Privacy policy

Privacy Policy

Insofar as no other information is provided below, the provision of your personal data is neither legally or contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide it has no consequences. This applies only insofar as no other information is given in the following processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.

Server Log Files

You can visit our websites without providing any personal information.

Every time you access our website, usage data is transmitted to us or our web host / IT service provider by your internet browser and stored in log files (so-called server log files). This stored data includes, for example, the name of the accessed page, date and time of access, IP address, amount of data transferred, and the requesting provider.
The processing is carried out on the basis of Art. 6(1)(f) GDPR from our overriding legitimate interest in ensuring the uninterrupted operation of our website and in improving our offer.

Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. An adequacy decision of the EU Commission exists for Canada. For the USA, an adequacy decision of the EU Commission exists in the form of the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to the standard contractual clauses of the EU Commission.

Contact

Controller
Contact us if you wish. The controller responsible for data processing is: Showerplus Entwicklungs- und Vertriebsgesellschaft mbH, Richthofenstraße 29, 31137 Hildesheim Germany, +49 5121 708390, kundenservice@showerplus.de

Initiative contact by the customer via email
If you contact us by email on your own initiative for business purposes, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves the purpose of processing and responding to your contact request.
If the contact serves the implementation of pre-contractual measures (e.g. consultation in case of purchase interest, offer preparation) or concerns a contract already concluded between you and us, this data processing is based on Art. 6(1)(b) GDPR.
If the contact is for other reasons, this data processing is based on Art. 6(1)(f) GDPR from our overriding legitimate interest in processing and responding to your request. In this case, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6(1)(f) GDPR.
We use your email address only to process your request. Your data will then be deleted after consideration of statutory retention periods, unless you have consented to further processing and use.

Collection and processing when using the contact form
When using the contact form, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves the purpose of establishing contact.
If the contact serves the implementation of pre-contractual measures (e.g. consultation in case of purchase interest, offer preparation) or concerns a contract already concluded between you and us, this data processing is based on Art. 6(1)(b) GDPR.
If the contact is for other reasons, this data processing is based on Art. 6(1)(f) GDPR from our overriding legitimate interest in processing and responding to your request. In this case, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6(1)(f) GDPR.
We use your email address only to process your request. Your data will then be deleted after consideration of statutory retention periods, unless you have consented to further processing and use.

Collection and processing when sending images by email
You have the option of sending us images by email in connection with ordering a personalized product.
By submitting your images, we may collect your personal data (image of identifiable persons) only to the extent provided by you. The data processing serves the purpose of creating personalized products. The transmitted image serves as a template for the product and is used for this purpose (e.g. T-shirt printing). The processing is based on Art. 6(1)(b) GDPR and is necessary for the performance of a contract with you.
No disclosure of your data takes place.
We use the image you have sent only in the context of providing the service. Your data will then be deleted after consideration of statutory retention periods, unless you have consented to further processing and use.

Customer Account Orders

Customer Account
When opening a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. The processing is based on Art. 6(1)(a) GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the lawfulness of processing carried out on the basis of consent until revocation. Your customer account will then be deleted.

Collection, processing and disclosure of personal data for orders

When placing an order, we collect and process your personal data only to the extent necessary for the performance and processing of your order as well as for handling your inquiries. The provision of the data is necessary for the conclusion of the contract. Failure to provide it will result in no contract being concluded. The processing is based on Art. 6(1)(b) GDPR and is necessary for the performance of a contract with you.

Your data will be disclosed, for example, to shipping companies, dropshipping or fulfillment providers, payment service providers, service providers for order processing, and IT service providers. In all cases, we strictly comply with the legal requirements. The scope of data transmission is limited to a minimum.

The processing is carried out on the basis of Art. 6(1)(a) GDPR with your consent, provided you have expressly consented to the disclosure of your data and receipt of the rating request.
You can revoke your consent at any time by using the corresponding link in the email or by notifying us, without affecting the lawfulness of processing carried out on the basis of consent until revocation.
Further information on data protection when using Shopauskunft can be found at:
https://www.shopauskunft.de/datenschutz.

