PRIVACY POLICY

1) INFORMATION ABOUT THE COLLECTION OF PERSONAL DATA AND CONTACT DETAILS OF THE CONTROLLER

1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about how your personal data is handled when using our website. Personal data includes all data that can be used to personally identify you.

1.2 The controller responsible for data processing on this website, within the meaning of the General Data Protection Regulation (GDPR), is Shop Name. The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data.

1.3 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the string "https://" and the lock symbol in your browser’s address bar.

 

 

 

2) DATA COLLECTION WHEN VISITING OUR WEBSITE

When you use our website for informational purposes only — that is, if you do not register or otherwise transmit information to us — we only collect the data that your browser sends to our server (so-called "server log files"). When you visit our website, we collect the following technically necessary data to display the website to you:

• The website visited

• Date and time of access

• Amount of data sent in bytes

• Source/referring URL from which you accessed the site

• Browser used

• Operating system used

• IP address used (possibly in anonymized form)

This data is processed in accordance with Article 6(1)(f) of the GDPR based on our legitimate interest in improving the stability and functionality of our website. This data will not be disclosed or used in any other way. However, we reserve the right to subsequently review the server log files if there are concrete indications of unlawful use.

 

 

 

3) COOKIES

To make your visit to our website attractive and to enable the use of certain features, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of your browser session—that is, after you close your browser (so-called session cookies). Other cookies remain on your device and allow us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies). When cookies are set, they collect and process certain user information to a specific extent, such as browser and location data, as well as IP address values. Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie.

Some cookies serve to simplify the ordering process by saving settings (e.g., remembering the contents of a virtual shopping cart for a later visit to the website). If personal data is also processed through individual cookies implemented by us, the processing takes place either in accordance with Art. 6(1)(b) of the GDPR for the execution of the contract or in accordance with Art. 6(1)(f) of the GDPR to safeguard our legitimate interests in the best possible functionality of the website and a user-friendly and efficient design of the site visit.

We may also work with advertising partners who help us make our internet offering more interesting for you. For this purpose, cookies from partner companies (third-party cookies) may also be stored on your hard drive when you visit our website. If we work with the aforementioned advertising partners, you will be individually and separately informed about the use of such cookies and the scope of the data collected in the following paragraphs.

Please note that you can configure your browser to notify you when cookies are set and decide individually whether to accept them or exclude the acceptance of cookies in specific cases or in general. Each browser differs in how it manages cookie settings. This is described in the help menu of each browser, which explains how to change your cookie settings. You can find these for the respective browsers at the following links:

• Internet Explorer:
  https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies

• Firefox:
  https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

• Chrome:
  https://support.google.com/chrome/answer/95647?hl=de&hlrm=en

• Safari:
  https://support.apple.com/kb/ph21411?locale=de_DE

• Opera:
  https://help.opera.com/en/latest/web-preferences/#cookies

Please note that rejecting cookies may limit the functionality of our website.

Let me know if you need this adapted for a privacy policy or legal compliance context.

 

 

 

4) CONTACTING US

When you contact us (e.g., via contact form or email), personal data is collected. The specific data collected through a contact form can be seen in the respective form. This data is used solely for the purpose of responding to your inquiry, or for establishing contact and the associated technical administration. The legal basis for processing the data is our legitimate interest in responding to your request, in accordance with Art. 6(1)(f) GDPR. If your contact aims to conclude a contract, then the additional legal basis for processing is Art. 6(1)(b) GDPR. Your data will be deleted once your request has been fully processed, provided that it can be inferred from the circumstances that the issue in question has been conclusively resolved and no statutory retention obligations prevent deletion.

 

 

 

5) DATA PROCESSING WHEN OPENING A CUSTOMER ACCOUNT AND FOR CONTRACT EXECUTION

In accordance with Art. 6(1)(b) GDPR, personal data is also collected and processed when you provide it to us for the purpose of executing a contract or opening a customer account. The specific data collected is evident from the respective input forms. You can delete your customer account at any time by sending a message to the address of the data controller mentioned above. We store and use the data you provide for contract processing. After the contract has been fully executed or your customer account has been deleted, your data will be blocked with regard to retention periods under tax and commercial law, and deleted after these periods have expired—unless you have expressly consented to further use of your data or we have reserved the right to use the data further, which is legally permitted and explained below.

