Data protection declaration
1) Information about the collection of personal data and contact details of the person responsible
1.1 & thinsp; We are pleased that you are visiting our website and thank you for your interest. In the following we will inform you about the handling of your personal data when using our website. Personal data are all data with which you can be personally identified. 1.2 & thinsp; The person responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Nestler & amp; Glandt GbR, Carrierastr. 17, 01139 Dresden, Germany, Tel .: 004935165352224, E-Mail: firstname.lastname@example.org. The person responsible for the processing of personal data is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data. 1.3 & thinsp; For security reasons and to protect the transfer of personal data and other confidential content (e.g. orders or inquiries to the person responsible), this website uses an SSL or. TLS encryption. You can create an encrypted connection using the string & ldquo; https: // & ldquo; and the lock symbol in your browser line.
2) Data collection when you visit our website
With the mere For informational use of our website, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called “server log files”). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:
- Our visited website
- Date and time at the time of access
- Amount of data sent in bytes
- Source / reference from which you came to the page
- Browser used
- Operating system used
- IP address used (if necessary: in anonymous form)
Processing is carried out in accordance with Article 6 (1) (f) GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.
In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted again after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and make it possible to recognize your browser the next time you visit (so-called persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data as well as IP address values on an individual basis. Persistent cookies are automatically deleted after a specified period, which can differ depending on the cookie. The duration of the respective cookie storage can be found in the overview of the cookie settings in your web browser. In some cases, cookies are used to simplify the ordering process by saving settings (e.g. remembering the content of a virtual shopping cart for a later visit to the website). If personal data is also processed by individual cookies we use, the processing takes place in accordance with Art. 6 Para. 1 lit. b GDPR either for the execution of the contract, in accordance with Art. Art. 6 Para. 1 lit. a GDPR in the case of a given consent or in accordance with Art. Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit. Please note that you can set your browser so that you are informed about the setting of cookies and individually decide whether to accept them or to accept cookies for certain cases or in general can exclude. Each browser differs in the way it manages cookie settings. This is in the help menu. of each browser, which explains how to use your You can change cookie settings. You can find these for the respective browsers under the following links: Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac Opera: https://help.opera.com/de/latest/web-preferences/#cookies Please note that if you do not accept cookies, the functionality of our website may be limited.
When you contact us (e.g. using the contact form or email), personal data is collected. Which data is collected when a contact form is used can be seen from the respective contact form. This data is stored and used exclusively for the purpose of answering your request or for establishing contact and the associated technical administration. The legal basis for the processing of this data is our legitimate interest in answering your request. Art. 6 para. 1 lit.f GDPR. If your contact is aimed at the conclusion of a contract, the additional legal basis for processing is Article 6 (1) (b) GDPR. Your data will be deleted after your request has been processed. This is the case if it can be inferred from the circumstances that the matter in question has been finally clarified and provided that there are no statutory retention requirements.
5) Data processing when opening a customer account and for contract processing
Gem & auml; & szlig; According to Art. 6 Para. 1 lit. b GDPR, personal data will continue to be collected and processed if you provide them to us for the execution of a contract or when opening a customer account. Which data is collected can be seen from the respective input forms. A deletion of your customer account is possible at any time and can be done by sending a message to the above address of the person responsible. We save and use the data you provide to process the contract. After the contract has been fully processed or your customer account has been deleted, your data will be blocked with due regard to tax and commercial retention periods and deleted after these periods have expired, unless you have expressly consented to further use of your data or a legally permitted further use of data has been reserved by our side.
