0

Privacy Policy

General note and mandatory information
The naming of those responsible


The person responsible for data processing on this website is:

Lisa Ploetz, Dieskauer Str. 16, 06112 Halle, Germany

The responsible person decides alone or together with others on the purposes and means of processing personal data (e.g. names, contact details, etc.).

Revocation of your consent to data processing

Some data processing operations are only possible with your express consent. You can revoke the consent that you have already given at any time. An informal message by e-mail is enough for the revocation. The legality of the data processing that took place up until the revocation remains unaffected by the revocation.

Right to lodge a complaint with the competent supervisory authority

As an affected person, you have the right to lodge a complaint with the competent supervisory authority in the event of a breach of data protection law. The competent supervisory authority with regard to data protection issues is the state data protection officer of the federal state in which our company is based. The following link provides a list of data protection officers and their contact details: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to third parties. It is provided in a machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done to the extent that it is technically feasible.

Right to information, correction, blocking, deletion

You have the right to free information about your stored personal data, the origin of the data, its recipient, and the purpose of the data processing and, if necessary, a right to correction, blocking, or deletion of this data at any time within the framework of the applicable legal provisions. You can contact us at any time using the contact options listed in the legal notice if you have any further questions on the subject of personal data.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses an SSL or. TLS encryption. This means that data that you transmit via this website cannot be read by third parties. You can recognize an encrypted connection by the "https://" address line of your browser and by the lock symbol in the browser line.

Data transmission upon conclusion of the contract for the purchase and shipment of goods

Personal data will only be transmitted to third parties if there is a need for the execution of the contract. Third parties can be payment service providers or logistics companies, for example. A further transmission of the data does not take place or only if you have expressly consented to this. The basis for data processing is Art. 6 Paragraph 1 lit. b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.

Contact Form

Data transmitted via the contact form will be stored, including your contact details, in order to be able to process your request or to be available for follow-up questions. This data will not be passed on without your consent. The data entered in the contact form is processed exclusively on the basis of your consent (Article 6 (1) (a) GDPR). You can revoke the consent that you have already given at any time. An informal message by e-mail is sufficient for the revocation. The legality of the data processing operations that took place up until the revocation remains unaffected by the revocation. Data transmitted via the contact form will remain with us until you ask us to delete it, revoke your consent to storage or there is no longer any need for data storage. Mandatory legal provisions - in particular retention periods - remain unaffected.

Cookies

Our website uses cookies. These are small text files that your web browser stores on your end device. Cookies help us to make our offer more user-friendly, effective, and secure.

Some cookies are “session cookies.” Such cookies are automatically deleted at the end of your browser session. On the other hand, other cookies remain on your end device until you delete them yourself. Such cookies help us to recognize you when you return to our website.

With a modern web browser, you can monitor, restrict or prevent the setting of cookies. Many web browsers can be configured in such a way that cookies are automatically deleted when the program is closed. The deactivation of cookies can result in the limited functionality of our website.

The setting of cookies, which are necessary to carry out electronic communication processes or to provide certain functions you want (e.g. shopping cart), takes place on the basis of Art. 6 Para. 1 lit. f GDPR. As the operator of this website, we have a legitimate interest in the storage of cookies for the technically error-free and smooth provision of our services. If other cookies are set (e.g. for analysis functions), they will be treated separately in this data protection declaration.

Google Analytics

Our website uses functions of the web analysis service Google Analytics. The provider of the web analysis service is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.

Google Analytics uses "cookies." These are small text files that your web browser stores on your end device and enable an analysis of website usage. The information generated by cookies about your use of our website is transmitted to a Google server and stored there. The server location is usually the USA.

Google Analytics cookies are set on the basis of Article 6 (1) (f) GDPR. As the operator of this website, we have a legitimate interest in analyzing user behavior in order to optimize our website and, if necessary, advertising.

IP anonymization

We use Google Analytics in connection with the IP anonymization function. It ensures that Google shortens your IP address within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before it is transmitted to the USA. There may be exceptional cases in which Google transmits the full IP address to a server in the USA and shortens it there. On our behalf, Google will use this information to evaluate your use of the website, to create reports on website activity, and to provide us with other services related to website activity and internet usage. The IP address transmitted by Google Analytics is not merged with other Google data.

Browser Plugin

The setting of cookies by your web browser can be prevented. However, this could limit some functions of our website. You can also prevent the collection of data relating to your website use, including your IP address and subsequent processing by Google. This is possible by downloading and installing the browser plugin available via the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Objection to data collection

You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to our website: Disable Google Analytics.

For details on how Google Analytics handles user data, see Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Order Processing

In order to fully comply with the legal data protection requirements, we have concluded an order processing contract with Google.

Demographic characteristics in Google Analytics

Our website uses the "demographic characteristics" function of Google Analytics. It can be used to create reports that contain statements about the age, gender and interests of the site visitors. This data comes from interest-based advertising from Google and visitor data from third-party providers. It is not possible to assign the data to a specific person. You can deactivate this function at any time. This is possible via the ad settings in your Google account or by generally prohibiting the collection of your data by Google Analytics, as explained in the point "Objection to data collection".

