Personal data (hereinafter mostly referred to as “data”) will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its content and the services offered there.
I. Information about the data controller
II. Rights of users and data subjects
With regard to the data processing described in more detail below, users and data subjects have the right to:
- Confirmation whether personal data concerning them is being processed, information about the processed data, further information about the data processing, and copies of the data (see Article 15 DS-GVO);
- Rectification or completion of inaccurate or incomplete data (see Article 16 DS-GVO);
- Erasure of personal data concerning them without undue delay (see Article 17 DS-GVO) or, if further processing is necessary according to Article 17(3) DS-GVO, restriction of processing in accordance with Article 18 DS-GVO;
- Receipt of the personal data concerning them and provided by them, and the right to transmit such data to other controllers/providers (see Article 20 DS-GVO);
- Objection to the processing of personal data concerning them (see Article 21 DS-GVO);
- Lodging a complaint with a supervisory authority if they consider that the processing of personal data relating to them infringes data protection regulations (see Article 77 DS-GVO).
Furthermore, the provider is obliged to inform all recipients to whom data has been disclosed by the provider about any rectification or erasure of data or restriction of processing carried out in accordance with Articles 16, 17(1), 18 DS-GVO. However, this obligation does not apply if such notification is impossible or involves disproportionate effort. Notwithstanding the above, the user has the right to information about these recipients.
III. Information on Data Processing
Your data processed when using our website will be deleted or blocked as soon as the purpose of storage ceases to apply, there are no legal retention obligations preventing deletion, and no contradictory statements are made regarding individual processing procedures below.
For technical reasons, particularly to ensure a secure and stable website, data is transmitted to us or to our web hosting provider by your internet browser. These so-called server log files include the type and version of your internet browser, the operating system, the website from which you accessed our website (referrer URL), the website(s) of our website that you visit, the date and time of each access, and the IP address of the internet connection from which our website is accessed.
These collected data are temporarily stored, but not together with other data about you.
This storage is based on Art. 6(1)(f) GDPR. Our legitimate interest lies in the improvement, stability, functionality, and security of our website.
The data will be deleted at the latest after seven days, unless further storage is required for evidentiary purposes. In such cases, the data will be excluded from deletion until the respective incident has been finally clarified.
Means and Purpose of Processing
Like many other websites, we use “cookies.” Cookies are small text files that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. This allows us to obtain certain data, such as IP address, browser used, and operating system.
Cookies cannot be used to launch programs or transmit viruses to a computer. The information contained in cookies helps us to facilitate navigation and display our web pages correctly.
Under no circumstances will the data we collect be disclosed to third parties or linked to personal data without your consent. However, third parties may create and process essential or non-essential cookies with your consent. Information on all cookies is provided in the next section.
Storage Duration and Cookies Used
|session||Helps WooCommerce determine when cart contents/data changes.|
|session||Helps WooCommerce determine when cart contents/data changes.|
|2 days||Contains a unique code for each customer so that it knows where to find the cart data in the database for each customer.|
|session||Powers the Recent Viewed Products widget.|
|session||Allows customers to dismiss the Store Notice.|
|15 days||Provides protection against hackers, stores account details.|
|15 days||Stores logged in user.|
|1 day||Securely set or restrict access to the website for users based on their capability level.|
To the extent that these cookies may also involve personal data, we will inform you accordingly.
You can delete individual cookies or the entire cookie inventory through your browser settings. In addition, you can obtain information and instructions on how to delete these cookies or block their storage in advance. Depending on your browser provider, you will find the necessary information on their website.
Third Party Services
We have a legitimate interest in using PayPal, according to Art. 6 (1) (f) GDPR, which consists in offering our products. You can object to the processing of your data on the basis of our legitimate interest at any time pursuant to the requirements of Art. 21 GDPR. To do this, please contact us using the details given in the legal notice.
For processing payments, we use the PayPal service from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (“PayPal”), 22-24 Boulevard Royal, L-2449 Luxembourg. This service allows us to offer you a variety of payment methods. If you use a PayPal service, PayPal will collect information about the transaction and further information related to the transaction, such as the amount sent or requested, the amount paid for the products or services, information about the trader, including details of the payment sources used for the transaction, device information, technical usage data and location data.
If you have a PayPal account, PayPal can connect the data sent to your account, even across devices. In principle, we have no influence on this data processing. PayPal is therefore responsible for this data processing.
Details on the data collected and information about how PayPal processes the collected data can be found in PayPal’s privacy statement: https://www.paypal.com/uk/webapps/mpp/ua/privacy-full
This also includes information on banking regulations for customers in the EEA and Switzerland.
With some PayPal services, PayPal makes an advance payment, thus incurring a credit risk. PayPal therefore reserves the right to carry out a credit check for payment methods by credit card and direct debit. For this purpose, PayPal transmits your information (name, address, date of birth, bank account details) to credit agencies. PayPal uses the result of the credit check with regard to the statistical probability of payment default in order to make a decision on providing the respective payment methods. The credit check may contain probability values (so-called score values). Where score values affect the result of the credit check, they are based on a scientifically recognised mathematical and statistical process.
Further data protection information, including the credit agencies used, can also be found in the PayPal privacy statement: https://www.paypal.com/uk/webapps/mpp/ua/privacy-full
We have a legitimate interest in using PayPal, according to Art. 6 (1) (f) GDPR, which consists in offering a variety of payment methods as simple as possible via one service, so there is no need to instruct a separate service provider for each payment method. This also reduces the number of recipients of your data. You can object to the processing of your data on the basis of our legitimate interest at any time pursuant to the requirements of Art. 21 GDPR. To do this, please contact us using the details given in the legal notice.
To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g., SSL) via HTTPS.
Contacting the Data Protection Officer
If you have any questions regarding data protection, please contact us via email at email@example.com.