Privacy Policy

1. An overview of data protection

General information

The fol­low­ing infor­ma­tion will pro­vide you with an easy to nav­i­gate overview of what will hap­pen with your per­son­al data when you vis­it this web­site. The term “per­son­al data” com­pris­es all data that can be used to per­son­al­ly iden­ti­fy you. For detailed infor­ma­tion about the sub­ject mat­ter of data pro­tec­tion, please con­sult our Data Pro­tec­tion Dec­la­ra­tion, which we have includ­ed beneath this copy.

Data recording on this website

Who is the responsible party for the recording of data on this website (i.e., the “controller”)?

The data on this web­site is processed by the oper­a­tor of the web­site, whose con­tact infor­ma­tion is avail­able under sec­tion “Infor­ma­tion about the respon­si­ble par­ty (referred to as the “con­troller” in the GDPR)” in this Pri­va­cy Pol­i­cy.

How do we record your data?

We col­lect your data as a result of your shar­ing of your data with us. This may, for instance be infor­ma­tion you enter into our con­tact form.

Oth­er data shall be record­ed by our IT sys­tems auto­mat­i­cal­ly or after you con­sent to its record­ing dur­ing your web­site vis­it. This data com­pris­es pri­mar­i­ly tech­ni­cal infor­ma­tion (e.g., web brows­er, oper­at­ing sys­tem, or time the site was accessed). This infor­ma­tion is record­ed auto­mat­i­cal­ly when you access this web­site.

What are the purposes we use your data for?

A por­tion of the infor­ma­tion is gen­er­at­ed to guar­an­tee the error free pro­vi­sion of the web­site. Oth­er data may be used to ana­lyze your user pat­terns.

What rights do you have as far as your information is concerned?

You have the right to receive infor­ma­tion about the source, recip­i­ents, and pur­pos­es of your archived per­son­al data at any time with­out hav­ing to pay a fee for such dis­clo­sures. You also have the right to demand that your data are rec­ti­fied or erad­i­cat­ed. If you have con­sent­ed to data pro­cess­ing, you have the option to revoke this con­sent at any time, which shall affect all future data pro­cess­ing. More­over, you have the right to demand that the pro­cess­ing of your data be restrict­ed under cer­tain cir­cum­stances. Fur­ther­more, you have the right to log a com­plaint with the com­pe­tent super­vis­ing agency.

Please do not hes­i­tate to con­tact us at any time if you have ques­tions about this or any oth­er data pro­tec­tion relat­ed issues.

2. Hosting

We are host­ing the con­tent of our web­site at the fol­low­ing provider:

All-Inkl

The Provider is the ALL-INKL.COM – Neue Medi­en Mün­nich, own­er: René Mün­nich, Haupt­straße 68, 02742 Frieder­s­dorf, Ger­many (here­inafter “All-Inkl”). For details, please vis­it the pri­va­cy pol­i­cy of All-Inkl: https://all-inkl.com/datenschutzinformationen/.

The use of All-Inkl is based on Art. 6(1)(f) GDPR. We have a legit­i­mate inter­est in the most reli­able rep­re­sen­ta­tion of our web­site. If appro­pri­ate con­sent has been obtained, the pro­cess­ing is car­ried out exclu­sive­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, inso­far the con­sent includes the stor­age of cook­ies or the access to infor­ma­tion in the user’s end device (e.g., device fin­ger­print­ing) with­in the mean­ing of the TTDSG. This con­sent can be revoked at any time.

Data processing

We have con­clud­ed a data pro­cess­ing agree­ment (DPA) for the use of the above-men­tioned ser­vice. This is a con­tract man­dat­ed by data pri­va­cy laws that guar­an­tees that they process per­son­al data of our web­site vis­i­tors only based on our instruc­tions and in com­pli­ance with the GDPR.

3. General information and mandatory information

Data protection

The oper­a­tors of this web­site and its pages take the pro­tec­tion of your per­son­al data very seri­ous­ly. Hence, we han­dle your per­son­al data as con­fi­den­tial infor­ma­tion and in com­pli­ance with the statu­to­ry data pro­tec­tion reg­u­la­tions and this Data Pro­tec­tion Dec­la­ra­tion.

When­ev­er you use this web­site, a vari­ety of per­son­al infor­ma­tion will be col­lect­ed. Per­son­al data com­pris­es data that can be used to per­son­al­ly iden­ti­fy you. This Data Pro­tec­tion Dec­la­ra­tion explains which data we col­lect as well as the pur­pos­es we use this data for. It also explains how, and for which pur­pose the infor­ma­tion is col­lect­ed.

We here­with advise you that the trans­mis­sion of data via the Inter­net (i.e., through e‑mail com­mu­ni­ca­tions) may be prone to secu­ri­ty gaps. It is not pos­si­ble to com­plete­ly pro­tect data against third-par­ty access.

