Privacy Policy
Privacy Policy
Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide the data will have no consequences. This applies only insofar as no other information is given in the subsequent processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.
Contact
Controller
Contact us if you wish. The controller for data processing is: NiKa GbR, Söllenthiner Str. 6, 19339 Plattenburg Germany, +49 38787 179813, kontakt@nikacards.de
Proactive customer contact via email
If you proactively contact us by email for business purposes, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves to process and answer your contact request.
If the contact is for the purpose of carrying out pre-contractual measures (e.g., advice on purchase interest, offer creation) or concerns a contract already concluded between you and us, this data processing is based on Art. 6 (1) lit. b GDPR.
If the contact is for other reasons, this data processing is based on Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right to object at any time to this processing of personal data concerning you, which is based on Art. 6 (1) lit. f GDPR, for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when using the contact form
When using the contact form, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves the purpose of contacting you.
If the contact is for the purpose of carrying out pre-contractual measures (e.g., advice on purchase interest, offer creation) or concerns a contract already concluded between you and us, this data processing is based on Art. 6 (1) lit. b GDPR.
If the contact is for other reasons, this data processing is based on Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right to object at any time to this processing of personal data concerning you, which is based on Art. 6 (1) lit. f GDPR, for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Use of Endereco address validation
We use the address validation service from Endereco UG (haftungsbeschränkt) (Balthasar-Neumann-Str. 4b, 97236 Randersacker, Germany; “Endereco”) on our website.
The data processing serves the purpose of checking your entries in our address forms for input and spelling errors in real time, and if necessary, supplementing missing data. For incorrectly entered data, alternative suggestions for correcting the data are displayed.
Among other things, the following information can be transmitted to Endereco and processed there: postal addresses (country, city, postal code, street, house number), email address, telephone number.
The processing of your personal data is based on Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in accurate data for fulfilling our contractual obligations. You have the right to object at any time to this processing of personal data concerning you, for reasons arising from your particular situation.
The data is processed separately by the provider and not merged with other data. It is deleted by the provider as soon as the status of the entered data has been determined, but no later than after 30 days.
Further information on data protection at Endereco can be found at: https://www.endereco.de/datenschutzerklaerung/.
If you contact us for business purposes via WhatsApp, we use the WhatsApp Business version of WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “WhatsApp”). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and answer your contact request. For this purpose, we collect and process your mobile phone number stored with WhatsApp, if provided, your name and other data to the extent provided by you. For the service, we use a mobile device in whose address book only data of users who have contacted us via WhatsApp are stored. Therefore, no personal data is transferred to WhatsApp without your prior consent to WhatsApp.
Your data will be transmitted by WhatsApp to servers of Meta Platforms Inc. in the USA. For the USA, an adequacy decision from the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. has certified itself under the TADPF and has thus committed to complying with European data protection principles. If the contact is for the purpose of carrying out pre-contractual measures (e.g., advice on purchase interest, offer creation) or concerns a contract already concluded between you and us, this data processing is based on Art. 6 (1) lit. b GDPR.
If the contact is for other reasons, this data processing is based on Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in providing quick and easy contact and in answering your request. In this case, you have the right to object at any time to this processing of personal data concerning you, which is based on Art. 6 (1) lit. f GDPR, for reasons arising from your particular situation.
We only use your personal data to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Further information on terms of use and data protection when using WhatsApp can be found at https://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy.
Customer Account Orders
Customer Account
When opening a customer account, we collect your personal data to the extent indicated there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. Processing is carried out on the basis of Art. 6 (1) lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out based on the consent until revocation. Your customer account will then be deleted.
Reviews Advertising
We use the "Trustpilot" rating system from Trustpilot A/S (Pilestræde 58, 1112 Copenhagen, Denmark; "Trustpilot") on our website.
Trustpilot allows us to collect customer reviews and display them on our website to give you an insight into the quality of our services.
After placing an order, you may receive an invitation from us or Trustpilot to submit a review, and then you can submit a review. In this process, the following data, among others, may be processed by us or Trustpilot: email address, name, information about your device and location (IP address, browser settings, type of browser used, browser language, time zone), information about your Trustpilot user account (username, photo, preferred language), information about the purchased product or service used (reference or order number, product details), the content of your review and the star rating you gave, your product photos or videos (if you attached them to your product review). This data may also be used for the purpose of verifying your review.
The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent, provided you have expressly agreed to the transfer of your data and the receipt of the review invitation. You can withdraw your consent at any time, without affecting the lawfulness of the processing carried out on the basis of the consent until the withdrawal.
Further information on data protection when using Trustpilot can be found at: https://de.legal.trustpilot.com/for-reviewers/end-user-privacy-terms.
Use of Judge.me
We use the "Judge.me" rating system from Judge.me Ltd (c/o Buckworths 2nd Floor, 1-3 Worship Street, London, England, EC2A 2AB; "Judge.me") on our website.
Judge.me allows us to collect customer reviews and display them on our website to give you an insight into the quality of our services.
After placing an order, you may receive an invitation from us or Judge.me to submit a review, and then you can submit a review. In this process, the following data, among others, may be processed by us or Judge.me: email address, name, telephone number, address, information about your device (IP address, information about your web browser and the operating system used), information about the purchased product or the service used (order number, product details), the content of your review and the star rating you gave, your product photos or videos (if you attached them to your product review). This data may also be used for the purpose of verifying your review.
Judge.me uses technologies such as cookies.
Your data may be transferred outside the EU to the United Kingdom. An adequacy decision by the EU Commission exists for the United Kingdom.
Your data may be transferred to the USA. An adequacy decision by the EU Commission exists for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Judge.me is not certified under the TADPF. This data transfer is based on special contracts approved for use in the United Kingdom, which offer the same protection that personal data has in the United Kingdom.
The use of cookies or comparable technologies is based on your consent pursuant to Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is based on your consent pursuant to Art. 6 (1) lit. a GDPR, provided you have expressly agreed to the transfer of your data and the receipt of the review invitation. You can withdraw your consent at any time, without affecting the lawfulness of the processing carried out on the basis of the consent until the withdrawal.
Further information on data protection when using Judge.me can be found at: https://judge.me/privacy.
Use of email address for sending newsletters
We use your email address to send you information and offers via newsletter, provided you have expressly agreed to this. The data processing serves exclusively the purpose of advertising. For this purpose, we process your email address and, if applicable, other data that you voluntarily provided when registering for our newsletter.
The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can withdraw your consent at any time, without affecting the lawfulness of the processing carried out on the basis of the consent until the withdrawal.
You can unsubscribe from the newsletter at any time using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the mailing list. Despite removal from the mailing list, we may still store your email address in a so-called blacklist to prevent you from receiving newsletter emails from us in the future. This storage is based on Art. 6 para. 1 lit. f GDPR due to our and your legitimate interest in preventing the renewed use of your email address for sending our newsletter. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation.