6) Use of customer data for direct mail
Newsletter dispatch via CleverReach Our e-mail newsletters are sent via the technical service provider CleverReach GmbH & amp; Co. KG, M & uuml; hlenstr. 43, 26180 Rastede (& ldquo; CleverReach & ldquo;), to whom we pass on the data you provided when registering for the newsletter. This transfer takes place in accordance with Art. 6 Para. 1 lit. f GDPR and serves our legitimate interest in the use of an effective, secure and user-friendly newsletter system. The data you enter for the purpose of receiving the newsletter (e.g. e-mail address) will be stored on CleverReach’s servers in Germany or Ireland. CleverReach uses this information to send and statistically evaluate the newsletter on our behalf. For the evaluation, the newsletters sent by email contain so-called web beacons or tracking pixels, which represent single-pixel image files that are stored on our website. In this way it can be determined whether a newsletter message has been opened and which links have been clicked. With the help of so-called conversion tracking, it can also be analyzed whether a previously defined action (e.g. purchase of a product on our website) has taken place after clicking on such links. In addition, technical information is recorded (e.g. time of access, IP address, browser type and operating system). The data is collected exclusively in pseudonymised form and is not linked to your other personal data, a direct personal reference is excluded. This data is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyzes can be used to better tailor future newsletters to the interests of the recipients. If you want to object to the data analysis for statistical evaluation purposes, you have to unsubscribe from the newsletter. We have concluded an order processing contract with CleverReach, with which we CleverReach oblige to protect the data of our customers and not to pass them on to third parties. You can read more information about data analysis by CleverReach here: https://www.cleverreach.com/de/lösungen/reporting-und-tracking/ You can view CleverReach’s data protection declaration here: https://www.cleverreach.com/de/datenschutz/.
7) Data processing for order processing
7.1 & thinsp; To process your order, we work together with the following service provider (s) who support us in whole or in part with the execution of concluded contracts. Certain personal data will be transmitted to these service providers in accordance with the following information. The personal data collected by us will be passed on to the transport company commissioned with the delivery as part of the contract processing, insofar as this is necessary for the delivery of the goods. We will pass on your payment data to the commissioned credit institution as part of the payment processing, if this is necessary for the payment processing. If payment service providers are used, we will explicitly inform you about this below. The legal basis for the transfer of data is Art. 6 Para. 1 lit. b GDPR. 7.2 & thinsp; Use of special service providers for order processing and processing – Billbee The order processing takes place via the service provider & quot; Billbee & quot; (Billbee GmbH, Paulinenstrasse 54, 32756 Detmold). Name, address and, if applicable, other personal data will be processed in accordance with Article 6 (1) (b) GDPR is only passed on to Billbee for processing the online order. Your data will only be passed on if this is actually necessary for processing the order. Details on Billbee’s data protection and its data protection declaration can be found on the Billbee website under & quot; billbee.io & quot; visible. – SendCloud The dispatch takes place via the dispatch portal & quot; SendCloud & quot; (SendCloud GmbH, Kanalstr. 10, 80538 Munich). According to According to Art. 6 Para. 1 lit. b GDPR, we only pass on your data to SendCloud for the purpose of processing your online order. The data will only be passed on if this is actually necessary for processing. Details on SendCloud’s data protection can be found on the SendCloud website at www.sendcloud.de/datenschutz/. 7.3 & thinsp; Transfer of personal data to shipping service providers – Deutsche Post If the goods are delivered by Deutsche Post (Deutsche Post AG, Charles-de-Gaulle-Stra & szlig; e 20, 53113 Bonn), we will give your e-mail address in accordance with Art. 6 para. 1 lit. a GDPR before the delivery of the goods for the purpose of agreeing a delivery date or for notification of delivery to Deutsche Post, provided that you have given your express consent in the ordering process. Otherwise we will give for the purpose of delivery in accordance with Art. 6 Para. 1 lit. b GDPR only forward the name of the recipient and the delivery address to Deutsche Post. The transfer takes place only as far as this is necessary for the delivery of the goods. In this case, prior coordination of the delivery date with Deutsche Post or the delivery notification is not possible. The consent can be revoked at any time with effect for the future against the person responsible or against Deutsche Post. – DHL If the goods are delivered by the transport service provider DHL (DHL Paket GmbH, Str & auml; & szlig; chensweg 10, 53113 Bonn), we will give your e-mail address in accordance with Art. 6 para. 1 lit. a GDPR before delivery of the goods for the purpose of agreeing a delivery date or for notification of delivery to DHL, provided that you have given your express consent in the ordering process. Otherwise we will give for the purpose of delivery in accordance with Art. 6 Para. 1 lit. b GDPR only