Privacy policy

Data Controller:
Maciej Sobkowiak
Lindenstraße 10
02923 Kodersdorf

Email: ehandel.oscar@gmail.com

We are pleased about your interest in our online shop. Protecting your privacy is very important to us. Below, we provide detailed information about how we handle your data.

1. Access Data and Hosting

You can visit our websites without providing any personal information. Each time a website is accessed, the web server automatically saves a so-called server log file, which includes, for example, the name of the requested file, your IP address, date and time of access, the amount of data transferred, and the requesting provider (access data), documenting the access.

These access data are evaluated exclusively for the purpose of ensuring trouble-free operation of the site and improving our offer. This is in line with our legitimate interests in a correct presentation of our offer in accordance with Art. 6 (1) sentence 1 lit. f GDPR. All access data will be deleted no later than seven days after the end of your site visit.

Hosting

The services for hosting and displaying the website are partially provided by our service providers as part of processing on our behalf. Unless otherwise explained in this privacy policy, all access data and all data collected in the forms provided on this website are processed on their servers.

If you have any questions about our service providers and the basis of our cooperation with them, please contact us using the contact options described in this privacy policy.

Our service providers are located and/or use servers in the following countries, for which the European Commission has determined an adequate level of data protection: Canada, New Zealand, Japan, United Kingdom, USA.

The adequacy decision for the USA serves as the basis for third-country transfers, provided that the respective service provider is certified. Until our service providers are certified, data transmission continues to be based on this basis: Standard Data Protection Clauses of the European Commission.

Our service providers are located and/or use servers in these countries: Australia, India, Singapore. For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on these guarantees: Standard Data Protection Clauses of the European Commission.

2. Data Processing for Contract Execution and Contact

2.1 Data Processing for Contract Execution

For the purpose of contract execution (including inquiries and processing of any existing warranty and performance claims as well as any legal update obligations) in accordance with Art. 6 (1) sentence 1 lit. b GDPR, we collect personal data if you voluntarily provide them to us within the scope of your order. Required fields are marked as such because we need the data in these cases to process the contract, and we cannot send the order without their provision. The data collected can be seen from the respective input forms.

Further information about the processing of your data, particularly regarding the transfer to our service providers for the purpose of order, payment, and shipping processing, can be found in the following sections of this privacy policy.

After the complete processing of the contract, your data will be restricted for further processing and deleted after the expiry of the tax and commercial retention periods in accordance with Art. 6 (1) sentence 1 lit. c GDPR, unless you have expressly consented to further use of your data in accordance with Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use data beyond this, which is legally permitted and about which we inform you in this policy.

Inventory Management System

For order and contract processing, we use inventory management systems from external service providers. Our service providers act on our behalf as part of processing.

If you have any questions about our service providers and the basis of our cooperation with them, please contact us using the contact options described in this privacy policy.

2.2 Customer Account

If you have given your consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR by choosing to open a customer account, we use your data for the purpose of opening the customer account and storing your data for further future orders on our website.

The deletion of your customer account is possible at any time and can be done either by sending a message to the contact option described in this privacy policy or via a function provided in the customer account.

After the deletion of your customer account, your data will be deleted unless you have expressly consented to further use of your data in accordance with Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use data beyond this, which is legally permitted and about which we inform you in this policy.

2.3 Contact

In the context of customer communication, we collect personal data to process your inquiries in accordance with Art. 6 (1) sentence 1 lit. b GDPR if you voluntarily provide them to us when contacting us (e.g., via contact form, live chat tool, or email).

Required fields are marked as such because we need the data in these cases to process your contact. The data collected can be seen from the respective input forms.

After the complete processing of your inquiry, your data will be deleted unless you have expressly consented to further use of your data in accordance with Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use data beyond this, which is legally permitted and about which we inform you in this policy.

Live Chat Tool WhatsApp

For customer communication, we use the live chat tool provided by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("WhatsApp").