 

 

 

6) USE OF YOUR DATA FOR DIRECT MARKETING PURPOSES

6.1 Subscription to Our Email Newsletter

If you subscribe to our email newsletter, we will regularly send you information about our offers. The only required information for receiving the newsletter is your email address. Any additional data provided is voluntary and will be used to address you personally. For sending the newsletter, we use the so-called double opt-in procedure. This means we will only send you an email newsletter if you have expressly confirmed that you consent to receiving newsletters. We will then send you a confirmation email asking you to confirm your subscription by clicking a corresponding link.

By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6(1)(a) GDPR. When you sign up for the newsletter, we store your IP address assigned by your internet service provider (ISP) and the date and time of registration to be able to trace possible misuse of your email address at a later date. The data collected during newsletter registration will be used exclusively for promotional communication via the newsletter.

You can unsubscribe from the newsletter at any time via the link provided in each newsletter or by sending a corresponding message to the data controller mentioned at the beginning. After unsubscribing, your email address will be promptly deleted from our newsletter distribution list, unless you have expressly consented to further use of your data or we reserve the right to use your data in a legally permitted manner, which we inform you about in this declaration.

6.2 Sending the Email Newsletter to Existing Customers

If you have provided us with your email address when purchasing goods or services, we reserve the right to regularly send you offers for similar goods or services from our range by email. For this purpose, we do not need to obtain a separate consent from you. The data processing is based solely on our legitimate interest in personalized direct advertising in accordance with Art. 6(1)(f) GDPR. If you initially objected to the use of your email address for this purpose, we will not send you any emails. You have the right to object to the use of your email address for the aforementioned advertising purpose at any time with effect for the future by sending a message to the data controller named at the beginning. Only transmission costs according to the basic tariffs will be charged to you. Upon receipt of your objection, the use of your email address for advertising purposes will be discontinued immediately.

 

 

 

7) DATA PROCESSING FOR ORDER HANDLING

7.1 The personal data we collect is passed on to the shipping company commissioned for delivery insofar as this is necessary for delivering the goods. Your payment data will be forwarded to the commissioned credit institution as part of payment processing if this is required for the payment transaction. If payment service providers are used, we will explicitly inform you about this below. The legal basis for passing on the data is Art. 6(1)(b) GDPR.

7.2 Use of Payment Service Providers

• PayPal
  When paying via PayPal, credit card via PayPal, direct debit via PayPal, or — if offered — "purchase on account" or "installment payment" via PayPal, we forward your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg ("PayPal") as part of the payment process. The transfer is carried out in accordance with Art. 6(1)(b) GDPR and only to the extent necessary for payment processing.

PayPal reserves the right, for the payment methods credit card via PayPal, direct debit via PayPal, or — if offered — "purchase on account" or "installment payment" via PayPal, to perform a credit check. For this, your payment data may be passed on to credit agencies in accordance with Art. 6(1)(f) GDPR based on PayPal’s legitimate interest in determining your creditworthiness. The result of the credit check regarding the statistical likelihood of default is used by PayPal to decide whether to provide the respective payment method. The credit report may include score values. These scores are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, among other things but not exclusively, address data. Further data protection information, including the credit agencies used, can be found in PayPal’s privacy policy:
https://www.paypal.com/de/webapps/mpp/ua/privacy-full
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if necessary for contract-compliant payment processing.

• SOFORT
  If you select the payment method "SOFORT," the payment is processed via the payment service provider SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany ("SOFORT"). We forward the information you provide during the order process, together with information about your order, to SOFORT in accordance with Art. 6(1)(b) GDPR. SOFORT GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). Your data is only forwarded to SOFORT for the purpose of payment processing and only to the extent necessary for this purpose.
  You can find further information about SOFORT’s data protection policies at:
  https://www.klarna.com/sofort/datenschutz

 

 

 

8) CONTACT FOR REVIEW REMINDER
Own review reminder (not sent by a customer review system)

We use your email address to send a one-time reminder to submit a review of your order for the review system we use, provided you have given us your explicit consent according to Art. 6(1)(a) GDPR during or after your order.
You can revoke your consent at any time by sending a message to the person responsible for data processing.

 

 

 

 

9) USE OF SOCIAL MEDIA: SOCIAL PLUGINS

9.1 Facebook Plugins with Shariff Solution

Special additional customs clearance fees and/or import duties are not included in the price and are the customer’s responsibility.

