Privacy Policy

Thank you for your interest in our online store. We appreciate your trust and handle your data with care. It is therefore a matter of course for us to inform you in detail about the scope of the processing and use of your data. use of your data.

Privacy policy

Unless otherwise stated below, the provision of your personal data is not required by law or contract, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide data has no consequences. This only applies if no other information is provided in the following processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.

Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. The EU Commission has issued an adequacy decision for Canada. For the USA, there is an adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.

Contact us

Responsible person
Please contact us if you wish. The controller in charge of data processing on this website, within the meaning of the General Data Protection Regulation (GDPR), is By Native GmbH, Auf dem Damm 8, 21647 Moisburg, Deutschland, Tel.: +49 (0) 4165 2169240, email: hello@by-native.de
The controller in charge of the processing of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

Customer initiating contact by e-mail
If you initiate business contact with us by e-mail, we will only collect your personal data (name, e-mail address, message text) to the extent provided by you. The data processing serves the purpose of processing and answering your contact request.
If the contact serves to carry out pre-contractual measures (e.g. consultation in case of interest in purchase, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Para. 1 lit. b DSGVO.
If the contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f DSGVO due to our overriding legitimate interest in processing and answering your enquiry. In this case, you have the right to object at any time to this processing of personal data relating to you based on Art. 6 para. 1 lit. f DSGVO for reasons arising from your particular situation.
We only use your e-mail address to process your enquiry. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
 

Collection and processing when using the contact form
When using the contact form, we collect your personal data (name, e-mail address, message text) only to the extent provided by you. The data processing serves the purpose of contacting you.
If the contact serves to carry out pre-contractual measures (e.g. advice in the case of interest in purchase, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Para. 1 lit. b DSGVO.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f DSGVO due to our overriding legitimate interest in processing and responding to your enquiry. In this case, you have the right to object at any time to this processing of personal data relating to you based on Art. 6(1)(f) DSGVO for reasons arising from your particular situation.
We only use your e-mail address to process your enquiry. Your data will then be deleted in compliance with legal retention periods, unless you have consented to further processing and use.


Customer account orders      

Customer account
When opening a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. The processing is based on Art. 6 Para. 1 lit. a DSGVO with your consent. You can revoke your consent at any time by notifying us, without affecting the lawfulness of the processing carried out on the basis of the consent until revocation. Your customer account will then be deleted.

Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. The EU Commission has issued an adequacy decision for Canada. For the USA, there is an adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.


Valuations Advertising

Data collection when writing a comment
When you comment on an article or post, we only collect your personal data (name, email address, comment text) to the extent provided by you. The processing serves the purpose of enabling comments to be made and comments to be displayed. By submitting the comment, you consent to the processing of the transmitted data. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us without affecting the legality of the processing carried out on the basis of the consent until revocation. Your personal data will then be deleted.

When your comment is published only the name you provide will be will be published.

In addition, your IP address will be stored when you submit your comment in order to prevent misuse of the comment function and to ensure the security of our information technology systems. By submitting the comment, you consent to the processing of the transmitted data. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us without affecting the legality of the processing carried out on the basis of the consent until revocation. Your IP address will then be deleted.

Judge.me customer rating
We use the Judge.me service, with which you can be reminded to submit a review. This service is only used if you have given us your express prior consent. Judge.me has taken various measures in its rating system to ensure that the published ratings only come from consumers who have actually used or purchased the goods.

When using this service, the following data is used and transmitted to the service: first and last name, e-mail address, order date and number. Once you have given your consent to the processing of the data, you can revoke it at any time vis-à-vis us or the judge.me platform.(4) The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. a GDPR.(5) Address of the service provider: Judge.me LLC, PO Box 7403, Jackson, Wyoming 83002, USA. Further information on data protection: https://judge.me/privacy.

Use of your personal data for the sending of postal advertising

We reserve the right to use your first and last name and your postal address, which we have received as part of the sale of a product or service, for our own advertising purposes, e.g. to send you interesting offers and information about our products by post. This serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in a promotional approach to our customers in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

The advertising mailings are provided as part of processing on our behalf by a service provider to whom we pass on your data for this purpose.

