Data protection
Data protection
1. Information about the collection of personal data and contact details of the person responsible
2. Data collection when you visit our website
3. Cookies
4. Data processing for order processing
5. Data processing when opening a customer account and for contract processing
6. Contact us
7. Comment function
8. Use of your data for direct advertising
9. Web analytics services
10. Tools and Miscellaneous
11. Rights of the person concerned
12. Duration of storage of personal data
1. Information about the collection of personal data and contact details of the person responsible
1.1. Thank you for visiting our website. Below we would like to inform you about how your personal data is handled when you use our website. Personal data is basically all data with which you can be personally identified.
1.2. The person responsible for processing data on our website within the meaning of the General Data Protection Regulation (GDPR) is:
Marlene Musiol
Homberger Str. 37
40882 Ratingen
Germany
Tel.:015161653121
Email: mail@atelierkatzengold.de.
1.3. To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL or TSL) via HTTPS.
2. Data collection when you visit our website
Every time our website is accessed, our system automatically records data and information that your browser transmits to our server (so-called “server log files”). The following data, which is technically necessary for us, is collected:
We reserve the right to subsequently check the server log files if there are concrete indications of illegal use. The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. If the data is collected to provide the website, this is the case when the respective session has ended.
If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the users' IP addresses are deleted or altered so that it is no longer possible to assign the calling client. The collection of data to provide the website and the storage of the data in log files is absolutely necessary for the operation of the website. There is therefore no possibility for the user to object.
3. Cookies
Our website uses cookies.
Cookies are text files that are stored on the user's device. When a user accesses a website, a cookie can be stored on the user's operating system. Some functions of our website cannot be offered without the use of cookies. This requires that the browser is recognized even after a page change. The user data collected through technically necessary cookies is not used to create user profiles. For the purposes mentioned above, our legitimate interest also lies in the processing of personal data in accordance with Art. 6 Para. 1 lit. f) GDPR.
In addition, our website may use cookies that enable an analysis of users' surfing behavior (so-called third-party cookies). Further information on the scope, purpose, legal basis and objection options can be found in the relevant sections of the respective chapter of this data protection declaration.
As a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate, restrict or delete the transmission of cookies. If you deactivate cookies for our website, you may no longer be able to use all functions of the website to their full extent. You can prevent the transmission of Flash cookies by changing the Flash Player settings.
You can find help with the settings in the respective help menu of your browser under the following links:
Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehne
Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647
Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac
Opera: https://help.opera.com/en/latest/web-preferences/#cookies
Some of the cookies used here are deleted after you close your browser (so-called session cookies). Other cookies remain on your device and enable us or our partner companies (third party cookies) to recognize your browser on your next visit (persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data as well as IP address values on an individual basis. Persistent cookies are automatically deleted after a specified period of time, which may differ depending on the cookie.
4. Data processing for order processing
4.1. If you would like to order in our webshop, in order to conclude the contract it is necessary that you provide your personal data, which we need to process your order. We process the data you provide to process your order.
We sometimes work with external service providers to process your order. To do this, we must pass on the necessary personal data.
If we commission transport companies to deliver your goods, we will pass on your data required for the delivery of the goods to the respective transport company. To process payments, we will pass on your data to the commissioned credit institution as necessary. If we use payment service providers, you will also be informed about this below.
The legal basis for passing on your data is Article 6 Paragraph 1 Letter b GDPR.
4.2. Use of payment service providers
-Paypal
If you select the payment method PayPal, credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "payment in installments" via PayPal, payment is processed via PayPal (Europe) Sarl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as “PayPal”).
We pass on your personal data to PayPal to the extent necessary in accordance with Article 6 Paragraph 1 Letter b of the GDPR. PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "payment in installments" via PayPal.
For this purpose, your payment data may be passed on to credit agencies in accordance with Article 6 Paragraph 1 Letter f of the GDPR due to PayPal's legitimate interest in determining your ability to pay. PayPal uses the result of the credit check with regard to the statistical probability of non-payment for the purpose of deciding whether to provide the respective payment method.
The credit report can contain probability values (so-called score values). To the extent that score values are included in the results of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data.
Which other data is collected by PayPal can be found in PayPal's respective data protection declaration. This can be found at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for contractual payment processing.