This serves to protect our legitimate interests in effective and improved customer communication in accordance with Art. 6 (1) sentence 1 lit. f GDPR. WhatsApp acts on our behalf.

The phone numbers stored on our mobile device are automatically processed on servers of Meta companies headquartered at 1601 Willow Road, Menlo Park, California 94025, USA. Only phone numbers of customers who have previously contacted us via WhatsApp and have therefore already accepted WhatsApp's terms of use and privacy policy are stored.

Our service providers are located and/or use servers in the following countries, for which the European Commission has determined an adequate level of data protection: USA, Israel, United Kingdom.

The adequacy decision for the USA serves as the basis for third-country transfers, provided that the respective service provider is certified. A certification is available.

Our service providers are located and/or use servers in these countries: Singapore. For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on these guarantees: Standard Data Protection Clauses of the European Commission.

3. Data Processing for Shipping Purposes

To fulfill the contract in accordance with Art. 6 (1) sentence 1 lit. b GDPR, we pass on your data to the shipping service provider commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods.

Data Transfer to Shipping Service Providers for Shipping Notification

If you have given us your express consent during or after your order, we will pass on your email address and telephone number to the selected shipping service provider based on this consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR so that they can contact you before delivery for the purpose of delivery notification or coordination.

Shipping Service Providers:

• General Logistics Systems Germany GmbH & Co. OHG, GLS Germany-Straße 1 - 7, DE-36286 Neuenstein, Germany

• DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn, Germany

• Raben Trans European Germany GmbH, Holländerstraße 11, 68219 Mannheim, Germany

4. Data Processing for Payment Processing

In the processing of payments in our online shop, we work with the following partners: technical service providers, financial institutions, and payment service providers.

4.1 Data Processing for Transaction Processing

Depending on the selected payment method, we transfer the data necessary for processing the payment transaction to our technical service providers who act as processors on our behalf, or to the commissioned financial institutions or the selected payment service provider, as required for processing the payment. This is done to fulfill the contract in accordance with Art. 6 (1) sentence 1 lit. b GDPR.

In some cases, payment service providers collect the data required for payment processing themselves, for example, on their own website or through a technical integration in the ordering process. The privacy policy of the respective payment service provider applies in this case.

If you have any questions about our partners for payment processing and the basis of our cooperation with them, please contact us using the contact options described in this privacy policy.

4.2 Data Processing for Fraud Prevention and Optimization of Our Payment Processes

If necessary, we provide our service providers with additional data that they use together with the data necessary for processing the payment as our processors, for the purpose of fraud prevention and optimizing our payment processes (e.g., invoicing, handling disputed payments, supporting accounting).

This is done in accordance with Art. 6 (1) sentence 1 lit. f GDPR to protect our legitimate interests in securing ourselves against fraud and ensuring efficient payment management.

4.3 Identity and Credit Check for Klarna Payment Services

Klarna Direct Debit, Purchase on Account via Klarna, Klarna Installment Purchase
If you choose Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter "Klarna") as your payment service provider, we request your consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR, to transmit the data necessary for payment processing and an identity and credit check to Klarna.

In Germany, the credit check can be carried out using the credit agencies specified in Klarna's privacy policy. The information received about the statistical probability of a payment default is used by Klarna for a balanced decision regarding the establishment, implementation, or termination of the contractual relationship.

You can revoke your consent at any time by sending a message to the contact option specified in this privacy policy. This may result in us no longer being able to offer you certain payment options.

You can also revoke your consent to this use of personal data at any time directly with Klarna.

4.4 Identity and Credit Check for BillPay Payment Services (Operated by Klarna Bank AB)

If you choose the payment services of Klarna Bank AB (publ.), Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter "BillPay"), we request your consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR to transmit the data necessary for payment processing and an identity and credit check to BillPay.

In Germany, the credit check can be carried out using the credit agencies specified in BillPay's privacy policy. The information received about the statistical probability of a payment default is used by BillPay for a balanced decision regarding the establishment, implementation, or termination of the contractual relationship.

