Privacy Policy

Thank you for your interest in our online store. We appreciate your trust and handle your data with care. It is therefore a matter of course for us to inform you in detail about the scope of the processing and use of your data. use of your data.

Privacy policy

Unless otherwise stated below, the provision of your personal data is not required by law or contract, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide data has no consequences. This only applies if no other information is provided in the following processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.

Server log files
You can visit our websites without providing any personal information. 
Every time you access our website, usage data is transmitted to us or our web hoster / IT service provider by your internet browser and stored in log data (so-called server log files). This stored data includes, for example, the name of the page accessed, the date and time of access, the IP address, the amount of data transferred and the requesting provider. The processing is carried out on the basis of Art. 6 Para. 1 lit. f DSGVO due to our overriding legitimate interest in ensuring the trouble-free operation of our website as well as for the improvement of our offer. 
 

Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. The EU Commission has issued an adequacy decision for Canada. For the USA, there is an adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.

Contact us

Responsible person
Please contact us if you wish. The controller in charge of data processing on this website, within the meaning of the General Data Protection Regulation (GDPR), is By Native GmbH, Auf dem Damm 8, 21647 Moisburg, Deutschland, Tel.: +49 (0) 4165 2169240, email: hello@by-native.de
The controller in charge of the processing of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

Customer initiating contact by e-mail
If you initiate business contact with us by e-mail, we will only collect your personal data (name, e-mail address, message text) to the extent provided by you. The data processing serves the purpose of processing and answering your contact request.
If the contact serves to carry out pre-contractual measures (e.g. consultation in case of interest in purchase, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Para. 1 lit. b DSGVO.
If the contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f DSGVO due to our overriding legitimate interest in processing and answering your enquiry. In this case, you have the right to object at any time to this processing of personal data relating to you based on Art. 6 para. 1 lit. f DSGVO for reasons arising from your particular situation.
We only use your e-mail address to process your enquiry. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.

 

Collection and processing when using the contact form
When using the contact form, we collect your personal data (name, e-mail address, message text) only to the extent provided by you. The data processing serves the purpose of contacting you.

If the contact serves to carry out pre-contractual measures (e.g. advice in the case of interest in purchase, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 Para. 1 lit. b DSGVO.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f DSGVO due to our overriding legitimate interest in processing and responding to your enquiry. In this case, you have the right to object at any time to this processing of personal data relating to you based on Art. 6(1)(f) DSGVO for reasons arising from your particular situation.
We only use your e-mail address to process your enquiry. Your data will then be deleted in compliance with legal retention periods, unless you have consented to further processing and use.


Customer account orders      

Customer account
When opening a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. The processing is based on Art. 6 Para. 1 lit. a DSGVO with your consent. You can revoke your consent at any time by notifying us, without affecting the lawfulness of the processing carried out on the basis of the consent until revocation. Your customer account will then be deleted.


Collection, processing and forwarding of personal data for orders
When you place an order, we collect and process your personal data only insofar as this is necessary for the fulfilment and processing of your order and for dealing with your enquiries. The provision of the data is necessary for the conclusion of the contract. Failure to provide it will result in no contract being concluded. The processing is based on Art. 6 para. 1 lit. b DSGVO and is necessary for the fulfilment of a contract with you. 
Your data will be passed on, for example, to shipping companies, payment service providers, service providers for order processing and IT service providers. In all cases, we strictly observe the legal requirements. The scope of data transmission is kept to a minimum.
 

Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. The EU Commission has issued an adequacy decision for Canada. For the USA, there is an adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.


Valuations Advertising

Data collection when writing a comment
When you comment on an article or post, we only collect your personal data (name, email address, comment text) to the extent provided by you. The processing serves the purpose of enabling comments to be made and comments to be displayed. By submitting the comment, you consent to the processing of the transmitted data. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us without affecting the legality of the processing carried out on the basis of the consent until revocation. Your personal data will then be deleted.


When your comment is published only the name you provide will be will be published.

In addition, your IP address will be stored when you submit your comment in order to prevent misuse of the comment function and to ensure the security of our information technology systems. By submitting the comment, you consent to the processing of the transmitted data. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us without affecting the legality of the processing carried out on the basis of the consent until revocation. Your IP address will then be deleted.