- Shopify Payments
We use the payment service provider "Shopify Payments", 3rd Floor, Europa House, Harcourt Building, Harcourt Street, Dublin 2. If you choose a payment method offered via the payment service provider Shopify Payments, the payment is processed via the technical service provider Stripe Payments Europe Ltd. , 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we communicate the information you provided during the ordering process, together with the information about your order (name, address, account number, bank sort code, possibly credit card number, invoice amount, currency and transaction number) in accordance with Article 6 Paragraph 1 Letter b GDPR. Your data will only be passed on for the purpose of processing payments with Stripe Payments Europe Ltd. and only to the extent that it is necessary for this purpose. Further information about Shopify Payments’ data protection can be found at the following internet address: https://www.shopify.com/legal/privacy
Data protection information about Stripe Payments Europe Ltd. can be found here: https://stripe.com/de/privacy
5. Data processing when opening a customer account and for contract processing
If you open a customer account with us, personal data will be collected and processed in accordance with Article 6 Paragraph 1 Letter b GDPR. The scope of the data can be seen from the input form. The data you enter will be stored and used by us to process the contract.
You can delete your customer account at any time. This can be done by sending a message to the address of the person responsible or, if offered, directly in the customer account. In this case, we will also block your data in consideration of tax and commercial law retention periods and delete it after these periods have expired. This can only be opposed by your consent to permanent storage or further use of data on our part as permitted by law.
6. Contact us
If you contact us using the contact form, the data entered in the input mask will be transmitted to us and stored. The data collected can be found in the respective input mask. When you contact us via email, only the data you enter will be transmitted to us.
The data will only be used to process the conversation and your request. The legal basis for processing the data, if the user has given his consent, is Article 6 Paragraph 1 Letter a) GDPR. The legal basis for the processing of data transmitted in the course of sending an email is Article 6 Paragraph 1 Letter f) GDPR. If the email contact is aimed at concluding a contract, the additional legal basis for the processing is Article 6 Paragraph 1 Letter b) GDPR. The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected and provided that there are no legal retention obligations to the contrary. For the personal data from the input mask of the contact form and those that were sent by email, this is the case when the respective conversation with the user has ended. The conversation ends when it can be seen from the circumstances that the matter in question has been finally clarified. The user has the option to revoke his consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot continue.
7. Comment function
If you use the comment function on our website, in addition to your comment content, information about the time the comment was created and the commenter name you chose will be saved and published on the website. In addition, your IP address is logged and stored.
The legal basis for storing your data is Article 6 Paragraph 1 Letters b and f GDPR. The IP address is stored for security reasons and in the event that the person concerned violates the rights of third parties or publishes illegal content through a comment made. Your email address is required to contact you if a third party should complain that your published content is illegal. We reserve the right to delete comments if they are criticized by third parties as being unlawful.
8. Use of your data for direct advertising
8.1. Newsletter
You can subscribe to a free newsletter on our website. When you register for the newsletter, the data from the input mask is transmitted to us. The only mandatory information is your email address. If you make further voluntary entries, these will only be used for personal contact.
The legal basis for processing your data after registering for the newsletter is Art. 6 Para. 1 lit. a GDPR if the user has given his consent. We collect this by sending you a confirmation email containing a confirmation link after registering for the newsletter. If you click on this link, you also give your consent to receive the newsletter.
When you register for the newsletter, we save your IP address as well as the date and time of registration. This storage serves to track possible misuse of your email address.
We use the data we collect when registering for the newsletter exclusively for the purpose of sending the newsletter.
You can cancel your subscription to the newsletter at any time. For this purpose, there is a corresponding link in every newsletter. This also makes it possible to revoke your consent to the storage of personal data collected during the registration process.
8.2. Newsletter dispatch via MailChimp
We send our newsletter via The Rocket Science Group, LLC d/b/a MailChimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA (http://www.mailchimp.com/; hereinafter "Mailchimp" called).
We pass on the data you entered when registering for the newsletter to Mailchimp in accordance with Article 6 Paragraph 1 Letter f of the GDPR in order to protect our legitimate interest in using an advertising-effective, secure and user-friendly newsletter system.
MailChimp uses this data to send the newsletter to you on our behalf and to statistically evaluate the newsletter on our behalf. For this purpose, the emails contain so-called web beacons or tracking pixels, which represent single-pixel image files that are stored on our website. In this way, it can be traced whether a newsletter message was opened and which links from it were clicked on. MailChimp automatically creates general, non-personal statistics about response behavior to newsletters.