Shipping service providers ERP System
Transfer of email address to shipping companies for information about shipping status
We pass on your email address to the transport company as part of the contract processing, provided you have expressly agreed to this in the order process. The transfer serves the purpose of informing you about the shipping status by email. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can withdraw your consent at any time by notifying us or the transport company, without affecting the lawfulness of the processing carried out on the basis of the consent until the withdrawal.
Use of an external ERP system
We use an ERP system for contract processing within the framework of order processing. For this purpose, your personal data collected during the order process is transmitted to
Shopify Inc. Ottawa, Canada
.
The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is based on Art. 6 para. 1 lit. b GDPR.
Payment service providers Credit check
Use of PayPal Express
On our website, we use the PayPal Express payment service of PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal"). Data processing serves the purpose of enabling you to use the PayPal Express payment service. To integrate this payment service, it is necessary for PayPal to collect, store, and analyze data (e.g., IP address, device type, operating system, browser type, location of your device) when the website is accessed. Cookies may also be used for this purpose. The cookies enable the recognition of your browser.
The processing of your personal data is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in offering customer-oriented payment methods. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation.
By selecting and using PayPal Express, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Further information on data processing when using the PayPal Express payment service can be found in the associated privacy policy at www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS.
Use of PayPal Check-Out
We use the PayPal Check-Out payment service provided by PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of offering you payment via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Cookies may be stored here, which enable the recognition of your browser. The data processing that takes place as a result is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offer of various payment methods. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation.
Credit card via PayPal, direct debit via PayPal & "Pay Later" via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, PayPal reserves the right to obtain credit information based on mathematical-statistical procedures using credit agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the information obtained about the statistical probability of a payment default for a balanced decision on the establishment, execution or termination of the contractual relationship. The credit information may include probability values (score values), which are calculated based on scientifically recognized mathematical-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit checking for contract initiation. The processing is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protecting against payment default when PayPal provides services in advance.
You have the right to object to this processing of your personal data based on Art. 6 para. 1 lit. f GDPR at any time for reasons arising from your particular situation by notifying PayPal. The provision of the data is necessary for the conclusion of the contract with your desired payment method. Failure to provide the data will result in the contract not being able to be concluded with the payment method you have chosen.
Third-party providers
When paying via a third-party payment method, the data required for payment processing is transmitted to PayPal. This processing is based on Art. 6 para. 1 lit. b GDPR. To carry out this payment method, the data may then be passed on by PayPal to the respective provider. This processing is based on Art. 6 para. 1 lit. b GDPR. Local third-party providers can be, for example:
Purchase on account via PayPal
When paying by invoice, the data required for payment processing is first transmitted to PayPal. To carry out this payment method, the data is then transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Ratepay may carry out a credit check based on mathematical-statistical procedures (probability or score values) using credit agencies according to the procedure already described above. The data processing serves the purpose of credit checking for contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protecting against payment default when Ratepay provides services in advance. Further information on data protection and which credit agencies Ratpay uses can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.
Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Use of Amazon Payments
We use the Amazon Payments payment service from Amazon Payments Europe s.c.a. (38 avenue John F. Kennedy, L-1855 Luxembourg; “Amazon Payments”) on our website.
The data processing serves the purpose of offering you payment via the Amazon Payments service.
To integrate this payment service, it is necessary for Amazon Payments to collect, store, and analyze data (e.g., IP address, device type, operating system, browser type, location of your device) when the website is accessed. Cookies may also be used for this purpose. The cookies enable the recognition of your browser.
The processing of your personal data is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in offering customer-oriented payment methods. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation.
By selecting and using “Amazon Payments”, the data required for payment processing is transmitted to Amazon Payments in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Further information on data processing when using the Amazon Payments service can be found in the associated privacy policy at: https://pay.amazon.com/de/help/201212490
Data collection and processing for credit checks
If we provide services in advance, e.g. for payment by invoice or direct debit, we reserve the right to obtain a credit report based on mathematical-statistical procedures usingKlarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm. For this purpose, we transmit the personal data required for a credit check to them and use the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution or termination of the contractual relationship. The credit report may contain probability values (score values), which are calculated based on scientifically recognized mathematical-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit checking for contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protecting against payment default when we provide services in advance. You have the right to object to this processing of your personal data based on Art. 6 para. 1 lit. f GDPR at any time for reasons arising from your particular situation by notifying us. The provision of the data is necessary for the conclusion of the contract with your desired payment method. Failure to provide the data will result in the contract not being able to be concluded with the payment method you have chosen.
We use the payment service "Shopify Payments" from Shopify International Limited (2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website. Payment processing in this case is carried out by the payment service provider Stripe Payments Europe, Ltd. (1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland; "Stripe"). The data processing serves the purpose of enabling you to pay via the Shopify Payments service. By selecting and using a corresponding "Shopify Payments" payment method, the data required for payment processing is transmitted to Stripe in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
Stripe reserves the right to obtain a credit report if necessary, based on mathematically-statistical procedures using credit agencies. For this purpose, Stripe transmits the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution, or termination of the contractual relationship. The credit report may contain probability values (score values) calculated on the basis of scientifically recognized mathematically-statistical procedures, which include address data, among other things. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit assessment for contract initiation. The processing is based on Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when Stripe makes advance payments.
You have the right to object to this processing of your personal data based on Art. 6 Para. 1 lit. f GDPR at any time for reasons arising from your particular situation by notifying Stripe. The provision of data is necessary for concluding the contract with the payment method you desire. Failure to provide data means that the contract cannot be concluded with the payment method you have chosen.
Further information on data processing when using the Shopify Payments service can be found in Shopify's privacy policy at: https://www.shopify.com/de/legal/datenschutz.
Further information on data processing when processing payments via the payment service provider Stripe can be found in Stripe's privacy policy at: https://stripe.com/de/privacy.
Cookies
Our website uses cookies. Cookies are small text files that are stored in the internet browser or by the internet browser on a user's computer system. If a user accesses a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables unique identification of the browser when the website is accessed again.
We use the consent management tool Consentmanager from Consentmanager AB (Håltegelvägen 1b, 72348 Västerås, Sweden; "Consentmanager") on our website.
The tool allows you to give consent to data processing via the website, in particular the setting of cookies, and to exercise your right to withdraw consent already given.
The data processing serves the purpose of obtaining and documenting necessary consents to data processing and thus complying with legal obligations.
For this purpose, cookies may be used. The following information, among others, may be collected and transmitted to Consentmanager: date and time of page view, information about the browser you are using and the device you are using, anonymized IP address, opt-in and opt-out data. This data is not passed on to other third parties.
The data processing takes place to fulfill a legal obligation on the basis of Art. 6 Para. 1 lit. c GDPR.
