We are delighted by your interest in our online shop. The protection of your personal data is of great importance to us. Below, we provide detailed information on how we handle your data.
- Data Controller The data controller responsible for the collection, processing, and use of your personal data, as defined by data protection laws, is:
Am Krähenwald 41A
21465 Reinbek // Germany
If you have any questions regarding data protection, please feel free to contact us: Email: firstname.lastname@example.org
You can use our website without providing any personal data. However, if an individual wants to avail themselves of our company’s services through our website, the processing of personal data may be necessary. If the processing of personal data is required and there is no legal basis for such processing, we always obtain the consent of the individual concerned.
The processing of personal data (such as name, address, email address, or telephone number of an affected person) is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection regulations applicable to us.
As the data controller, we have implemented numerous technical and organizational measures to ensure the most comprehensive protection of the personal data processed through our website. However, data transmissions over the Internet can generally have security vulnerabilities. Therefore, a 100% guarantee of data protection cannot be provided. Consequently, any affected person may choose alternative methods, such as transmitting personal data via telephone.
“Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
“Data subject” means any identified or identifiable natural person whose personal data is processed by the data controller.
“Processing” means any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction.
“Restriction of processing” means the marking of stored personal data with the aim of limiting their processing in the future.
“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
“Controller” means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
“Recipient” means a natural or legal person, public authority, agency, or another body to whom personal data are disclosed, whether a third party or not. However, public authorities that may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients. The processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
“Third party” means a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
“Consent” of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Name and contact details of the data controller:
This privacy notice applies to data processing by:
Controller: Hodjat Yousufi (Get-Fans UG (haftungsbeschränkt)) Email: email@example.com Phone: 0049176 26 88 60 00
Collection and storage of personal data, as well as the type and purpose of their use: a) When visiting the website
You can generally use our website without disclosing your identity. When you access our website, information is automatically sent to our website’s server by the browser used on your device. This information is temporarily stored in a log file. The following information is collected without your intervention and stored until it is automatically deleted:
- IP address of the requesting computer
- Date and time of access
- Name and URL of the retrieved file
- Website from which access is made (referrer URL)
- Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider.
We process the aforementioned data for the following purposes:
- Ensuring a smooth connection to the website
- Ensuring a comfortable use of our website
- Evaluation of system security and stability
- Other administrative purposes
The legal basis for data processing is Art. 6(1)(f) of the General Data Protection Regulation (GDPR). Our legitimate interest follows from the purposes listed above for data collection. Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person.
When using our contact form:
If you have any questions, we provide you with the opportunity to contact us via a form provided on our website. Providing a valid email address is necessary so that we know who the inquiry is from and can respond to it. Additional information can be provided voluntarily. It is up to your free decision whether you want to enter this data within the contact form.
The data processing for the purpose of contacting us is based on Art. 6(1)(a) of the General Data Protection Regulation (GDPR), relying on your voluntarily given consent.
The personal data collected by us for the use of the contact form will be automatically deleted after we have processed your inquiry.
When ordering through our website:
You can place orders on our website either as a guest without registering or by registering as a customer for future orders. Registering has the advantage that, in case of future orders, you can log in directly to our shop using your email address and password without having to enter your contact details again.
Your personal data is entered into an input form on our website, transmitted to us, and stored. When you place an order through our website, whether as a guest or as a registered customer, we initially collect the following data:
Salutation, first name, last name, a valid email address, address, telephone number (landline and/or mobile).
The collection of this data is carried out:
to identify you as our customer; to process, fulfill, and handle your order; to correspond with you; for invoicing purposes; to handle any liability claims that may arise and to assert any claims against you; to ensure the technical administration of our website; to manage our customer data.
During the ordering process, your consent to the processing of this data is obtained.
The data processing is based on your order and/or registration and is necessary for the appropriate processing of your order and for the mutual fulfillment of obligations arising from the purchase contract, pursuant to Art. 6(1)(b) of the General Data Protection Regulation (GDPR).
The personal data collected by us for the processing of your order will be stored until the expiration of the legal retention period and then deleted unless we are obliged to store them for a longer period of time based on Article 6(1)(c) of the GDPR due to tax and commercial storage and documentation obligations (from the German Commercial Code, Criminal Code, or Fiscal Code), or unless you have consented to further storage pursuant to Art. 6(1)(a) of the GDPR.