We also have a legitimate interest in the statistical evaluation of the newsletter in order to optimize our advertising communication. For this purpose, the web beacons also collect and process data from the individual newsletter recipient (e.g. email address, time of retrieval, IP address, browser type and operating system) in accordance with Article 6 Para. 1 lit f. GDPR. Based on this data, it is possible to draw conclusions about the individual newsletter recipient. This data is processed by Mailchimp to automatically create statistics that show whether a specific recipient has opened a newsletter message.
To deactivate this data analysis, you must unsubscribe from the newsletter.
It is also possible for MailChimp to use the data itself in accordance with Article 6 Paragraph 1 Letter f of the GDPR in order to determine the countries from which the recipients of the newsletter are based on its own legitimate interest in the needs-based design and optimization of the service or for market research purposes come.
However, Mailchimp will not use your data for the purpose of contacting you or pass it on to third parties.
As a rule, your data is transferred to a MailChimp server in the USA and stored there. To protect your data in the USA, MailChimp has a data processing order based on the European Commission's standard contractual clauses. This data processing contract can be viewed at the following internet address:
http://mailchimp.com/legal/forms/data-processing-agreement/.
MailChimp's privacy policy can be viewed here:
https://mailchimp.com/legal/privacy/
9. Web analytics services
9.1. Google Analytics
We use the web analysis service Google Analytics (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) for this website.
Google Analytics uses cookies. These are text files that are stored on your computer and enable your use of the website to be analyzed.
The information generated in this way about your use of this website (including the shortened IP address) is transmitted to a Google server and stored there, although transfer to the USA is possible.
We use Google Analytics with the extension "_anonymizeIp()", which ensures that the IP address is anonymized by shortening it and excludes any direct personal reference. Your IP address will therefore be shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. In exceptional cases, the full IP address is transmitted to a Google server, including in the USA, and only shortened there.
In these exceptional cases, this processing takes place in accordance with Article 6 Paragraph 1 Letter a GDPR, namely your express consent.
On our behalf, Google uses this information to evaluate your use of the website, create reports on website activity and provide us with other services related to website activity and internet usage. Your IP address collected in this context will not be merged with other data from Google.
You can prevent the storage of cookies by setting your browser accordingly.
You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing the following browser plug-in:
http://tools.google.com/dlpage/gaoptout?hl=de
Alternatively, you can set an out-out cookie:
Deactivate Google Analytics
This opt-out cookie only works in this browser and only for this domain. If you delete your cookies in this browser, you must click on this link again.
This website also uses Google Analytics for cross-device analysis of visitor flows, which is carried out via a user ID. You can deactivate the cross-device analysis of your usage in your customer account under “My data”, “Personal data”.
Google privacy policy:
https://support.google.com/analytics/answer/6004245?hl=de
9.2. Shopify Analytics
We use Shopify's web analytics service (Shopify International Limited, Victoria Buildings, 2nd floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland).
To protect our legitimate interest the statistical analysis of user behavior for optimization and Marketing purposes are carried out by Shopify pseudonymized visitor data is collected, evaluated and stored, from which pseudonymized usage profiles are created and evaluated can. Shopify uses cookies to to recognize the browser, and thus a more precise determination of the to enable statistical data. Your IP address is also collected, however immediately after collection and before storage, so that a Personal reference is excluded.
The legal basis is Article 6 Paragraph 1 Letter a GDPR, namely your express consent.
Shopify does not share your IP address with others Data from Shopify in connection.
In order to collect data and create pseudonyms to object to user profiles and the setting of cookies in the future, You can generally deactivate the use of cookies on your computer, by setting your internet browser so that no cookies are allowed in the future more can be stored on your computer or cookies that have already been stored to be deleted. However, switching off all cookies can lead to that some functions on our website are no longer complete can be used.
Find Shopify's privacy policy Also see:
https://www.shopify.de/legal/datenschutz
10. Tools and Miscellaneous
Google Maps
We use “Google Maps” (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).
Google Maps is used to display interactive maps and create directions. By using Google Maps, information about your use of this website, including your IP address and the (start) address entered as part of the route planner function, can be transmitted to Google. When you access a page on our website that contains Google Maps, your browser establishes a direct connection with Google's servers. The map content is transmitted by Google directly to your browser and integrated into the website. We therefore have no influence on the extent of the data collected by Google in this way. According to our level of knowledge, this is at least the following data:
• Date and time of visit to the relevant website,
• Internet address or URL of the website accessed,
• IP address, (start) address entered during route planning.