Further information on data protection at Consentmanager can be found at: https://www.consentmanager.net/privacy.php
Analysis Ad Tracking
Use of Google Analytics 4
We use the web analysis service Google Analytics from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The data processing serves the purpose of analyzing this website and its visitors, as well as for marketing and advertising purposes. For this purpose, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activities, and to provide other services related to website and internet use to the website operator.
The following information, among others, may be collected: IP address, date and time of page view, click path, information about the browser you are using and the device you are using, pages visited, referrer URL (website from which you accessed our website), location data, purchase activities. Your data may be linked by Google with other data, such as your search history, your personal accounts, your usage data from other devices, and any other data Google has about you.
The IP address is truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.
Google uses technologies such as cookies, browser web storage, and tracking pixels, which enable an analysis of your use of the website. The use of cookies or similar technologies is based on your consent pursuant to Section 25 (1) Sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR.
The processing of your personal data is based on your consent pursuant to Art. 6 Para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out on the basis of the consent until withdrawal.
Further information on terms of use and data protection can be found at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/privacy?hl=de&gl=de.
Use of Shopify Statistics
We use the statistics and analysis functions of Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of commissioned processing. Shopify is an affiliated company of Shopify Inc. (151 O’Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
Data processing serves the purpose of analyzing this website and its visitors. For this purpose, data is stored for marketing and optimization purposes and provided in reports, analyses, and statistics. This includes the collection and processing of the following device information: Information about the web browser, IP address, time zone, and some of the cookies installed on your device. When you navigate the website, information about visited web pages or products, the referrer URL (website from which you accessed our website), and information about how you interact with the website is also collected. Technologies such as cookies, as well as web beacons, tags, and pixels (electronic files for collecting information on how you navigate the website) are used for this purpose.
Your data may be transmitted to and processed in third countries outside the EU, in particular to Canada and the USA. An adequacy decision by the EU Commission exists for Canada. For the USA, an adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF), exists. Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations comparable to those of the standard contractual clauses of the EU Commission.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until withdrawal.
Further information on data protection at Shopify can be found at https://www.shopify.com/de/legal/datenschutz, information on the data processing agreement at https://www.shopify.com/de/legal/dpa, and information on the cookies used at https://www.shopify.com/de/legal/cookies.
Plug-ins and Other
We use the invisible reCAPTCHA service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This serves the purpose of distinguishing between input by a human and automated, machine processing. In the background, Google collects and analyzes usage data, which is used by Invisible reCAPTCHA to distinguish regular users from bots. For this purpose, your input is transmitted to Google and further used there. In addition, the IP address and any other data required by Google for the Invisible reCAPTCHA service are transmitted to Google.
These data are processed by Google within the European Union and may also be transmitted to servers of Google LLC in the USA. An adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF), exists for the USA. Google has certified under the TADPF and thus committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until withdrawal.
Further information on Google reCAPTCHA and the associated privacy policy can be found at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy
Use of YouTube
We use the function for embedding YouTube videos from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube") on our website. YouTube is an affiliated company of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google").
The function displays videos stored on YouTube in an iFrame on the website. The "enhanced privacy mode" option is activated. This means that YouTube does not store any information about website visitors. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transmitted to the USA. An adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF), exists for the USA. YouTube has certified under the TADPF and thus committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until withdrawal.
Further information on the collection and use of data by YouTube and Google, on your rights in this regard and options for protecting your privacy can be found in YouTube's privacy policy at https://www.youtube.com/t/privacy.
Integration of the Händlerbund Member Logo
The Händlerbund member logo (Händlerbund e.V., Kohlgartenstraße 11 - 13, 04315 Leipzig) is integrated on our website. When you visit our website, information is automatically sent to the server of Händlerbund e.V. by the browser used on your device. This information is temporarily stored in a so-called server log file for 7 days. The following information is collected without your intervention and stored until automatic deletion:
Use of Google Fonts
We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
Data processing serves the purpose of uniform display of fonts on our website. To load the fonts, a connection to Google servers is established when the page is called up. Cookies may be used here. This involves processing and transmitting your IP address and information about the browser you are using to Google. This data is not linked to your Google account.
Your data may be transferred to the USA. An adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF), exists for the USA. Google has certified under the TADPF and thus committed to comply with European data protection principles.
The use of cookies or comparable technologies is based on your consent in accordance with Section 25 para. 1 sentence 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation.
Further information on data processing and data protection can be found at https://www.google.de/intl/de/policies/ and at https://developers.google.com/fonts/faq.
Data Subject Rights and Storage Period
Duration of Storage
After complete contract processing, the data will first be stored for the duration of the warranty period, then taking into account legal, in particular tax and commercial law, retention periods, and then deleted after the expiry of the period, unless you have consented to further processing and use.
Rights of the Data Subject
Subject to the legal requirements, you have the following rights according to Art. 15 to 20 GDPR: Right to information, to rectification, to erasure, to restriction of processing, to data portability.
In addition, according to Art. 21 para. 1 GDPR, you have the right to object to processing based on Art. 6 para. 1 lit. f GDPR, as well as to processing for the purpose of direct marketing.
Right to Lodge a Complaint with the Supervisory Authority
According to Art. 77 GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that the processing of your personal data is not lawful.
You can, among other things, lodge a complaint with the supervisory authority responsible for us, which you can reach at the following contact details:
State Commissioner for Data Protection and for the Right to Access Files
Stahnsdorfer Damm 77
14532 Kleinmachnow
Tel.: +49 33203 3560
Fax: +49 33203 35649
E-Mail: poststelle@lda.brandenburg.de
Right to Object
If the personal data processing listed here is based on our legitimate interest according to Art. 6 para. 1 lit. f GDPR, you have the right to object to these processing operations at any time with effect for the future, for reasons arising from your particular situation.
After an objection has been made, the processing of the data concerned will be terminated, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves the assertion, exercise, or defense of legal claims.
Last updated: 22.10.2024
Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide the data will have no consequences. This applies only insofar as no other information is given in the subsequent processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.
Server log files
You can visit our websites without providing any personal information.
Each time our website is accessed, usage data is transmitted to us or our web host / IT service provider by your internet browser and stored in log data (so-called server log files). This stored data includes, for example, the name of the page accessed, the date and time of access, the IP address, the amount of data transferred, and the requesting provider.
Processing is carried out on the basis of Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in ensuring the trouble-free operation of our website and in improving our offer.
Your data may be transferred to and processed in third countries outside the EU, in particular to Canada and the USA. For Canada, an adequacy decision from the EU Commission exists. For the USA, an adequacy decision from the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations comparable to the EU Commission's standard contractual clauses.Processing is carried out on the basis of Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in ensuring the trouble-free operation of our website and in improving our offer.
Contact
Controller
Contact us if you wish. The controller for data processing is: NiKa GbR, Söllenthiner Str. 6, 19339 Plattenburg Germany, +49 38787 179813, kontakt@nikacards.de
Proactive customer contact via email
If you proactively contact us by email for business purposes, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves to process and answer your contact request.