Shopauskunft Widget

The Shopauskunft widget is integrated on our website. This serves the purpose of displaying the number and results of the ratings we have received so far via Shopauskunft and thus advertising.

To display the widget, it is technically necessary to transmit usage data via your internet browser to the Shopauskunft server and store it in log files (so-called server log files) for 7 days. The stored data includes the name and URL of the retrieved file, date and time of retrieval, IP address of the requesting computer, website from which access was made (referrer URL), the browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

The processing is carried out on the basis of Art. 6(1)(f) GDPR from our overriding legitimate interest in promoting our offers by displaying the customer ratings already received. This data is not stored together with other personal data.

Use of Judge.me
We use the rating system "Judge.me" from Judge.me Ltd (c/o Buckworths 2nd Floor, 1-3 Worship Street, London, England, EC2A 2AB; "Judge.me") on our website.
Judge.me enables us to collect customer reviews and display them on our website to give you an insight into the quality of our services.
After an order, you may receive an invitation from us or Judge.me to submit a review and then submit a rating. In this process, the following data may be processed by us or Judge.me: email address, name, phone number, address, information about your device (IP address, information about your web browser and operating system used), information about the purchased product or service used (order number, product details), the content of your review and the star rating you gave, your product photos or videos (if you attached them to your product review). This data may also be used for the purpose of verifying your rating.
Judge.me uses technologies such as cookies.
Your data may be transferred outside the EU to the United Kingdom. An adequacy decision of the EU Commission exists for the United Kingdom.
Your data may be transferred to the USA. An adequacy decision of the EU Commission exists for the USA in the form of the Trans-Atlantic Data Privacy Framework (TADPF). Judge.me is not certified under the TADPF. This data transfer is based on specific contracts approved for use in the United Kingdom and offering the same protection as personal data in the United Kingdom.
The use of cookies or comparable technologies is carried out with your consent on the basis of § 25(1) sentence 1 TDDDG in conjunction with Art. 6(1)(a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6(1)(a) GDPR, provided you have expressly consented to the disclosure of your data and receipt of the rating request. You can revoke your consent at any time, without affecting the lawfulness of processing carried out on the basis of consent until revocation.
Further information on data protection when using Judge.me can be found at: https://judge.me/privacy.

Use of ReferralCandy

We use the referral program “ReferralCandy” from the provider Anafore Pte. Ltd., 3 Coleman Street, #03-24, Singapore 179804 (“ReferralCandy”) on our website. Through ReferralCandy, we can offer our customers participation in a referral program and reward successful referrals with premiums.

Processed Data
In the context of participation in the referral program, the following personal data may be processed in particular:

Name, email address, possibly further contact details,
Order information (e.g. order number, purchased products, return or cancellation information),
Technical information (e.g. IP address, browser and operating system used),
Tracking information about the referral link used as well as possibly cookies or comparable technologies.

Purposes of Processing
The data processing is carried out to technically provide the referral program, correctly assign referrals, award premiums, and prevent abuse and fraud.

Legal Bases

Art. 6(1)(b) GDPR (performance of pre-contractual measures and contract fulfillment, insofar as you actively participate in the referral program),
Art. 6(1)(f) GDPR (legitimate interest in conducting the referral program and in fraud prevention),
Art. 6(1)(a) GDPR in conjunction with § 25(1) TTDSG (if tracking cookies or comparable technologies are used and you have consented to this).
Consent given can be revoked at any time with effect for the future.

Recipients and Third-Country Transfer
ReferralCandy receives access to the aforementioned data as a processor. A transfer may also take place to third countries, in particular to Singapore and the USA. There is currently no adequacy decision of the EU Commission for Singapore. The data transfer therefore takes place on the basis of EU standard contractual clauses, which are intended to ensure an adequate level of data protection. For the USA, an adequacy decision of the EU Commission (Trans-Atlantic Data Privacy Framework – TADPF) exists. ReferralCandy is not certified under the TADPF, so EU standard contractual clauses also apply here.

