We have written this data protection declaration (version 29.06.2020-311190283) in order to explain to you in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 what information we collect, how we use data and what decision options you have as a visitor to this website.
Unfortunately, it is in the nature of things that these explanations sound very technical, but we tried to describe the most important things as simply and clearly as possible.
Automatic data storage
When you visit websites these days, certain information is automatically created and saved, including on this website.
If you visit our website as you are now, our web server (computer on which this website is stored) automatically stores data such as
The address (URL) of the website accessed
Browser and browser version
The operating system used
The address (URL) of the previously visited page (referrer URL)
The host name and the IP address of the device from which access is being made
Date and Time
In files (web server log files).
As a rule, web server log files are saved for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out that this data will be viewed in the event of illegal behaviour
Our website uses HTTP cookies to store user-specific data.
In the following we explain what cookies are and why they are used so that you can better understand the following data protection declaration.
What exactly are cookies?
Whenever you surf the Internet, use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites save small text files in your browser. These files are called cookies.
Cookies store certain user data about you, such as language or personal page settings. When you visit our site again, your browser transmits the "user-related" information back to our site. Thanks to cookies, our website knows who you are and offers you your usual standard setting. In some browsers, each cookie has its own file; in others, such as Firefox, all cookies are stored in a single file.
There are both first-party cookies and third-party cookies. First-party cookies are created directly by our website, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie is to be assessed individually, since each cookie stores different data. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “pests”. Cookies also cannot access information from your PC.
For example, cookie data can look like this:
Expiry time: 2 years
Use: Differentiation of website visitors
Example value: GA1.2.1326744211.152311190283
A browser should support the following minimum sizes:
A cookie should contain at least 4096 bytes
At least 50 cookies should be saved per domain
A total of at least 3000 cookies should be saved
What types of cookies are there?
The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies.
There are 4 types of cookies:
Strictly necessary cookies
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed if a user places a product in the shopping cart, then surfs on other pages and only later checks out. These cookies do not delete the shopping cart, even if the user closes his browser window.
These cookies collect information about user behaviour and whether the user receives any error messages. In addition, these cookies are used to measure the loading time and behaviour of the website in different browsers.
These cookies improve user-friendliness. For example, entered locations, font sizes or form data are saved.
These cookies are also called targeting cookies. They serve to deliver customized advertising to the user. This can be very practical, but it can also be very annoying.
When you visit a website for the first time, you are usually asked which of these types of cookies you want to allow. And of course this decision is also saved in a cookie.
How can I delete cookies?
If you want to determine which cookies have been saved in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:
Chrome: delete, activate and manage cookies in Chrome
Safari: Manage cookies and website data with Safari
Firefox: delete cookies to remove data that websites have stored on your computer
Internet Explorer: delete and manage cookies
Microsoft Edge: delete and manage cookies
If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. For each individual cookie, you can decide whether you want to allow the cookie or not. The procedure differs depending on the browser. It is best to search for the instructions in Google with the search terms "Delete cookies Chrome" or "Deactivate cookies Chrome" in the case of a Chrome browser or exchange the word "Chrome" for the name of your browser, e.g. Edge, Firefox, Safari off.
What about my data protection?
If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments by the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.
Storage of personal data
Personal data that you transmit to us electronically on this website, such as name, email address, address or other personal information in the context of the transmission of a form or comments in the blog, will be collected by us together with the time and the IP address. Address used only for the specified purpose, kept safe and not passed on to third parties.
We therefore use your personal data only for communication with those visitors who expressly request contact and for the processing of the services and products offered on this website. We will not pass on your personal data without consent, but we cannot rule out that this data will be viewed in the event of illegal behaviour.
If you send us personal data by e-mail - thus outside of this website - we cannot guarantee secure transmission and protection of your data. We recommend that you never send confidential data unencrypted by email.
The legal basis according to Article 6 Paragraph 1 a GDPR (lawfulness of processing) is that you give us your consent to the processing of the data you have entered. You can revoke this consent at any time - an informal email is sufficient, you will find our contact details in the imprint.
Rights under the General Data Protection Regulation
According to the provisions of the GDPR, you have the following basic rights:
Right to rectification (Article 16 GDPR)
Right to erasure ("right to be forgotten") (Article 17 GDPR)
Right to restriction of processing (Article 18 GDPR)
Right to notification - notification obligation in connection with the correction or deletion of personal data or the restriction of processing (Article 19 GDPR)
Right to data portability (Article 20 GDPR)
Right to object (Article 21 GDPR)
Right not to be subject to a decision based solely on automated processing - including profiling (Article 22 GDPR)
If you believe that the processing of your data violates data protection law or your data protection claims have otherwise been violated in any way, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
Evaluation of visitor behaviour
In the following data protection declaration we inform you whether and how we evaluate data from your visit to this website. The data collected is generally evaluated anonymously, and we cannot conclude that you are a person based on your behaviour on this website.