We only disclose your personal data to third parties if it is necessary for the performance of the contract, such as the logistics company responsible for the delivery and the financial institution handling the payment. In cases where we disclose your personal data to third parties, the scope of the transmitted data is limited to the necessary minimum.
We will only disclose your personal data to third parties if:
you have given your explicit consent pursuant to Art. 6(1)(a) of the GDPR, disclosure is necessary under Art. 6(1)(f) of the GDPR for the establishment, exercise, or defense of legal claims, and there is no reason to believe that you have an overriding legitimate interest in not disclosing your data, there is a legal obligation to disclose the data under Art. 6(1)(c) of the GDPR, or it is legally permissible and necessary for the performance of contractual relationships with you under Art. 6(1)(b) of the GDPR.
During the ordering process, your consent to the disclosure of your data to third parties is obtained.
The cookies store information that is related to the specific device you are using. However, this does not mean that we immediately gain knowledge of your identity.
Furthermore, we also use temporary cookies to optimize user-friendliness. These cookies are stored on your device for a defined period of time. If you revisit our website to use our services, it will automatically recognize that you have been with us before and remember your previous inputs and settings, so you don’t have to enter them again.
The data processed by cookies is necessary for the purposes mentioned above in order to safeguard our legitimate interests and the interests of third parties, in accordance with Art. 6(1)(f) of the GDPR.
Most browsers accept cookies automatically. However, you can configure your browser to prevent cookies from being stored on your computer or to display a prompt before a new cookie is created. Please note that disabling cookies entirely may result in you not being able to use all the features of our website.
Links to Third-Party Websites
The links published on our website are researched and compiled with the utmost care. However, we have no control over the current and future design and content of the linked pages. We are not responsible for the content of linked pages and explicitly do not endorse the content of these pages. The provider of the linked website is solely responsible for illegal, incorrect, or incomplete content, as well as for any damages resulting from the use or non-use of the information. The liability of the party referring to the publication through a link is excluded. We can only be held responsible for external references if we have positive knowledge of them, including any illegal or criminal content, and if it is technically possible and reasonable for us to prevent their use.
Analyzing and Tracking Tools
The tracking measures listed below are carried out based on Art. 6(1)(f) of the General Data Protection Regulation (GDPR). The purpose of these tracking measures is to ensure a needs-based design and continuous optimization of our website. Additionally, we use tracking measures to statistically analyze the usage of our website and evaluate it for the purpose of optimizing our offerings for you. These interests are to be considered legitimate within the meaning of the aforementioned regulation.
a) Google Analytics
For the purpose of needs-based design and continuous optimization of our pages, we use Google Analytics, a web analytics service provided by Google Inc. (https://www.google.com/intl/en/about/)(1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as “Google”). In this context, pseudonymized user profiles are created, and cookies (see section 5) are used. The information generated by the cookie regarding your use of this website, such as:
- Browser type/version
- Operating system used
- Referrer URL (the previously visited page)
- Hostname of the accessing computer (IP address)
- Time of the server request
is transmitted to and stored on a server operated by Google in the United States. This information is used to evaluate website usage, compile reports on website activity, and provide other services related to website activity and internet usage for the purposes of market research and needs-based design of these web pages. This information may also be transferred to third parties if required by law or if third parties process this data on behalf of Google. Under no circumstances will your IP address be merged with other Google data. IP addresses are anonymized, so that allocation is not possible (IP masking).
You can prevent the installation of cookies by adjusting your browser software accordingly; however, please note that if you do this, you may not be able to use all the features of our website to their full extent.
Furthermore, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading and installing a browser add-on(https://tools.google.com/dlpage/gaoptout?hl=en).
In addition to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on the link above. An opt-out cookie will be set, which prevents the future collection of your data when visiting our website. The opt-out cookie is only valid in this browser and only for our website and will be stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
For more information on data protection in connection with Google Analytics, please refer to the Google Analytics Help page at the following link: Google Analytics Help
Google AdWords Conversion Tracking
In order to statistically analyze the usage of our website and evaluate it for the purpose of optimizing our website, we also use Google Conversion Tracking. Google AdWords sets a cookie (see section 5) on your computer if you have accessed our website via a Google ad.