Storage Period
The data will be stored for as long as is necessary for the implementation of the referral program and within the framework of statutory retention obligations.

Further information on data protection at ReferralCandy can be found at:
Anafore Privacy Policy | ReferralCandy

Use of your personal data for sending postal advertising
We use your personal data (name, address) that we have received in the context of the sale of goods or services to send you postal advertising, unless you have objected to this use. The provision of this data is necessary for the conclusion of the contract. Failure to provide it will result in no contract being concluded.
The processing is carried out on the basis of Art. 6(1)(f) GDPR from our overriding legitimate interest in direct advertising. You can object to this use of your address data at any time by notifying us. The contact details for exercising the objection can be found in the imprint.

Shipping Service Providers Inventory Management

Disclosure of the email address to shipping companies for information on shipping status
We pass on your email address to the transport company as part of order processing, provided you have expressly consented to this during the ordering process. The disclosure serves the purpose of informing you by email about the shipping status. The processing is based on Art. 6(1)(a) GDPR with your consent. You can revoke your consent at any time by notifying us or the transport company, without affecting the lawfulness of processing carried out on the basis of consent until revocation.

Use of an external inventory management system
We use an inventory management system for contract processing as part of order processing. For this purpose, your personal data collected in the context of the order is transmitted to
Shopify
.

The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is based on Art. 6(1)(b) GDPR.

Payment Service Providers Credit Check

Use of PayPal Express
We use the payment service PayPal Express from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of offering you payment via the PayPal Express payment service. For the integration of this payment service, it is necessary for PayPal to collect, store and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when the website is accessed. Cookies may also be used for this purpose. The cookies enable the recognition of your browser.
The processing of your personal data is carried out on the basis of Art. 6(1)(f) GDPR from our overriding legitimate interest in a customer-oriented offer of various payment methods. You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you.
By selecting and using PayPal Express, the data required for payment processing is transmitted to PayPal to fulfill the contract with you using the selected payment method. This processing is based on Art. 6(1)(b) GDPR. Further information on data processing when using the PayPal Express payment service can be found in the associated privacy policy at www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS.

Use of PayPal Check-Out
We use the payment service PayPal Check-Out from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of offering you payment via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or “Pay Later” via PayPal, the data required for payment processing is transmitted to PayPal to fulfill the contract with you using the selected payment method. This processing is based on Art. 6(1)(b) GDPR.

Cookies may be stored that enable the recognition of your browser. The resulting data processing is carried out on the basis of Art. 6(1)(f) GDPR from our overriding legitimate interest in a customer-oriented offer of various payment methods. You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you.

Credit card via PayPal, direct debit via PayPal & “Pay Later” via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or “Pay Later” via PayPal, PayPal reserves the right to obtain a credit report based on mathematical-statistical procedures using credit agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of non-payment for a balanced decision on the establishment, performance or termination of the contractual relationship. The credit report may contain probability values (score values) calculated on the basis of scientifically recognized mathematical-statistical procedures, into whose calculation, among other things, address data flow. Your legitimate interests are taken into account in accordance with the statutory provisions. The data processing serves the purpose of credit assessment for contract initiation. The processing is carried out on the basis of Art. 6(1)(f) GDPR from our overriding legitimate interest in protection against payment default if PayPal provides advance performance. You have the right to object at any time, on grounds relating to your particular situation, to this processing of personal data concerning you which is based on Art. 6(1)(f) GDPR by notifying PayPal. The provision of the data is necessary for the conclusion of the contract with the payment method you have chosen. Failure to provide it will result in the contract not being concluded with the payment method you have chosen.