If the contact is for the purpose of carrying out pre-contractual measures (e.g., advice on purchase interest, offer creation) or concerns a contract already concluded between you and us, this data processing is based on Art. 6 (1) lit. b GDPR.
If the contact is for other reasons, this data processing is based on Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right to object at any time to this processing of personal data concerning you, which is based on Art. 6 (1) lit. f GDPR, for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when using the contact form
When using the contact form, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves the purpose of contacting you.
If the contact is for the purpose of carrying out pre-contractual measures (e.g., advice on purchase interest, offer creation) or concerns a contract already concluded between you and us, this data processing is based on Art. 6 (1) lit. b GDPR.
If the contact is for other reasons, this data processing is based on Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right to object at any time to this processing of personal data concerning you, which is based on Art. 6 (1) lit. f GDPR, for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Use of Endereco address validation
We use the address validation service from Endereco UG (haftungsbeschränkt) (Balthasar-Neumann-Str. 4b, 97236 Randersacker, Germany; “Endereco”) on our website.
The data processing serves the purpose of checking your entries in our address forms for input and spelling errors in real time, and if necessary, supplementing missing data. For incorrectly entered data, alternative suggestions for correcting the data are displayed.
Among other things, the following information can be transmitted to Endereco and processed there: postal addresses (country, city, postal code, street, house number), email address, telephone number.
The processing of your personal data is based on Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in accurate data for fulfilling our contractual obligations. You have the right to object at any time to this processing of personal data concerning you, for reasons arising from your particular situation.
The data is processed separately by the provider and not merged with other data. It is deleted by the provider as soon as the status of the entered data has been determined, but no later than after 30 days.
Further information on data protection at Endereco can be found at: https://www.endereco.de/datenschutzerklaerung/.
Use of Google Maps API address validation
We use address validation from Google (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland “Google”) on our website.
The data processing serves the purpose of checking your entries in our address forms for input and spelling errors in real time, and if necessary, supplementing missing data. For incorrectly entered data, alternative suggestions for correcting the data are displayed. For this purpose, the address data you enter is transmitted to the provider, stored and evaluated there.
Among other things, the following information can be transmitted to and processed by Google: postal addresses (country, city, postcode, street, house number), email address, telephone number.
Your data may also be transferred to the USA. For the USA, an adequacy decision from the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The processing of your personal data is based on Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in accurate data for fulfilling our contractual obligations. You have the right to object at any time to this processing of personal data concerning you, for reasons arising from your particular situation.
The data is processed separately by the provider and not merged with other data. It is deleted by the provider as soon as the status of the entered data has been determined, but no later than after 30 days.
Further information on terms of use and data protection at Google can be found at: https://cloud.google.com/maps-platform/terms and https://www.google.de/policies/privacy/.
WhatsApp BusinessWe use address validation from Google (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland “Google”) on our website.
The data processing serves the purpose of checking your entries in our address forms for input and spelling errors in real time, and if necessary, supplementing missing data. For incorrectly entered data, alternative suggestions for correcting the data are displayed. For this purpose, the address data you enter is transmitted to the provider, stored and evaluated there.
Among other things, the following information can be transmitted to and processed by Google: postal addresses (country, city, postcode, street, house number), email address, telephone number.
Your data may also be transferred to the USA. For the USA, an adequacy decision from the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The processing of your personal data is based on Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in accurate data for fulfilling our contractual obligations. You have the right to object at any time to this processing of personal data concerning you, for reasons arising from your particular situation.
The data is processed separately by the provider and not merged with other data. It is deleted by the provider as soon as the status of the entered data has been determined, but no later than after 30 days.
Further information on terms of use and data protection at Google can be found at: https://cloud.google.com/maps-platform/terms and https://www.google.de/policies/privacy/.
If you contact us for business purposes via WhatsApp, we use the WhatsApp Business version of WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “WhatsApp”). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and answer your contact request. For this purpose, we collect and process your mobile phone number stored with WhatsApp, if provided, your name and other data to the extent provided by you. For the service, we use a mobile device in whose address book only data of users who have contacted us via WhatsApp are stored. Therefore, no personal data is transferred to WhatsApp without your prior consent to WhatsApp.
Your data will be transmitted by WhatsApp to servers of Meta Platforms Inc. in the USA. For the USA, an adequacy decision from the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. has certified itself under the TADPF and has thus committed to complying with European data protection principles. If the contact is for the purpose of carrying out pre-contractual measures (e.g., advice on purchase interest, offer creation) or concerns a contract already concluded between you and us, this data processing is based on Art. 6 (1) lit. b GDPR.
If the contact is for other reasons, this data processing is based on Art. 6 (1) lit. f GDPR due to our overriding legitimate interest in providing quick and easy contact and in answering your request. In this case, you have the right to object at any time to this processing of personal data concerning you, which is based on Art. 6 (1) lit. f GDPR, for reasons arising from your particular situation.
We only use your personal data to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Further information on terms of use and data protection when using WhatsApp can be found at https://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy.
Customer Account Orders
Customer Account
When opening a customer account, we collect your personal data to the extent indicated there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. Processing is carried out on the basis of Art. 6 (1) lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out based on the consent until revocation. Your customer account will then be deleted.
Collection, processing and transfer of personal data during orders
When placing an order, we collect and process your personal data only insofar as this is necessary for the fulfillment and processing of your order and for handling your inquiries. The provision of the data is necessary for the conclusion of the contract. Failure to provide the data means that no contract can be concluded. Processing is carried out on the basis of Art. 6 (1) lit. b GDPR and is necessary for the performance of a contract with you.
Your data will be passed on, for example, to shipping companies, dropshipping or fulfillment providers, payment service providers, service providers for order processing, and IT service providers. In all cases, we strictly observe the legal requirements. The scope of data transmission is limited to a minimum.
Your data may be transferred to and processed in third countries outside the EU, in particular to Canada and the USA. For Canada, an adequacy decision from the EU Commission exists. For the USA, an adequacy decision from the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations comparable to the EU Commission's standard contractual clauses.Reviews Advertising
Shopauskunft customer review
We use the "shopauskunft.de" review tool from Händlerbund Management AG (Kohlgartenstraße 11 - 13, 04315 Leipzig; "Shopauskunft") for our website.
After your order, we would like to ask you to rate and comment on your purchase with us. For this purpose, we will contact you by e-mail, using the technical system "Legal Review Request (RBA)". We process your order data (order number/invoice number, purchase value and shipping costs) and your e-mail address. We may also use this data to verify your review.
We use the "shopauskunft.de" review tool from Händlerbund Management AG (Kohlgartenstraße 11 - 13, 04315 Leipzig; "Shopauskunft") for our website.