You can object to this use of your address data at any time by notifying us. The contact details for exercising your objection can be found in the legal notice.

Use of the e-mail address for sending newsletters

We use your e-mail address independently of the contract processing exclusively for our own advertising purposes for sending newsletters, provided you have expressly consented to this. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your e-mail address will then be removed from the mailing list. 

Your data will be passed on to a service provider for e-mail marketing within the framework of order processing. Your data will not be passed on to any other third parties.

E-mail advertising without subscribing to the newsletter and your right to object:
If we receive your e-mail address in connection with the sale of a product or service and you have not objected to this, we reserve the right to regularly send you offers for similar products to those already purchased from our range by e-mail on the basis of Section 7 (3) UWG. This serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in a promotional approach to our customers.
You can object to this use of your e-mail address at any time by notifying us. The contact details for exercising your objection can be found in the legal notice.

Newsletter-Versand durch Klaviyo
Unser Newsletter-Versand erfolgt über den technischen Dienstleister "Klaviyo", 225 Franklin St,  Boston, MA 02110, USA (http://www.klaviyo.com/) An diesen geben wir Ihre bereitgestellten Daten im Rahmen der Newsletter-Anmeldung weiter. Dies erfolgt gemäß Art. 6 Abs. 1 lit. f DSGVO und dient unserem berechtigten Interesse an der Verwendung eines werbewirksamen, sicheren und nutzerfreundlichen Newslettersystems. Ihre Daten werden, unter Einhaltung des "EU-U.S. Privacy Shields", an einen Server von Klaviyo übertragen und dort gespeichert.

Klaviyo verwendet die Informationen zum Versand und zur statistischen Auswertung der Newsletter in unserem Auftrag. Es werden sogenannte Web-Beacons, oder Trackings-Pixel, die Ein-PixelBilddateien darstellen, die auf unserer Website gespeichert sind, übertragen.
So können wir feststellen, ob der Newsletter geöffnet und welche Links ggf. angeklickt wurden. Außerdem werden technische Informationen erfasst (z.B. Zeitpunkt des Abrufs, IP-Adresse, Browsertyp und Betriebssystem).
Wenn Sie der Datenanalyse zu statistischen Auswertungszwecken widersprechen
möchten, müssen Sie den Newsletterbezug abbestellen.

Zum Schutz Ihrer Daten in den USA haben wir mit Klaviyo einen Datenverarbeitungsvertrag (Data Processing-Agreement), in dem sich Klaviyo dazu verpflichtet, die Daten unserer Nutzer zu schützen, entsprechend dessen Datenschutzbestimmungen in unserem Auftrag zu verarbeiten und insbesondere nicht an Dritte weiter zu geben.

Die Datenschutzbestimmungen von Klaviyo können Sie hier einsehen:  https://klaviyo.com/privacy/


Zahlungsdienstleister       Bonitätsauskunft      

PayPal

Verwendung von PayPal Express
Wir verwenden auf unserer Website den Zahlungsdienst PayPal Express der PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxemburg; "PayPal"). Die Datenverarbeitung dient dem Zweck, Ihnen die Zahlung über den Zahlungsdienst PayPal Express anbieten zu können. Zur Einbindung dieses Zahlungsdienstes ist es erforderlich, dass PayPal beim Aufruf der Website Daten (z.B. IP-Adresse, Gerätetyp, Betriebssystem, Browsertyp, Standort Ihres Geräts) sammelt, speichert und analysiert. Hierzu können auch Cookies eingesetzt werden. Die Cookies ermöglichen die Wiedererkennung Ihres Browsers.
Die Verarbeitung Ihrer personenbezogenen Daten erfolgt auf Grundlage des Art. 6 Abs. 1 lit. f DSGVO aus unserem überwiegenden berechtigten Interesse an einem kundenorientierten Angebot von verschiedenen Zahlarten. Sie haben das Recht aus Gründen, die sich aus Ihrer besonderen Situation ergeben, jederzeit dieser Verarbeitung Sie betreffender personenbezogener Daten zu widersprechen.
Mit Auswahl und Nutzung von PayPal Express werden die zur Zahlungsabwicklung erforderlichen Daten an PayPal übermittelt, um den Vertrag mit Ihnen mit der gewählten Zahlart erfüllen zu können. Diese Verarbeitung erfolgt auf Grundlage des Art. 6 Abs. 1 lit. b DSGVO. Nähere Informationen zur Datenverarbeitung bei Verwendung des Zahlungsdienstes PayPal Express finden Sie in der dazugehörigen Datenschutzerklärung unter www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS.