Third-party providers
When paying via a third-party provider's payment method, the data required for payment processing is transmitted to PayPal. This processing is based on Art. 6(1)(b) GDPR. To carry out this payment method, the data may then be passed on by PayPal to the respective provider. This processing is based on Art. 6(1)(b) GDPR. Local third-party providers may include, for example:

Apple Pay (Apple Distribution International Ltd., Hollyhill Industrial Estate, Hollyhill, Cork, Ireland)
Google Pay (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland)
giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main)

Invoice purchase via PayPal
When paying via the invoice purchase payment method, the data required for payment processing is first transmitted to PayPal. To carry out this payment method, the data is then transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") to fulfill the contract with you using the selected payment method. This processing is based on Art. 6(1)(b) GDPR. Ratepay may carry out a credit check based on mathematical-statistical procedures (probability or score values) using credit agencies in the manner described above. The data processing serves the purpose of credit assessment for contract initiation. The processing is carried out on the basis of Art. 6(1)(f) GDPR from our overriding legitimate interest in protection against payment default if Ratepay provides advance performance. Further information on data protection and which credit agencies Ratepay uses can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.

Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Use of Klarna Payment Options

We use the payment service of Klarna Bank AB (publ) (Sveavägen 46, 111 34 Stockholm, Sweden; “Klarna”) on our website. By selecting and using payment via Klarna, the data required for payment processing is transmitted to Klarna to fulfill the contract with you using the selected payment method. This processing is based on Art. 6(1)(b) GDPR.

Cookies may be stored that enable the recognition of your browser. The resulting data processing is carried out on the basis of Art. 6(1)(f) GDPR from our overriding legitimate interest in a customer-oriented offer of various payment methods. You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you.

“Pay Later” (invoice), “Pay Now” (payment by direct debit, credit card, instant transfer), “Financing” (installment purchase)

For individual payment methods such as “Pay Later” (invoice), “Pay Now” (payment by direct debit, credit card, instant transfer), “Financing” (installment purchase), Klarna reserves the right to obtain a credit report based on mathematical-statistical procedures using credit agencies.

For this purpose, Klarna transmits the personal data required for a credit check, such as first and last name, address, gender, email address, IP address as well as data related to the order for the purpose of identity and credit assessment to a credit agency and uses the information received about the statistical probability of non-payment for a balanced decision on the establishment, performance or termination of the contractual relationship. The credit report may contain probability values (score values) calculated on the basis of scientifically recognized mathematical-statistical procedures, into whose calculation, among other things, address data flow. Your legitimate interests are taken into account in accordance with the statutory provisions. The data processing serves the purpose of credit assessment for contract initiation. The processing is carried out on the basis of Art. 6(1)(f) GDPR from our overriding legitimate interest in protection against payment default if Klarna provides advance performance. You have the right to object at any time, on grounds relating to your particular situation, to this processing of personal data concerning you which is based on Art. 6(1)(f) GDPR by notifying Klarna. The provision of the data is necessary for the conclusion of the contract with the payment method you have chosen. Failure to provide it will result in the contract not being concluded with the payment method you have chosen.

Further information, in particular to which credit agencies Klarna forwards your personal data, can be found for Germany at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies and for Austria at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/credit_rating_agencies.

General information about Klarna can be found for Germany at: https://www.klarna.com/de/ and for Austria at https://www.klarna.com/at/. Your personal data will be processed by Klarna in accordance with the applicable data protection regulations and in accordance with the information in Klarna's privacy policy for Germany at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy and for Austria at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy.

Cookies

Our website uses cookies. Cookies are small text files that are stored in the internet browser or by the internet browser on a user's computer system. When a user accesses a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string that enables the browser to be uniquely identified when the website is called up again.

Cookies are stored on your computer. You therefore have full control over the use of cookies. By selecting appropriate technical settings in your internet browser, you can be notified before cookies are set and decide individually whether to accept them, as well as prevent the storage of cookies and transmission of the data they contain. Cookies already stored can be deleted at any time. However, we would like to point out that you may then not be able to use all functions of this website to their full extent.