Judge.me customer review

We use the "Judge.me" rating system of Judge.me Ltd (c/o Buckworths 2nd Floor, 1-3 Worship Street, London, England, EC2A 2AB; "Judge.me") on our website.

Judge.me enables us to obtain customer reviews and display them on our website to give you an insight into the quality of our services.
After placing an order, you may receive an invitation to submit a review from us or Judge.me and then submit a review. The following data may be processed by us or Judge.me: E-mail address, name, telephone number, address, information about your device (IP address, information about your web browser and the operating system used).
information about the product purchased or the service used (order number, product details), the content of your review and the star rating you have given, your product photos or videos (if you have attached these to your product review). This data may also be used for the purpose of verifying your rating. Judge.me uses technologies such as cookies.
Your data may be transferred outside the EU to the UK. An adequacy decision of the EU Commission is in place for the United Kingdom.
Your data may be transferred to the USA. An adequacy decision of the EU Commission is in place for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Judge.me is not certified under the TADPF. This data transfer is based on specific contracts that have been approved for use in the United Kingdom and that offer the same protection that personal data has in the United Kingdom.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 sentence 1 TDDDG in conjunction with Art. 6 para. 1 lit. f GDPR. Art. 6 para. 1 lit. a GDPR. Your personal data will be processed with your consent on the basis of Art. 6 para. 1 lit. a GDPR, provided that you have expressly consented to the disclosure of your data and the receipt of the evaluation request. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

Further information on data protection when using Judge.me can be found at: https://judge.me/privacy.

 

Integration of the Trusted Shops Trustbadge / other widgets

Trusted Shops widgets are integrated on this website to display Trusted Shops services (e.g. seal of approval, collected reviews).

This serves to safeguard our legitimate interests legitimate interests in optimal marketing by enabling secure shopping in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. The Trustbadge and the services advertised with it are an offer from Trusted Shops SE, Subbelrather Str. 15C, 50823 Cologne ("Trusted Shops"), with which we are jointly responsible under data protection law in accordance with Art. 26 GDPR. In the context of this data protection information, we inform you below about the essential contents of the contract in accordance with Art. 26 para. 2 GDPR.

Within the framework of the joint responsibility existing between us and Trusted Shops, please contact Trusted Shops for data protection questions and to assert your rights, preferably using the contact details provided in the data protection information specified contact options. Irrespective of this, you can always contact the controller of your choice. If necessary, your request will then be forwarded to the other responsible party for a response.

1. data processing when integrating the Trustbadge / other widgets

The trust badge is provided by a US CDN provider (content delivery network).
An adequate level of data protection is ensured in each case by an adequacy decision of the EU Commission, which is available for the USA here can be accessed here. Service providers used from the USA are generally certified under the EU-U.S. Data Privacy Framework (DPF). Further information is available here. If the service providers used are not certified under the DPF, standard contractual clauses have been concluded as a suitable guarantee.

When the Trustbadge is accessed, the web server automatically saves a so-called server log file, which also contains your IP address, the date and time of access, the amount of data transferred and the requesting provider (access data) and documents the access. The IP address is anonymized immediately after collection so that the stored data cannot be assigned to your person. The anonymized data is used in particular for statistical purposes and for error analysis.

2. data processing after order completion

After the order is completed, order information (order totals, order number, product purchased if applicable) and your e-mail address hashed using a cryptographic one-way function are transmitted to Trusted Shops. The legal basis is Art. 6 para. 1 sentence 1 lit. f DSGVO. This serves to check whether you are already registered for services with Trusted Shops and is therefore necessary for the fulfillment of our and Trusted Stores' overriding legitimate interests in the provision of the transactional evaluation services linked to the specific order in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. If you have registered, further processing will be carried out in accordance with the contractual agreement concluded between you and Trusted Shops. If you have not yet registered for the services, you will then be given the opportunity to do so for the first time. Further processing after registration is also based on the contractual agreement with Trusted Shops. If you are not yet registered for the services, you will then be given the opportunity to do so, give your consent to receive review invitations. If you do not give this consent, all transmitted data will be automatically deleted by Trusted Shops and a personal reference is then no longer possible.