We have no influence on the further processing and use of the data by Google and can therefore assume no responsibility for this. If you are logged in to Google, your data will be assigned directly to your Google account. If you do not want this assignment, you must log out of Google. Google saves your data (including that of users who are not logged in) as usage profiles and evaluates them. Such an evaluation is carried out in accordance with Article 6 Paragraph 1 Letter a GDPR based on your express consent.
If you do not want Google to collect, process or use data about you via our website, you can also deactivate JavaScript in your browser settings. However, in this case you cannot use the map display. The purpose and scope of data collection and the further processing and use of the data by Google as well as your related rights and setting options to protect your privacy can be found in Google's data protection information (https://policies.google.com/privacy?hl=de).
Google's terms of use can be found here:
http://www.google.de/intl/de/policies/terms/regional.html
The terms of use for Google Maps can be accessed here:
https://www.google.com/intl/de_US/help/terms_maps.html
Further information on data protection can be found here:
http://www.google.de/intl/de/policies/privacy/
11. Rights of the person concerned
11.1. The applicable data protection law grants you comprehensive data subject rights (rights of information and rights of intervention) vis-à-vis the person responsible regarding the processing of your personal data, which we will inform you about below:
- Right to information in accordance with Art. 15 GDPR:
You can request confirmation from the person responsible as to whether personal data concerning you is being processed by the person responsible. In addition, you have the right to information about the purpose, the categories of personal data, the recipients, the planned duration of storage and the existence of other rights such as correction of the data or the existence of a right to lodge a complaint with a supervisory authority, the origin of your data, if these were not collected by us, the existence of automated decision-making including profiling and, if applicable, meaningful information about the logic involved and the scope and intended effects of such processing affecting you, as well as your right to be informed about the guarantees in accordance with Art. 46 GDPR Your data may be forwarded to third countries;
- Right to rectification in accordance with Art. 16 GDPR:
You have the right to have any incorrect data concerning you immediately corrected and/or the incomplete data we have stored about you to be completed; The correction or completion must be made immediately.
- Right to restriction of processing in accordance with Art. 18 GDPR:
You have the right to request the restriction of the processing of your personal data as long as the accuracy of your data that you dispute is verified, if you refuse to have your data deleted due to unlawful data processing and instead request the restriction of the processing of your data if you reject your data to assert, exercise or defend legal claims after we no longer need this data after the purpose has been achieved or if you have lodged an objection for reasons relating to your particular situation, as long as it is not yet clear whether our legitimate reasons outweigh them;
If the processing of personal data concerning you has been restricted, this data - apart from its storage - may only be used with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State. If the restriction on processing has been restricted, you will be informed by the person responsible before the restriction is lifted.
- Right to deletion in accordance with Art. 17 GDPR:
You have the right to have your personal data deleted immediately if the requirements of Article 17 Para. 1 GDPR are met. However, this right to deletion does not apply in particular - but not exclusively - if the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims
- Right to information in accordance with Art. 19 GDPR:
If you have exercised your right to rectification, deletion or restriction of processing, the controller is obliged to notify all recipients to whom your personal data has been disclosed of this rectification or deletion of data or restriction of processing, unless this is impossible or disproportionate effort is involved. You also have the right to be informed about these recipients.
- Right to data portability in accordance with Art. 20 GDPR:
You have the right to receive the personal data you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another person responsible, if this is technically possible;
- Right of revocation in accordance with Art. 7 Para. 3 GDPR:
You have the right to object at any time to the processing of your personal data, which is carried out on the basis of Article 6 Paragraph 1 Letter e) or f) GDPR; This also applies to profiling based on these provisions.
You also have the right to revoke your declaration of consent under data protection law at any time with effect for the future. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent before its revocation.
- Right to complain in accordance with Art. 77 GDPR:
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you are of the opinion that the processing of personal data concerning you is contrary to violates the GDPR.
11.2. Right to object
You have the right to object to the processing of your data at any time with future effect if we process your data based on our overriding legitimate interest after weighing up our interests.
If you make use of this right to object, we will stop processing your data unless it can be proven that there are overriding compelling reasons worthy of protection that prevent the termination or if further processing serves to exercise or defend legal claims.
12. Duration of storage of personal data
The duration of storage of personal data depends on legal retention periods. After expiry, we routinely delete the data if it is no longer required to fulfill or initiate the contract and/or we have no legitimate interest in continuing to store it.
