Effective from July 29, 2019
1. WHAT DO WE DO WITH YOUR DATA OR OTHER PIECES OF INFORMATION? Your Rights.
When you browse our store, our Webshop - Service Provider Shopify automatically receives so called Server log files, e.g. your computer’s Internet Protocol (IP) Address in order to provide us with information that helps learning about your browser and operating system for a secure operation and an optimization of our offer to you (V. below Cookies).
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address of residence and delivery, and your email address. With your explicit permission, we may send you emails about our store, new products or other updates.
Being the data subject, you have the following rights according to:
- art. 15 GDPR, the right to obtain information about your personal data which we process, within the scope described therein;
- art. 16 GDPR, the right to immediately demand rectification of incorrect or completion of your personal data stored by us;
- art. 17 GDPR, the right to request erasure of your personal data stored with us, unless further processing is required - to exercise the right of freedom of expression and information; - for compliance with a legal obligation; - for reasons of public interest or - for establishing, exercising or defending legal claims;
- art. 18 GDPR, the right to request restriction of processing of your personal data, insofar as - the accuracy of the data is contested by you; - the processing is unlawful, but you refuse their erasure; - we no longer need the data, but you need it to establish, exercise or defend legal claims, or - you have lodged an objection to the processing in accordance with art 21 GDPR;
- art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request its transmission to another controller;
- art. 77 GDPR, the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority at your habitual place of residence or workplace or at our company headquarters.
3. WE WORK WITH YOUR EXPRESS OR IMPLICIT CONSENT
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return of a purchase, we imply that you consent to our collecting it. We will use it for that specific reason only. When you subscribe to our Newsletter we will ask you by email to confirm your subscription.
4. HOW CAN YOU WITHDRAW YOUR CONSENT
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at firstname.lastname@example.org or mailing us at:
We shall delete your personal data stored with us as soon as you withdraw your consent and as soon as the knowledge of your data is not necessary anymore for us to process your order or deliver a service or as soon as legal reasons oppose further storage. Apart of this we cannot delete data which are still needed for invoicing or accounting.
We may disclose your personal information if we are required by law to do so or if you violate our General Terms and Conditions for users and clients of our website.
6. STORAGE AND USE OF PERSONAL DATA BY SHOPIFY
The functionality of our online shop is guaranteed by Shopify Inc., a company with legal residence in Canada. Shopify offers us an e-commerce platform, which enables us to offer you our products. Shopify collects personal data like your name, your email account, your shipping and billing address, payment details, phone number, IP - address and device data. This information is collected when you visit our site, when you place an order or when you sign up for an account or a subscription of our newsletter. Shopify needs this information to provide us with their services, including supporting and processing orders, authentication, and processing payments. Shopify uses this information also to improve their services.
7. STORAGE OF YOUR PAYMENT DATA
If you choose a direct payment gateway to complete your purchase, then our payment service provider (Stripe) stores your credit card data. It is encrypted according to the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as it is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like VISA, Master Card, American Express etc.
8. THIRD PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies with respect to the information we are required to provide to them for your purchase-related transactions (e.g. Stripe and Shopify).For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers (s.above 6. and 7.).
In order to be able to offer you Klarna’s payment options, we will pass to Klarna certain of your personal information, such as contact and order details, in order for Klarna to assess whether you qualify for their payment options and to tailor the payment options for you. General information on Klarna you can find here. Your personal data is handled in accordance with applicable data protection law and in accordance with the information in Klarnas privacy statement for Germany/ Austria.
To protect your personal information, we take reasonable precautions and follow industries best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
10. Trusted Shops: Trustbadge
The Trusted Shops Trustbadge is integrated on this website to display our collected reviews as well as to offer Trusted Shops products to buyers after an order.
This is necessary to safeguard our legitimate prevailing interests in an optimal marketing by ensuring the safety of your purchase according to Article 6 (1) f GDPR. The Trustbadge and the services advertised with it are an offer of the Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, _Germany. The Trustbadge is made available by a CDN provider (Content-Delivery-Network) as part of order processing. The Trusted Shops GmbH uses also service provider from the USA. An adequate level of data protection is guaranteed. Further information to the data security of the Trusted Shops GmbH can be found here: https://www.trustedshops.co.uk/imprint/
When the Trustbadge is called up, the web server automatically saves a server log file which contains, for example, your IP address, the date and time of the call, the amount of data transferred and the requesting provider (access data) and documents the call. Individual access data are stored in a security database for the analysis of security problems. The log files are automatically deleted 90 days after creation at the latest.
Further personal data will be transferred to Trusted Shops GmbH if you decide to use Trusted Shops products after completing an order or have already registered for use. The contractual agreement made between you and Trusted Shops applies. For this purpose personal data is automatically collected from the order data. Whether or not you are already registered as a Trusted Shops customer is automatically checked by means of a neutral parameter, the e-mail address hashed by cryptological one-way function. The e-mail address is converted to this hash value, which cannot be decrypted by Trusted Shops before it is transmitted. After checking for a match, the parameter is deleted automatically.
11. WEB ANALYSIS SERVICE
This website uses Google Analytics with the extension „anonymizeIP()“. IP addresses can therefore only be processed in abbreviated form in order to prevent personal references. Only in exceptional cases, the full IP address will be transmitted to a server in the US, where it is abbreviated. On behalf of the website operator, Google will use this information to evaluate your use of this website, to compile reports on website activities to provide further services connected to the website and the internet use for our benefit.
The IP address transmitted by your browser in the context of Google Analytics will not be linked to other data retrieved by Google. You may prevent the storage of cookies by making he appropriate settings in your browser. However, we should remind you that in that case you might not be able to use the full functionality of this website. You may permanently refuse Google to collect data generated by cookies regarding the use of the website (including your IP address) and to process them by downloading and installing the browse plugin click here. As an alternative of the browser plugin or for browsers regarding mobile devices, please click on the following link in order to set an opt-out cookie, which disables Google Analytics to collect data on this website in the future (this opt-out cookie only functions for your browser and this domain). If you delete your cookies on this browser, you have to click again on this link: here.
12. USE OF PERSONAL DATA WHEN YOU SUBSCRIBE TO OUR EMAIL NEWSLETTER
MailChimp guarantees data protection in accordance with EU standards. MailChimp uses tracking technologies and stores also the IP - Address of your computer through which you subscribed to the Newsletter in order to analyze e.g. the geographical distribution of the newsletter and its use by our customers. MailChimp will not disclose and not divulge your data and not contact you except by our order to distribute the newsletter.
13. QUESTIONS WITH REGARD TO YOUR PERSONAL DATA
You have the right to access free of charge your personal data stored by us as well as the right to correction, blocking and deletion. If you have questions to the collection, processing or use of your personal data or if you want to be informed about the use of your personal data, if you want them corrected, blocked or deleted or if you want to withdraw your consent or oppose a certain use of your personal data, please communicate it to email@example.com or by mail at:
We reserve the right to modify this private policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website.
updated August 8, 2019