Our website uses so-called social plugins (“plugins”) of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA (“Facebook”).

To increase the protection of your data when visiting our website, these buttons are not integrated as full plugins but only embedded on the page using an HTML link. This type of integration ensures that no connection to Facebook’s servers is established when a page on our website containing these buttons is loaded. When you click the button, a new browser window opens and calls up the Facebook page where you can interact with the plugins (possibly after entering your login details).

Facebook Inc., based in the USA, is certified under the US-European data privacy agreement “Privacy Shield,” which guarantees compliance with the data protection level applicable in the EU.

The purpose and scope of data collection and further processing and use of data by Facebook, as well as your related rights and privacy settings, can be found in Facebook’s privacy policy:
https://www.facebook.com/policy.php

9.2 Google+ Plugins as Shariff Solution

Our website uses so-called social plugins ("plugins") of the social network Google+, which is operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

To increase the protection of your data when visiting our website, these buttons are not fully integrated as plugins but are embedded on the page using an HTML link only. This type of integration ensures that no connection to Google+ servers is established when a page of our website containing these buttons is loaded. When you click the button, a new browser window opens and calls the Google+ page where you can (after entering your login details if necessary) interact with the plugins there.

Google LLC, based in the USA, is certified under the US-European data privacy agreement "Privacy Shield," which guarantees compliance with the data protection level applicable in the EU.

The purpose and scope of data collection and the further processing and use of data by Google, as well as your related rights and privacy settings, can be found in Google's privacy policy:
https://www.google.com/intl/de/policies/privacy

9.3 Instagram Plugin as Shariff Solution

Our website uses so-called social plugins ("plugins") of the online service Instagram, operated by Instagram LLC, 1601 Willow Rd, Menlo Park, CA 94025, USA ("Instagram").

To increase the protection of your data when visiting our website, these buttons are not fully integrated as plugins but are embedded on the page using an HTML link only. This type of integration ensures that no connection to Instagram servers is established when a page of our website containing these buttons is loaded. When you click the button, a new browser window opens and calls the Instagram page where you can (after entering your login details if necessary) interact with the plugins there.

Instagram LLC, based in the USA, is certified under the US-European data privacy agreement "Privacy Shield," which guarantees compliance with the data protection level applicable in the EU.

The purpose and scope of data collection and the further processing and use of data by Instagram, as well as your related rights and privacy settings, can be found in Instagram’s privacy information:
https://help.instagram.com/155833707900388/

 

 

 

 

10) ONLINE MARKETING

10.1 DoubleClick by Google

This website uses the online marketing tool DoubleClick by Google, operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("DoubleClick").

DoubleClick uses cookies to display relevant advertisements to users, improve campaign performance reports, or to avoid showing the same ads multiple times to the same user. Google collects information about which ads are shown in which browser via a cookie ID and can thus prevent multiple displays of the same ad. The processing is based on our legitimate interest in the optimal marketing of our website according to Art. 6 (1) lit. f GDPR.

Furthermore, DoubleClick can use cookie IDs to track so-called conversions related to ad requests. For example, if a user sees a DoubleClick ad and later visits the advertiser’s website with the same browser and makes a purchase. According to Google, DoubleClick cookies do not contain personal information.

Because of the marketing tools used, your browser automatically establishes a direct connection with Google's servers. We have no influence on the scope and further use of the data collected through this tool by Google and therefore inform you according to our knowledge: By integrating DoubleClick, Google receives the information that you have accessed the relevant part of our website or clicked on an ad from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered or not logged in with Google, the provider may still identify and store your IP address.

If you wish to object to this tracking procedure, you can disable cookies for conversion tracking by configuring your browser to block cookies from the domain www.googleadservices.com, or at https://www.google.de/settings/ads. Note that this setting is deleted if you clear your cookies. Alternatively, you can visit the Digital Advertising Alliance at www.aboutads.info to get information and adjust cookie settings. You can also configure your browser to notify you when cookies are set and decide individually whether to accept them, or to generally reject cookies. Please note that rejecting cookies may limit the functionality of our website.

Google LLC, based in the USA, is certified under the US-European data protection agreement “Privacy Shield,” which ensures compliance with the EU’s data protection standards.

