED BY US TO OPERATE DIRECT ADVERTISING, YOU HAVE THE RIGHT TO INTRODUCE ANY CONTESTING AGAINST THE PROCESSING OF YOU OF PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING. YOU CAN EXERCISE THE OPPOSITE AS DESCRIBED ABOVE.
MAKE USE OF YOUR OPPOSITION RIGHT, WE FINISH THE PROCESSING OF THE DATA CONCERNED FOR DIRECT COMMERCIAL PURPOSES.

9) Duration of storage of personal data
The duration of the storage of personal data is based on the respective legal basis, the purpose of processing and - if applicable - additionally based on the respective statutory retention period (for example, commercial and tax retention periods).
In the processing of personal data on the basis of explicit consent pursuant to Art. 6 para. 1 lit. a DSGVO, these data are stored until the person withdraws his consent.
There are statutory retention periods for data which, in the context of legal or similar obligations, are based on Art. 6 para. 1 lit. b DSGVO are processed, these data are routinely deleted after expiry of the retention periods, if they are no longer required for fulfillment of the contract or for initiating a contract and / or if there is no legitimate interest in the re-storage on our part.
In the processing of personal data on the basis of Art. 6 para. 1 lit. f DSGVO, these data will be stored until the person concerned exercises his right of objection under Art. 21 (1) GDPR, unless we can prove compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves the assertion, exercise or defense of legal claims.
In the processing of personal data for the purpose of direct advertising on the basis of Art. 6 para. 1 lit. f DSGVO, these data will be stored until the data subject exercises his right of objection under Art. 21 (2) GDPR.
Unless otherwise stated in the other information in this Declaration on Specific Processing Situations, stored personal data will be erased if they are no longer necessary for the purposes for which they were collected or otherwise processed.

© IT-Recht Kanzlei

Version: 201906032122