You can find information on how to manage (including deactivate) cookies in the most important browsers under the following links:

Chrome: https://support.google.com/accounts/answer/61416?hl=de
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09

Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac

Technically necessary cookies

Insofar as no other information is provided below in the privacy policy, we use only these technically necessary cookies for the purpose of making our offer more user-friendly, effective and secure. Furthermore, cookies enable our systems to recognize your browser even after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.

The use of cookies or comparable technologies is carried out on the basis of § 25(2) TDDDG. The processing of your personal data is carried out on the basis of Art. 6(1)(f) GDPR from our overriding legitimate interest in ensuring the optimal functionality of the website as well as a user-friendly and effective design of our offer.

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you.

Use of the Cookie

Use of the Cookie Consent Manager CCM19
We use the Cookie Consent Manager CCM19 from HB legal tech GmbH (Kohlgartenstraße 11 - 13, 04315 Leipzig;
"CCM19") on our website as part of order processing.
The plug-in is hosted at consenttool.haendlerbund.de
and enables you to give consents to data processing via the website,
in particular the setting of cookies, and to exercise your right of revocation for consents already given.
The data processing serves the purpose of obtaining and documenting necessary consents for data processing and thereby
complying with legal obligations.
Cookies are used for this purpose. In doing so, among other things, the following information may be collected, stored and possibly transmitted to HB legal tech GmbH:
randomly assigned ID, consent status, date and time of consent/refusal. The data is stored for 1 year
and one month and then deleted. This data is not passed on to other third parties.
The data processing is carried out to fulfill a legal obligation on the basis of Art. 6(1)(c) GDPR.
Further information on data protection can be found at: https://www.haendlerbund.de/de/datenschutzerklaerung.

Overview of Cookies and Consent Declaration

Analysis Advertising Tracking Communication

Use of Shopify Statistics
We use the statistics and analysis functions of Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of order processing. Shopify is an affiliated company of Shopify Inc. (151 O’Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The data processing serves the purpose of analyzing this website and its visitors. For this purpose, data is stored for marketing and optimization purposes and provided in reports, analyses and statistics. Among other things, the following device information is collected and processed: information about the web browser, IP address, time zone and some of the cookies installed on your device. When you navigate the website, information about visited web pages or products, referrer URL (website from which you accessed our website), as well as information about how you interact with the website is also collected. Technologies such as cookies as well as web beacons, tags and pixels (electronic files for collecting information about how you navigate the website) are used for this purpose.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. An adequacy decision of the EU Commission exists for Canada. For the USA, an adequacy decision of the EU Commission exists in the form of the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to the standard contractual clauses of the EU Commission.
The use of cookies or comparable technologies is carried out with your consent on the basis of § 25(1) sentence 1 TDDDG in conjunction with Art. 6(1)(a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6(1)(a) GDPR. You can revoke your consent at any time, without affecting the lawfulness of processing carried out on the basis of consent until revocation.
You can find further information on data protection at Shopify at https://www.shopify.com/de/legal/datenschutz, information on the order processing contract at https://www.shopify.com/de/legal/dpa as well as information on the cookies used at https://www.shopify.com/de/legal/cookies.

Use of the Meta Pixel

We use the Meta Pixel from Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "Meta") on our website.

Meta and we are jointly responsible for the collection of your data and the transmission of this data to Meta that takes place when the service is integrated. The basis for this is an agreement between us and Meta on joint processing of personal data, in which the respective responsibilities are defined. The agreement can be accessed at https://de-de.facebook.com/legal/terms/businesstools. According to this, we are in particular responsible for fulfilling the information obligations pursuant to Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, as well as for compliance with the obligations pursuant to Art. 33, 34 GDPR, insofar as a breach of the protection of personal data affects our obligations under the agreement on joint processing. Meta is responsible for enabling data subject rights pursuant to Art. 15 - 20 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the security of the service, and for the obligations pursuant to Art. 33, 34 GDPR, insofar as a breach of the protection of personal data affects Meta's obligations under the agreement on joint processing.