You can find out more about the possibilities of contradicting this evaluation of the visit data in the following data protection declaration.
TLS encryption with https
We use https to transfer data securely on the Internet (data protection through technology design Article 25 paragraph 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission over the Internet, we can ensure the protection of confidential data. You can recognize the use of this data protection by the small lock symbol in the top left of the browser and the use of the https scheme (instead of http) as part of our Internet address.
When you sign up for our newsletter, you submit the above-mentioned personal data and give us the right to contact you by email. We use the data stored as part of the registration for the newsletter exclusively for our newsletter and do not pass it on. If you unsubscribe from the newsletter - you will find the link for this at the bottom of every newsletter - we will delete all data that was saved when you subscribed to the newsletter.
We offer the payment method "Sofortüberweisung" of the company Sofort GmbH for cashless payment on our website. Sofort GmbH has been part of the Swedish company Klarna since 2014, but is based in Germany, Theresienhöhe 12, 80339 Munich. If you choose this payment method, personal data will also be transmitted to Sofort GmbH or Klarna, stored and processed there. With this data protection text we give you an overview of the data processing by Sofort GmbH. What is an "instant transfer"? Sofortüberweisung is an online payment system that enables you to place an order via online banking. The payment processing is carried out by Sofort GmbH and we immediately receive information about the payment made. Anyone who has an active online banking account with PIN and TAN can use this method. Only a few banks do not yet support this payment method.
Why do we use "Sofortüberweisung" on our website?
Our goal with our website and our integrated online shop is to offer you the best possible service. In addition to the overall experience on the website and our offers, this also includes smooth, fast and secure payment processing of your orders. To ensure this, we use "Sofortüberweisung" as a payment system.
What data is saved by "Sofortüberweisung"?
If you carry out an immediate transfer via the Sofort / Klarna service, data such as name, account number, bank code, subject, amount and date are stored on the company's servers. We also receive this information via the payment confirmation.
As part of the account coverage check, Sofort GmbH checks whether your account balance and overdraft facility cover the payment contribution. In some cases it is also checked whether instant transfers have been successfully carried out in the last 30 days. Furthermore, your user identification (such as the owner number or contract number) will be collected and saved in a shortened ("hashed") form and your IP address. BIC and IBAN are also saved for SEPA transfers.
According to the company, no other personal data (such as account balances, sales data, credit limits, account lists, mobile phone numbers, authentication certificates, security codes or PIN / TAN) are collected, stored or passed on to third parties.
Value: GA1.2.69759879.1589470706 Purpose: By default, analytics.js uses the _ga cookie to store the user ID. Basically, it serves to differentiate between website visitors. This is a Google Analytics cookie. Expiry date: after 2 years
Note: The cookies listed here do not claim to be complete. It may always be the case that Sofortüberweisung also uses other cookies.
How long and where is the data stored?
All data collected are stored within the legal retention requirement. This obligation can last between three and ten years.
Klarna / Sofort GmbH only tries to save data within the EU or the European Economic Area (EEA). If data is transferred outside of the EU / EEA, the data protection must comply with the GDPR, the country must make an adequacy decision by the EU or hold the US Privacy Shield certificate.
How can I delete my data or prevent data storage?
You can withdraw your consent for Klarna to process personal data at any time. You also always have the right to information, correction and deletion of your personal data. You can simply contact the company's data protection team by email at firstname.lastname@example.org. You can manage, delete or deactivate possible cookies that Sofortüberweisung uses. This works differently depending on your preferred browser. The following instructions show how to manage cookies in the most common browsers:
Chrome: delete, activate and manage cookies in Chrome (https://support.google.com/chrome/answer/95647?tid=311190286)
Safari: Manage cookies and website data with Safari (https://support.apple.com/de-at/guide/safari/sfri11471/mac?tid=311190286)
Firefox: delete cookies to remove data that websites have stored on your computer (https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen?tid=311190286)
Internet Explorer: Deleting and managing cookies (https://support.microsoft.com/de-at/help/17442/windows-internet-explorer-delete-manage-cookies?tid=311190286)
Microsoft Edge: Deleting and managing cookies (https://support.microsoft.com/de-at/help/4027947/microsoft-edge-delete-cookies?tid=311190286)
If you would like to learn more about data processing through the "Sofortüberweisung" from Sofort GmbH, we recommend the data protection declaration at https://www.sofort.de/datenschutz.html
Source: Created with the data protection generator from AdSimple in cooperation with hashtagmann.de