1) Information on the collection of personal data and contact details of the controller
1.1 We are pleased that you are visiting our website and thank you for your interest. In the following we inform you about the handling of your personal data when using our website. Personal data is all data with which you can be personally identified.
1.2The person responsible for the data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Hannah Stützer, Bassermannstr. 2, 39114 Magdeburg, Germany, tel.: 015229560610, e-mail: firstname.lastname@example.org. The controller of personal data is the natural or legal person who decides, alone or jointly with others, on the purposes and means of processing personal data.
1.3 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or requests to the controller), this website uses an SSL or/or TLS encryption. You can recognize an encrypted connection by the string “https://” and the lock icon in your browser line.
2) Data collection when visiting our website
When using our website in an informative way, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called “server log files”). When you visit our website, we collect the following information, which is technically necessary for us to show you the website:
- Our website visited
- Date and time at the time of access
- Amount of data sent in bytes
- Source/reference from which you came to the page
- Browser used
- Operating system used
- IP address used (possibly: in anonymized form)
The processing is carried out in accordance with Art. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or otherwise used. However, we reserve the right to check the server log files retrospectively if specific indications indicate illegal use.
In order to make the visit to our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your device and allow you to recognize your browser the next time you visit (so-called persistent cookies). When cookies are set, they collect and process specific user information such as browser and location data as well as IP address values. Persistent cookies are automatically deleted after a predetermined duration, which may vary depending on the cookie. The duration of the respective cookie storage can be found in the overview of the cookie settings of your web browser.
In some cases, the cookies are used to simplify the ordering process by storing settings (e.g. remembering the contents of a virtual shopping cart for a later visit to the website). Insofar as individual cookies used by us also process personal data, the processing will be carried out in accordance with Art. 1 lit. b GDPR either for the implementation of the contract, in accordance with Article 6(3) 1 lit. a GDPR in the event of consent or in accordance with Article 6(0). 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the website visit.
Please note that you can set your browser so that you are informed about the setting of cookies and can decide individually on their acceptance or exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages the cookie settings. This is described in the help menu of each browser, which explains how to change your cookie settings. These can be found for the respective browsers under the following links:
Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Please note that if cookies are not accepted, the functionality of our website may be limited.
Personal data is collected as part of the contact with us (e.g. via contact form or e-mail). The data collected in the case of a contact form can be seen from the respective contact form. This data will be stored and used exclusively for the purpose of answering your request or for contacting and the associated technical administration. The legal basis for the processing of this data is our legitimate interest in answering your request in accordance with Article 6 sec. 1 lit. f GDPR. If your contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 1 lit. b GDPR. Your data will be deleted after your request is processed. This is the case if it can be inferred from the circumstances that the facts in question have been finally clarified and that there are no statutory retention obligations.
5) Data processing when opening a customer account and for contract processing
In accordance with Art. 1 lit. b GDPR will continue to collect and process personal data if you provide it to us for the performance of a contract or when opening a customer account. The data collected can be seen from the respective input forms. Deletion of your customer account is possible at any time and can be done by sending a message to the above address of the controller. We store and use the data you provide for the execution of the contract. After the complete execution of the contract or deletion of your customer account, your data will be blocked with regard to tax and commercial retention periods and deleted after expiry of these periods, unless you have expressly consented to further use of your data or a legally permitted further use of data has been reserved by our site.
6) Comment function
The follow-up comments can be subscribed by you as a user. You will receive a confirmation email to ensure that you are the owner of the specified e-mail address (double opt-in procedure). The legal basis for data processing in the case of subscription to comments is Art. 1 lit. a GDPR. You can unsubscribe from ongoing comment subscriptions at any time with effect for the future, more information on the unsubscribe option can be found in the confirmation e-mail.