forward the name of the recipient and the delivery address to DHL. The transfer takes place only as far as this is necessary for the delivery of the goods. In this case, prior coordination of the delivery date with DHL or the delivery notification is not possible. The consent can be revoked at any time with effect for the future against the person responsible or against the transport service provider DHL. – DPD If the goods are delivered by the transport service provider DPD (DPD Deutschland GmbH, Wailandtstra & szlig; e 1, 63741 Aschaffenburg), we will give your email address and your telon number prior to delivery of the goods according to Article 6 (1) (a) GDPR for the purpose of agreeing a delivery date or notification of delivery to DPD, provided that you have given your express consent for this in the ordering process. Otherwise we will give for the purpose of delivery in accordance with Art. 6 Para. 1 lit. b GDPR only forwards the name of the recipient and the delivery address to DPD. The transfer takes place only as far as this is necessary for the delivery of the goods. In this case, prior coordination of the delivery date with DPD or the delivery notification is not possible. The consent can be revoked at any time with effect for the future against the person in charge named above or against the transport service provider DPD. – UPS If the delivery of the goods is carried out by the transport service provider UPS (United Parcel Service Deutschland Inc. & amp; Co. OHG, G & ouml; rlitzer Stra & szlig; e 1, 41460 Neuss), we will give your e-mail address before the delivery of the goods in accordance with & szlig; Article 6 (1) (a) GDPR for the purpose of agreeing a delivery date or notification of delivery to UPS, provided that you have given your express consent to this in the ordering process. Otherwise we give for the purpose of delivery in accordance with Art. 6 Para. 1 lit. b GDPR only forward the name of the recipient and the delivery address to UPS. The transfer takes place only as far as this is necessary for the delivery of the goods. In this case, prior coordination of the delivery date with UPS or the transmission of status information of the shipment delivery is not possible. The consent can be revoked at any time with effect for the future against the responsible person named above or against the transport service provider UPS. 7.4 & thinsp; Use of payment service providers (payment services) – Klarna If a Klarna payment service is selected, the payment will be processed by Klarna Bank AB (publ) [https://www.klarna.com/de], Sveav & auml; gen 46, 111 34 Stockholm, Sweden (hereinafter & ldquo; Klarna & ldquo;) . In order to enable the processing of the payment, your personal data (first and last name, street, house number, postcode, city, gender, email address, telephone number and IP address) as well as data, which in connection with the order (e.g. invoice amount, article, type of delivery) are passed on to Klarna for the purpose of the identity and credit check, provided that you Have expressly consented to Art. 6 (1) (a) GDPR as part of the ordering process. You can see here which credit agencies your data can be forwarded to: https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies The credit report can contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. Klarna uses the information received about the statistical probability of default in payment for a balanced decision on the justification, implementation or termination of the contractual relationship. You can revoke your consent at any time by sending a message to the person responsible for data processing or to Klarna. However, Klarna may still be entitled to process your personal data if this is necessary for the contractual payment processing. Your personal details are processed in accordance with the applicable data protection regulations and in accordance with the information in Klarna’s data protection regulations for data subjects based in Germany https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/ privacy or for data subjects based in Austria https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy treated. – Paypal When paying via PayPal, credit card via PayPal, direct debit via PayPal or & ndash; if offered – & quot; purchase on account & quot; or & ldquo; Installment & ldquo; Via PayPal, we pass on your payment data to PayPal (Europe) S.a.r.l. as part of payment processing. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter & quot; PayPal & quot;), on. The transfer takes place in accordance with Art. 6 Para. 1 lit. b GDPR and only insofar as this is necessary for payment processing. PayPal reserves the right to use credit card payment methods via PayPal, direct debit via PayPal or & ndash; if offered – & quot; purchase on account & quot; or & ldquo; Installment & ldquo; Carry out a credit report via PayPal. For this purpose, your payment details may be used in accordance with Article 6 (1) (f) GDPR is passed on to credit agencies on the basis of PayPal’s legitimate interest in determining your ability to pay. PayPal uses the result of the credit check with regard to the statistical probability of default for the purpose of deciding on the provision of the respective payment method. The credit report can contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. Further data protection information, including the credit agencies used, can be found in PayPal’s data protection declaration: https://www.paypal.com/de/webapps/mpp/ua/privacy-full You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual payment processing.