Information about the responsible party (referred to as the “controller” in the GDPR)

The data pro­cess­ing con­troller on this web­site is:

Jus­tine Nana Djo­mou
Justbeauty& Shop
Haus­bergstrasse 23
61231 Bad Nauheim

Phone: +49 176 55376015
E‑mail: justbeauty_shop@t‑online.de

The con­troller is the nat­ur­al per­son or legal enti­ty that sin­gle-hand­ed­ly or joint­ly with oth­ers makes deci­sions as to the pur­pos­es of and resources for the pro­cess­ing of per­son­al data (e.g., names, e‑mail address­es, etc.).

Storage duration

Unless a more spe­cif­ic stor­age peri­od has been spec­i­fied in this pri­va­cy pol­i­cy, your per­son­al data will remain with us until the pur­pose for which it was col­lect­ed no longer applies. If you assert a jus­ti­fied request for dele­tion or revoke your con­sent to data pro­cess­ing, your data will be delet­ed, unless we have oth­er legal­ly per­mis­si­ble rea­sons for stor­ing your per­son­al data (e.g., tax or com­mer­cial law reten­tion peri­ods); in the lat­ter case, the dele­tion will take place after these rea­sons cease to apply.

General information on the legal basis for the data processing on this website

If you have con­sent­ed to data pro­cess­ing, we process your per­son­al data on the basis of Art. 6(1)(a) GDPR or Art. 9 (2)(a) GDPR, if spe­cial cat­e­gories of data are processed accord­ing to Art. 9 (1) DSGVO. In the case of explic­it con­sent to the trans­fer of per­son­al data to third coun­tries, the data pro­cess­ing is also based on Art. 49 (1)(a) GDPR. If you have con­sent­ed to the stor­age of cook­ies or to the access to infor­ma­tion in your end device (e.g., via device fin­ger­print­ing), the data pro­cess­ing is addi­tion­al­ly based on § 25 (1) TTDSG. The con­sent can be revoked at any time. If your data is required for the ful­fill­ment of a con­tract or for the imple­men­ta­tion of pre-con­trac­tu­al mea­sures, we process your data on the basis of Art. 6(1)(b) GDPR. Fur­ther­more, if your data is required for the ful­fill­ment of a legal oblig­a­tion, we process it on the basis of Art. 6(1)© GDPR. Fur­ther­more, the data pro­cess­ing may be car­ried out on the basis of our legit­i­mate inter­est accord­ing to Art. 6(1)(f) GDPR. Infor­ma­tion on the rel­e­vant legal basis in each indi­vid­ual case is pro­vid­ed in the fol­low­ing para­graphs of this pri­va­cy pol­i­cy.

Recipients of personal data

In the scope of our busi­ness activ­i­ties, we coop­er­ate with var­i­ous exter­nal par­ties. In some cas­es, this also requires the trans­fer of per­son­al data to these exter­nal par­ties. We only dis­close per­son­al data to exter­nal par­ties if this is required as part of the ful­fill­ment of a con­tract, if we are legal­ly oblig­at­ed to do so (e.g., dis­clo­sure of data to tax author­i­ties), if we have a legit­i­mate inter­est in the dis­clo­sure pur­suant to Art. 6 (1)(f) GDPR, or if anoth­er legal basis per­mits the dis­clo­sure of this data. When using proces­sors, we only dis­close per­son­al data of our cus­tomers on the basis of a valid con­tract on data pro­cess­ing. In the case of joint pro­cess­ing, a joint pro­cess­ing agree­ment is con­clud­ed.

Revocation of your consent to the processing of data

A wide range of data pro­cess­ing trans­ac­tions are pos­si­ble only sub­ject to your express con­sent. You can also revoke at any time any con­sent you have already giv­en us. This shall be with­out prej­u­dice to the law­ful­ness of any data col­lec­tion that occurred pri­or to your revo­ca­tion.

Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)

IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS, ON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING, EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION PURSUANT TO ART. 21(1) GDPR).

IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).

Right to log a complaint with the competent supervisory agency

In the event of vio­la­tions of the GDPR, data sub­jects are enti­tled to log a com­plaint with a super­vi­so­ry agency, in par­tic­u­lar in the mem­ber state where they usu­al­ly main­tain their domi­cile, place of work or at the place where the alleged vio­la­tion occurred. The right to log a com­plaint is in effect regard­less of any oth­er admin­is­tra­tive or court pro­ceed­ings avail­able as legal recours­es.

Right to data portability

You have the right to have data that we process auto­mat­i­cal­ly on the basis of your con­sent or in ful­fill­ment of a con­tract hand­ed over to you or to a third par­ty in a com­mon, machine-read­able for­mat. If you should demand the direct trans­fer of the data to anoth­er con­troller, this will be done only if it is tech­ni­cal­ly fea­si­ble.

Information about, rectification and eradication of data

With­in the scope of the applic­a­ble statu­to­ry pro­vi­sions, you have the right to demand infor­ma­tion about your archived per­son­al data, their source and recip­i­ents as well as the pur­pose of the pro­cess­ing of your data at any time. You may also have a right to have your data rec­ti­fied or erad­i­cat­ed. If you have ques­tions about this sub­ject mat­ter or any oth­er ques­tions about per­son­al data, please do not hes­i­tate to con­tact us at any time.