The application serves the purpose of targeting visitors to the website with interest-based advertising in the social networks Facebook and Instagram. For this purpose, the Meta remarketing tag has been implemented on the website. When visiting the website, this tag establishes a direct connection to the Meta servers. This transmits to the Meta server which of our pages you have visited. Meta assigns this information to your personal Facebook and/or Instagram user account. When you visit the social networks Facebook or Instagram, you will then be shown personalized, interest-based ads.

The application also serves the purpose of creating conversion statistics. We learn the total number of users who clicked on one of our ads and were redirected to a page tagged with a conversion tracking tag, as well as what actions were taken after redirection to this website. However, we do not receive information that allows users to be personally identified.

Your data may be transferred to the USA. An adequacy decision of the EU Commission exists for the USA in the form of the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself under the TADPF and has thus committed to complying with European data protection principles.

The processing of your personal data is carried out with your consent on the basis of Art. 6(1)(a) GDPR. You can revoke your consent at any time, without affecting the lawfulness of processing carried out on the basis of consent until revocation.
You can deactivate the remarketing function “Custom Audiences” here. Further information on the collection and use of data by Meta, your rights in this regard and options for protecting your privacy can be found in Meta's data protection notices at https://www.facebook.com/about/privacy/.

Use of Google Ads Conversion Tracking
We use the online advertising program “Google Ads” and conversion tracking (evaluation of visit actions) within this program on our website. Google Conversion Tracking is an analysis service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; Google).
When you click on an ad placed by Google, a cookie for conversion tracking is placed on your computer. These cookies have a limited validity, contain no personal data and therefore do not serve personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google Ads customer receives a different cookie. This means there is no way to track cookies across the websites of Ads customers.
The information obtained with the help of the conversion cookie serves the purpose of creating conversion statistics. We learn the total number of users who clicked on one of our ads and were redirected to a page tagged with a conversion tracking tag. However, we do not receive information that allows users to be personally identified.
Your data may be transmitted to the servers of Google LLC in the USA. An adequacy decision of the EU Commission exists for the USA in the form of the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles.

The use of cookies or comparable technologies is carried out with your consent on the basis of § 25(1) sentence 1 TDDDG in conjunction with Art. 6(1)(a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6(1)(a) GDPR. You can revoke your consent at any time, without affecting the lawfulness of processing carried out on the basis of consent until revocation.
Further information as well as Google's privacy policy can be found at: https://www.google.de/policies/privacy/

Use of Google AdSense
We use the AdSense function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website. The data processing serves the purpose of renting advertising space on the website and targeting visitors to the website with interest-based advertising. Through this function, personalized, interest-based advertising ads from the Google Display Network are placed for visitors to the provider's website. For this purpose, Google uses cookies that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. An adequacy decision of the EU Commission exists for the USA in the form of the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles. Google may also transfer this information to third parties if this is required by law or if third parties process this data on behalf of Google. Google will not associate your IP address with other Google data under any circumstances.
The use of cookies or comparable technologies is carried out with your consent on the basis of § 25(1) sentence 1 TDDDG in conjunction with Art. 6(1)(a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6(1)(a) GDPR. You can revoke your consent at any time, without affecting the lawfulness of processing carried out on the basis of consent until revocation.
Further information as well as Google's privacy policy can be found at: https://www.google.com/policies/technologies/ads/ and https://www.google.de/policies/privacy/