8) Use of social media: Social plugins
8.1 & thinsp; Facebook plugins with Shariff solution Our website uses so-called social plugins (& quot; plugins & quot;) from the social network Facebook, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland (& quot; Facebook & quot;) will. In order to increase the protection of your data when you visit our website, these buttons are not unrestricted as plug-ins, but simply integrated into the page using an HTML link. This type of integration ensures that when you visit a page on our website that contains such buttons, no connection to the Facebook servers is established. If you click on the button, a new browser window opens and calls up the Facebook page, on which you can interact with the plugins there (if necessary after entering your login data). The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your related rights and setting options to protect your privacy can be found in Facebook’s data protection information: https: //www.facebook. com / policy.php 8.2 & thinsp; Instagram plug-in as Shariff solution Our website uses so-called social plugins (& ldquo; plugins & ldquo;) from the Instagram online service, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2 Ireland (& ldquo; Facebook & ldquo;) will. In order to increase the protection of your data when you visit our website, these buttons are not unrestricted as plug-ins, but simply integrated into the page using an HTML link. This type of integration ensures that when you visit a page on our website that contains such buttons, no connection is established with the Instagram servers. If you click on the button, a new browser window opens and calls up the Instagram page, where you can interact with the plugins there (if necessary after entering your login data). The purpose and scope of the data collection and the further processing and use of the data by Instagram as well as your related rights and setting options to protect your privacy can be found in Instagram’s data protection information: https: //help.instagram. com / 155833707900388 /
9) Web analysis services
Google (Universal) Analytics This website uses Google (Universal) Analytics, a web analysis service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (& quot; Google & quot;). Google (Universal) Analytics uses so-called “cookies”, which are text files that are stored on your device and that allow your use of the website to be analyzed. The information generated by the cookie about your use of this website (including the abbreviated IP address) is usually transmitted to a Google server and stored there; this can also be transmitted to the servers of Google LLC. in the US. This website uses Google (Universal) Analytics exclusively with the extension & quot; _anonymizeIp () & quot ;, which ensures anonymization of the IP address by shortening it and excludes direct personal reference. As a result of the extension, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google LLC server in the USA and shortened there. On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google (Universal) Analytics will not be merged with other Google data. Google Analytics enables a special function, the so-called & ldquo; demographic features, & rdquo; to create statistics with statements about the age, gender and interests of the site visitors on the basis of an evaluation of interest-related advertising and below Use of third-party information. This allows the definition and differentiation of user groups of the website for the purpose of target group-optimized alignment of marketing measures. About the & ldquo; demographic characteristics & ldquo; However, recorded data records cannot be assigned to a specific person. All processing described above, in particular the setting of Google Analytics cookies for reading out information on the terminal device used, will only be carried out if you have given us permission to do so. Art. 6 para. 1 lit. a GDPR have given your express consent to this. Without this consent, Google Analytics will not be used during your visit to the site. You can revoke your consent at any time with effect for the future. In order to exercise your revocation, please deactivate this service in the & ldquo; Cookie Consent Tool & ldquo; provided on the website. We have concluded an order processing agreement with Google for the use of Google Analytics, with which Google is obliged to protect the data of our website visitors and not to pass them on to third parties. For the transfer of data from the EU to the USA, Google relies on the so-called standard data protection clauses of the European Commission, which are intended to ensure compliance with the European data protection level in the USA. Further information on Google (Universal) Analytics can be found here: https://policies.google.com/privacy?hl=de&gl=de
10) Tools and miscellaneous
11) Rights of the data subject
11.1 & thinsp; The applicable data protection law grants you comprehensive rights of data subjects (information and intervention rights) vis-à-vis the person responsible with regard to the processing of your personal data, about which we will inform you below: < / p>
- Right to information in accordance with & r auml; & szlig; Art. 15 GDPR: In particular, you have the right to information about your personal data processed by us, the processing purposes, the categories of the processed personal data, the recipients or categories of recipients to whom your data is disclosed were or will be, the planned storage period or the criteria for determining the storage period, the existence of a right to correction, deletion, restriction of processing, objection to processing, complaint to a supervisory authority, the origin Your data, if we have not collected it from you, the existence of automated decision-making including profiling and, if necessary, meaningful information about the logic involved and the scope and the intended effects of such processing, as well as your Right to be informed about the guarantees in accordance with Art. 46 GDPR exist when your data is forwarded to third countries;
- Right to rectification in accordance with Art. 16 GDPR: You have the right to immediate correction of incorrect data concerning you and / or completion of your incomplete data stored by us;
- Right to deletion in accordance with Art. 17 GDPR: You have the right to request the deletion of your personal data if the requirements of Art. 17 Para. 1 GDPR are met. However, this right does not exist in particular if the processing is carried out to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise. exercise or defense of legal claims is required;
- Right to restriction of processing in accordance with Art. 18 GDPR: You have the right to request that the processing of your personal data be restricted as long as the accuracy of your data, which you are contesting, is checked if you want your data to be deleted due to inadmissible data processing refuse and instead restrict the processing of your datalong if you need your data to assert, exercise or defend legal claims after we no longer need this data after the purpose has been achieved or if you have objected to reasons of your particular situation, as long as not it is certain whether our legitimate reasons outweigh;
- Right to information in accordance with Art. 19 GDPR: If you have asserted the right to correction, deletion or restriction of processing against the person responsible, the person responsible is obliged to inform all recipients to whom the personal data relating to you has been disclosed, this correction or To notify the deletion of the data or restriction of processing, unless this proves to be impossible or involves undue effort. You have the right to be informed about these recipients.