You can revoke your consent at any time by sending a message to the contact option specified in this privacy policy. This may result in us no longer being able to offer you certain payment options.

You can also revoke your consent to this use of personal data at any time directly with BillPay.

4.5 Identity and Credit Check for Purchase on Account via PayOne

If you choose the payment method "Purchase on Account" (offered via PayOne GmbH, Lyoner Str. 9, 60528 Frankfurt a. M., Germany, hereinafter "PayOne"), we request your consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR to transmit the data necessary for payment processing and an identity and credit check to PayOne.

In Germany, the credit check can be carried out using the credit agencies specified in PayOne's privacy policy. The information received about the statistical probability of a payment default is used by PayOne for a balanced decision regarding the establishment, implementation, or termination of the contractual relationship.

You can revoke your consent at any time by sending a message to the contact option specified in this privacy policy. This may result in us no longer being able to offer you certain payment options.

4.6 Identity and Credit Check for Purchase on Account via PayPal and Ratepay

If you choose the payment method "Purchase on Account" (offered via Ratepay GmbH, Franklinstraße 28-29, 10587 Berlin, hereinafter "Ratepay" and PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, hereinafter "PayPal")), we request your consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR to transmit the data necessary for payment processing and an identity and credit check to Ratepay.

In Germany, the credit check can be carried out using the credit agencies specified in Ratepay's privacy policy. The information received about the statistical probability of a payment default is used by Ratepay for a balanced decision regarding the establishment, implementation, or termination of the contractual relationship.

You can revoke your consent at any time by sending a message to the contact option specified in this privacy policy. This may result in us no longer being able to offer you certain payment options.

Additional information on data protection at PayPal can be found here.

5. Advertising via Email, Post, Telephone

5.1 Email Newsletter with Registration, Newsletter Tracking with Separate Consent

If you subscribe to our newsletter, we use the data required or separately provided by you to send you our email newsletter regularly based on your consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR.

You can unsubscribe from the newsletter at any time, either by sending a message to the contact option specified below or via a link provided in the newsletter. After unsubscribing, we delete your email address from the recipient list, unless you have expressly consented to further use of your data in accordance with Art. 6 (1) sentence 1 lit. a GDPR.

If you have additionally consented to the analysis of our newsletter in accordance with Art. 6 (1) sentence 1 lit. a GDPR, we also analyze your interaction with our newsletter by measuring, storing, and evaluating opening rates and click rates to design future newsletter campaigns.

For this analysis, the sent emails contain one-pixel technologies (e.g., web beacons, tracking pixels) stored on our website.

5.2 Data Collected for Newsletter Tracking

• The page from which the page was requested (so-called referrer URL),

• Date and time of access,

• Description of the type of web browser used,

• IP address of the requesting computer,

• Email address,

• Date and time of registration and confirmation.

Unsubscribing from newsletter tracking is possible at any time, either by sending a message to the contact option specified or via a link provided in the newsletter. The information is stored as long as you are subscribed to the newsletter.

5.2 Email Newsletter Without Registration and Your Right to Object

If we receive your email address in connection with the sale of a product or service and you have not objected to it, we reserve the right to regularly send you offers for similar products from our range via email, based on § 7 (3) UWG. This serves to protect our legitimate interests in direct advertising for our customers in accordance with Art. 6 (1) sentence 1 lit. f GDPR.

You can object to this use of your email address at any time by sending a message to the contact option specified in this privacy policy or via a link provided in the promotional email, without incurring any costs other than the transmission costs according to basic rates.

After you have unsubscribed, we will delete your email address from the recipient list, unless you have expressly consented to further use of your data in accordance with Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use your data in any other way that is legally permitted and about which we inform you in this privacy policy.

5.3 Newsletter Delivery

The newsletter and the above-described newsletter tracking may also be sent by our service providers within the framework of processing on our behalf. If you have any questions about our service providers and the basis of our cooperation with them, please contact us using the contact options specified in this privacy policy.