After your order, we would like to ask you to rate and comment on your purchase with us. For this purpose, we will contact you by e-mail, using the technical system "Legal Review Request (RBA)". We process your order data (order number/invoice number, purchase value and shipping costs) and your e-mail address. We may also use this data to verify your review.
The processing is carried out on the basis of Art. 6 (1) lit. a GDPR with your consent, provided you have expressly agreed to the disclosure of your data and the receipt of the review request.
You can revoke your consent at any time using the corresponding link in the email or by notifying us, without affecting the legality of the processing carried out based on the consent until revocation.
Further information on data protection when using Shopauskunft can be found at:
https://www.shopauskunft.de/datenschutz.
Use of TrustpilotYou can revoke your consent at any time using the corresponding link in the email or by notifying us, without affecting the legality of the processing carried out based on the consent until revocation.
Further information on data protection when using Shopauskunft can be found at:
https://www.shopauskunft.de/datenschutz.
We use the "Trustpilot" rating system from Trustpilot A/S (Pilestræde 58, 1112 Copenhagen, Denmark; "Trustpilot") on our website.
Trustpilot allows us to collect customer reviews and display them on our website to give you an insight into the quality of our services.
After placing an order, you may receive an invitation from us or Trustpilot to submit a review, and then you can submit a review. In this process, the following data, among others, may be processed by us or Trustpilot: email address, name, information about your device and location (IP address, browser settings, type of browser used, browser language, time zone), information about your Trustpilot user account (username, photo, preferred language), information about the purchased product or service used (reference or order number, product details), the content of your review and the star rating you gave, your product photos or videos (if you attached them to your product review). This data may also be used for the purpose of verifying your review.
The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent, provided you have expressly agreed to the transfer of your data and the receipt of the review invitation. You can withdraw your consent at any time, without affecting the lawfulness of the processing carried out on the basis of the consent until the withdrawal.
Further information on data protection when using Trustpilot can be found at: https://de.legal.trustpilot.com/for-reviewers/end-user-privacy-terms.
Use of Judge.me
We use the "Judge.me" rating system from Judge.me Ltd (c/o Buckworths 2nd Floor, 1-3 Worship Street, London, England, EC2A 2AB; "Judge.me") on our website.
Judge.me allows us to collect customer reviews and display them on our website to give you an insight into the quality of our services.
After placing an order, you may receive an invitation from us or Judge.me to submit a review, and then you can submit a review. In this process, the following data, among others, may be processed by us or Judge.me: email address, name, telephone number, address, information about your device (IP address, information about your web browser and the operating system used), information about the purchased product or the service used (order number, product details), the content of your review and the star rating you gave, your product photos or videos (if you attached them to your product review). This data may also be used for the purpose of verifying your review.
Judge.me uses technologies such as cookies.
Your data may be transferred outside the EU to the United Kingdom. An adequacy decision by the EU Commission exists for the United Kingdom.
Your data may be transferred to the USA. An adequacy decision by the EU Commission exists for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Judge.me is not certified under the TADPF. This data transfer is based on special contracts approved for use in the United Kingdom, which offer the same protection that personal data has in the United Kingdom.
The use of cookies or comparable technologies is based on your consent pursuant to Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is based on your consent pursuant to Art. 6 (1) lit. a GDPR, provided you have expressly agreed to the transfer of your data and the receipt of the review invitation. You can withdraw your consent at any time, without affecting the lawfulness of the processing carried out on the basis of the consent until the withdrawal.
Further information on data protection when using Judge.me can be found at: https://judge.me/privacy.
Use of email address for sending newsletters
We use your email address to send you information and offers via newsletter, provided you have expressly agreed to this. The data processing serves exclusively the purpose of advertising. For this purpose, we process your email address and, if applicable, other data that you voluntarily provided when registering for our newsletter.
The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can withdraw your consent at any time, without affecting the lawfulness of the processing carried out on the basis of the consent until the withdrawal.
You can unsubscribe from the newsletter at any time using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the mailing list. Despite removal from the mailing list, we may still store your email address in a so-called blacklist to prevent you from receiving newsletter emails from us in the future. This storage is based on Art. 6 para. 1 lit. f GDPR due to our and your legitimate interest in preventing the renewed use of your email address for sending our newsletter. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation.
Shipping service providers ERP System
Transfer of email address to shipping companies for information about shipping status
We pass on your email address to the transport company as part of the contract processing, provided you have expressly agreed to this in the order process. The transfer serves the purpose of informing you about the shipping status by email. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can withdraw your consent at any time by notifying us or the transport company, without affecting the lawfulness of the processing carried out on the basis of the consent until the withdrawal.
Use of an external ERP system
We use an ERP system for contract processing within the framework of order processing. For this purpose, your personal data collected during the order process is transmitted to
Shopify Inc. Ottawa, Canada
.
The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is based on Art. 6 para. 1 lit. b GDPR.
Payment service providers Credit check
Use of PayPal Express
On our website, we use the PayPal Express payment service of PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal"). Data processing serves the purpose of enabling you to use the PayPal Express payment service. To integrate this payment service, it is necessary for PayPal to collect, store, and analyze data (e.g., IP address, device type, operating system, browser type, location of your device) when the website is accessed. Cookies may also be used for this purpose. The cookies enable the recognition of your browser.
The processing of your personal data is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in offering customer-oriented payment methods. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation.
By selecting and using PayPal Express, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Further information on data processing when using the PayPal Express payment service can be found in the associated privacy policy at www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS.
Use of PayPal Check-Out
We use the PayPal Check-Out payment service provided by PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of offering you payment via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Cookies may be stored here, which enable the recognition of your browser. The data processing that takes place as a result is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offer of various payment methods. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation.
Credit card via PayPal, direct debit via PayPal & "Pay Later" via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, PayPal reserves the right to obtain credit information based on mathematical-statistical procedures using credit agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the information obtained about the statistical probability of a payment default for a balanced decision on the establishment, execution or termination of the contractual relationship. The credit information may include probability values (score values), which are calculated based on scientifically recognized mathematical-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit checking for contract initiation. The processing is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protecting against payment default when PayPal provides services in advance.
You have the right to object to this processing of your personal data based on Art. 6 para. 1 lit. f GDPR at any time for reasons arising from your particular situation by notifying PayPal. The provision of the data is necessary for the conclusion of the contract with your desired payment method. Failure to provide the data will result in the contract not being able to be concluded with the payment method you have chosen.
Third-party providers
When paying via a third-party payment method, the data required for payment processing is transmitted to PayPal. This processing is based on Art. 6 para. 1 lit. b GDPR. To carry out this payment method, the data may then be passed on by PayPal to the respective provider. This processing is based on Art. 6 para. 1 lit. b GDPR. Local third-party providers can be, for example:
- Apple Pay (Apple Distribution International Ltd., Hollyhill Industrial Estate, Hollyhill, Cork, Ireland)
- Google Pay (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland)
Purchase on account via PayPal
When paying by invoice, the data required for payment processing is first transmitted to PayPal. To carry out this payment method, the data is then transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Ratepay may carry out a credit check based on mathematical-statistical procedures (probability or score values) using credit agencies according to the procedure already described above. The data processing serves the purpose of credit checking for contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protecting against payment default when Ratepay provides services in advance. Further information on data protection and which credit agencies Ratpay uses can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.
Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Use of Amazon Payments
We use the Amazon Payments payment service from Amazon Payments Europe s.c.a. (38 avenue John F. Kennedy, L-1855 Luxembourg; “Amazon Payments”) on our website.
The data processing serves the purpose of offering you payment via the Amazon Payments service.
To integrate this payment service, it is necessary for Amazon Payments to collect, store, and analyze data (e.g., IP address, device type, operating system, browser type, location of your device) when the website is accessed. Cookies may also be used for this purpose. The cookies enable the recognition of your browser.
The processing of your personal data is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in offering customer-oriented payment methods. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation.
By selecting and using “Amazon Payments”, the data required for payment processing is transmitted to Amazon Payments in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Further information on data processing when using the Amazon Payments service can be found in the associated privacy policy at: https://pay.amazon.com/de/help/201212490
Data collection and processing for credit checks
If we provide services in advance, e.g. for payment by invoice or direct debit, we reserve the right to obtain a credit report based on mathematical-statistical procedures usingKlarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm. For this purpose, we transmit the personal data required for a credit check to them and use the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution or termination of the contractual relationship. The credit report may contain probability values (score values), which are calculated based on scientifically recognized mathematical-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit checking for contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protecting against payment default when we provide services in advance. You have the right to object to this processing of your personal data based on Art. 6 para. 1 lit. f GDPR at any time for reasons arising from your particular situation by notifying us. The provision of the data is necessary for the conclusion of the contract with your desired payment method. Failure to provide the data will result in the contract not being able to be concluded with the payment method you have chosen.
Use of Klarna payment options
We use the payment service of Klarna Bank AB (publ) (Sveavägen 46, 111 34 Stockholm, Sweden; "Klarna") on our website. By selecting and using payment via Klarna, the data required for payment processing is transmitted to Klarna in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
In this process, cookies may be stored that enable the recognition of your browser. The data processing taking place as a result is based on Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offering of various payment methods. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation.
In this process, cookies may be stored that enable the recognition of your browser. The data processing taking place as a result is based on Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offering of various payment methods. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation.
"Pay Later" (invoice), "Pay Now" (direct debit, credit card, instant transfer), "Financing" (instalment purchase)
For individual payment methods such as "Pay Later" (invoice), "Pay Now" (direct debit, credit card, instant transfer), "Financing" (instalment purchase), Klarna reserves the right to obtain a credit report if necessary, based on mathematically-statistical procedures using credit agencies.
For this purpose, Klarna transmits the personal data required for a credit check, such as first and last name, address, gender, email address, IP address, and data related to the order, to a credit agency for the purpose of identity and credit assessment and uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution, or termination of the contractual relationship. The credit report may contain probability values (score values) calculated on the basis of scientifically recognized mathematically-statistical procedures, which include address data, among other things. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit assessment for contract initiation. The processing is based on Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when Klarna makes advance payments. You have the right to object to this processing of your personal data based on Art. 6 Para. 1 lit. f GDPR at any time for reasons arising from your particular situation by notifying Klarna. The provision of data is necessary for concluding the contract with the payment method you desire. Failure to provide data means that the contract cannot be concluded with the payment method you have chosen.
Further information, in particular to which credit agencies Klarna transmits your personal data, can be found at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies.
General information about Klarna can be found at: https://www.klarna.com/de/. Your personal data will be handled by Klarna in accordance with applicable data protection regulations and as described in Klarna's privacy policy at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy.
Use of the payment service provider Mollie
We use the payment service provider Mollie B.V. (Keizersgracht 313, 1016 EE Amsterdam, Netherlands; "Mollie") for payment processing on our website. The data processing serves the purpose of offering you various payment methods through payment processing via the payment service provider Mollie. If you have chosen one of the payment options of the payment service provider Mollie, the data required for payment processing will be transmitted to Mollie. This includes your payment data (e.g., bank account number or credit card number), your IP address, your internet browser and device type, and in some cases your first and last name, address data, and information about the product or service you have purchased from us. This data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Further information on data processing when using the payment service provider Mollie can be found in the associated privacy policy https://www.mollie.com/de/privacy
Use of Shopify PaymentsWe use the payment service provider Mollie B.V. (Keizersgracht 313, 1016 EE Amsterdam, Netherlands; "Mollie") for payment processing on our website. The data processing serves the purpose of offering you various payment methods through payment processing via the payment service provider Mollie. If you have chosen one of the payment options of the payment service provider Mollie, the data required for payment processing will be transmitted to Mollie. This includes your payment data (e.g., bank account number or credit card number), your IP address, your internet browser and device type, and in some cases your first and last name, address data, and information about the product or service you have purchased from us. This data processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR. Further information on data processing when using the payment service provider Mollie can be found in the associated privacy policy https://www.mollie.com/de/privacy
We use the payment service "Shopify Payments" from Shopify International Limited (2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website. Payment processing in this case is carried out by the payment service provider Stripe Payments Europe, Ltd. (1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland; "Stripe"). The data processing serves the purpose of enabling you to pay via the Shopify Payments service. By selecting and using a corresponding "Shopify Payments" payment method, the data required for payment processing is transmitted to Stripe in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 Para. 1 lit. b GDPR.
Stripe reserves the right to obtain a credit report if necessary, based on mathematically-statistical procedures using credit agencies. For this purpose, Stripe transmits the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution, or termination of the contractual relationship. The credit report may contain probability values (score values) calculated on the basis of scientifically recognized mathematically-statistical procedures, which include address data, among other things. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit assessment for contract initiation. The processing is based on Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when Stripe makes advance payments.
You have the right to object to this processing of your personal data based on Art. 6 Para. 1 lit. f GDPR at any time for reasons arising from your particular situation by notifying Stripe. The provision of data is necessary for concluding the contract with the payment method you desire. Failure to provide data means that the contract cannot be concluded with the payment method you have chosen.
Further information on data processing when using the Shopify Payments service can be found in Shopify's privacy policy at: https://www.shopify.com/de/legal/datenschutz.
Further information on data processing when processing payments via the payment service provider Stripe can be found in Stripe's privacy policy at: https://stripe.com/de/privacy.
Cookies
Our website uses cookies. Cookies are small text files that are stored in the internet browser or by the internet browser on a user's computer system. If a user accesses a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables unique identification of the browser when the website is accessed again.
