Responsible for the processing of data is:
79618 Rheinfelden (baden)
Thank you for visiting our online shop. Protection of your privacy is very important to us. Below you will find extensive information about how we handle your data.
1. Access data and hosting
You may visit our website without revealing any personal information. With every visit on the website, the web server stores automatically only a so-called server log file which contains e.g. the name of the requested file, your IP address, the date and time of the request, the volume of data transferred and the requesting provider (access data), and documents the request. These access data are analysed exclusively for the purpose of ensuring the smooth operation of the website and improving our offer. This serves according to Art. 6 (1) 1 lit. f GDPR the protection of our legitimate interests in the proper presentation of our offer that are overriding in the process of balancing of interests. All access data are deleted no later than seven days after the end of your visit on our website.
2. Data processing for the purposes of processing the contract, establishing contact
2.1 Data processing for the purposes of performing the contract
For the purpose of performing the contract (including enquiries regarding the processing of any existing warranty and performance fault claims as well as any statutory updating obligations) in accordance with Art. 6 (1) (b) GDPR, we collect personal data if you provide it to us voluntarily as part of your order. Mandatory fields are marked as such, as in these cases we necessarily need the data to process the contract and we cannot send the order without their specification. Which data is collected can be seen from the respective input forms.
2.2 Customer account
2.3 Establishing contact
For the purposes of customer communication, we use the live chat tool of Userlike UG (limited), Probsteigasse 44-46, 50670 Cologne, Germany ("Userlike"). This serves to protect our legitimate interests in effective and improved customer communication, which prevail in the context of a balancing of interests, pursuant to Art. 6 (1) (f) GDPR. Userlike acts as a data processor.
3. Data processing for the purposes of shipment
We forward your data to the shipping company within the scope required for the delivery of the ordered goods according to Art. 6 (1) (b) GDPR.
Data transmission to a shipping provider for the purpose of shipment notification
Provided that you have given us your explicit consent, during or after your order, we will forward your phone number in accordance with Art. 6 (1) (a) GDPR to the selected shipping provider in order to enable them to contact you for the purpose of shipment notification or coordination prior to shipment.
DHL Paket GmbH
4. Data processing for the purposes of payment
As part of the payment process in our online shop, we work together with these partners: technical service provider, credit institution, payment service provider.
4.1 Data processing for the purposes of transaction processing
4.2 Data processing for the purposes of fraud prevention and optimisation of our payment processes
We may forward other data to our service providers, which they use for the purpose of fraud prevention and to optimise our payment processes (e.g. invoicing, processing of contested payments, accounting support) together with the data necessary to process the payment as our processors.
This serves to safeguard our legitimate interests in fraud prevention or an efficient payment management in accordance with Art. 6 (1) (f) GDPR that are overriding in the process of balancing of interests.
4.3 Engagement of debt collection companies
In order to fulfil the contract according to Art. 6 (1) (b) GDPR, we forward your data to an authorised debt collection agency (Culpa Inkasso GmbH, Schockenriedstr. 8 b, 70565 Stuttgart, Germany) if our payment claim has not been settled despite a previous reminder. In this case, the claim will be collected directly by the collection agency. In addition, the transmission of data serves to safeguard our legitimate interests in an effective assertion or enforcement of our payment claim in accordance with Art. 6 (1) (f) GDPR that are overriding in the process of balancing interests.
4.4 Climate neutral shopping
We use "Ivy GmbH", Reichenbachstrasse 16, 80469 Munich, Germany as our payment method. If you decide to use the payment method offered by the provider Ivy, the payment will be processed by the technical service provider Stripe Payments Europe Ltd., 1 Grand Canal Street Lower,Grand Canal Dock, Dublin, Ireland, to whom we will pass on the information you provided during the ordering process together with information about your order (name, address, account number, bank sort code, credit card number if applicable, invoice amount, currency and transaction number) in accordance with Art. 6 (1) sentence 1 lit. b DSGVO. Your data will only be passed on for the purpose of processing payments with Stripe Payments Europe Ltd. and only to the extent necessary for this purpose. You can find more information on Ivy's data protection at the following Internet address: https://en.getivy.de/agbs. You can find data protection information on Stripe Payments Europe Ltd. here: https://stripe.com/de/privacy
5. Marketing via E-mail
5.1 E-mail newsletter with subscription
If you subscribe to our newsletter, we will regularly send you our email newsletter based on your consent according to Art. 6 (1) (a) GDPR, using the data required or disclosed by you separately for this purpose.
5.2 Newsletter mailing
Our service providers are located and/or use servers in the following countries, for which the European Commission has established an adequate level of data protection by decision: Canada.
Our service providers are located and/or use servers in these countries: USA, India.
There is no European Commission adequacy decision for this country/these countries. Our cooperation is based on these guarantees:Standard data protection clauses of the European Commission.
