Data protection declaration
Data protection declaration
Unless stated otherwise below, the provision of your personal data is neither legally nor contractually obligatory, nor required for conclusion of a contract. You are not obliged to provide your data. Not providing it will have no consequences. This only applies as long as the processing procedures below do not state otherwise.
"Personal data" is any information relating to an identified or identifiable natural person.
Server log files
You can use our websites without submitting personal data.
Every time our website is accessed, user data is transferred to us or our web hosts/IT service providers by your internet browser and stored in server log files. This stored data includes for example the name of the site called up, date and time of the request, the IP address, amount of data transferred and the provider making the request. The processing is carried out on the basis of Article 6(1) f) GDPR due to our legitimate interests in ensuring the smooth operation of our website as well as improving our services.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. The EU Commission has issued an adequacy decision for Canada. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.
Contact
Responsible person
Contact us at any time. The person responsible for data processing is: Alain Kessler, Hofackerstrasse 8, 8570 Weinfelden Schweiz, 0795878241, alainkessler04@gmail.com
Proactive contact of the customer by e-mail
If you make contact with us proactively via email, we shall collect your personal data (name, email address, message text) only to the extent provided by you. The purpose of the data processing is to handle and respond to your contact request.
If the initial contact serves to implement pre-contractual measures (e.g. consultation in the case of purchase interest, order creation) or concerns an agreement already concluded between you and us, this data processing takes place on the basis of Article 6(1)(b) GDPR.
If the initial contact occurs for other reasons, this data processing takes place on the basis of Article 6(1)(f) GDPR for the purposes of our overriding, legitimate interest in handling and responding to your request. In this case, on grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you and carried out on the basis of Article 6(1)(f) GDPR.
We will only use your email address to process your request. Your data will subsequently be deleted in compliance with statutory retention periods, unless you have agreed to further processing and use.
WhatsApp Business
If you communicate with us via WhatsApp, we use the WhatsApp Business version of WhatsApp Ireland Limited for this (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "WhatsApp"). If you have your residence outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The purpose of the data processing is to handle and respond to your contact request. For this purpose we collect and process your mobile phone number registered with WhatsApp and, if provided, your name and additional data to the extent provided by you. We use a mobile device for the service, the address book of which stores exclusively the data of users who have contacted us via WhatsApp. Disclosure of personal data to WhatsApp shall not take place unless you have already consented to this with respect to WhatsApp.
Your data are transmitted by WhatsApp to servers of Meta Platforms Inc. in the USA.
Your data may be transferred to third countries such as the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles. If the initial contact serves to implement pre-contractual measures (e.g. consultation in the case of purchase interest, order creation) or concerns an agreement already concluded between you and us, this data processing takes place on the basis of Article 6(1)(b) GDPR.
If the initial contact occurs for other reasons, this data processing takes place on the basis of Article 6(1)(f) GDPR for the purposes of our overriding, legitimate interest in providing quick and easy communication as well as responding to your request. In this case, on grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you and carried out on the basis of Article 6(1)(f) GDPR.
We will only use your personal data to process your request. Your data will subsequently be deleted in compliance with statutory retention periods, unless you have agreed to further processing and use.
For more information on terms of service and privacy when using WhatsApp, please visit https://www.whatsapp.com/legal/#terms-of-service (https://www.whatsapp.com/legal/#terms-of-service) and https://www.whatsapp.com/legal/#privacy-policy (https://www.whatsapp.com/legal/#privacy-policy).
Customer account Orders
Customer account
When you open a customer account, we will collect your personal data in the scope given there. The data processing is for the purpose of improving your shopping experience and simplifying order processing. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. Your customer account will then be deleted.
Collection, processing, and transfer of personal data in orders
When you submit an order we only collect and use your personal data insofar as this is necessary for the fulfilment and handling of your order as well as processing of your queries. The provision of data is necessary for conclusion of a contract. Failure to provide it will prevent the conclusion of any contract. The processing will occur on the basis of Article 6(1) b) GDPR and is required for the fulfilment of a contract with you.
Your data will be shared, for example, with shipping companies, dropshipping or fulfillment providers, payment service providers, service providers for order processing, and IT service providers. We will comply strictly with legal requirements in every case. The scope of data transmission is restricted to a minimum.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. The EU Commission has issued an adequacy decision for Canada. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.