1. Information about the collection of personal data and contact details of the person responsible
2. Data collection when you visit our website
3. Cookies
4. Data processing for order processing
5. Data processing when opening a customer account and for contract processing
6. Contact us
7. Comment function
8. Use of your data for direct advertising
9. Web analytics services
10. Tools and Miscellaneous
11. Rights of the person concerned
12. Duration of storage of personal data
1. Information about the collection of personal data and contact details of the person responsible
1.1. Thank you for visiting our website. Below we would like to inform you about how your personal data is handled when you use our website. Personal data is basically all data with which you can be personally identified.
1.2. The person responsible for processing data on our website within the meaning of the General Data Protection Regulation (GDPR) is:
Marlene Musiol
Homberger Str. 37
40882 Ratingen
Germany
Tel.:015161653121
Email: mail@atelierkatzengold.de.
1.3. To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL or TSL) via HTTPS.
2. Data collection when you visit our website
Every time our website is accessed, our system automatically records data and information that your browser transmits to our server (so-called “server log files”). The following data, which is technically necessary for us, is collected:
- Our visited website
- Date and time at the time of access
- Amount of data sent in bytes
- Source/reference from which you came to the page
- Operating system used
- Browser used
- IP address used (if necessary: in anonymized form
We reserve the right to subsequently check the server log files if there are concrete indications of illegal use. The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. If the data is collected to provide the website, this is the case when the respective session has ended.
If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the users' IP addresses are deleted or altered so that it is no longer possible to assign the calling client. The collection of data to provide the website and the storage of the data in log files is absolutely necessary for the operation of the website. There is therefore no possibility for the user to object.
3. Cookies
Our website uses cookies.
Cookies are text files that are stored on the user's device. When a user accesses a website, a cookie can be stored on the user's operating system. Some functions of our website cannot be offered without the use of cookies. This requires that the browser is recognized even after a page change. The user data collected through technically necessary cookies is not used to create user profiles. For the purposes mentioned above, our legitimate interest also lies in the processing of personal data in accordance with Art. 6 Para. 1 lit. f) GDPR.
In addition, our website may use cookies that enable an analysis of users' surfing behavior (so-called third-party cookies). Further information on the scope, purpose, legal basis and objection options can be found in the relevant sections of the respective chapter of this data protection declaration.
As a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate, restrict or delete the transmission of cookies. If you deactivate cookies for our website, you may no longer be able to use all functions of the website to their full extent. You can prevent the transmission of Flash cookies by changing the Flash Player settings.
You can find help with the settings in the respective help menu of your browser under the following links:
Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehne
Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647
Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac
Opera: https://help.opera.com/en/latest/web-preferences/#cookies
Some of the cookies used here are deleted after you close your browser (so-called session cookies). Other cookies remain on your device and enable us or our partner companies (third party cookies) to recognize your browser on your next visit (persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data as well as IP address values on an individual basis. Persistent cookies are automatically deleted after a specified period of time, which may differ depending on the cookie.
4. Data processing for order processing
4.1. If you would like to order in our webshop, in order to conclude the contract it is necessary that you provide your personal data, which we need to process your order. We process the data you provide to process your order.
We sometimes work with external service providers to process your order. To do this, we must pass on the necessary personal data.
If we commission transport companies to deliver your goods, we will pass on your data required for the delivery of the goods to the respective transport company. To process payments, we will pass on your data to the commissioned credit institution as necessary. If we use payment service providers, you will also be informed about this below.
The legal basis for passing on your data is Article 6 Paragraph 1 Letter b GDPR.
4.2. Use of payment service providers
-Paypal
If you select the payment method PayPal, credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "payment in installments" via PayPal, payment is processed via PayPal (Europe) Sarl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as “PayPal”).
We pass on your personal data to PayPal to the extent necessary in accordance with Article 6 Paragraph 1 Letter b of the GDPR. PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "payment in installments" via PayPal.
For this purpose, your payment data may be passed on to credit agencies in accordance with Article 6 Paragraph 1 Letter f of the GDPR due to PayPal's legitimate interest in determining your ability to pay. PayPal uses the result of the credit check with regard to the statistical probability of non-payment for the purpose of deciding whether to provide the respective payment method.
The credit report can contain probability values (so-called score values). To the extent that score values are included in the results of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data.
Which other data is collected by PayPal can be found in PayPal's respective data protection declaration. This can be found at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for contractual payment processing.