Use of TikTok Pixel
We use the TikTok Pixel from TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland; “TikTok Ireland”) and TikTok Information Technologies UK Limited (6th Floor, One London Wall, London, EC2Y 5EB, United Kingdom; “TikTok UK”) on our website. Both companies are joint controllers for data processing (hereinafter “TikTok”).
The data processing serves the purpose of identifying and analyzing access to our website by customers as well as better customer targeting through targeted advertising and evaluating the effectiveness of advertising on TikTok. For this purpose, TikTok uses technologies such as cookies and pixels that enable recognition of your browser. Among other things, the following information can be collected and transmitted to TikTok: date and time of visit, information about the browser and device type used, screen resolution, IP address. TikTok can assign this information to your personal TikTok user account. Usage profiles can be created from the collected data using pseudonyms. However, personal identification of users is not possible in this way.
Your data may be transferred to third countries, e.g. the USA. An adequacy decision of the EU Commission exists for the USA in the form of the Trans-Atlantic Data Privacy Framework (TADPF). TikTok is not certified under the TADPF. The data transfer to the USA as well as to third countries without an adequacy decision takes place, among other things, on the basis of standard contractual clauses as appropriate safeguards for the protection of personal data, available at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de.
The use of cookies or comparable technologies is carried out with your consent on the basis of § 25(1) sentence 1 TDDDG in conjunction with Art. 6(1)(a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6(1)(a) GDPR. You can revoke your consent at any time, without affecting the lawfulness of processing carried out on the basis of consent until revocation.
Further information on data protection can be found at https://www.tiktok.com/legal/page/eea/privacy-policy/de and https://ads.tiktok.com/i18n/official/policy/controller-to-controller.

Use of Shopify Inbox
We use the live chat system Shopify Inbox from Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of order processing. Shopify is an affiliated company of Shopify Inc. (151 O’Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The data processing serves the purpose of immediate and efficient communication between you and us as the provider. Data is stored and processed for the operation of the system as well as for the purpose of optimizing the service.
To operate the live chat system, cookies may be used that enable recognition of the browser. The following information may be collected and processed: IP address as well as personal data provided by you when using the chat system.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. An adequacy decision of the EU Commission exists for Canada. For the USA, an adequacy decision of the EU Commission exists in the form of the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to the standard contractual clauses of the EU Commission.
The use of cookies or comparable technologies is carried out with your consent on the basis of § 25(1) sentence 1 TDDDG in conjunction with Art. 6(1)(a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6(1)(a) GDPR. You can revoke your consent at any time, without affecting the lawfulness of processing carried out on the basis of consent until revocation.
Further information on data protection at Shopify can be found at https://www.shopify.com/de/legal/datenschutz and https://www.shopify.com/de/legal/dpa.

Plug-ins and Miscellaneous

Use of Google Tag Manager
We use the Google Tag Manager from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This application is used to manage JavaScript tags and HTML tags that are used in particular for the implementation of tracking and analysis tools. The data processing serves the purpose of needs-based design and optimization of our website.
The Google Tag Manager itself does not store cookies nor are personal data processed by it. However, it enables the triggering of further tags that can collect and process personal data.
Further information on terms of use and data protection can be found here.

Use of YouTube
We use the function for embedding YouTube videos from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “YouTube”) on our website. YouTube is an affiliated company of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
The function displays videos stored on YouTube in an iFrame on the website. The “extended data protection mode” is activated. As a result, YouTube does not store any information about visitors to the website. Only when you watch a video is information about this transmitted to YouTube and stored there. Your data may be transferred to the USA. An adequacy decision of the EU Commission exists for the USA in the form of the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of § 25(1) sentence 1 TDDDG in conjunction with Art. 6(1)(a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6(1)(a) GDPR. You can revoke your consent at any time, without affecting the lawfulness of processing carried out on the basis of consent until revocation.
Further information on the collection and use of data by YouTube and Google, your rights in this regard and options for protecting your privacy can be found in YouTube's privacy policy at https://www.youtube.com/t/privacy.