Payment service providers
Use of PayPal
On our website we use the PayPal payment service of PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal"). The data processing serves the purpose of offering you payment via the payment service. By selecting and using payment via PayPal, the data required for processing the payment will be transmitted to PayPal in order to enable us to fulfil the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
All PayPal transactions are subject to PayPal Privacy Policy. You can find these at https://www.paypal.com/de/webapps/mpp/ua/privacy-full (https://www.paypal.com/de/webapps/mpp/ua/privacy-full)
Use of PayPal Plus
On our website we use the PayPal Plus payment service of PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal"). The data processing serves the purpose of offering you payment via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal, the data required for payment processing is transmitted to PayPal in order to enable us to fulfil the contract with you by means of the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
For individual payment methods such as credit card via PayPal, direct debit via PayPal, PayPal reserves the right, if necessary, to obtain a credit report on the basis of mathematical-statistical procedures using credit reporting agencies. For this purpose, PayPal transmits the personal data required for credit assessment to a credit agency and uses the obtained information on the statistical probability of a payment default in order to reach a reasonable decision on the establishment, performance or termination of the contractual relationship. The credit report may contain probability values (score values) which are calculated on the basis of scientifically recognised mathematical-statistical methods and include, among other things, address data. Your legitimate interests will be taken into account in accordance with the legal requirements. The data processing serves the purpose of a credit check for contract initiation. The processing is carried out on the basis of art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default if PayPal pays in advance.
For reasons that arise from your particular situation, you have the right to object to the processing of your personal data carried out on the basis of Art. 6 para. 1 lit. f GDPR at any time by notifying PayPal. The provision of the data is necessary for the conclusion of the contract with the payment method of your choice. Failure to provide such data shall mean that the contract cannot be concluded with the payment method you have selected.
Cookies
Our website uses cookies. Cookies are small text files which are saved in a user's internet browser or by the user's internet browser on their computer system. When a user calls up a website, a cookie may be saved on the user's operating system. This cookie contains a characteristic character string which allows the browser to be clearly identified when the website is called up again.
Cookies will be stored on your computer. You therefore have full control over the use of cookies. By choosing corresponding technical settings in your internet browser, you can be notified before the setting of cookies and you can decide whether to accept this setting in each individual case as well as prevent the storage of cookies and transmission of the data they contain. Cookies which have already been saved may be deleted at any time. We would, however, like to point out that this may prevent you from making full use of all the functions of this website. Using the links below, you can find out how to manage cookies (or deactivate them, among other things) in major browsers: Chrome Browser: https://support.google.com/accounts/answer/61416?hl=en (https://support.google.com/accounts/answer/61416?hl=en) Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09 (https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09) Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences) Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac (https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac)
technically necessary cookies
Insofar as no other information is given in the data protection declaration below we use only these technically necessary cookies cookies to make our offering more user-friendly, effective and secure. Cookies also allow our systems to recognise your browser after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. These services require the browser to be recognised again after a page change.
The use of cookies or comparable technologies is carried out on the basis of Art. 25 para. 2 TDDDG. Processing is carried out on the basis of art. 6 (1) lit. f GDPR due to our largely justified interest in ensuring the optimal functionality of the website as well as a user-friendly and effective design of our range of services.
You have the right to veto this processing of your personal data according to art. 6 (1) lit. f GDPR, for reasons relating to your personal situation.
Analysis Communication
Use of Adobe Analytics
On our website, we use the web analytics service Adobe Analytics from Adobe Systems Incorporated (345 Park Avenue, San Jose, CA 95110, USA; "Adobe").
Data processing is used to analyse this website and the user behaviour of its visitors as well as for marketing and advertising purposes. For this purpose, cookies are used which enable the browser to be recognised and thus enable more precise statistics. The following information may be collected and transmitted to Adobe: IP address, date and time of page view, click path, information about the browser and device you are using, information about the operating system you are using, pages visited, referrer URL (website from which you accessed our website), location data, purchasing activities. Adobe uses the information obtained on our behalf to evaluate your use of the website, to compile reports on website activity and to provide further services to the website operator in connection with website and internet use. The data recorded is generally transmitted to an Adobe server in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Adobe has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
Adobe has activated IP encryption. As a result, your IP address will be irreversibly anonymised by Adobe within member states of the European Union or in other states that are party to the Agreement on the European Economic Area. The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
Further information on data processing and data protection at Adobe Analytics can be found at https://www.adobe.com/de/privacy.html (https://www.adobe.com/de/privacy.html), at https://www.adobe.com/de/analytics/general-data-protection-regulation.html (https://www.adobe.com/de/analytics/general-data-protection-regulation.html) and at https://docs.adobe.com/content/help/de-DE/analytics/technotes/privacy-overview.html (https://docs.adobe.com/content/help/de-DE/analytics/technotes/privacy-overview.html).