- Shopify Payments
We use the payment service provider "Shopify Payments", 3rd Floor, Europa House, Harcourt Building, Harcourt Street, Dublin 2. If you choose a payment method offered via the payment service provider Shopify Payments, the payment is processed via the technical service provider Stripe Payments Europe Ltd. , 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we communicate the information you provided during the ordering process, together with the information about your order (name, address, account number, bank sort code, possibly credit card number, invoice amount, currency and transaction number) in accordance with Article 6 Paragraph 1 Letter b GDPR. Your data will only be passed on for the purpose of processing payments with Stripe Payments Europe Ltd. and only to the extent that it is necessary for this purpose. Further information about Shopify Payments’ data protection can be found at the following internet address: https://www.shopify.com/legal/privacy
Data protection information about Stripe Payments Europe Ltd. can be found here: https://stripe.com/de/privacy
5. Data processing when opening a customer account and for contract processing
If you open a customer account with us, personal data will be collected and processed in accordance with Article 6 Paragraph 1 Letter b GDPR. The scope of the data can be seen from the input form. The data you enter will be stored and used by us to process the contract.
You can delete your customer account at any time. This can be done by sending a message to the address of the person responsible or, if offered, directly in the customer account. In this case, we will also block your data in consideration of tax and commercial law retention periods and delete it after these periods have expired. This can only be opposed by your consent to permanent storage or further use of data on our part as permitted by law.
6. Contact us
If you contact us using the contact form, the data entered in the input mask will be transmitted to us and stored. The data collected can be found in the respective input mask. When you contact us via email, only the data you enter will be transmitted to us.
The data will only be used to process the conversation and your request. The legal basis for processing the data, if the user has given his consent, is Article 6 Paragraph 1 Letter a) GDPR. The legal basis for the processing of data transmitted in the course of sending an email is Article 6 Paragraph 1 Letter f) GDPR. If the email contact is aimed at concluding a contract, the additional legal basis for the processing is Article 6 Paragraph 1 Letter b) GDPR. The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected and provided that there are no legal retention obligations to the contrary. For the personal data from the input mask of the contact form and those that were sent by email, this is the case when the respective conversation with the user has ended. The conversation ends when it can be seen from the circumstances that the matter in question has been finally clarified. The user has the option to revoke his consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot continue.
7. Comment function
If you use the comment function on our website, in addition to your comment content, information about the time the comment was created and the commenter name you chose will be saved and published on the website. In addition, your IP address is logged and stored.
The legal basis for storing your data is Article 6 Paragraph 1 Letters b and f GDPR. The IP address is stored for security reasons and in the event that the person concerned violates the rights of third parties or publishes illegal content through a comment made. Your email address is required to contact you if a third party should complain that your published content is illegal. We reserve the right to delete comments if they are criticized by third parties as being unlawful.
8. Use of your data for direct advertising
8.1. Newsletter
You can subscribe to a free newsletter on our website. When you register for the newsletter, the data from the input mask is transmitted to us. The only mandatory information is your email address. If you make further voluntary entries, these will only be used for personal contact.
The legal basis for processing your data after registering for the newsletter is Art. 6 Para. 1 lit. a GDPR if the user has given his consent. We collect this by sending you a confirmation email containing a confirmation link after registering for the newsletter. If you click on this link, you also give your consent to receive the newsletter.
When you register for the newsletter, we save your IP address as well as the date and time of registration. This storage serves to track possible misuse of your email address.
We use the data we collect when registering for the newsletter exclusively for the purpose of sending the newsletter.
You can cancel your subscription to the newsletter at any time. For this purpose, there is a corresponding link in every newsletter. This also makes it possible to revoke your consent to the storage of personal data collected during the registration process.
8.2. Newsletter dispatch via MailChimp
We send our newsletter via The Rocket Science Group, LLC d/b/a MailChimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA (http://www.mailchimp.com/; hereinafter "Mailchimp" called).
We pass on the data you entered when registering for the newsletter to Mailchimp in accordance with Article 6 Paragraph 1 Letter f of the GDPR in order to protect our legitimate interest in using an advertising-effective, secure and user-friendly newsletter system.
MailChimp uses this data to send the newsletter to you on our behalf and to statistically evaluate the newsletter on our behalf. For this purpose, the emails contain so-called web beacons or tracking pixels, which represent single-pixel image files that are stored on our website. In this way, it can be traced whether a newsletter message was opened and which links from it were clicked on. MailChimp automatically creates general, non-personal statistics about response behavior to newsletters.