Our service providers are located and/or use servers in the following countries, where the European Commission has determined an adequate level of data protection: USA.

The adequacy decision for the USA serves as the basis for data transfer to third countries, provided that the respective service provider is certified. A certification is in place.

5.4 Sending Review Requests by Email

If you have given us your explicit consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR during or after your order, we will use your email address to request a review of your order through our review system.

This consent can be revoked at any time by sending a message to the contact option specified in this privacy policy or via a link provided in the review request.

After you have withdrawn your consent, we will delete your email address from the recipient list, unless you have expressly consented to further use of your data in accordance with Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use your data in any other way that is legally permitted and about which we inform you in this privacy policy.

The review requests may also be sent by our service provider Trusted Shops SE, Subbelrather Str. 15C, 50823 Cologne ("Trusted Shops").

In this context, we receive information about the respective status of the review request from Trusted Shops (e.g., whether the review request was sent and whether it was received).

This is done in accordance with Art. 6 (1) sentence 1 lit. f GDPR to protect our legitimate interest in obtaining information about the review invitations to make improvements as needed, as well as to protect the legitimate interest of Trusted Shops in providing this service.

For the sending of review requests and for the collection and display of review or status information, we are jointly responsible with Trusted Shops.

Within the framework of the joint responsibility existing between us and Trusted Shops, please direct any data protection inquiries and to assert your rights preferably to Trusted Shops using the contact information provided here.

Further information on data protection can be found in the following link here. Regardless, you can always contact us via the contact option specified in this privacy policy. Your request will then be forwarded to the other responsible party if necessary.

5.5 Direct Mail Advertising and Your Right to Object

Furthermore, we reserve the right to use your first and last name and your postal address for our own advertising purposes, for example, to send you interesting offers and information about our products by postal mail.

This serves to protect our legitimate interests in direct advertising for our customers in accordance with Art. 6 (1) sentence 1 lit. f GDPR.

You can object to the storage and use of your data for these purposes at any time by sending a message to the contact option specified in this privacy policy.

After you have withdrawn your consent, we will delete your address from the recipient list, unless you have expressly consented to further use of your data in accordance with Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use your data in any other way that is legally permitted and about which we inform you in this privacy policy.

5.6 Telephone Advertising

If you have given us your consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR, we will use the data provided by you for our own advertising purposes, e.g., to inform you about interesting offers and our products.

You can revoke your consent at any time either by sending a message to the contact option specified in this privacy policy or by making an oral declaration during any call.

After withdrawal, we will delete your phone number unless you have expressly consented to further use of your data or we reserve the right to use your data in any other way that is legally permitted and about which we inform you in this privacy policy.

6. Cookies and Other Technologies

6.1 General Information

To make visiting our website attractive and to enable the use of certain functions, we use technologies including so-called cookies on various pages. Cookies are small text files that are automatically stored on your device.

Some of the cookies we use are deleted after the end of the browser session, i.e., after you close your browser (session cookies). Other cookies remain on your device and allow us to recognize your browser on your next visit (persistent cookies).

Protection of Privacy on End Devices
When using our online services, we use technologies that are strictly necessary to provide the telemedia service you have expressly requested.

The storage of information on your device or access to information already stored on your device does not require your consent for these essential functions.

For non-essential functions, the storage of information on your device or access to information already stored on your device requires your consent.

Please note that if you do not provide consent, certain parts of the website may not be fully usable. Your consent remains valid until you change or reset the settings on your device.

Subsequent Data Processing via Cookies and Other Technologies

We use such technologies that are strictly necessary for the use of certain functions of our website (e.g., shopping cart function).

These technologies collect and process your IP address, time of visit, device and browser information, as well as information about your use of our website (e.g., information about the contents of the shopping cart).

This serves our legitimate interest in an optimized presentation of our offer in accordance with Art. 6 (1) sentence 1 lit. f GDPR.

In addition, we use technologies to fulfill the legal obligations we are subject to (e.g., to demonstrate consent to the processing of your personal data) as well as for web analysis and online marketing.