Trusted Shops uses service providers in the areas of hosting, monitoring and logging. The legal basis is Art. 6 para. 1 lit. f GDPR for the purpose of ensuring trouble-free operation. Processing may take place in third countries (USA and Israel).
An adequate level of data protection is ensured in each case by an adequacy decision of the EU Commission, which is available for the USA here and for Israel here can be accessed here. Service providers used from the USA are generally certified under the EU-U.S. Data Privacy Framework. Further information is available here. If the service providers used are not certified under the DPF, standard contractual clauses have been concluded as a suitable guarantee.

Use of your personal data for the sending of postal advertising

We reserve the right to use your first and last name and your postal address, which we have received as part of the sale of a product or service, for our own advertising purposes, e.g. to send you interesting offers and information about our products by post. This serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in a promotional approach to our customers in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

The advertising mailings are provided as part of processing on our behalf by a service provider to whom we pass on your data for this purpose.

You can object to this use of your address data at any time by notifying us. The contact details for exercising your objection can be found in the legal notice.

Use of the e-mail address for sending newsletters

We use your e-mail address independently of the contract processing exclusively for our own advertising purposes for sending newsletters, provided you have expressly consented to this. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your e-mail address will then be removed from the mailing list. 

Your data will be passed on to a service provider for e-mail marketing within the framework of order processing. Your data will not be passed on to any other third parties.

E-mail advertising without subscribing to the newsletter and your right to object:
If we receive your e-mail address in connection with the sale of a product or service and you have not objected to this, we reserve the right to regularly send you offers for similar products to those already purchased from our range by e-mail on the basis of Section 7 (3) UWG. This serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in a promotional approach to our customers.
You can object to this use of your e-mail address at any time by notifying us. The contact details for exercising your objection can be found in the legal notice.

Newsletter-Versand durch Klaviyo
Unser Newsletter-Versand erfolgt über den technischen Dienstleister "Klaviyo", 225 Franklin St,  Boston, MA 02110, USA (http://www.klaviyo.com/) An diesen geben wir Ihre bereitgestellten Daten im Rahmen der Newsletter-Anmeldung weiter. Dies erfolgt gemäß Art. 6 Abs. 1 lit. f DSGVO und dient unserem berechtigten Interesse an der Verwendung eines werbewirksamen, sicheren und nutzerfreundlichen Newslettersystems. Ihre Daten werden, unter Einhaltung des "EU-U.S. Privacy Shields", an einen Server von Klaviyo übertragen und dort gespeichert.

Klaviyo verwendet die Informationen zum Versand und zur statistischen Auswertung der Newsletter in unserem Auftrag. Es werden sogenannte Web-Beacons, oder Trackings-Pixel, die Ein-PixelBilddateien darstellen, die auf unserer Website gespeichert sind, übertragen.
So können wir feststellen, ob der Newsletter geöffnet und welche Links ggf. angeklickt wurden. Außerdem werden technische Informationen erfasst (z.B. Zeitpunkt des Abrufs, IP-Adresse, Browsertyp und Betriebssystem).
Wenn Sie der Datenanalyse zu statistischen Auswertungszwecken widersprechen
möchten, müssen Sie den Newsletterbezug abbestellen.

Zum Schutz Ihrer Daten in den USA haben wir mit Klaviyo einen Datenverarbeitungsvertrag (Data Processing-Agreement), in dem sich Klaviyo dazu verpflichtet, die Daten unserer Nutzer zu schützen, entsprechend dessen Datenschutzbestimmungen in unserem Auftrag zu verarbeiten und insbesondere nicht an Dritte weiter zu geben.

Die Datenschutzbestimmungen von Klaviyo können Sie hier einsehen:  https://klaviyo.com/privacy/