7) Use of customer data for direct marketing
Sign up for our e-mail newsletter
When you subscribe to our e-mail newsletter, we regularly send you information about our offers. The only mandatory information for sending the newsletter is your e-mail address. The provision of additional data is voluntary and will be used to address you personally. For sending the newsletter we use the so-called double opt-in procedure. This means that we will not send you an e-mail newsletter until you have expressly confirmed to us that you consent to receiving newsletters. We will then send you a confirmation e-mail asking you to confirm by clicking on a corresponding link that you want to receive the newsletter in the future.
By activating the confirmation link, you give us your consent for the use of your personal data in accordance with Art. 1 lit. a GDPR. When you register for the newsletter, we store your IP address entered by the Internet Service Provider (ISP) as well as the date and time of the registration in order to be able to understand a possible misuse of your e-mail address at a later time. The data collected by us when registering for the newsletter will be used exclusively for the purpose of advertising by means of the newsletter. You can unsubscribe from the newsletter at any time via the link provided for this purpose in the newsletter or by sending a corresponding message to the person responsible above. After unsubscribing, your e-mail address will be deleted immediately in our newsletter mailing list, unless you have expressly consented to further use of your data or we reserve the right to use your data beyond this, which is permitted by law and about which we inform you in this declaration.
8) Data processing for order processing
8.1 In order to process your order, we cooperate with the following service providers, who support us in whole or in part in the execution of concluded contracts. Certain personal data will be transmitted to these service providers in accordance with the following information.
The personal data collected by us will be passed on to the transport company commissioned with the delivery in the course of the contract processing, insofar as this is necessary for the delivery of the goods. We will pass on your payment data to the commissioned credit institution as part of the payment processing process, if this is necessary for payment processing. If payment service providers are used, we will inform you explicitly below. The legal basis for the transfer of data is Art. 1 lit. b GDPR.
8.2 Use of payment service providers (payment services)
If a Klarna payment service is selected, payment is processed via Klarna Bank AB (publ) [https://www .klarna.com/de] , Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter “Klarna”). In order to enable payment to be processed, your personal data (first and last name, street, house number, postcode, location, gender, e-mail address, telephone number and IP address) as well as data related to the order (e.g. invoice amount, item, mode of delivery) will be passed on to Klarna for the purpose of identity and credit check, provided that you use this in accordance with Art. 6 sec. 1 lit. a GDPR have expressly consented in the context of the ordering process. You can view to which information agencies your data can be forwarded here:
The credit report can contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they are based in a scientifically recognised mathematical-statistical procedure. Among other things, address data is included in the calculation of the score values, but not exclusively. The information obtained on the statistical probability of a default is used by Klarna for a balanced decision on the establishment, implementation or termination of the contractual relationship.
You can revoke your consent at any time by sending a message to the data controller or to Klarna. However, Klarna may still be entitled to process your personal data if this is necessary for the contractual payment processing.
Your personal data will be https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy in accordance with the applicable data protection regulations and in accordance with the information in Klarna’s data protection regulations for data subjects based in Germany https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy
or for those affected, who are based in Austria https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy
In case of payment via PayPal, credit card via PayPal, direct debit via PayPal or – if offered – “purchase on account” or “instalment payment” via PayPal, we pass on your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”). The transfer will take place in accordance with Art. 1 lit. b GDPR and only to the extent that this is necessary for payment processing.
PayPal reserves the right to provide credit card information via PayPal, direct debit via PayPal or , if offered – “purchase on account” or “instalment payment” via PayPal. For this purpose, your payment data may be processed in accordance with Art. 1 lit. f GDPR based on PayPal’s legitimate interest in determining your solvency. The result of the credit check in relation to the statistical probability of default uses PayPal for the purpose of deciding on the provision of the respective payment method. The credit report can contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they are based in a scientifically recognised mathematical-statistical procedure. Among other things, address data is included in the calculation of the score values, but not exclusively. Further data protection information, including the information agencies used, can be found in PayPal’s data protection declaration: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual payment processing.