Further information on this, including the respective legal basis for data processing, can be found in the following sections of this privacy policy.

In some cases, we may use technologies not individually listed in this privacy policy. Detailed information about these technologies, including the respective legal basis for data processing, can be found on the Usercentrics platform. You can access this by clicking on the fingerprint button in the bottom right or left corner of the page.

Cookie Settings

You can find the cookie settings for your browser under the following links:

• Microsoft Edge™

• Safari™

• Chrome™

• Firefox™

• Opera™

If you have given your consent to the use of technologies in accordance with Art. 6 (1) sentence 1 lit. a GDPR, you can withdraw your consent at any time by sending a message to the contact option specified in this privacy policy. Alternatively, you can click on the fingerprint button in the lower right or left corner of the page.

If cookies are not accepted, the functionality of our website may be restricted.

6.2 Use of Usercentrics Consent Management Platform for Managing Consents

We use the Usercentrics Consent Management Platform ("Usercentrics") on our website to inform you about the cookies and other technologies we use on our website, as well as to obtain, manage, and document your consent to the processing of your personal data through these technologies, if required by law.

This is necessary to fulfill our legal obligation under Art. 7 (1) GDPR to be able to provide proof of your consent to the processing of your personal data, which we are subject to.

Usercentrics is a service provided by Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany, which processes your data on our behalf.

When you visit our website, the Usercentrics web server stores a so-called server log file, which also includes your anonymized IP address, date and time of the visit, device and browser information, as well as information about your consent behavior.

Your data will be deleted after three years, unless you have expressly consented to further use of your data in accordance with Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to use your data for other purposes permitted by law and which we inform you about in this policy.

Our service providers are located and/or use servers in the following countries, where the European Commission has determined an adequate level of data protection: USA.

The adequacy decision for the USA serves as the basis for data transfer to third countries, provided that the respective service provider is certified. A certification is in place.

6.3 Information on International Data Transfer (Data Transfer to Third Countries)

We use technologies from service providers on our website whose headquarters and/or server locations may be in third countries outside the EU or the EEA.

If there is no adequacy decision by the European Commission for this country, an adequate level of data protection must be ensured by other appropriate safeguards.

Appropriate safeguards in the form of standard contractual clauses issued by the European Commission or binding internal data protection rules (Binding Corporate Rules) are generally possible but require prior verification by the contracting parties to ensure an adequate level of protection.

According to the case law of the European Court of Justice (ECJ), it may be necessary to take additional protective measures.

We have generally agreed to the standard data protection clauses issued by the European Commission with the technology providers we use who process personal data in a third country.

Where possible, we also agree on additional guarantees to ensure that sufficient data protection is guaranteed in third countries without an adequacy decision.

Despite all contractual and technical measures, the level of data protection in the third country may not be equivalent to that of the EU.

In such cases, we may ask for your consent in the context of cookie consent, in accordance with Art. 49 (1) lit. a GDPR, for the transfer of your personal data to a third country.

There is a particular risk that local authorities in the third country may have access rights to your personal data that are not sufficiently restricted under European data protection law.

• We, as the data exporter, or you, as the data subject, may not be aware of such access.

• You may not have adequate legal remedies to prevent or take action against such access.

The following countries are currently considered third countries without an adequacy decision by the European Commission (examples):

• China

• Russia

• Taiwan

You can find out to which third countries data is transferred by us in the data protection information for the respective tool and/or the consent management platform (CMP) we use.

7. Use of Cookies and Other Technologies

We use the following cookies and other technologies from third-party providers on our website.

Unless otherwise stated for the individual technologies, this is done based on your consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR.

After the purpose has been achieved and the use of the respective technology has ended, the data collected in this context will be deleted.

You can revoke your consent at any time with effect for the future. Further information on your revocation options can be found in the section "Cookies and Other Technologies".

Further information, including the basis of our cooperation with the individual providers, can be found in the information on the respective technologies.