Verwendung von PayPal Check-Out
Wir verwenden auf unserer Website den Zahlungsdienst PayPal Check-Out der PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxemburg; "PayPal"). Die Datenverarbeitung dient dem Zweck, Ihnen die Zahlung über den Zahlungsdienst anbieten zu können. Mit Auswahl und Nutzung von Zahlung via PayPal, Kreditkarte via PayPal, Lastschrift via PayPal oder „Später Bezahlen“ via PayPal werden die zur Zahlungsabwicklung erforderlichen Daten an PayPal übermittelt, um den Vertrag mit Ihnen mit der gewählten Zahlart erfüllen zu können. Diese Verarbeitung erfolgt auf Grundlage des Art. 6 Abs. 1 lit. b DSGVO.

Hierbei können Cookies gespeichert werden, die die Wiedererkennung Ihres Browsers ermöglichen. Die dadurch stattfindende Datenverarbeitung erfolgt auf Grundlage des Art. 6 Abs. 1 lit. f DSGVO aus unserem überwiegenden berechtigten Interesse an einem kundenorientierten Angebot von verschiedenen Zahlarten. Sie haben das Recht aus Gründen, die sich aus Ihrer besonderen Situation ergeben, jederzeit dieser Verarbeitung Sie betreffender personenbezogener Daten zu widersprechen.

Kreditkarte via PayPal, Lastschrift via PayPal & „Später bezahlen“ via PayPal 
Bei einzelnen Zahlungsarten wie Kreditkarte via PayPal, Lastschrift via PayPal oder „Später bezahlen“ via PayPal behält sich PayPal das Recht vor, ggf. eine Bonitätsauskunft auf der Basis mathematisch-statistischer Verfahren unter Nutzung von Auskunfteien einzuholen. Hierzu übermittelt PayPal die zu einer Bonitätsprüfung benötigten personenbezogenen Daten an eine Auskunftei und verwendet die erhaltenen Informationen über die statistische Wahrscheinlichkeit eines Zahlungsausfalls für eine abgewogene Entscheidung über die Begründung, Durchführung oder Beendigung des Vertragsverhältnisses. Die Bonitätsauskunft kann Wahrscheinlichkeitswerte (Score-Werte) beinhalten, die auf Basis wissenschaftlich anerkannter mathematisch-statistischer Verfahren berechnet werden und in deren Berechnung unter anderem Anschriftendaten einfließen. Ihre schutzwürdigen Belange werden gemäß den gesetzlichen Bestimmungen berücksichtigt. Die Datenverarbeitung dient dem Zweck der Bonitätsprüfung für eine Vertragsanbahnung. Die Verarbeitung erfolgt auf Grundlage des Art. 6 Abs. 1 lit. f DSGVO aus unserem überwiegenden berechtigten Interesse am Schutz vor Zahlungsausfall, wenn PayPal in Vorleistung geht. 
Sie haben das Recht aus Gründen, die sich aus Ihrer besonderen Situation ergeben, jederzeit gegen diese auf Art. 6 Abs. 1 lit. f DSGVO beruhende Verarbeitung Sie betreffender personenbezogener Daten durch Mitteilung an PayPal zu widersprechen. Die Bereitstellung der Daten ist für den Vertragsschluss mit der von Ihnen gewünschten Zahlart erforderlich. Eine Nichtbereitstellung hat zur Folge, dass der Vertrag nicht mit der von Ihnen gewählten Zahlart geschlossen werden kann.