We also have a legitimate interest in the statistical evaluation of the newsletter in order to optimize our advertising communication. For this purpose, the web beacons also collect and process data from the individual newsletter recipient (e.g. email address, time of retrieval, IP address, browser type and operating system) in accordance with Article 6 Para. 1 lit f. GDPR. Based on this data, it is possible to draw conclusions about the individual newsletter recipient. This data is processed by Mailchimp to automatically create statistics that show whether a specific recipient has opened a newsletter message.
To deactivate this data analysis, you must unsubscribe from the newsletter.
It is also possible for MailChimp to use the data itself in accordance with Article 6 Paragraph 1 Letter f of the GDPR in order to determine the countries from which the recipients of the newsletter are based on its own legitimate interest in the needs-based design and optimization of the service or for market research purposes come.
However, Mailchimp will not use your data for the purpose of contacting you or pass it on to third parties.
As a rule, your data is transferred to a MailChimp server in the USA and stored there. To protect your data in the USA, MailChimp has a data processing order based on the European Commission's standard contractual clauses. This data processing contract can be viewed at the following internet address:
http://mailchimp.com/legal/forms/data-processing-agreement/.
MailChimp's privacy policy can be viewed here:
https://mailchimp.com/legal/privacy/
9. Web analytics services
9.1. Google Analytics
We use the web analysis service Google Analytics (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) for this website.
Google Analytics uses cookies. These are text files that are stored on your computer and enable your use of the website to be analyzed.
The information generated in this way about your use of this website (including the shortened IP address) is transmitted to a Google server and stored there, although transfer to the USA is possible.
We use Google Analytics with the extension "_anonymizeIp()", which ensures that the IP address is anonymized by shortening it and excludes any direct personal reference. Your IP address will therefore be shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. In exceptional cases, the full IP address is transmitted to a Google server, including in the USA, and only shortened there.
In these exceptional cases, this processing takes place in accordance with Article 6 Paragraph 1 Letter a GDPR, namely your express consent.
On our behalf, Google uses this information to evaluate your use of the website, create reports on website activity and provide us with other services related to website activity and internet usage. Your IP address collected in this context will not be merged with other data from Google.
You can prevent the storage of cookies by setting your browser accordingly.
You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing the following browser plug-in:
http://tools.google.com/dlpage/gaoptout?hl=de
Alternatively, you can set an out-out cookie:
Deactivate Google Analytics
This opt-out cookie only works in this browser and only for this domain. If you delete your cookies in this browser, you must click on this link again.
This website also uses Google Analytics for cross-device analysis of visitor flows, which is carried out via a user ID. You can deactivate the cross-device analysis of your usage in your customer account under “My data”, “Personal data”.
Google privacy policy:
https://support.google.com/analytics/answer/6004245?hl=de
9.2. Shopify Analytics
We use Shopify's web analytics service (Shopify International Limited, Victoria Buildings, 2nd floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland).
To protect our legitimate interest the statistical analysis of user behavior for optimization and Marketing purposes are carried out by Shopify pseudonymized visitor data is collected, evaluated and stored, from which pseudonymized usage profiles are created and evaluated can. Shopify uses cookies to to recognize the browser, and thus a more precise determination of the to enable statistical data. Your IP address is also collected, however immediately after collection and before storage, so that a Personal reference is excluded.
The legal basis is Article 6 Paragraph 1 Letter a GDPR, namely your express consent.
Shopify does not share your IP address with others Data from Shopify in connection.
In order to collect data and create pseudonyms to object to user profiles and the setting of cookies in the future, You can generally deactivate the use of cookies on your computer, by setting your internet browser so that no cookies are allowed in the future more can be stored on your computer or cookies that have already been stored to be deleted. However, switching off all cookies can lead to that some functions on our website are no longer complete can be used.
Find Shopify's privacy policy Also see:
https://www.shopify.de/legal/datenschutz
10. Tools and Miscellaneous
Google Maps
We use “Google Maps” (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).
Google Maps is used to display interactive maps and create directions. By using Google Maps, information about your use of this website, including your IP address and the (start) address entered as part of the route planner function, can be transmitted to Google. When you access a page on our website that contains Google Maps, your browser establishes a direct connection with Google's servers. The map content is transmitted by Google directly to your browser and integrated into the website. We therefore have no influence on the extent of the data collected by Google in this way. According to our level of knowledge, this is at least the following data:
• Date and time of visit to the relevant website,
• Internet address or URL of the website accessed,
• IP address, (start) address entered during route planning.