Zahlungsdienstleister       Bonitätsauskunft      

PayPal

Verwendung von PayPal Express
Wir verwenden auf unserer Website den Zahlungsdienst PayPal Express der PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxemburg; "PayPal"). Die Datenverarbeitung dient dem Zweck, Ihnen die Zahlung über den Zahlungsdienst PayPal Express anbieten zu können. Zur Einbindung dieses Zahlungsdienstes ist es erforderlich, dass PayPal beim Aufruf der Website Daten (z.B. IP-Adresse, Gerätetyp, Betriebssystem, Browsertyp, Standort Ihres Geräts) sammelt, speichert und analysiert. Hierzu können auch Cookies eingesetzt werden. Die Cookies ermöglichen die Wiedererkennung Ihres Browsers.
Die Verarbeitung Ihrer personenbezogenen Daten erfolgt auf Grundlage des Art. 6 Abs. 1 lit. f DSGVO aus unserem überwiegenden berechtigten Interesse an einem kundenorientierten Angebot von verschiedenen Zahlarten. Sie haben das Recht aus Gründen, die sich aus Ihrer besonderen Situation ergeben, jederzeit dieser Verarbeitung Sie betreffender personenbezogener Daten zu widersprechen.
Mit Auswahl und Nutzung von PayPal Express werden die zur Zahlungsabwicklung erforderlichen Daten an PayPal übermittelt, um den Vertrag mit Ihnen mit der gewählten Zahlart erfüllen zu können. Diese Verarbeitung erfolgt auf Grundlage des Art. 6 Abs. 1 lit. b DSGVO. Nähere Informationen zur Datenverarbeitung bei Verwendung des Zahlungsdienstes PayPal Express finden Sie in der dazugehörigen Datenschutzerklärung unter www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS.


Verwendung von PayPal Check-Out
Wir verwenden auf unserer Website den Zahlungsdienst PayPal Check-Out der PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxemburg; "PayPal"). Die Datenverarbeitung dient dem Zweck, Ihnen die Zahlung über den Zahlungsdienst anbieten zu können. Mit Auswahl und Nutzung von Zahlung via PayPal, Kreditkarte via PayPal, Lastschrift via PayPal oder „Später Bezahlen“ via PayPal werden die zur Zahlungsabwicklung erforderlichen Daten an PayPal übermittelt, um den Vertrag mit Ihnen mit der gewählten Zahlart erfüllen zu können. Diese Verarbeitung erfolgt auf Grundlage des Art. 6 Abs. 1 lit. b DSGVO.

Hierbei können Cookies gespeichert werden, die die Wiedererkennung Ihres Browsers ermöglichen. Die dadurch stattfindende Datenverarbeitung erfolgt auf Grundlage des Art. 6 Abs. 1 lit. f DSGVO aus unserem überwiegenden berechtigten Interesse an einem kundenorientierten Angebot von verschiedenen Zahlarten. Sie haben das Recht aus Gründen, die sich aus Ihrer besonderen Situation ergeben, jederzeit dieser Verarbeitung Sie betreffender personenbezogener Daten zu widersprechen.

Kreditkarte via PayPal, Lastschrift via PayPal & „Später bezahlen“ via PayPal 
Bei einzelnen Zahlungsarten wie Kreditkarte via PayPal, Lastschrift via PayPal oder „Später bezahlen“ via PayPal behält sich PayPal das Recht vor, ggf. eine Bonitätsauskunft auf der Basis mathematisch-statistischer Verfahren unter Nutzung von Auskunfteien einzuholen. Hierzu übermittelt PayPal die zu einer Bonitätsprüfung benötigten personenbezogenen Daten an eine Auskunftei und verwendet die erhaltenen Informationen über die statistische Wahrscheinlichkeit eines Zahlungsausfalls für eine abgewogene Entscheidung über die Begründung, Durchführung oder Beendigung des Vertragsverhältnisses. Die Bonitätsauskunft kann Wahrscheinlichkeitswerte (Score-Werte) beinhalten, die auf Basis wissenschaftlich anerkannter mathematisch-statistischer Verfahren berechnet werden und in deren Berechnung unter anderem Anschriftendaten einfließen. Ihre schutzwürdigen Belange werden gemäß den gesetzlichen Bestimmungen berücksichtigt. Die Datenverarbeitung dient dem Zweck der Bonitätsprüfung für eine Vertragsanbahnung. Die Verarbeitung erfolgt auf Grundlage des Art. 6 Abs. 1 lit. f DSGVO aus unserem überwiegenden berechtigten Interesse am Schutz vor Zahlungsausfall, wenn PayPal in Vorleistung geht. 
Sie haben das Recht aus Gründen, die sich aus Ihrer besonderen Situation ergeben, jederzeit gegen diese auf Art. 6 Abs. 1 lit. f DSGVO beruhende Verarbeitung Sie betreffender personenbezogener Daten durch Mitteilung an PayPal zu widersprechen. Die Bereitstellung der Daten ist für den Vertragsschluss mit der von Ihnen gewünschten Zahlart erforderlich. Eine Nichtbereitstellung hat zur Folge, dass der Vertrag nicht mit der von Ihnen gewählten Zahlart geschlossen werden kann.