If you choose a payment method from the payment service provider Stripe, payment is processed by the payment service provider Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to which we provide your information provided during the ordering process, together with the information about your order (name, address, account number, bank code, possible credit card number, invoice amount, currency and transaction number) in accordance with Art. b GDPR. The transfer of your data takes place exclusively for the purpose of payment processing with the payment service provider Stripe Payments Europe Ltd. and only to the extent that it is necessary for this purpose. For more information about Stripe’s privacy, see the URL https://stripe.com/de/privacy#translation.
9) Web Analytics Services
Google (Universal) Analytics
Google (Universal) Analytics
This website uses Google (Universal) Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google (Universal) Analytics uses so-called “cookies”, which are text files that are stored on your computer and which enable an analysis of your use of the website. The information generated by the cookie about your use of this website (including the abbreviated IP address) is usually transmitted to a Google server and stored there, where it can also be transmitted to the servers of Google LLC. in the United States.
This website uses Google (Universal) Analytics exclusively with the extension “_anonymizeIp()”, which ensures anonymization of the IP address by truncation and excludes a direct personal access. The extension will shorten your IP address from Google within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google LLC.in the USA server and truncated there. In these exceptional cases, such processing shall be carried out in accordance with Article 6(p. 1 lit. f GDPR based on our legitimate interest in statistical analysis of user behaviour for optimization and marketing purposes.
On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services related to website and internet usage. The IP address transmitted by your browser within the scope of Google (Universal) Analytics will not be merged with other data from Google.
You can prevent the storage of cookies by setting your browser software accordingly. However, we would like to point out that in this case you may not be able to use all functions of this website to the full extent. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link:
As an alternative to the browser plug-in or within browsers on mobile devices, please click on the following link to set an opt-out cookie that prevents the collection by Google Analytics within this website in the future (this opt-out cookie only works in this browser and only for this domain. If you delete your cookies in this browser, you will need to click this link again): Disable Google Analytics
Further information on Google (Universal) Analytics can be found here: https://policies.google.com/privacy?hl=de&gl=de
In the event of the transfer of personal data to Google LLC. based in the United States, Google LLC. “Privacy Shield” for the US-European Data Protection Convention, which ensures compliance with the level of data protection in force in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list
To the extent legally required, we have your consent in accordance with Art. 6 sec. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. In order to exercise your revocation, please follow the above-described possibility to make an objection.
10) Tools and miscellaneous
We use the service of the cloud-based accounting software “lexoffice” of Haufe-Lexware GmbH & Co. KG, Munzinger Straße 9, 79111 Freiburg to carry out the accounting.
Lexoffice processes incoming and outgoing invoices, as well as, if necessary, the bank movements of our company, in order to automatically record invoices, match to the transactions and create the financial accounting from them in a semi-automated process.
If personal data are also processed in this case, the processing will be carried out in accordance with Art. 1 lit. f GDPR based on our legitimate interest in the efficient organisation and documentation of our business transactions.
For more information about lexoffice, automated data processing, and privacy policies, see https://www.lexoffice.de/datenschutz/
11) Rights of the person concerned
11.1 The applicable data protection law grants you comprehensive data subjects’ rights (information and intervention rights) with regard to the processing of your personal data, about which we inform you below:
- Right of access pursuant to Article 15 GDPR: In particular, you have the right to information about your personal data processed by us, the processing purposes, the categories of personal data processed, the recipients or categories of recipients to whom your data have been or become disclosed, the planned storage period or the criteria for determining the retention period, the existence of a right to rectification, deletion, restriction of processing of the data. , opposition to the processing, complaint to a supervisory authority, the origin of your data, if not collected by us from you, the existence of automated decision-making, including profiling, and, where applicable, meaningful information about the logic involved and the scope and impact of such processing, and your right to be informed of the guarantees provided for in Article 46 GDPR when your data is transferred to third countries;
- Right to rectification in accordance with Article 16 GDPR: You have the right to immediate rectification of any inaccurate data concerning you and/or completion of your incomplete data stored by us;
- Right to erasure in accordance with Article 17 GDPR: You have the right to delete your personal data if the conditions of Article 17(1) are met. 1 GDPR. However, this right does not exist, in particular, where the processing is necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
- Right to restrict processing in accordance with Article 18 GDPR: You have the right to request the restriction of the processing of your personal data as long as the accuracy of your data, which you dispute, is verified, if you refuse to delete your data due to improper data processing and instead request the restriction of the processing of your data if you need your data to assert, exercise or defend legal claims , since we no longer need this information after the purpose has been achieved, or if you have objected on the grounds of your particular situation, as long as it is not yet clear whether our legitimate reasons prevail;
- Right to information pursuant to Article 19 GDPR: If you have asserted the right to rectification, erasure or restriction of the processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed this rectification or deletion of the data or restriction of the processing, unless this proves impossible or involves a disproportionate effort. They have the right to be informed of these recipients.