We have no influence on the further processing and use of the data by Google and can therefore assume no responsibility for this. If you are logged in to Google, your data will be assigned directly to your Google account. If you do not want this assignment, you must log out of Google. Google saves your data (including that of users who are not logged in) as usage profiles and evaluates them. Such an evaluation is carried out in accordance with Article 6 Paragraph 1 Letter a GDPR based on your express consent.
If you do not want Google to collect, process or use data about you via our website, you can also deactivate JavaScript in your browser settings. However, in this case you cannot use the map display. The purpose and scope of data collection and the further processing and use of the data by Google as well as your related rights and setting options to protect your privacy can be found in Google's data protection information (https://policies.google.com/privacy?hl=de).
Google's terms of use can be found here:
http://www.google.de/intl/de/policies/terms/regional.html
The terms of use for Google Maps can be accessed here:
https://www.google.com/intl/de_US/help/terms_maps.html
Further information on data protection can be found here:
http://www.google.de/intl/de/policies/privacy/
11. Rights of the person concerned
11.1. The applicable data protection law grants you comprehensive data subject rights (rights of information and rights of intervention) vis-à-vis the person responsible regarding the processing of your personal data, which we will inform you about below:
- Right to information in accordance with Art. 15 GDPR:
You can request confirmation from the person responsible as to whether personal data concerning you is being processed by the person responsible. In addition, you have the right to information about the purpose, the categories of personal data, the recipients, the planned duration of storage and the existence of other rights such as correction of the data or the existence of a right to lodge a complaint with a supervisory authority, the origin of your data, if these were not collected by us, the existence of automated decision-making including profiling and, if applicable, meaningful information about the logic involved and the scope and intended effects of such processing affecting you, as well as your right to be informed about the guarantees in accordance with Art. 46 GDPR Your data may be forwarded to third countries;
- Right to rectification in accordance with Art. 16 GDPR:
You have the right to have any incorrect data concerning you immediately corrected and/or the incomplete data we have stored about you to be completed; The correction or completion must be made immediately.
- Right to restriction of processing in accordance with Art. 18 GDPR:
You have the right to request the restriction of the processing of your personal data as long as the accuracy of your data that you dispute is verified, if you refuse to have your data deleted due to unlawful data processing and instead request the restriction of the processing of your data if you reject your data to assert, exercise or defend legal claims after we no longer need this data after the purpose has been achieved or if you have lodged an objection for reasons relating to your particular situation, as long as it is not yet clear whether our legitimate reasons outweigh them;
If the processing of personal data concerning you has been restricted, this data - apart from its storage - may only be used with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State. If the restriction on processing has been restricted, you will be informed by the person responsible before the restriction is lifted.
- Right to deletion in accordance with Art. 17 GDPR:
You have the right to have your personal data deleted immediately if the requirements of Article 17 Para. 1 GDPR are met. However, this right to deletion does not apply in particular - but not exclusively - if the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims
- Right to information in accordance with Art. 19 GDPR:
If you have exercised your right to rectification, deletion or restriction of processing, the controller is obliged to notify all recipients to whom your personal data has been disclosed of this rectification or deletion of data or restriction of processing, unless this is impossible or disproportionate effort is involved. You also have the right to be informed about these recipients.
- Right to data portability in accordance with Art. 20 GDPR:
You have the right to receive the personal data you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another person responsible, if this is technically possible;
- Right of revocation in accordance with Art. 7 Para. 3 GDPR:
You have the right to object at any time to the processing of your personal data, which is carried out on the basis of Article 6 Paragraph 1 Letter e) or f) GDPR; This also applies to profiling based on these provisions.
You also have the right to revoke your declaration of consent under data protection law at any time with effect for the future. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent before its revocation.
- Right to complain in accordance with Art. 77 GDPR:
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you are of the opinion that the processing of personal data concerning you is contrary to violates the GDPR.
11.2. Right to object
You have the right to object to the processing of your data at any time with future effect if we process your data based on our overriding legitimate interest after weighing up our interests.
If you make use of this right to object, we will stop processing your data unless it can be proven that there are overriding compelling reasons worthy of protection that prevent the termination or if further processing serves to exercise or defend legal claims.
12. Duration of storage of personal data
The duration of storage of personal data depends on legal retention periods. After expiry, we routinely delete the data if it is no longer required to fulfill or initiate the contract and/or we have no legitimate interest in continuing to store it.