Use of Vimeo
We use plug-ins from Vimeo Inc. (555 West 18th Street New York, New York 10011, USA; “Vimeo”) on our website to embed videos from the “Vimeo” portal.
When you access pages of our website that are equipped with such a plug-in, a connection is established to Vimeo's servers and the plug-in is displayed on the page by notification to your browser. This transmits both your IP address and information about which of our pages you have visited to Vimeo's servers.
If you are logged in to Vimeo at the time, Vimeo assigns this information to your personal user account. When using the plug-in functions (e.g. by starting a video by pressing the corresponding button), this information is also assigned to your Vimeo account.
Your data may be transferred to the USA. An adequacy decision of the EU Commission exists for the USA in the form of the Trans-Atlantic Data Privacy Framework (TADPF). Vimeo has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of § 25(1) sentence 1 TDDDG in conjunction with Art. 6(1)(a) GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6(1)(a) GDPR. You can revoke your consent at any time, without affecting the lawfulness of processing carried out on the basis of consent until revocation.
Further information on the purpose and scope of data collection and the further use and processing of the data by Vimeo as well as your rights in this regard and options for protecting your privacy can be found in Vimeo's privacy policy: https://vimeo.com/privacy

Integration of the Händlerbund membership logo
The Händlerbund membership logo (Händlerbund e.V., Kohlgartenstraße 11 - 13, 04315 Leipzig) is integrated on our website. When you access our website, information is automatically sent to the server of Händlerbund e.V. by the browser used on your end device. This information is temporarily stored in a so-called server log file for 7 days. The following information is collected without your intervention and stored until automated deletion:

IP address of the requesting computer,
Date and time of access,
Name and URL of the retrieved file,
Website from which access was made (referrer URL),
browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

The temporary storage of the IP address by the system is necessary to enable delivery of the website. For this purpose, the IP address must remain stored for the duration of the session. Storage in log files is carried out to ensure the functionality of the website. In addition, the data serves to optimize the website and ensure the security of the information technology systems. This data is not stored together with other personal data. The legal basis for data processing is Art. 6(1) sentence 1(f) GDPR.

Integration of the buyer seal logo
The buyer seal logo (Händlerbund Management AG, Kohlgartenstraße 11 - 13, 04315 Leipzig) is integrated on our website. When you access our website, information is automatically sent to the server of Händlerbund Management AG by the browser used on your end device. This information is temporarily stored in a so-called server log file for 7 days. The following information is collected without your intervention and stored until automated deletion:

IP address of the requesting computer,
Date and time of access,
Name and URL of the retrieved file,
Website from which access was made (referrer URL),
browser used, protocol and, if applicable, the operating system of your computer as well as the name of your access provider.

Data Subject Rights and Storage Period

Duration of Storage
After complete contract processing, the data is first stored for the duration of the warranty period, then taking into account statutory, in particular tax and commercial retention periods, and then deleted after expiry of the period, unless you have consented to further processing and use.

Rights of the data subject
Provided the legal requirements are met, you have the following rights under Art. 15 to 20 GDPR: right to information, rectification, erasure, restriction of processing, data portability.
In addition, you have the right to object under Art. 21(1) GDPR to processing based on Art. 6(1)(f) GDPR, as well as to processing for direct marketing purposes.

Right to lodge a complaint with the supervisory authority
You have the right under Art. 77 GDPR to lodge a complaint with the supervisory authority if you believe that the processing of your personal data is not lawful.

You can lodge a complaint in particular with the supervisory authority responsible for us, which you can contact at the following contact details:

State Commissioner for Data Protection of Lower Saxony
Prinzenstraße 5
30159 Hannover
Phone: +49 511 1204500
Fax: +49 511 1204599
Email: poststelle@lfd.niedersachsen.de

Right to object
If the personal data processing listed here is based on our legitimate interest pursuant to Art. 6(1)(f) GDPR, you have the right to object to this processing at any time on grounds relating to your particular situation with effect for the future.
After objection, processing of the affected data will be terminated unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.

If personal data processing is for direct marketing purposes, you can object to this processing at any time by notifying us. After objection, we will terminate processing of the affected data for direct marketing purposes.

last update: 22.10.2024

Privacy policy

Let customers speak for us