Use of Google Analytics 4
We use the Google Analytics web analytics service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The data processing serves the purpose of analyzing this website and its visitors as well as for marketing and advertising purposes. To this end, Google will use the information obtained on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.
In this context, the following information may be collected, among others: IP address, date and time of page view, click path, information about the browser you are using and the device you are using (device), pages visited, referrer URL (website from which you accessed our website), location data, purchase activity. Your data may be linked by Google to other data, such as your search history, your personal accounts, your usage data from other devices, and any other data Google may have about you.
The IP address is shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.
Google uses technologies such as cookies, web storage in the browser and tracking pixels that enable an analysis of your use of the website. The use of cookies or similar technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TDDDG in conjunction with. Art. 6 para. 1 lit. a DSGVO.
The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a DSGVO. You may revoke your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation.
We also use the Google Signals service in this context. Google Signals enables cross-device tracking. Hence, your data can be analysed across devices if you have enabeled "personalised advertising" in your account settings and your end devices are linked to your Google account. This makes it possible to identify which device is searching for products and then return to complete purchases on another device, such as a tablet.The cross-device reports created in this context contain only aggregated data. We therefore only receive statistics generated on the basis of Google Signals. To prevent Google Signals from collecting and storing data across devices, you can deactivate the "personalised advertising" function in your Google Account settings. For more information, please visit https://support.google.com/ads/answer/2662922?hl=de (https://support.google.com/ads/answer/2662922?hl=de). For more information on data processing and data protection for Google Signals, please visit https://support.google.com/analytics/answer/7532985?hl=en (https://support.google.com/analytics/answer/7532985?hl=en).
The information generated by this about your use of this website is usually transferred to a Google server in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles. Both Google and US government agencies have access to your data.
For more information on terms of use and data protection, please visit https://policies.google.com/technologies/partner-sites (https://policies.google.com/technologies/partner-sites) and https://policies.google.com/privacy?hl=de&gl=de (https://policies.google.com/privacy?hl=de&gl=de).
Use of the Chatra live chat system
We use the Chatra live chat system of Roger Wilco LLC (2200 Clarendon Blvd., Suite 1400A, Arlington, VA 22201, USA; "Chatra") on our website as part of an order processing.
The data processing serves the purpose of direct and efficient communication between you and us as a provider. In order to operate the live chat system, cookies are used to enable browser recognition. Within this context, the following information, among others, may be processed and, if applicable, transmitted to Chatra: individual user ID, pages visited on our website, number of visits to our website, information on the device used by you as well as other personal data provided by you when using the chat system (e.g. user name chosen by you, e-mail address). From the data recorded in this way, user profiles can be created using pseudonyms. Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Chatra has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
For more information about data processing at Chatra, please visit: https://chatra.com/privacy-policy/ (https://chatra.com/privacy-policy/)
Use of Shopify Inbox
We use the live chat system and Shopify Inbox of Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of an order processing. Shopify is an affiliated company of Shopify Inc. (151 O'Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The data processing serves the purpose of direct and efficient communication between you and us as a provider. Data is stored and processed for the operation of the system and for the purpose of optimising the service.
In order to operate the live chat system, cookies may be used to enable browser recognition. This may involve the following information being recorded and processed: IP address and personal data provided by you when using the chat system.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. The EU Commission has issued an adequacy decision for Canada. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.
The use of cookies or comparable technologies is carried out with your consent on the basis of Section 25 para. 1 sentence 1 TDDDG in conjunction with Art. 6 para. 1 lit a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more information about data protection at Shopify at https://www.shopify.com/de/legal/datenschutz (https://www.shopify.com/de/legal/datenschutz) and https://www.shopify.com/de/legal/dpa (https://www.shopify.com/de/legal/dpa).