More information about the data protection policies of DoubleClick by Google can be found here:
https://www.google.de/policies/privacy/

10.2 Use of Google AdWords Conversion Tracking

This website uses the online advertising program "Google AdWords" and within Google AdWords, the conversion tracking of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). We use Google AdWords to draw attention to our attractive offers on external websites through advertisements (so-called Google AdWords). In relation to advertising campaign data, we can determine how successful individual advertising measures are. Our aim is to show you advertising that is relevant to you, make our website more interesting for you, and ensure a fair calculation of advertising costs.

The conversion tracking cookie is set when a user clicks on a Google AdWords ad. Cookies are small text files stored on your computer system. These cookies generally expire after 30 days and do not serve personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can see that the user clicked on the ad and was redirected to that page. Each Google AdWords customer receives a different cookie. Cookies cannot be tracked across the websites of AdWords customers.

The information collected using the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that would allow them to personally identify users.

If you do not want to participate in tracking, you can block the use of the Google conversion tracking cookie by adjusting your internet browser settings to disable cookies. You will then not be included in the conversion tracking statistics. We use Google AdWords based on our legitimate interest in targeted advertising pursuant to Art. 6 (1) lit. f GDPR.

Google LLC, based in the USA, is certified under the US-European data protection agreement “Privacy Shield,” ensuring compliance with the data protection standards applicable in the EU.

More information about Google’s data protection policies can be found here:
https://www.google.de/policies/privacy/

You can permanently disable cookies for ads by changing your browser settings or downloading and installing the browser plugin available here:
https://www.google.com/settings/ads/plugin?hl=de

Please note that certain functions of this website may be unavailable or limited if you disable cookies.

 

11) WEB ANALYTICS SERVICES – Google (Universal) Analytics

What happens?
This website uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses so-called "cookies," small text files stored on your computer, which allow an analysis of your use of the website.

Important:

• The IP address is anonymized by the function "_anonymizeIp()", which shortens your IP address to exclude direct personal identification.

• Normally, the anonymized IP address is transmitted to and stored on a Google server in the USA. Only in exceptional cases is the full IP address transmitted and then anonymized on the server.

• The data collected is used to evaluate your use of the website, generate reports about website activity, and provide other services related to website and internet usage to the website operator.

• Your IP address will not be merged with other data held by Google.

Opt-Out / Objection:

• You can prevent the storage of cookies by adjusting your browser settings, though this may limit the full functionality of the website.

• You can also install a browser add-on to deactivate Google Analytics:
  https://tools.google.com/dlpage/gaoptout?hl=en

• Alternatively, you can set an opt-out cookie that prevents data collection by Google Analytics on this website (works only in this browser and for this domain): Deactivate Google Analytics

Special feature:

• This website also uses cross-device tracking with a user ID to analyze visitor flows across multiple devices. This ID is unique, permanent, and anonymized, enabling the assignment of interaction data from different devices to a single user without revealing personal data.

• You can object to data collection via the user ID at any time by disabling Google Analytics on all your devices (e.g., different browsers or mobile devices).

Data protection:
Google LLC is certified under the U.S.-EU Privacy Shield, which ensures compliance with EU data protection standards.

12) RETARGETING / REMARKETING / RECOMMENDATION ADVERTISING

Facebook Custom Audience using the Pixel method

• This website uses the “Facebook Pixel” from Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA (“Facebook”). With your explicit consent, it allows tracking user behavior after they have seen or clicked on a Facebook advertisement.

• This procedure serves to evaluate the effectiveness of Facebook ads for statistical and market research purposes and helps optimize future advertising campaigns.

• The data collected is anonymous for the website operator but Facebook stores and processes it, potentially linking it to your user profile for their own advertising purposes according to Facebook’s Data Use Policy: https://www.facebook.com/about/privacy/

• Facebook and its partners may store cookies on your device for these purposes.

• Consent is only valid for users aged 13 or older. If you are younger, please ask your legal guardians for permission.

Opt-out:

• You can disable or delete cookies in your browser, but this may limit the website’s functionality.

• You can also disable third-party cookies like Facebook’s at: https://www.aboutads.info/choices/

Google AdWords Remarketing

• Our website uses Google AdWords Remarketing to advertise this website within Google search results and on third-party websites.

• Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) places a cookie in your browser that enables pseudonymous, interest-based advertising based on your visited pages.

• Processing is based on our legitimate interest in the optimal marketing of our website (Art. 6 para. 1 lit. f GDPR).

• If you are logged into Google and have consented, Google may combine your browsing data with Google Analytics data to create cross-device remarketing audiences.

• You can permanently disable cookies for ad settings by downloading and installing the browser plug-in:
  https://www.google.com/settings/ads/onweb/

• Alternatively, adjust cookie settings at the Digital Advertising Alliance: www.aboutads.info

• You can also configure your browser to inform you about cookie placement and decide individually which cookies to accept or reject.

Important:

• Disabling cookies may restrict website functionality.

• Google is certified under the Privacy Shield agreement ensuring EU-level data protection.

Further information and privacy policies for Google advertising:
https://www.google.com/policies/technologies/ads/

13) RIGHTS OF THE DATA SUBJECT

13.1 Your rights under applicable data protection law:

You have extensive rights vis-à-vis the controller regarding the processing of your personal data (rights to information and intervention), about which we inform you below:

• Right to information according to Art. 15 GDPR:
  You have the right to obtain information about your personal data processed by us, the purposes of processing, categories of personal data processed, recipients or categories of recipients to whom your data have been or will be disclosed, the planned storage period or criteria for determining the storage period, the existence of the right to rectification, deletion, restriction of processing, objection to processing, the right to lodge a complaint with a supervisory authority, the origin of your data if not collected directly from you, the existence of automated decision-making including profiling, and, where applicable, meaningful information about the logic involved and the significance and envisaged consequences of such processing for you, as well as your right to be informed about safeguards pursuant to Art. 46 GDPR for the transfer of your data to third countries.

• Right to rectification according to Art. 16 GDPR:
  You have the right to immediate correction of incorrect data concerning you and/or completion of incomplete data stored by us.

• Right to erasure according to Art. 17 GDPR:
  You have the right to request deletion of your personal data if the conditions of Art. 17(1) GDPR are met. However, this right does not apply especially if the processing is necessary to exercise the right to freedom of expression and information, comply with a legal obligation, for reasons of public interest, or for asserting, exercising, or defending legal claims.

• Right to restriction of processing according to Art. 18 GDPR:
  You may request restriction of processing of your personal data while the accuracy of your disputed data is verified, if you oppose deletion due to unlawful processing and instead want the restriction of processing, if you need the data to assert, exercise, or defend legal claims after we no longer need them for the original purpose, or if you have objected to processing for reasons of your particular situation until it is determined whether our legitimate grounds outweigh yours.

• Right to notification according to Art. 19 GDPR:
  If you have asserted the right to rectification, deletion, or restriction of processing, the controller must inform all recipients to whom the data were disclosed about the correction, deletion, or restriction, unless this is impossible or involves disproportionate effort. You have the right to be informed about these recipients.

• Right to data portability according to Art. 20 GDPR:
  You have the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format, or to request transmission to another controller if technically feasible.

• Right to withdraw consent according to Art. 7(3) GDPR:
  You have the right to withdraw any consent once given for data processing at any time with effect for the future. Upon withdrawal, we will delete the affected data immediately unless further processing is permitted by law without consent. The legality of processing before withdrawal remains unaffected.

• Right to lodge a complaint according to Art. 77 GDPR:
  If you believe the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, especially in your place of residence, workplace, or where the alleged violation occurred, without prejudice to other administrative or judicial remedies.

13.2 Right to object

If we process your personal data based on a balancing of interests due to our overriding legitimate interest, you have the right to object at any time for reasons arising from your particular situation to this processing with effect for the future.

If you exercise your right to object, we will stop processing the affected data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves the assertion, exercise, or defense of legal claims.

If your personal data is processed by us for direct marketing purposes, you have the right to object to the processing of your personal data for such marketing at any time. You can exercise this objection as described above.

If you exercise your right to object, we will stop processing the affected data for direct marketing purposes.

14) DURATION OF STORAGE OF PERSONAL DATA

The duration of storage of personal data is determined by the respective statutory retention periods (e.g., commercial and tax law retention periods). After the expiration of these periods, the corresponding data will be routinely deleted, provided they are no longer required for the fulfilment or initiation of a contract and/or we no longer have a legitimate interest in further storage.