Drittanbieter
Bei Bezahlung über die Zahlungsart eines Drittanbieters werden die zur Zahlungsabwicklung erforderlichen Daten an PayPal übermittelt. Diese Verarbeitung erfolgt auf Grundlage des Art. 6 Abs. 1 lit. b DSGVO. Zur Durchführung dieser Zahlungsart werden die Daten ggf. sodann seitens PayPal an den jeweiligen Anbieter weitergegeben. Diese Verarbeitung erfolgt auf Grundlage des Art. 6 Abs. 1 lit. b DSGVO. Lokale Drittanbieter können beispielsweise sein:

  • Sofort (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany)
  • giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main)


Purchase on account via PayPal
When paying via the payment method purchase on account, the data required for payment processing is first transmitted to PayPal. In order to process this payment method, the data is then transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to fulfill the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Ratepay may carry out a credit check on the basis of mathematical-statistical procedures (probability or score values) using credit agencies in accordance with the procedure described above. The data processing serves the purpose of credit assessment for the initiation of a contract. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR out of our overriding legitimate interest in protection against payment default if Ratepay makes advance payments. Further information on data protection and which credit agencies Ratpay uses can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.

Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.


Use of Klarna payment options 
We use the payment service of Klarna Bank AB (publ) (Sveavägen 46, 111 34 Stockholm, Sweden; "Klarna") on our website. By selecting and using payment via Klarna, the data required for payment processing will be transmitted to Klarna in order to fulfill the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.

Cookies may be stored that enable your browser to be recognized. The resulting data processing takes place on the basis of Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in a customer-oriented offer of different payment methods. You have the right to object to this processing of your personal data at any time on grounds relating to your particular situation.
 
"Pay Later" (invoice), "Pay Now" (payment by direct debit), "Financing" (installment purchase)
For individual payment methods such as "Pay Later" (invoice), "Pay Now" (payment by direct debit), "Financing" (installment purchase), Klarna reserves the right to obtain credit information on the basis of mathematical-statistical procedures using credit agencies.
For this purpose, Klarna transmits the personal data required for a credit check, such as first and last name, address, gender, e-mail address, IP address and data related to the order, to a credit agency for the purpose of identity and credit checks and uses the information received on the statistical probability of non-payment for a balanced decision on the establishment, execution or termination of the contractual relationship. The credit report may contain probability values (score values) that are calculated on the basis of scientifically recognized mathematical-statistical procedures and whose calculation includes address data. Your legitimate interests are taken into account in accordance with the statutory provisions. The data processing serves the purpose of credit assessment for the initiation of a contract. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR out of our overriding legitimate interest in protection against payment default if Klarna makes advance payments. You have the right, for reasons arising from your particular situation, to object at any time to this processing of personal data concerning you based on Art. 6 para. 1 lit. f GDPR by notifying Klarna. The provision of the data is necessary for the conclusion of the contract with the payment method you have requested. Failure to provide the data means that the contract cannot be concluded with the payment method you have selected.
Further information, in particular to which credit agencies Klarna passes on your personal data, can be found for Germany at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies and for Austria at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/credit_rating_agencies
General information about Klarna is available for Germany at: https://www.klarna.com/de/ and for Austria at https://www.klarna.com/at/. Your personal data will be treated by Klarna in accordance with the applicable data protection regulations and in accordance with the information in Klarna's privacy policy for Germany at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy and for Austria at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy.
 
Use of SOFORT
We use the payment service provider SOFORT GmbH, (Theresienhöhe 12, 80339 Munich, Germany; "SOFORT") for payment processing on our website. Sofort GmbH is a company of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). The purpose of data processing is to be able to offer you various payment methods by processing payments via the payment service provider SOFORT. If you have opted for the payment option, the data required for payment processing will be transmitted to SOFORT. This data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. You can find more information on data processing when using the payment service provider SOFORT at https://www.sofort.com/1.0/shared/content/legal/terms/de-DE/SOFORT/ and https://www.klarna.com/sofort/.
 