Cookies are stored on your computer. Therefore, you have full control over the use of cookies. By selecting appropriate technical settings in your internet browser, you can be notified before cookies are set, decide individually whether to accept them, and prevent the storage of cookies and the transmission of the data they contain. Cookies that have already been stored can be deleted at any time. However, we would like to point out that in this case you may not be able to fully use all functions of this website.
You can find information on how to manage (and deactivate) cookies in the most common browsers via the following links:
Chrome: https://support.google.com/accounts/answer/61416?hl=en
Microsoft Edge: https://support.microsoft.com/en-us/microsoft-edge/delete-cookies-in-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09
Microsoft Edge: https://support.microsoft.com/en-us/microsoft-edge/delete-cookies-in-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09
Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Technically necessary cookies
Unless otherwise specified below in the privacy policy, we only use these technically necessary cookies for the purpose of making our offer more user-friendly, effective and secure. Furthermore, cookies enable our systems to recognize your browser even after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized again even after a page change.
The use of cookies or similar technologies is based on Section 25 (2) TDDDG. The processing of your personal data is based on Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offer.
You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation.
Use of ConsentmanagerWe use the consent management tool Consentmanager from Consentmanager AB (Håltegelvägen 1b, 72348 Västerås, Sweden; "Consentmanager") on our website.
The tool allows you to give consent to data processing via the website, in particular the setting of cookies, and to exercise your right to withdraw consent already given.
The data processing serves the purpose of obtaining and documenting necessary consents to data processing and thus complying with legal obligations.
For this purpose, cookies may be used. The following information, among others, may be collected and transmitted to Consentmanager: date and time of page view, information about the browser you are using and the device you are using, anonymized IP address, opt-in and opt-out data. This data is not passed on to other third parties.
The data processing takes place to fulfill a legal obligation on the basis of Art. 6 Para. 1 lit. c GDPR.
Further information on data protection at Consentmanager can be found at: https://www.consentmanager.net/privacy.php
Analysis Ad Tracking
Use of Google Analytics 4
We use the web analysis service Google Analytics from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The data processing serves the purpose of analyzing this website and its visitors, as well as for marketing and advertising purposes. For this purpose, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activities, and to provide other services related to website and internet use to the website operator.
The following information, among others, may be collected: IP address, date and time of page view, click path, information about the browser you are using and the device you are using, pages visited, referrer URL (website from which you accessed our website), location data, purchase activities. Your data may be linked by Google with other data, such as your search history, your personal accounts, your usage data from other devices, and any other data Google has about you.
The IP address is truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.
Google uses technologies such as cookies, browser web storage, and tracking pixels, which enable an analysis of your use of the website. The use of cookies or similar technologies is based on your consent pursuant to Section 25 (1) Sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR.
The processing of your personal data is based on your consent pursuant to Art. 6 Para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out on the basis of the consent until withdrawal.
In this context, we also use the Google Signals service. Google Signals enables cross-device tracking. Your data can thus be analyzed across devices if you have activated "personalized advertising" in your account settings and your end devices are linked to your Google account. This makes it possible to recognize on which device you are searching for products and later return to complete purchases on another device, such as a tablet.
The cross-device reports created in this context contain only aggregated data. We therefore only receive statistics created on the basis of Google Signals. To prevent data collection and storage by Google Signals across devices, you can deactivate the "personalized ads" function in your Google account settings. Further information on this can be found at https://support.google.com/ads/answer/2662922?hl=en.
Further information on data processing and data protection for Google Signals can be found at https://support.google.com/analytics/answer/7532985?hl=en.
The information generated about your use of this website is usually transmitted to a Google server in the USA and stored there. An adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF), exists for the USA. Google has certified under the TADPF and thus committed to complying with European data protection principles. Both Google and US government authorities have access to your data.Further information on terms of use and data protection can be found at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/privacy?hl=de&gl=de.
Use of Shopify Statistics
We use the statistics and analysis functions of Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of commissioned processing. Shopify is an affiliated company of Shopify Inc. (151 O’Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
Data processing serves the purpose of analyzing this website and its visitors. For this purpose, data is stored for marketing and optimization purposes and provided in reports, analyses, and statistics. This includes the collection and processing of the following device information: Information about the web browser, IP address, time zone, and some of the cookies installed on your device. When you navigate the website, information about visited web pages or products, the referrer URL (website from which you accessed our website), and information about how you interact with the website is also collected. Technologies such as cookies, as well as web beacons, tags, and pixels (electronic files for collecting information on how you navigate the website) are used for this purpose.
Your data may be transmitted to and processed in third countries outside the EU, in particular to Canada and the USA. An adequacy decision by the EU Commission exists for Canada. For the USA, an adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF), exists. Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations comparable to those of the standard contractual clauses of the EU Commission.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until withdrawal.
Further information on data protection at Shopify can be found at https://www.shopify.com/de/legal/datenschutz, information on the data processing agreement at https://www.shopify.com/de/legal/dpa, and information on the cookies used at https://www.shopify.com/de/legal/cookies.
Use of Meta Pixel
We use the Meta Pixel from Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "Meta") on our website.
Meta and we are joint controllers for the collection of your data and the transmission of this data to Meta when the service is integrated. This is based on an agreement between us and Meta on the joint processing of personal data, which defines the respective responsibilities. The agreement can be viewed at https://de-de.facebook.com/legal/terms/businesstools. According to this, we are particularly responsible for fulfilling the information obligations pursuant to Art. 13, 14 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for complying with the obligations under Art. 33, 34 GDPR, insofar as a personal data breach affects our obligations under the joint processing agreement. Meta is responsible for enabling the rights of data subjects pursuant to Art. 15 - 20 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the security of the service, and for complying with the obligations under Art. 33, 34 GDPR, insofar as a personal data breach affects Meta's obligations under the joint processing agreement.
The application serves the purpose of targeting website visitors with interest-based advertising on Facebook and Instagram social networks. For this purpose, Meta's remarketing tag has been implemented on the website. This tag establishes a direct connection to Meta's servers when the website is visited. This transmits to the Meta server which of our pages you have visited. Meta assigns this information to your personal Facebook and/or Instagram user account. When you visit the Facebook or Instagram social networks, personalized, interest-based ads are then displayed to you.
The application also serves the purpose of creating conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag, as well as what actions were taken after being redirected to this website. However, we do not receive any information that allows users to be personally identified.
Your data may be transmitted to the USA. An adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF), exists for the USA. Meta has certified under the TADPF and thus committed to complying with European data protection principles.
The processing of your personal data takes place with your consent on the basis of Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until withdrawal.
You can deactivate the remarketing function "Custom Audiences" here. Further information on the collection and use of data by Meta, on your rights in this regard and options for protecting your privacy can be found in Meta's privacy policy at https://www.facebook.com/about/privacy/.
You can deactivate the remarketing function "Custom Audiences" here. Further information on the collection and use of data by Meta, on your rights in this regard and options for protecting your privacy can be found in Meta's privacy policy at https://www.facebook.com/about/privacy/.