- Right to data portability in accordance with Art. 20 GDPR: You have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another person responsible, insofar as this is technically feasible;
- Right to withdraw consent given in accordance with Art. 7 Para. 3 GDPR: You have the right to revoke your consent to the processing of data at any time with effect for the future. In the event of revocation, we will delete the data concerned immediately, provided that further processing cannot be based on a legal basis for processing without consent. Withdrawing your consent does not affect the legality of the processing carried out on the basis of your consent up to the point of withdrawal;
- Right to complain in accordance with Art. 77 GDPR: If you are of the opinion that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular, without prejudice to any other administrative or judicial remedy in the Member State of your place of residence, your place of work or the place of the suspected infringement.
11.2 & thinsp; RIGHT OF OBJECTION IF WE PROCESS YOUR PERSONAL DATA IN THE FRAMEWORK OF A BALANCING OF INTERESTS ON THE BASIS OF OUR MAJOR LEGITIMATE INTEREST, YOU HAVE THE RIGHT AT ANY TIME TO REQUEST REQUESTS FOR REQUESTS. R INSERT THE FUTURE. IF YOU MAKE USE OF YOUR RIGHT TO OBJECT, WE WILL END THE PROCESSING OF THE DATA AFFECTED. A FURTHER PROCESSING IS RESERVED IF WE CAN PROVE MANDATORY PROTECTIVE REASONS FOR THE PROCESSING THAT DEFECTS YOUR INTERESTS, FUNDAMENTAL RIGHTS, RESPONSIBILITIES OR OBJECTIVES, RELEASES OR REQUIREMENTS ; CHEN SERVES. IF YOUR PERSONAL DATA ARE PROCESSED BY US FOR THE PURPOSE OF DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING. YOU CAN EXECUTE THE OPPOSITION AS DESCRIBED ABOVE. IF YOU USE YOUR RIGHT TO OBJECT, WE WILL END THE PROCESSING OF THE DATA AFFECTED FOR DIRECT ADVERTISING PURPOSES.
12) Duration of storage of personal data
The duration of the storage of personal data is based on the respective legal basis, the processing purpose and & ndash; if relevant – additionally based on the respective statutory retention period (e.g. retention periods under commercial and tax law). When processing personal data on the basis of an express consent in accordance with Art. 6 Para. 1 lit. a GDPR, these data are stored until the person concerned revokes his consent. If there are statutory retention periods for data that are processed in the context of legal or similar obligations on the basis of Art. 6 Para. 1 lit. b GDPR, these data are routinely processed after the retention periods have expired ; & rsquo; erased if they are no longer required for contract fulfillment or contract initiation and / or we have no legitimate interest in further storage. When processing personal data on the basis of Article 6 (1) (f) GDPR, this data is stored until the person concernedfene exercises his right of objection according to Art. 21 Paragraph 1 GDPR, unless we can prove compelling legitimate reasons for the processing that outweigh the interests, rights and freedoms of the data subject , or the processing serves to assert, exercise or defend legal claims. When processing personal data for the purpose of direct advertising on the basis of Art. 6 Para. 1 lit. f GDPR, this data is stored until the person concerned exercises his right of objection under Art. 21 Paragraph 2 GDPR. Unless otherwise stated in the other information in this declaration about specific processing situations, stored personal data will otherwise be deleted if they are necessary for the purposes for which they were collected or processed in any other way are no longer necessary. & nbsp; & nbsp;
DOCID: ## ITK-3730c8655d245ad52e7ef321119a6039 ##