These cookies expire after 30 days and are not used for personal identification. If the user visits certain pages of the AdWords customer’s website and the cookie has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page.
Each AdWords customer receives a different cookie. Cookies cannot be tracked across the websites of AdWords customers. The information obtained through the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers are informed of the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that personally identifies users.
Social Media Plugins
On the basis of Article 6(1)(f) of the GDPR, we use social plugins from social networks (such as Facebook, Twitter, Google+) on our website to promote awareness of our company. The underlying advertising purpose is considered a legitimate interest within the meaning of the GDPR. The responsibility for ensuring data protection-compliant operation lies with the respective providers of these social plugins. We use a two-click method to integrate these plugins into our website in order to protect our visitors’ privacy to the best possible extent.
- a) Facebook
On our website, we use social media plugins from Facebook to personalize the user experience. This involves the “LIKE” or “SHARE” buttons, which are provided by Facebook.
When you visit a page on our website that contains such a plugin, your browser establishes a direct connection to Facebook’s servers. The content of the plugin is transmitted directly from Facebook to your browser and integrated into the website.
By integrating the plugins, Facebook receives information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted from your browser directly to a server of Facebook in the United States and stored there.
If you are logged in to Facebook, Facebook can directly associate your visit to our website with your Facebook account. When you interact with the plugins, such as pressing the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook, visible to everyone.
Facebook can use this information for advertising, market research, and personalized design of Facebook pages. For this purpose, Facebook creates usage, interest, and relationship profiles, e.g., to evaluate your use of our website in relation to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website, and to provide further services related to the use of Facebook.
If you do not want Facebook to associate the data collected through our website with your Facebook account, you must log out of Facebook before visiting our website.
- b) Twitter
Our website includes plugins from the short message network of Twitter Inc. (Twitter). You can recognize the Twitter plugins (tweet button) by the Twitter logo on our site. An overview of tweet buttons can be found at this link on Twitter: https://dev.twitter.com/web/tweet-button
When you visit a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. This enables Twitter to receive information that you have visited our page with your IP address. If you click the Twitter “tweet button” while logged into your Twitter account, you can link the content of our pages to your Twitter profile. This allows Twitter to associate the visit to our pages with your user account. We would like to point out that as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Twitter.
If you do not want Twitter to be able to associate your visit to our pages, please log out of your Twitter user account.
- c) Google „+1“-Schaltfläche
Unser Internetauftritt verwendet die „+1“-Schaltfläche des sozialen Netzwerkes Google, welches von der Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043-1351, USA betrieben wird. Die Schaltfläche ist mit einem „+1″ gekennzeichnet.
Die „+1“ Schaltfläche ist ein Kürzel für “das ist ziemlich cool” oder “schau dir das an”. Die Schaltfläche wird nicht verwendet, um Ihre Besuche im Web zu erfassen.
Enthält eine Webseite unseres Internetauftrittes die „+1“-Schaltfläche, dann wird ihr Internetbrowser diese Schaltfläche vom Google-Server laden und darstellen. Die von Ihnen besuchte Website unseres Internetauftrittes wird dem Google-Server automatisch mitgeteilt. Beim Anzeigen einer +1-Schaltfläche protokolliert Google nicht dauerhaft Ihren Browserverlauf, sondern lediglich für die Dauer von bis zu zwei Wochen.
Google hält diese Daten über Ihren Besuch für diesen Zeitraum zu Systemwartungs- und Fehlerbehebungszwecken gespeichert. Diese Daten sind jedoch nicht nach individuellen Profilen, Nutzernamen oder URLs strukturiert. Diese Informationen sind auch nicht für Website-Publisher oder Inserenten zugänglich. Die Verwendung dieser Informationen dient nur zur Wartung und Fehlerbeseitigung in internen Systemen bei Google. Es wird Ihr Besuch auf einer Seite mit +1-Schaltfläche auch nicht in anderer Weise von Google ausgewertet.
Eine weitergehende Auswertung Ihres Besuchs einer Webseite unseres Internetauftrittes mit einer „+1“-Schaltfläche erfolgt nicht.