Drittanbieter
Bei Bezahlung über die Zahlungsart eines Drittanbieters werden die zur Zahlungsabwicklung erforderlichen Daten an PayPal übermittelt. Diese Verarbeitung erfolgt auf Grundlage des Art. 6 Abs. 1 lit. b DSGVO. Zur Durchführung dieser Zahlungsart werden die Daten ggf. sodann seitens PayPal an den jeweiligen Anbieter weitergegeben. Diese Verarbeitung erfolgt auf Grundlage des Art. 6 Abs. 1 lit. b DSGVO. Lokale Drittanbieter können beispielsweise sein:

• Sofort (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany)
• giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main)

Purchase on account via PayPal
When paying via the payment method purchase on account, the data required for payment processing is first transmitted to PayPal. In order to process this payment method, the data is then transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to fulfill the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Ratepay may carry out a credit check on the basis of mathematical-statistical procedures (probability or score values) using credit agencies in accordance with the procedure described above. The data processing serves the purpose of credit assessment for the initiation of a contract. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR out of our overriding legitimate interest in protection against payment default if Ratepay makes advance payments. Further information on data protection and which credit agencies Ratpay uses can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.

Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Use of GDPR Legal Cookie
We use the consent management tool GDPR Legal Cookie from beeclever GmbH (Universitätsstraße 3, 56070 Koblenz a. Rh. "beeclever") on our website.
The tool enables you to give consent to data processing via the website, in particular the setting of cookies, as well as to exercise your right of revocation for consent already given.
The purpose of data processing is to obtain and document the necessary consent for data processing and thus to comply with legal obligations.
Cookies may be used for this purpose. The following information, among others, may be collected and transmitted to beeclever: Date and time of consent, URL from which the consent was sent, anonymous, random, encrypted key, consent status. This data is not passed on to other third parties.
Data processing is carried out to fulfil a legal obligation on the basis of Art. 6 para. 1 lit. c DSGVO.
For more information on terms of use and data protection at beeclever, please visit: 

https://gdpr-legal-cookie.com/pages/terms-conditions and at https://gdpr-legal-cookie.com/pages/datenschutzerklarung.


Affiliate analysis

Use of Google Analytics

We use the web analysis service Google Analytics from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The data processing serves the purpose of analyzing this website and its visitors as well as for marketing and advertising purposes. For this purpose, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator.
The following information may be collected: IP address, date and time of the page view, click path, information about the browser and device you are using, pages visited, referrer URL (website from which you accessed our website), location data, purchase activities. Your data may be linked by Google with other data, such as your search history, your personal accounts, your usage data from other devices and all other data that Google has about you.

The IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.

Google uses technologies such as cookies, web storage in the browser and tracking pixels that enable an analysis of your use of the website. The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 sentence 1 TTDSG i.V.m. Art. 6 para. 1 lit. a GDPR.

The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

The information generated about your use of this website is usually transferred to a Google server in the USA and stored there. There is an adequacy decision by the EU Commission for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has therefore undertaken to comply with European data protection principles. Both Google and US government authorities have access to your data.

You can find more information on terms of use and data protection at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/privacy?hl=de&gl=de.

Use of Shopify statistics
We use the statistics and analysis functions of Shopify International Ltd (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of order processing. Shopify is a company affiliated with Shopify Inc (151 O'Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The purpose of data processing is to analyze this website and its visitors. For this purpose, data is stored for marketing and optimization purposes and provided in reports, analyses and statistics. Among other things, the following device information is collected and processed: Web browser information, IP address, time zone and some of the cookies installed on your device. When you navigate the website, information is also collected about the web pages or products you have accessed, the referrer URL (website from which you accessed our website) and information about how you interact with the website. Technologies such as cookies, web beacons, tags and pixels (electronic files that collect information about how you navigate the website) are used for this purpose.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. The EU Commission has issued an adequacy decision for Canada. For the USA, there is an adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.
The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TTDSG in conjunction with Art. 6 (1) lit. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You can find more information on data protection at Shopify at https://www.shopify.com/de/legal/datenschutz, information on the order processing contract at https://www.shopify.com/de/legal/dpa and information on the cookies used at https://www.shopify.com/de/legal/cookies.

 

Plug-ins and other

Use of the Google Tag Manager
We use the Google Tag Manager of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This application is used to manage JavaScript tags and HTML tags that are used to implement tracking and analysis tools in particular. The data processing serves the purpose of designing and optimizing our website to meet your needs.
The Google Tag Manager itself neither stores cookies nor does it process personal data. However, it enables the triggering of other tags that can collect and process personal data.
You can find more information on terms of use and data protection here.