If you have any questions about the providers and the basis of our cooperation with them, please contact the contact option specified in this privacy policy.

7.1 Use of Google Services

We use the following technologies provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

The information collected automatically by Google technologies about your use of our website is generally transferred to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and stored there.

Unless otherwise stated for the individual technologies, data processing is carried out based on an agreement between jointly responsible parties in accordance with Art. 26 GDPR.

Further information on data processing by Google can be found in Google's data protection notices.

Our service providers are located and/or use servers in countries outside the EU and EEA, where the European Commission has determined an adequate level of data protection.

Our service providers are located and/or use servers in countries outside the EU and EEA.

For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on standard data protection clauses issued by the European Commission.

Google Analytics

For the purpose of website analysis, data (IP address, time of visit, device and browser information, and information about your use of our website) is automatically collected and stored using Google Analytics. This data is used to create usage profiles under pseudonyms. Cookies may be used for this purpose.

If you visit our website from the EU, your IP address is stored on a server within the EU for location determination and is then immediately deleted before the traffic is forwarded to other Google servers for processing.

Data processing is based on an agreement with Google for order processing.

To optimize the marketing of our website, we have activated data sharing settings for "Google Products and Services." This allows Google to access and use the data collected and processed by Google Analytics to improve Google services. Data sharing with Google as part of these settings is based on an additional agreement between the controllers. We have no influence over the subsequent data processing by Google.

Google Ads

For advertising purposes in Google search results and on third-party websites, a Google Remarketing cookie is set when you visit our website. This cookie automatically collects and processes data (IP address, time of visit, device and browser information, and information about your use of our website) using a pseudonymous CookieID and based on the pages you visit, allowing interest-based advertising.

Additional data processing only occurs if you have activated the "personalized advertising" setting in your Google account. If you are logged into Google during your website visit, Google uses your data together with Google Analytics data to create and define target audience lists for cross-device remarketing.

Google Maps

To visually display geographic information, Google Maps collects data about your use of the map functions, especially IP address and location data. This data is transmitted to and processed by Google. We have no control over this subsequent data processing.

YouTube Video Plugin

To integrate third-party content, the YouTube Video Plugin is used on our website in an enhanced data protection mode. Data (IP address, time of visit, device and browser information) is collected and transmitted to Google only when you play a video. The data is then processed by Google.

7.2 Use of Facebook Services

Use of Facebook Pixel

We use the Facebook Pixel within the scope of the technologies of Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland ("Facebook (by Meta)" or "Meta Platforms Ireland").

With the Facebook Pixel, data (IP address, time of visit, device and browser information, and information about your use of our website based on predefined events, such as website visits or newsletter subscriptions) is automatically collected and stored, creating usage profiles using pseudonyms.

A cookie is automatically set by the Facebook Pixel when you visit our website, allowing your browser to be recognized when visiting other websites.

Facebook (by Meta) may combine this information with other data from your Facebook account and use it to generate reports about website activity and provide other services related to website use, including personalized and group-based advertising.

The information collected automatically by Facebook (by Meta) technologies about your use of our website is generally transmitted to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, and stored there.

Further information on data processing by Facebook can be found in Facebook's data protection notices.

Our service providers are located and/or use servers in the following countries, for which the European Commission has determined an adequate level of data protection: USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.

The adequacy decision for the USA serves as the basis for data transfer to third countries, provided that the respective service provider is certified. Certification is in place.

Our service providers are located and/or use servers in these countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico.

For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on the following guarantees: Standard data protection clauses of the European Commission.

Facebook Analytics

Within the scope of Facebook Business Tools, statistics on visitor activities on our website are created from the data collected using the Facebook Pixel. Data processing is based on an agreement for order processing with Facebook (by Meta).

This analysis is used for the optimal presentation and marketing of our website.

Facebook Ads (Ad Manager)

We use Facebook Ads to promote this website on Facebook (by Meta) and other platforms.