Die Vergabe von +1 selbst ist ein öffentlicher Vorgang, d.h. jeder, der eine Google-Suche ausführt oder Inhalte im Web aufruft, denen Sie +1 geben, kann potenziell sehen, dass Sie dem betreffenden Inhalt ein +1 gegeben haben. Geben Sie daher nur dann +1, wenn Sie sich ganz sicher sind, dass Sie diese Empfehlung mit der ganzen Welt teilen möchten.
Ein Klick auf diesen +1-Button dient als Empfehlung für andere Nutzer in Googles Suchergebnissen. Sie können öffentlich mitteilen, dass Ihnen unsere Webseite gefällt, unsere Webseite Ihre Zustimmung findet oder dass Sie unsere Webseite empfehlen können. Haben Sie sich für Google+ registriert und sind eingeloggt, dann färbt sich die +1-Schaltfläche bei einem Klick blau. Zudem wird das +1 zu dem +1-Tab in Ihrem Google-Profil hinzugefügt. Auf diesem Tab können Sie Ihre +1 verwalten und entscheiden, ob Sie den +1-Tab öffentlich machen möchten.
Um Ihre +1-Empfehlung zu speichern und öffentlich zugänglich machen zu können erfasst Google über Ihr Profil Informationen über die von Ihnen empfohlene URL, Ihre IP-Adresse und andere browserbezogene Informationen. Wenn Sie Ihre +1 zurücknehmen, werden diese Informationen gelöscht. Sämtliche +1-Empfehlungen von Ihnen sind auf dem +1- Tab in Ihrem Profil aufgelistet.
Weitere Hinweise und die geltenden Datenschutzbestimmungen von Google können unter https://www.google.de/intl/de/policies/privacy/ abgerufen werden. Weitere Hinweise von Google zur Google+1-Schaltfläche finden Sie unter dem Link https://developers.google.com/+/web/buttons-policy
You have the following rights:
- According to Article 15 of the GDPR, you have the right to obtain information about the personal data we process about you. This includes information about the purposes of the processing, the categories of personal data involved, the recipients or categories of recipients to whom the data has been or will be disclosed, the envisaged storage period, your rights to rectification, erasure, restriction of processing or objection, the right to lodge a complaint with a supervisory authority, the source of your data if it was not collected from you, and the existence of automated decision-making, including profiling, and meaningful information about the details of such processes.
- According to Article 16 of the GDPR, you have the right to request the correction of inaccurate or incomplete personal data stored by us without undue delay.
- According to Article 17 of the GDPR, you have the right to request the erasure of your personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims.
- According to Article 18 of the GDPR, you have the right to request the restriction of the processing of your personal data if you contest the accuracy of the data, the processing is unlawful, but you oppose its erasure, and we no longer need the data for the purposes of processing, but you require it for the establishment, exercise, or defense of legal claims, or you have objected to the processing under Article 21 of the GDPR.
- According to Article 20 of the GDPR, you have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format, or to request its transmission to another controller.
- According to Article 7(3) of the GDPR, you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
- According to Article 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement.
If your personal data is processed based on legitimate interests in accordance with Article 6(1)(f) of the GDPR, you have the right to object to the processing of your personal data under Article 21 of the GDPR. This applies if there are reasons arising from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us without specifying any particular situation.
If you wish to exercise your right to withdraw or object, simply send an email to: firstname.lastname@example.org
During your website visit, we utilize the widely adopted SSL (Secure Socket Layer) protocol in conjunction with the highest level of encryption supported by your browser. Typically, this entails 256-bit encryption. If your browser does not support 256-bit encryption, we fallback to 128-bit v3 technology. You can recognize whether an individual page of our website is transmitted securely by the closed representation of a key or lock symbol in the lower status bar of your browser.
Furthermore, we employ appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. We continuously enhance our security measures in line with technological advancements.
1 Datenschutzbehörden verlangen für den zulässigen Einsatz von Google Analytics den Abschluss einer Auftragsdatenverarbeitungs-Vereinbarung. Eine entsprechende Vorlage wird unter http://www.google.com/analytics/terms/de.pdf von Google angeboten.
Quelle: Muster-Datenschutzerklärung erstellt durch Rechtsanwalt Andreas Gerstel (http://www.anwaltblog24.de/)