- Right to data portability in accordance with Article 20 GDPR: You have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller, insofar as this is technically feasible;
- Right to revoke consents given in accordance with Art. 3 GDPR: You have the right to revoke once consent to the processing of data at any time with effect for the future. In the event of revocation, we will immediately delete the data concerned, unless further processing can be based on a legal basis for non-consent processing. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation;
- Right to appeal under Article 77 GDPR: If you consider that the processing of personal data concerning you is in breach of the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, your place of work or the place of the alleged infringement, without prejudice to any other administrative or judicial remedy.
IF WE ARE IN THE FRAME OF AN INTEREST DEVELOPMENT YOUR PERSONAL DATA OF OUR EXPERIENCE OF INTEREST, YOU HAVE THE EVERY RIGHT, FROM THE RIGHT TO BE FROM YOUR SPECIAL SITUATION, AGAINST THIS PROCESSING AGAINST THE FUTURE.
USE OF YOUR DISCLAIMER, WE ARE ENDING THE PROCESSING OF THE RELATED DATA. A FURTHER STAY BUT RESERVED WHEN WE CAN USE RECOMMENDED REASONS FOR THE PROCESSING THAT YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FUNDAMENTAL FREEDOMS, OR WHEN THE PROCESSING OF THE EXPERIENCE,
WILL BE YOUR PERSONAL DATA OF US PROCESSED TO USE DIRECT DATA, HAVE THE RIGHT TO AT ANY TIME AGAINST THE PROCESSING OF PERSONAL DATA FOR THE PURPOSE OF THE PERSONAL DATA. YOU CAN EXERCISE THE CONTRADICTION AS DESCRIBED ABOVE.
USE OF YOUR RIGHT RIGHT, WE END THE PROCESSING OF THE RELATED DATA FOR DIRECT ADVERTISING PURPOSES.
12) Duration of storage of personal data
The duration of the storage of personal data is determined on the basis of the respective legal basis, the purpose of the processing and, if relevant, additionally on the basis of the respective statutory retention period (e.g. commercial and tax retention periods).
When processing personal data on the basis of express consent in accordance with Article 6 sec. 1 lit. a GDPR, this data is stored until the data subject withdraws his consent.
There are legal retention periods for data that is set out in the context of legal or legal business-like obligations on the basis of Article 6 paragraph. 1 lit. b GDPR, these data will be routinely deleted after the retention periods have expired, provided that they are no longer necessary for the performance of the contract or initiation of the contract and/or that there is no legitimate interest in further storage on our part.
When processing personal data on the basis of Article 6(4) 1 lit. f GDPR, this data is stored until the data subject has his right to object under Article 21(0). 1 GDPR, unless we can prove compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
When processing personal data for the purpose of direct marketing on the basis of Article 6(4) 1 lit. f GDPR, this data is stored until the data subject has his right to object under Article 21(0). 2 GDPR.
Moreover, unless otherwise provided in this declaration about specific processing situations, stored personal data will be deleted if it is no longer necessary for the purposes for which it was collected or otherwise processed.