We determine the parameters of the respective advertising campaign. Facebook (by Meta) is responsible for the specific implementation, particularly the decision regarding the placement of ads for individual users.

Unless otherwise specified for the individual technologies, data processing is based on an agreement between jointly responsible parties in accordance with Art. 26 GDPR.

Joint responsibility is limited to data collection and transmission to Meta Platforms Ireland. Subsequent data processing by Meta Platforms Ireland is not covered by this.

• Based on the statistics created using Facebook Pixel about visitor activities on our website, we run group-based advertising on Facebook (by Meta) via Facebook Custom Audience by determining the characteristics of the target group.

• Based on the pseudonymous Cookie-ID set by Facebook Pixel and the data collected about your usage behavior on our website, we run personalized advertising via Facebook Pixel Remarketing.

• We measure your subsequent usage behavior via Facebook Pixel Conversions for web analysis and event tracking when you visit our website via a Facebook Ads advertisement. Data processing is based on an agreement for order processing with Facebook (by Meta).

8. Integration of Trusted Shops Trustbadge/Other Widgets

To display Trusted Shops services (e.g., seal of approval, collected reviews) and offer Trusted Shops products to buyers after an order, Trusted Shops widgets are embedded on this website.

This is necessary to safeguard our legitimate interests in optimized marketing by enabling a secure purchase process in accordance with Art. 6 (1) sentence 1 lit. f GDPR.

The Trustbadge and the services advertised with it are provided by Trusted Shops SE, Subbelrather Str. 15C, 50823 Cologne ("Trusted Shops"), with whom we are jointly responsible for data protection in accordance with Art. 26 GDPR.

For questions regarding data protection and the exercise of your rights, please contact Trusted Shops directly using the contact options specified in their data protection information.

8.1 Data Processing When Integrating the Trustbadge/Other Widgets

The Trustbadge is provided by a US-based CDN provider (Content Delivery Network). An adequate level of data protection is ensured by an adequacy decision of the European Commission, which can be viewed here.

Service providers from the USA are generally certified under the EU-U.S. Data Privacy Framework (DPF). Further information can be found here. If service providers are not certified under the DPF, standard contractual clauses are used as an appropriate guarantee.

When calling up the Trustbadge, the web server automatically stores a server log file containing your IP address, date and time of access, transferred data volume, and the requesting provider (access data), which documents the access.

The IP address is anonymized immediately after collection, so the stored data cannot be linked to your identity.

The anonymized data is used for statistical purposes and error analysis.

9. Social Media

9.1 Social Buttons for Facebook (by Meta), X (formerly: Twitter), Instagram (by Meta), WhatsApp

Our website uses social buttons from social networks. These buttons are only integrated as HTML links on the page, so no connection to the servers of the respective provider is established when you access our website.

When you click on one of the buttons, the website of the respective social network opens in a new window of your browser. There, you can, for example, click the Like or Share button.

9.2 Our Online Presence on Facebook (by Meta), X (formerly: Twitter), Instagram (by Meta), YouTube, LinkedIn

If you have given your consent to the respective social media provider in accordance with Art. 6 (1) sentence 1 lit. a GDPR, your data will be automatically collected and stored for market research and advertising purposes when you visit our online presence on the above-mentioned social media.

Usage profiles may be created from this data using pseudonyms. These profiles can be used to display advertisements inside and outside the platforms that are likely to match your interests. Cookies are generally used for this purpose.

For detailed information on the processing and use of data by the respective social media provider, as well as your rights and settings to protect your privacy, please refer to the linked privacy notices of the providers.

If you need further assistance, you can always contact us.

Facebook (by Meta)

Facebook (by Meta) is an offering of Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland ("Meta Platforms Ireland").

The information automatically collected by Meta Platforms Ireland about your use of our online presence on Facebook (by Meta) is generally transmitted to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, and stored there.

Data processing in connection with visiting a Facebook (by Meta) fan page is based on an agreement between jointly responsible parties in accordance with Art. 26 GDPR.

Further information (including information on Insights data) can be found here.