5.3 Sending review requests by e-mail
The review requests may also be sent by our service provider Trusted Shops AG Subbelrather Str. 15C, 50823 Cologne ("Trusted Shops").
In the process, we receive information on the respective status through Trusted Shops (e.g. whether the review request was sent out or received). This is done in accordance with Art. 6 (1) (f) GDPR to fulfill our legitimate interest in receiving information about the review requests in order to make optimizations based on them, if necessary, as well as to fulfill the legitimate interest of Trusted Shops in being able to offer this service.
We and Trusted Shops act as joint controllers in regards to sending review requests and the collection and display of review or status information.
6. Integration of the Trusted Shops Trustbadge / other widgets
Provided that you have given your consent in accordance with Art. 6 (1) (a) GDPR, Trusted Shops widgets are integrated on this website to display the Trusted Shops services (e.g. Trustmark, collected reviews) and to offer buyers Trusted Shops products after they have placed an order.
The Trustbadge and the services advertised with it are an offer of Trusted Shops AG, Subbelrather Str. 15C, 50823 Cologne ("Trusted Shops"), with whom we are jointly responsible for data protection according to Art. 26 GDPR. Within the scope of this data protection notice, we inform you in the following about the essential contractual contents in accordance with Art. 26 (2) GDPR.
6.1 Data processing when integrating the Trustbadge/other widgets
The Trustbadge is provided by a US-American CDN provider (content delivery network). An adequate level of data protection is ensured by standard data protection clauses and other contractual measures.
When the Trustbadge is called up, the web server automatically saves a so-called server log file, which also contains your IP address, the date and time of the call-up, the amount of data transferred and the requesting provider (access data) and the call-up. Immediately after the data collection the IP address is anonymised so that the stored data cannot be assigned to you personally. The anonymised data are used in particular for statistical purposes and for error analysis.
6.2 Data processing after order completion
Provided you have given your consent, the Trustbadge accesses order information stored in your terminal equipment (order total, order number, product purchased if applicable) and your e-mail address after the order has been completed. Your e-mail address is hashed using a cryptological one-way function. The hash value is then transmitted to Trusted Shops with the order information in accordance with Art. 6 (1) (a) GDPR.
This serves to verify whether you are already registered for Trusted Shops services. If this is the case, further processing will take place in accordance with the contractual agreement between you and Trusted Shops. If you are not yet registered for the services or do not give your consent to automatic recognition via the Trustbadge, you will subsequently be given the opportunity to register manually for the use of the services or to conclude the insurance as part of your possibly already existing user contract.
For this purpose, the Trustbadge accesses the following information stored in the terminal equipment you use after you have completed your order: Order total, order number and email address. This is necessary so that we can offer you buyer protection. The data is only transmitted to Trusted Shops if you explicitly decide to take out buyer protection by clicking on the correspondingly designated button in the so-called Trustcard. If you decide to use the services, further processing is based on the contractual agreement with Trusted Shops in accordance with Art. 6 (1) (b) GDPR, in order to be able to complete your registration for buyer protection and insure the order, as well as to be able to subsequently send you rating invitations by e-mail if necessary.
Trusted Shops uses service providers in the areas of hosting, monitoring and logging. The legal basis is Art. 6 (1) (f) GDPR for the purpose of ensuring trouble-free operation. Processing may take place in third countries (USA and Israel). An adequate level of data protection is ensured in the case of the USA by standard data protection clauses and further contractual measures and in the case of Israel by an adequacy decision. You can find more information here.
7. Contact options and your rights
7.1 Your rights
Being the data subject, you have the following rights according to:
- art. 15 GDPR, the right to obtain information about your personal data which we process, within the scope described therein;
- art. 16 GDPR, the right to immediately demand rectification of incorrect or completion of your personal data stored by us;
- art. 17 GDPR, the right to request erasure of your personal data stored with us, unless further processing is required
- to exercise the right of freedom of expression and information;
- for compliance with a legal obligation;
- for reasons of public interest or
- for establishing, exercising or defending legal claims;
- art. 18 GDPR, the right to request restriction of processing of your personal data, insofar as
- the accuracy of the data is contested by you;
- the processing is unlawful, but you refuse their erasure;
- we no longer need the data, but you need it to establish, exercise or defend legal claims, or
- you have lodged an objection to the processing in accordance with art. 21 GDPR;
- art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request its transmission to another controller;
- art. 77 GDPR, the right to complain to a supervisory authority . As a rule, you can contact the supervisory authority at your habitual place of residence or workplace or at our company headquarters.
Right to object
After you have exercised your right to object, we will no longer process your personal data for such purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
This does not apply to the processing of personal data for direct marketing purposes. In such a case we will no longer process your personal data for such purposes.
7.2 Contact options
If you have any questions about how we collect, process or use your personal data, want to enquire about, correct, restrict or delete your data, or withdraw any consents you have given, or opt-out of any particular data use, please contact us directly using the contact data provided in our supplier identification.