PayPal

Our website allows payment via PayPal. The provider of the payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg.

If you pay with PayPal, the payment data you have entered will be transmitted to PayPal.

Your data is transmitted to PayPal on the basis of Article 6 (1) (a) GDPR (consent) and Article 6 (1) (b) GDPR (processing to fulfill a contract). You can revoke the consent that you have already given at any time. Data processing operations in the past remain effective in the event of revocation.

Source: Privacy Policy configurator from mein-datenschutzbeauftragter.de

Stripe

We use a payment tool from the American technology company and online payment service Stripe on our website. Stripe Payments Europe (Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland) is responsible for customers within the EU. This means that if you choose Stripe as your payment method, your payment will be processed via Stripe Payments. Data required for the payment process is forwarded to Stripe and stored. In this data protection declaration, we give you an overview of this data processing and storage by Stripe and explain why we use Stripe on our website.

The technology company Stripe offers payment solutions for online payments. With Stripe it is possible to accept credit and debit card payments in our webshop. Stripe handles the entire payment process. A big advantage of Stripe is that you never have to leave our website or shop during the payment process and the payment is processed very quickly.

Why do we use Stripe for our website?

Of course, we want to offer the best possible service with our website and our integrated online shop, so that you feel comfortable on our site and use our offers. We know that your time is valuable and that payment processing, in particular, must therefore work quickly and smoothly. In addition to our other payment providers, we have found a partner in Stripe that guarantees secure and fast payment processing.

What data does Stripe store?

If you choose Stripe as your payment method, your personal data will also be transmitted to Stripe and stored there. This is transaction data. This information includes, for example, the payment method (i.e. credit card, debit card, or account number), sort code, currency, amount, and date of payment. A transaction may also include your name, email address, billing or shipping address, and sometimes your transaction history. This data is required for authentication. In addition to technical data about your device (such as IP address), Stripe may also collect name, address, telephone number, and your country for fraud prevention, financial reporting, and in order to be able to offer its own services in full.

Stripe does not sell any of your data to independent third parties, such as marketing agencies or other companies unrelated to Stripe. However, the data may be forwarded to internal departments, a limited number of external Stripe partners or to comply with legal regulations. Stripe also uses cookies to collect data. Here is a selection of cookies that Stripe can set during the payment process:

Name: m
Value: edd716e9-d28b-46f7-8a55-e05f1779e84e040456311921379-5
Purpose: This cookie appears when you select the payment method. It saves and recognizes whether you access our website via a PC, tablet, or smartphone.
Expiry date: after 2 years

Name: __stripe_mid
Value: fc30f52c-b006-4722-af61-a7419a5b8819875de9311921379-1
Purpose: In order to be able to carry out a credit card transaction, this cookie is required. To do this, the cookie stores your session ID.
Expiry date: after one year

Name: __stripe_sid
Value: 6fee719a-c67c-4ed2-b583-6a9a50895b122753fe
Purpose: This cookie also stores your ID and is used by Stripe for the payment process on our website.
Expiry date: after the session expires

How long and where is the data stored?

Personal data is generally stored for the duration of the service provision. This means that the data will be stored until we terminate the cooperation with Stripe. However, in order to fulfill legal and official obligations, Stripe can also store personal data for the duration of the service provision. Since Stripe is a global company, data may also be stored in any country where Stripe offers services. This means that data can also be stored outside of your country, for example in the USA.

How can I delete my data or prevent data storage?

Please note that when using this tool, your data may also be stored and processed outside the EU. Most third countries (including the USA) are not considered secure under current European data protection law. Data may not simply be transferred to unsafe third countries, stored there, and processed unless there are suitable guarantees (such as EU standard contractual clauses) between us and the non-European service provider.

You always have the right to information, correction, and deletion of your personal data. If you have any questions, you can also contact the Stripe team at any time via https://support.stripe.com/contact/email.

You can delete, disable or manage cookies that Stripe uses for its functions in your browser. Depending on which browser you use, this works in different ways. Under the "Cookies" section you will find the relevant links to the relevant instructions for the most popular browsers.

Legal Basis

In addition to the conventional bank/credit institutions, we also offer the payment service provider Stripe for the processing of contractual or legal relationships (Art. 6 Para. 1 lit. b DSGVO). The successful use of the service also requires your consent (Art. 6 Para. 1 lit. a DSGVO), insofar as the use of cookies is necessary for the use.

Stripe also processes your data in the USA, among other places. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks for the legality and security of data processing.

Stripe uses so-called standard contractual clauses (= Art. 46 Para. 2 and 3 GDPR) as the basis for data processing by recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data also comply with European data protection standards if they are transferred to third countries (such as the USA) and stored there. Through these clauses, Stripe undertakes to comply with European data protection standards when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementation decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

You can find more information about the standard contractual clauses and the data that is processed by using Stripe in the privacy policy at https://stripe.com/at/privacy.

All texts are copyrighted.
Source: Created with AdSimple's Privacy Policy generator