Use of social plug-ins

We use social network plug-ins on our website. The integration of social plug-ins and the data processing that takes place serves the purpose of optimizing the advertising of our products.
When social plug-ins are integrated, a link is established between your computer and the servers of the social network provider and the plug-in is displayed on the page by notifying your browser, provided you have expressly consented to this. Both your IP address and the information about which of our pages you have visited are transmitted to the provider servers. This applies regardless of whether you are registered or logged in to the social network. Transmission also takes place for users who are not registered or not logged in. If you are connected to one or more of your social network accounts at the same time, the information collected can also be assigned to your corresponding profiles. When you use the plug-in functions (e.g. by clicking the button), this information is also assigned to your user account. You can prevent this assignment by logging out of your social media accounts before visiting our website and before activating the buttons.
The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
The social networks listed below are integrated into our website by means of social plug-ins. For more information on the scope and purpose of the collection and use of the data and your rights and options for protecting your privacy in this regard, please refer to the linked data protection notices of the providers.

Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
Meta Platforms Ireland and we are jointly responsible for the collection of your data and the transmission of this data to Facebook when the service is integrated. The basis for this is an agreement between us and Meta Platforms Ireland on the joint processing of personal data, in which the respective responsibilities are defined. The agreement is available at https://www.facebook.com/legal/controller_addendum. Accordingly, we are responsible in particular for fulfilling the information obligations pursuant to Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service and for compliance with the obligations pursuant to Art. 33, 34 GDPR, insofar as a breach of the protection of personal data affects our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling the rights of data subjects pursuant to Art. 15 - 20 GDPR, complying with the security requirements of Art. 32 GDPR with regard to the security of the Service and the obligations under Art. 33, 34 GDPR to the extent that a personal data breach affects Meta Platforms Ireland's obligations under the Joint Processing Agreement.
Your data may be transferred to the USA. An adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF), is in place for the USA. Meta has certified itself in accordance with the TADPF and is thus committed to complying with European data protection principles.
For more information on the collection and use of data by Facebook, your rights in this regard and ways to protect your privacy, please refer to Facebook's privacy policy at https://www.facebook.com/about/privacy/.

LinkedIn of LinkedIn Corporation (2029 Stierlin Court, Mountain View, CA 94043, USA)
https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). LinkedIn is not certified under the TADPF.

Pinterest of Pinterest Inc. (635 High Street, Palo Alto, CA, 94301, USA)
https://policy.pinterest.com/de/privacy-policy
Your data may be transferred to the USA. There is an adequacy decision by the EU Commission for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified under the TADPF.

Data subject rights and storage duration

Duration of storage
After the contract has been fully processed, the data will initially be stored for the duration of the warranty period, then in accordance with statutory retention periods, in particular under tax and commercial law, and then deleted after the period has expired, unless you have consented to further processing and use.

Rights of the data subject
If the legal requirements are met, you have the following rights under Art. 15 to 20 GDPR: right of access, right to rectification, right to erasure, right to restriction of processing, right to data portability.
You also have the right to object to processing based on Art. 6(1)(f) GDPR and to processing for the purposes of direct marketing in accordance with Art. 21(1) GDPR.

Right to lodge a complaint with the supervisory authority
In accordance with Art. 77 GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that your personal data is being processed unlawfully.

You can lodge a complaint with the supervisory authority responsible for us, which you can reach using the following contact details

State Commissioner for Data Protection of Lower Saxony
Prinzenstraße 5
30159 Hannover
Phone: +49 511 1204500
Fax: +49 511 1204599
Email: poststelle@lfd.niedersachsen.de

Right to object
If the personal data processing listed here is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, you have the right to object to this processing at any time with effect for the future for reasons arising from your particular situation.
Once you have objected, the processing of the data concerned will be terminated unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defense of legal claims.

If personal data is processed for direct marketing purposes, you can object to this processing at any time by notifying us. Once you have objected, we will stop processing the data concerned for the purpose of direct marketing.


last update: 13.03.2024