1.1 What is personal data?
Personal data is information that discloses or can disclose the identity of the user. We adhere to the principle of data avoidance. As far as possible, we do not collect personal data.
1.2 Dealing with personal data
Personal data is used solely for the purpose of establishing the contract, structuring its content, implementing or processing the contractual relationship (Art. 6 I S. 1 b GDPR).
In addition, personal data will only be processed if we have received your consent to do so (Art. 6 I S. 1 a GDPR) or if it concerns data whose processing is necessary for our legitimate interests and if the assessment shows that there are no overriding interests, fundamental rights or fundamental freedoms on your part (Art. 6 I S. 1 f GDPR).
We may use contract processors to process your personal data, but will not pass on your personal data to third parties.
The data will only be passed on to the shipping company commissioned with the delivery in order to fulfil the contract, insofar as this is necessary for the delivery of ordered goods. In order to process payments, the necessary payment data will be passed on to the bank commissioned with the payment and, if applicable, to the commissioned and selected payment service provider.
The processing of your personal data takes place exclusively within the EU, unless otherwise stated below.
1.3 Usage data
When you visit the website, general technical information is collected. This includes the IP address used, time of day, duration of the visit, browser type and, if applicable, the page of origin. This usage data is registered in a log file for technical reasons and can be used and stored for the purpose of statistical evaluation of this website. This usage data is not linked to your other personal data.
1.4 Duration of storage
After the end of the purpose for which the data was collected, we only store your personal data for as long as this is necessary due to legal (in particular tax) regulations.
2. Your rights
You can request information from us as to whether we process your personal data and, if so, you have a right to information about this personal data and the further information specified in Art. 15 GDPR.
2.2 Right to Correction
You have the right to rectify the incorrect personal data concerning you and may request the completion of incomplete personal data in accordance with Art. 16 GDPR.
2.3 Right to cancellation
You have the right to demand that we delete your personal data immediately. We are obliged to delete them immediately, in particular if one of the following reasons applies:
- Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
- You revoke your consent on which the processing of your data was based and there is no other legal basis for the processing.
- Your data have been processed unlawfully.
The right to deletion does not exist insofar as your personal data is necessary for the assertion, exercise or defence of our legal claims.
2.4 Right to limitation of processing
You have the right to demand that we restrict the processing of your personal data if
- you dispute the accuracy of the data and we therefore verify the accuracy,
- the processing is unlawful and you refuse to delete it and instead request the restriction of its use
- we no longer need the data, but you need it to assert, exercise or defend legal claims,
- you have objected to the processing of your data and it is not yet clear whether our legitimate reasons outweigh your reasons.
2.5 Right to Data Transferability
You have the right to receive the personal data relating to you that you have provided to us in a structured, common and machine-readable format and you have the right to communicate this data to another responsible person without our interference, provided that the processing is based on a consent or a contract and the processing is carried out by us using automated procedures.
2.6 Right of revocation
If the processing of your personal data is based on a consent, you have the right to revoke this consent at any time.
2.7 General and right of appeal
The exercise of your aforementioned rights is generally free of charge for you. If you have any complaints, you have the right to contact the supervisory authority responsible for us, the state data protection officer, directly.
3. Data security
3.1 Data security
All data on our website is protected by technical and organisational measures against loss, destruction, access, alteration and distribution.
3.2 Sessions and Cookies
If you subscribe to our newsletter, we will use the data required for this purpose or provided separately by you in order to send you our e-mail newsletter on a regular basis. You can unsubscribe from the newsletter at any time, either by sending us a message via the contact details given in the imprint or via the link provided in the newsletter.
If you use the comment function on our website, the time of creation and your chosen pseudonym will be saved in addition to these comments. The IP address is made anonymous by us immediately and is not stored.
6. Presence on social media platforms
We use the following social media platforms for company presentation and communication (the following linked data protection declarations and opt-out options are expressly referred to).
Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA)
LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland)
Xing (XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany)
Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA)
These social media platforms may be able to process personal data outside the EU, we refer in this respect to the above data protection declarations of the social media platforms. The respective social media platforms may create user profiles and store cookies on your computer, in which your user behaviour is stored, based on your user behaviour and the resulting interests on your part. If you have an account on the respective social media platform and are logged in, your usage behaviour can even be stored independent of the device. Your usage profile can be used, for example, to place advertisements that presumably correspond to your interests.
We process the personal data exclusively for communication with you via the social media platform selected by you and for the optimisation of our online presence and ensure that no interests on your part are affected which outweigh this justified interest on our part (Art. 6 I S. 1 f GDPR). If you have already given the respective operator of the social media platform effective consent to the corresponding data processing, your personal data will also be processed on the basis of this consent (Art. 6 I S. 1 a GDPR).
7. Third-party services
7.1 Google Analytics
7.2 Social media links
We have our own social media pages with the third-party providers that can be reached via links from this website. By using the links you will reach the respective websites of the third party providers (e.g. Facebook, Twitter, Google+). In order to avoid unnecessary data transfer, we recommend that you log out of the respective third-party provider yourself before using a corresponding link, so that usage profiles cannot be created by the third-party provider through the use of the link.
7.3 Use of MailChimp
Our e-mail communication is handled via "MailChimp", a platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. Your e-mail address and other data described in this notice will be stored on MailChimp's servers in the USA. MailChimp uses this information to send and evaluate e-mails on our behalf. Furthermore, according to its own information, MailChimp can use this data to optimise or improve its own services, e.g. for the technical optimisation of the dispatch and presentation of the newsletter or for economic purposes in order to determine from which countries the recipients come. MailChimp does not use the data of our mail recipients in order to write to them or pass them on to third parties. MailChimp is certified under the US-EU data protection agreement "Privacy Shield" and thus undertakes to comply with EU data protection regulations. In addition, we have concluded a data processing agreement with MailChimp. This is a contract in which MailChimp undertakes to protect the data of our users, to process it on our behalf in accordance with their data protection regulations and, in particular, not to pass it on to third parties. Thus, the weighing up results in the fact that no overriding interests on your part are opposed (Art. 6 I S. 1 f GDPR). You can view the data protection regulations of MailChimp at https://mailchimp.com/legal/privacy/
7.4 Font Awesome Web Fonts
We use Adobe Typekit to display fonts on our website. Adobe Typekit is a service providing access to a font library provided by Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (Adobe). When you open a page, your browser loads the Web fonts you need into your browser cache to display text and fonts correctly. In the course of providing the Typekit service, no cookies are placed or used to provide the fonts. To provide the Typekit service, Adobe may collect font information to identify the site itself and the associated Typekit account. The interests of the users are not affected according to (Art. 6 I S. 1 f GDPR). For more information about privacy at Adobe Typekit, please refer to Adobe's privacy statement at https://www.adobe.com/privacy/policies/typekit.html
7.6 Google reCAPTCHA
8. Establishing contact
If you would like to contact us about data protection, please use the contact options below. Responsible person in the sense of the GDPR:
Frau Dr. Katja Brunkhorst
Phone: +49 (0) 541 40757303