Plug-ins
Integration of the Händlerbund member logo
The Händlerbund member logo (Händlerbund e.V., Kohlgartenstraße 11 - 13, 04315 Leipzig) is integrated on our website. When you visit our website, the browser used on your device automatically sends information to the Händlerbund e.V. server. This information is temporarily stored in a so-called server log file for 7 days. The following information is collected without any action on your part and stored until it is automatically deleted:
- IP address of the requesting computer,
- Date and time of access,
- Name and URL of the accessed file,
- Website from which the access is made (referrer URL),
- browser used and, if applicable, the operating system of your computer and the name of your access provider. Temporary storage of the IP address by the system is necessary to enable delivery of the website. For this purpose, the IP address must remain stored for the duration of the session. The data is stored in log files to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of the information technology systems. This data is not stored together with other personal data. The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR.
Integration of the buyer's seal logo
The Käufersiegel logo (Händlerbund Management AG, Kohlgartenstraße 11 - 13, 04315 Leipzig) is integrated on our website. When you visit our website, the browser used on your device automatically sends information to the Händlerbund Management AG server. This information is temporarily stored in a so-called server log file for 7 days. The following information is recorded without any action on your part and stored until it is automatically deleted:
- IP address of the requesting computer,
- Date and time of access,
- Name and URL of the accessed file,
- Website from which the access is made (referrer URL),
- browser used, protocol and, if applicable, the operating system of your computer and the name of your access provider. Temporary storage of the IP address by the system is necessary to enable delivery of the website. For this purpose, the IP address must remain stored for the duration of the session. The data is stored in log files to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of the information technology systems. This data is not stored together with other personal data. The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR.
Use of Google Fonts
We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The data processing serves to facilitate the consistent display of fonts on our website. In order to load the fonts, a connection to Google servers is established when the page is accessed. Among other things, your IP address and information about the browser you are using will be processed and transmitted to Google. This data is not linked to your Google account. Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more detailed information on the data processing and data protection at https://www.google.de/intl/de/policies/ (https://www.google.de/intl/de/policies/) and at https://developers.google.com/fonts/faq (https://developers.google.com/fonts/faq).
Use of Adobe Fonts
We use Adobe Fonts from Adobe Systems Software Ireland Limited (4-6 Riverwalk Citywest Business Campus, Dublin 24, Ireland; "Adobe") on our website.
The data processing serves to facilitate the consistent display of fonts on our website. In order to load the fonts, a connection to Adobe servers is established when the page is accessed. In the process, your IP address and information about the browser and operating system you are using are processed and transmitted to Adobe. Your data may be transmitted to third countries, such as the USA and India. For India, no adequacy decision from the EU Commission is available. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Adobe has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
You can find more detailed information on the data processing and data protection at https://www.adobe.com/de/privacy/policy.html (https://www.adobe.com/de/privacy/policy.html) and at https://www.adobe.com/de/privacy/policies/adobe-fonts.html (https://www.adobe.com/de/privacy/policies/adobe-fonts.html).
Use of Google Translate
We use the translation service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) on our website via API integration. The data processing serves the purpose of presenting the information provided on the website in a different language. In order for the translation to be automatically displayed after you have selected a national language, the browser you are using connects to the Google servers. Cookies may be used for this purpose. Thereby, among other things, the following information can be collected and processed: IP address, URL of the page visited, date and time. Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal. You can find more information on the collection and use of your data by Google at: https://www.google.com/policies/privacy/ (https://www.google.com/policies/privacy/).
Rights of persons affected and storage duration
Duration of storage
After contractual processing has been completed, the data is initially stored for the duration of the warranty period, then in accordance with the retention periods prescribed by law, especially tax and commercial law, and then deleted after the period has elapsed, unless you have agreed to further processing and use.
Rights of the affected person
If the legal requirements are fulfilled, you have the following rights according to art. 15 to 20 GDPR: Right to information, correction, deletion, restriction of processing, data portability. You also have a right of objection against processing based on art. 6 (1) GDPR, and to processing for the purposes of direct marketing, according to art. 21 (1) GDPR.
Right to complain to the regulatory authority
You have the right to complain to the regulatory authority according to art. 77 GDPR if you believe that your data is not being processed legally.
Right to object
If the data processing outlined here is based on our legitimate interests in accordance with Article 6(1)f) GDPR, you have the right for reasons arising from your particular situation to object at any time to the processing of your data with future effect.
If the objection is successful, we will no longer process the personal data, unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests or rights and freedoms, or the processing is intended for the assertion, exercise or defence of legal claims.
last update: 22.10.2024