Use of Google Ads Conversion Tracking
We use the online advertising program "Google Ads" on our website and, in this context, conversion tracking (conversion action evaluation). Google Conversion Tracking is an analysis service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; Google).
When you click on an ad placed by Google, a cookie for conversion tracking is stored on your computer. These cookies have a limited validity, do not contain any personal data and therefore do not serve for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google Ads customer receives a different cookie. Thus, there is no possibility that cookies can be tracked across Ads customers' websites.
The information obtained with the help of the conversion cookie serves the purpose of creating conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, we do not receive any information that allows users to be personally identified.
Your data may be transmitted to the servers of Google LLC in the USA. An adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF), exists for the USA. Google has certified under the TADPF and thus committed to complying with European data protection principles.
We use the online advertising program "Google Ads" on our website and, in this context, conversion tracking (conversion action evaluation). Google Conversion Tracking is an analysis service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; Google).
When you click on an ad placed by Google, a cookie for conversion tracking is stored on your computer. These cookies have a limited validity, do not contain any personal data and therefore do not serve for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google Ads customer receives a different cookie. Thus, there is no possibility that cookies can be tracked across Ads customers' websites.
The information obtained with the help of the conversion cookie serves the purpose of creating conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, we do not receive any information that allows users to be personally identified.
Your data may be transmitted to the servers of Google LLC in the USA. An adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF), exists for the USA. Google has certified under the TADPF and thus committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until withdrawal.
Further information and Google's privacy policy can be found at: https://www.google.de/policies/privacy/
Further information and Google's privacy policy can be found at: https://www.google.de/policies/privacy/
Plug-ins and Other
Use of Google Tag Manager
We use the Google Tag Manager of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This application manages JavaScript tags and HTML tags, which are used to implement tracking and analysis tools, among others. Data processing serves the purpose of tailoring and optimizing our website to meet needs.
The Google Tag Manager itself does not store cookies or process personal data. However, it enables the triggering of other tags that can collect and process personal data.
Further information on terms of use and data protection can be found here.
We use the Google Tag Manager of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This application manages JavaScript tags and HTML tags, which are used to implement tracking and analysis tools, among others. Data processing serves the purpose of tailoring and optimizing our website to meet needs.
The Google Tag Manager itself does not store cookies or process personal data. However, it enables the triggering of other tags that can collect and process personal data.
Further information on terms of use and data protection can be found here.
Use of Google reCAPTCHA
We use the reCAPTCHA service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website. The query serves the purpose of distinguishing between input by a human and automated, machine processing. For this purpose, your input is transmitted to Google and further used there. In addition, the IP address and any other data required by Google for the reCAPTCHA service are transmitted to Google. These data are processed by Google within the European Union and may also be transmitted to servers of Google LLC in the USA. An adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF), exists for the USA. Google has certified under the TADPF and thus committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until withdrawal.
Further information on Google reCAPTCHA and the associated privacy policy can be found at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy.
Use of Google invisible reCAPTCHAWe use the invisible reCAPTCHA service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This serves the purpose of distinguishing between input by a human and automated, machine processing. In the background, Google collects and analyzes usage data, which is used by Invisible reCAPTCHA to distinguish regular users from bots. For this purpose, your input is transmitted to Google and further used there. In addition, the IP address and any other data required by Google for the Invisible reCAPTCHA service are transmitted to Google.
These data are processed by Google within the European Union and may also be transmitted to servers of Google LLC in the USA. An adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF), exists for the USA. Google has certified under the TADPF and thus committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until withdrawal.
Further information on Google reCAPTCHA and the associated privacy policy can be found at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy
Use of YouTube
We use the function for embedding YouTube videos from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube") on our website. YouTube is an affiliated company of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google").
The function displays videos stored on YouTube in an iFrame on the website. The "enhanced privacy mode" option is activated. This means that YouTube does not store any information about website visitors. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transmitted to the USA. An adequacy decision by the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF), exists for the USA. YouTube has certified under the TADPF and thus committed to complying with European data protection principles.
The use of cookies or similar technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until withdrawal.
Further information on the collection and use of data by YouTube and Google, on your rights in this regard and options for protecting your privacy can be found in YouTube's privacy policy at https://www.youtube.com/t/privacy.
Integration of the Händlerbund Member Logo
The Händlerbund member logo (Händlerbund e.V., Kohlgartenstraße 11 - 13, 04315 Leipzig) is integrated on our website. When you visit our website, information is automatically sent to the server of Händlerbund e.V. by the browser used on your device. This information is temporarily stored in a so-called server log file for 7 days. The following information is collected without your intervention and stored until automatic deletion:
- IP address of the requesting computer,
- date and time of access,
- name and URL of the retrieved file,
- website from which access is made (referrer URL),
- browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
Use of Google Fonts
We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
Data processing serves the purpose of uniform display of fonts on our website. To load the fonts, a connection to Google servers is established when the page is called up. Cookies may be used here. This involves processing and transmitting your IP address and information about the browser you are using to Google. This data is not linked to your Google account.
Your data may be transferred to the USA. An adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF), exists for the USA. Google has certified under the TADPF and thus committed to comply with European data protection principles.
The use of cookies or comparable technologies is based on your consent in accordance with Section 25 para. 1 sentence 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation.
Further information on data processing and data protection can be found at https://www.google.de/intl/de/policies/ and at https://developers.google.com/fonts/faq.
Data Subject Rights and Storage Period
Duration of Storage
After complete contract processing, the data will first be stored for the duration of the warranty period, then taking into account legal, in particular tax and commercial law, retention periods, and then deleted after the expiry of the period, unless you have consented to further processing and use.
Rights of the Data Subject
Subject to the legal requirements, you have the following rights according to Art. 15 to 20 GDPR: Right to information, to rectification, to erasure, to restriction of processing, to data portability.
In addition, according to Art. 21 para. 1 GDPR, you have the right to object to processing based on Art. 6 para. 1 lit. f GDPR, as well as to processing for the purpose of direct marketing.
Right to Lodge a Complaint with the Supervisory Authority
According to Art. 77 GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that the processing of your personal data is not lawful.
You can, among other things, lodge a complaint with the supervisory authority responsible for us, which you can reach at the following contact details:
State Commissioner for Data Protection and for the Right to Access Files
Stahnsdorfer Damm 77
14532 Kleinmachnow
Tel.: +49 33203 3560
Fax: +49 33203 35649
E-Mail: poststelle@lda.brandenburg.de
Right to Object
If the personal data processing listed here is based on our legitimate interest according to Art. 6 para. 1 lit. f GDPR, you have the right to object to these processing operations at any time with effect for the future, for reasons arising from your particular situation.
After an objection has been made, the processing of the data concerned will be terminated, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves the assertion, exercise, or defense of legal claims.
Last updated: 22.10.2024