Use of the payment service provider Stripe
We use the Stripe payment service of Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland) on our website. The purpose of data processing is to be able to offer you payment via the payment service. By selecting and using Stripe, the data required for payment processing is transmitted to Stripe in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. 
Stripe reserves the right to obtain credit information on the basis of mathematical-statistical procedures using credit agencies. For this purpose, Stripe transmits the personal data required for a credit check to a credit agency and uses the information received on the statistical probability of a payment default for a balanced decision on the establishment, execution or termination of the contractual relationship. The credit report may contain probability values (score values) that are calculated on the basis of scientifically recognized mathematical-statistical procedures and whose calculation includes address data, among other things. Your legitimate interests are taken into account in accordance with the statutory provisions. The data processing serves the purpose of credit assessment for the initiation of a contract. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR out of our overriding legitimate interest in protection against payment default if Stripe makes advance payments. 
You have the right, for reasons arising from your particular situation, to object at any time to this processing of personal data concerning you based on Art. 6 para. 1 lit. f GDPR by notifying Stripe. The provision of the data is necessary for the conclusion of the contract with the payment method you have requested. Failure to provide the data means that the contract cannot be concluded with the payment method you have selected.
All Stripe transactions are subject to the Stripe Privacy Policy. This can be found at https://stripe.com/de/privacy 

Cookies
Our website uses cookies. Cookies are small text files that are stored in the internet browser or by the internet browser on a user's computer system. When a user calls up a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.
Cookies are stored on your computer. Therefore, you have full control over the use of cookies. By selecting the appropriate technical settings in your internet browser, you can be notified before cookies are set and decide individually on their acceptance as well as prevent the storage of cookies and transmission of the data they contain. Cookies that have already been stored can be deleted at any time. However, we would like to point out that you may then not be able to use all the functions of this website to their full extent.
You can find out how to manage (including disabling) cookies in the main browsers by following the links below:
Technically necessary cookies
Unless otherwise stated in the data protection declaration below, we only use these technically necessary cookies for the purpose of making our offer more user-friendly, effective and secure. Furthermore, cookies enable our systems to recognise your browser even after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognised even after a page change.
The use of cookies or comparable technologies takes place on the basis of § 25 para. 2 TTDSG. The processing of your personal data is carried out on the basis of Art. 6 para. 1 lit. f DSGVO due to our overriding legitimate interest in ensuring the optimal functionality of the website as well as a user-friendly and effective design of our offer.
You have the right to object to the processing of your personal data at any time on grounds relating to your particular situation.
 

Use of GDPR Legal Cookie
We use the consent management tool GDPR Legal Cookie from beeclever GmbH (Universitätsstraße 3, 56070 Koblenz a. Rh. "beeclever") on our website.
The tool enables you to give consent to data processing via the website, in particular the setting of cookies, as well as to exercise your right of revocation for consent already given.
The purpose of data processing is to obtain and document the necessary consent for data processing and thus to comply with legal obligations.
Cookies may be used for this purpose. The following information, among others, may be collected and transmitted to beeclever: Date and time of consent, URL from which the consent was sent, anonymous, random, encrypted key, consent status. This data is not passed on to other third parties.
Data processing is carried out to fulfil a legal obligation on the basis of Art. 6 para. 1 lit. c DSGVO.
For more information on terms of use and data protection at beeclever, please visit: 

https://gdpr-legal-cookie.com/pages/terms-conditions and at https://gdpr-legal-cookie.com/pages/datenschutzerklarung.


Affiliate analysis

Use of Google Analytics

We use the web analysis service Google Analytics from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The data processing serves the purpose of analyzing this website and its visitors as well as for marketing and advertising purposes. For this purpose, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator.
The following information may be collected: IP address, date and time of the page view, click path, information about the browser and device you are using, pages visited, referrer URL (website from which you accessed our website), location data, purchase activities. Your data may be linked by Google with other data, such as your search history, your personal accounts, your usage data from other devices and all other data that Google has about you.

The IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.

Google uses technologies such as cookies, web storage in the browser and tracking pixels that enable an analysis of your use of the website. The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 sentence 1 TTDSG i.V.m. Art. 6 para. 1 lit. a GDPR.

The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

The information generated about your use of this website is usually transferred to a Google server in the USA and stored there. There is an adequacy decision by the EU Commission for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has therefore undertaken to comply with European data protection principles. Both Google and US government authorities have access to your data.