Our service providers are located and/or use servers in the following countries where the European Commission has determined an adequate level of data protection:

• USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.

The adequacy decision for the USA serves as the basis for data transfer to third countries, provided the respective service provider is certified. Certification is in place.

Our service providers are located and/or use servers in the following countries:

• Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico.

For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on these guarantees: Standard data protection clauses of the European Commission.

X (formerly Twitter)

X is an offering of Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland ("X").

The information automatically collected by X about your use of our online presence on X is generally transmitted to a server of X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, and stored there.

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection.

Our service providers are located and/or use servers in countries outside the EU and the EEA. For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on standard data protection clauses of the European Commission.

Instagram (by Meta)

Instagram (by Meta) is an offering of Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland ("Meta Platforms Ireland").

The information automatically collected by Meta Platforms Ireland about your use of our online presence on Instagram is generally transmitted to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, CA 94025, USA, and stored there.

Data processing in connection with visiting an Instagram (by Meta) fan page is based on an agreement between jointly responsible parties in accordance with Art. 26 GDPR.

Further information (including information on Insights data) can be found here.

Our service providers are located and/or use servers in the following countries where the European Commission has determined an adequate level of data protection:

• USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.

The adequacy decision for the USA serves as the basis for data transfer to third countries, provided the respective service provider is certified. Certification is in place.

Our service providers are located and/or use servers in the following countries:

• Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico.

For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on these guarantees: Standard data protection clauses of the European Commission.

YouTube

YouTube is an offering of Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

The information automatically collected by Google about your use of our online presence on YouTube is generally transmitted to a server of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and stored there.

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection.

Our service providers are located and/or use servers in countries outside the EU and the EEA. For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on standard data protection clauses of the European Commission.

LinkedIn

LinkedIn is an offering of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn").

The information automatically collected by LinkedIn about your use of our online presence on LinkedIn is generally transmitted to a server of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA, and stored there.

Our service providers are located and/or use servers in the following countries where the European Commission has determined an adequate level of data protection:

• USA.

The adequacy decision for the USA serves as the basis for data transfer to third countries, provided the respective service provider is certified. Certification is in place.

10. Contact Options and Your Rights

10.1 Your Rights

As a data subject, you have the following rights:

• According to Art. 15 GDPR, the right to request information about your personal data processed by us.

• According to Art. 16 GDPR, the right to request the immediate correction of incorrect or incomplete personal data stored by us.

• According to Art. 17 GDPR, the right to request the deletion of your personal data stored by us, unless further processing is necessary for:

  • Exercising the right to freedom of expression and information.

  • Fulfilling a legal obligation.

  • Reasons of public interest.

  • Establishing, exercising, or defending legal claims.

• According to Art. 18 GDPR, the right to request the restriction of processing your personal data if:

  • You dispute the accuracy of the data.

  • The processing is unlawful, but you oppose deletion.

  • We no longer need the data, but you require it to establish, exercise, or defend legal claims.

  • You have objected to the processing under Art. 21 GDPR.

• According to Art. 20 GDPR, the right to receive your personal data in a structured, commonly used, and machine-readable format.

• According to Art. 77 GDPR, the right to lodge a complaint with a supervisory authority.

Right to Object If we process your personal data based on our legitimate interests as explained above, you have the right to object to this processing at any time with effect for the future. If the processing is for direct marketing purposes, you may exercise this right at any time as described above. If the processing is for other purposes, you only have the right to object if there are reasons arising from your particular situation. After you have exercised your right to object, we will no longer process your personal data for these purposes, unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights, and freedoms, or if the processing is for the establishment, exercise, or defense of legal claims. This does not apply if the processing is for direct marketing purposes. In that case, we will no longer process your personal data for this purpose.

10.2 Contact Options

If you have any questions regarding the collection, processing, or use of your personal data, for information, correction, restriction, or deletion of data, as well as for the withdrawal of any consent given or objection to a specific data use, please contact us directly using the contact details provided in our legal notice (Impressum).