You can find more information on terms of use and data protection at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/privacy?hl=de&gl=de.

Use of Shopify statistics
We use the statistics and analysis functions of Shopify International Ltd (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of order processing. Shopify is a company affiliated with Shopify Inc (151 O'Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The purpose of data processing is to analyze this website and its visitors. For this purpose, data is stored for marketing and optimization purposes and provided in reports, analyses and statistics. Among other things, the following device information is collected and processed: Web browser information, IP address, time zone and some of the cookies installed on your device. When you navigate the website, information is also collected about the web pages or products you have accessed, the referrer URL (website from which you accessed our website) and information about how you interact with the website. Technologies such as cookies, web beacons, tags and pixels (electronic files that collect information about how you navigate the website) are used for this purpose.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. The EU Commission has issued an adequacy decision for Canada. For the USA, there is an adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.
The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TTDSG in conjunction with Art. 6 (1) lit. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You can find more information on data protection at Shopify at https://www.shopify.com/de/legal/datenschutz, information on the order processing contract at https://www.shopify.com/de/legal/dpa and information on the cookies used at https://www.shopify.com/de/legal/cookies.

Use of the Meta Pixel
We use the Meta Pixel from Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "Meta") on our website.
Meta and we are jointly responsible for the collection of your data and the transmission of this data to Meta when the service is integrated. The basis for this is an agreement between us and Meta on the joint processing of personal data, in which the respective responsibilities are defined. The agreement is available at https://de-de.facebook.com/legal/terms/businesstools. According to this agreement, we are responsible in particular for fulfilling the information obligations pursuant to Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service and for compliance with the obligations pursuant to Art. 33, 34 GDPR, insofar as a breach of the protection of personal data affects our obligations under the joint processing agreement. Meta is responsible for enabling the rights of data subjects pursuant to Art. 15 - 20 GDPR, complying with the security requirements of Art. 32 GDPR with regard to the security of the Service and the obligations under Art. 33, 34 GDPR to the extent that a personal data breach affects Meta's obligations under the Joint Processing Agreement.
The purpose of the application is to target visitors to the website with interest-based advertising on the social networks Facebook and Instagram. The Meta remarketing tag has been implemented on the website for this purpose. This tag is used to establish a direct connection to the Meta servers when you visit the website. This tells the Meta server which of our pages you have visited. Meta assigns this information to your personal Facebook and/or Instagram user account. When you visit the Facebook or Instagram social networks, you will then be shown personalized, interest-based ads.
The application also serves the purpose of creating conversion statistics. This tells us the total number of users who have clicked on one of our ads and been redirected to a page with a conversion tracking tag and what actions are taken after being redirected to this website. However, we do not receive any information with which users can be personally identified.
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself in accordance with the TADPF and is therefore committed to complying with European data protection principles.
Your personal data is processed with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You can deactivate the remarketing function "Custom Audiences" here. For more information on the collection and use of data by Meta, your rights in this regard and ways to protect your privacy, please refer to Meta's privacy policy at https://www.facebook.com/about/privacy/.

 

Plug-ins and other

Use of the Google Tag Manager
We use the Google Tag Manager of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This application is used to manage JavaScript tags and HTML tags that are used to implement tracking and analysis tools in particular. The data processing serves the purpose of designing and optimizing our website to meet your needs.
The Google Tag Manager itself neither stores cookies nor does it process personal data. However, it enables the triggering of other tags that can collect and process personal data.
You can find more information on terms of use and data protection here.

Use of social plug-ins

We use social network plug-ins on our website. The integration of social plug-ins and the data processing that takes place serves the purpose of optimizing the advertising of our products.
When social plug-ins are integrated, a link is established between your computer and the servers of the social network provider and the plug-in is displayed on the page by notifying your browser, provided you have expressly consented to this. Both your IP address and the information about which of our pages you have visited are transmitted to the provider servers. This applies regardless of whether you are registered or logged in to the social network. Transmission also takes place for users who are not registered or not logged in. If you are connected to one or more of your social network accounts at the same time, the information collected can also be assigned to your corresponding profiles. When you use the plug-in functions (e.g. by clicking the button), this information is also assigned to your user account. You can prevent this assignment by logging out of your social media accounts before visiting our website and before activating the buttons.
The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
The social networks listed below are integrated into our website by means of social plug-ins. For more information on the scope and purpose of the collection and use of the data and your rights and options for protecting your privacy in this regard, please refer to the linked data protection notices of the providers.

Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
Meta Platforms Ireland and we are jointly responsible for the collection of your data and the transmission of this data to Facebook when the service is integrated. The basis for this is an agreement between us and Meta Platforms Ireland on the joint processing of personal data, in which the respective responsibilities are defined. The agreement is available at https://www.facebook.com/legal/controller_addendum. Accordingly, we are responsible in particular for fulfilling the information obligations pursuant to Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service and for compliance with the obligations pursuant to Art. 33, 34 GDPR, insofar as a breach of the protection of personal data affects our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling the rights of data subjects pursuant to Art. 15 - 20 GDPR, complying with the security requirements of Art. 32 GDPR with regard to the security of the Service and the obligations under Art. 33, 34 GDPR to the extent that a personal data breach affects Meta Platforms Ireland's obligations under the Joint Processing Agreement.
Your data may be transferred to the USA. An adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF), is in place for the USA. Meta has certified itself in accordance with the TADPF and is thus committed to complying with European data protection principles.
For more information on the collection and use of data by Facebook, your rights in this regard and ways to protect your privacy, please refer to Facebook's privacy policy at https://www.facebook.com/about/privacy/.

 
Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://help.instagram.com/155833707900388
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta
has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.


LinkedIn of LinkedIn Corporation (2029 Stierlin Court, Mountain View, CA 94043, USA)
https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). LinkedIn is not certified under the TADPF.

Pinterest of Pinterest Inc. (635 High Street, Palo Alto, CA, 94301, USA)
https://policy.pinterest.com/de/privacy-policy
Your data may be transferred to the USA. There is an adequacy decision by the EU Commission for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified under the TADPF.


Use of Google Fonts
We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The data processing serves the purpose of the uniform display of fonts on our website. In order to load the fonts, a connection to Google servers is established when the page is called up. Cookies may be used for this purpose. Among other things, your IP address and information about the browser you are using will be processed and transmitted to Google. This data is not linked to your Google account.
Your data may be transmitted to the USA. There is no EU Commission adequacy decision for the USA. The data transfer takes place, inter alia, on the basis of standard contractual clauses as appropriate safeguards for the protection of personal data, viewable at: https://policies.google.com/privacy/frameworks.

The processing of your personal data is based on Art. 6 para. 1 lit. f DSGVO for our overriding legitimate interest to a user-friendly and aesthetic design of our website. You have the right to object at any time to this processing of your personal data based on Art. 6 (1) (f) DSGVO on grounds relating to your particular situation by notifying us.
You can find more information on data processing and data protection at https://www.google.de/intl/de/policies/ and at https://developers.google.com/fonts/faq.

 


Data subject rights and storage duration


Duration of storage
After the contract has been fully processed, the data will initially be stored for the duration of the warranty period, then in accordance with statutory retention periods, in particular under tax and commercial law, and then deleted after the period has expired, unless you have consented to further processing and use.


Rights of the data subject
If the legal requirements are met, you have the following rights under Art. 15 to 20 GDPR: right of access, right to rectification, right to erasure, right to restriction of processing, right to data portability.
You also have the right to object to processing based on Art. 6(1)(f) GDPR and to processing for the purposes of direct marketing in accordance with Art. 21(1) GDPR.


Right to lodge a complaint with the supervisory authority
In accordance with Art. 77 GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that your personal data is being processed unlawfully.


You can lodge a complaint with the supervisory authority responsible for us, which you can reach using the following contact details

State Commissioner for Data Protection of Lower Saxony
Prinzenstraße 5
30159 Hannover
Phone: +49 511 1204500
Fax: +49 511 1204599
Email: poststelle@lfd.niedersachsen.de


Right to object
If the personal data processing listed here is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, you have the right to object to this processing at any time with effect for the future for reasons arising from your particular situation.
Once you have objected, the processing of the data concerned will be terminated unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defense of legal claims.


If personal data is processed for direct marketing purposes, you can object to this processing at any time by notifying us. Once you have objected, we will stop processing the data concerned for the purpose of direct marketing.


last update: 03.12.2024