Right to demand processing restrictions

You have the right to demand the impo­si­tion of restric­tions as far as the pro­cess­ing of your per­son­al data is con­cerned. To do so, you may con­tact us at any time. The right to demand restric­tion of pro­cess­ing applies in the fol­low­ing cas­es:

  • In the event that you should dis­pute the cor­rect­ness of your data archived by us, we will usu­al­ly need some time to ver­i­fy this claim. Dur­ing the time that this inves­ti­ga­tion is ongo­ing, you have the right to demand that we restrict the pro­cess­ing of your per­son­al data.
  • If the pro­cess­ing of your per­son­al data was/is con­duct­ed in an unlaw­ful man­ner, you have the option to demand the restric­tion of the pro­cess­ing of your data instead of demand­ing the erad­i­ca­tion of this data.
  • If we do not need your per­son­al data any longer and you need it to exer­cise, defend or claim legal enti­tle­ments, you have the right to demand the restric­tion of the pro­cess­ing of your per­son­al data instead of its erad­i­ca­tion.
  • If you have raised an objec­tion pur­suant to Art. 21(1) GDPR, your rights and our rights will have to be weighed against each oth­er. As long as it has not been deter­mined whose inter­ests pre­vail, you have the right to demand a restric­tion of the pro­cess­ing of your per­son­al data.

If you have restrict­ed the pro­cess­ing of your per­son­al data, these data – with the excep­tion of their archiv­ing – may be processed only sub­ject to your con­sent or to claim, exer­cise or defend legal enti­tle­ments or to pro­tect the rights of oth­er nat­ur­al per­sons or legal enti­ties or for impor­tant pub­lic inter­est rea­sons cit­ed by the Euro­pean Union or a mem­ber state of the EU.

SSL and/or TLS encryption

For secu­ri­ty rea­sons and to pro­tect the trans­mis­sion of con­fi­den­tial con­tent, such as pur­chase orders or inquiries you sub­mit to us as the web­site oper­a­tor, this web­site uses either an SSL or a TLS encryp­tion pro­gram. You can rec­og­nize an encrypt­ed con­nec­tion by check­ing whether the address line of the brows­er switch­es from “http://” to “https://” and also by the appear­ance of the lock icon in the brows­er line.

If the SSL or TLS encryp­tion is acti­vat­ed, data you trans­mit to us can­not be read by third par­ties.

Encrypted payment transactions on this website

If you are under an oblig­a­tion to share your pay­ment infor­ma­tion (e.g. account num­ber if you give us the author­i­ty to deb­it your bank account) with us after you have entered into a fee-based con­tract with us, this infor­ma­tion is required to process pay­ments.

Pay­ment trans­ac­tions using com­mon modes of pay­ing (Visa/MasterCard, deb­it to your bank account) are processed exclu­sive­ly via encrypt­ed SSL or TLS con­nec­tions. You can rec­og­nize an encrypt­ed con­nec­tion by check­ing whether the address line of the brows­er switch­es from “http://” to “https://” and also by the appear­ance of the lock icon in the brows­er line.

If the com­mu­ni­ca­tion with us is encrypt­ed, third par­ties will not be able to read the pay­ment infor­ma­tion you share with us.

Rejection of unsolicited e‑mails

We here­with object to the use of con­tact infor­ma­tion pub­lished in con­junc­tion with the manda­to­ry infor­ma­tion to be pro­vid­ed in our Site Notice to send us pro­mo­tion­al and infor­ma­tion mate­r­i­al that we have not express­ly request­ed. The oper­a­tors of this web­site and its pages reserve the express right to take legal action in the event of the unso­licit­ed send­ing of pro­mo­tion­al infor­ma­tion, for instance via SPAM mes­sages.

4. Recording of data on this website

Cookies

Our web­sites and pages use what the indus­try refers to as “cook­ies.” Cook­ies are small data pack­ages that do not cause any dam­age to your device. They are either stored tem­porar­i­ly for the dura­tion of a ses­sion (ses­sion cook­ies) or they are per­ma­nent­ly archived on your device (per­ma­nent cook­ies). Ses­sion cook­ies are auto­mat­i­cal­ly delet­ed once you ter­mi­nate your vis­it. Per­ma­nent cook­ies remain archived on your device until you active­ly delete them, or they are auto­mat­i­cal­ly erad­i­cat­ed by your web brows­er.

Cook­ies can be issued by us (first-par­ty cook­ies) or by third-par­ty com­pa­nies (so-called third-par­ty cook­ies). Third-par­ty cook­ies enable the inte­gra­tion of cer­tain ser­vices of third-par­ty com­pa­nies into web­sites (e.g., cook­ies for han­dling pay­ment ser­vices).

Cook­ies have a vari­ety of func­tions. Many cook­ies are tech­ni­cal­ly essen­tial since cer­tain web­site func­tions would not work in the absence of these cook­ies (e.g., the shop­ping cart func­tion or the dis­play of videos). Oth­er cook­ies may be used to ana­lyze user behav­ior or for pro­mo­tion­al pur­pos­es.

Cook­ies, which are required for the per­for­mance of elec­tron­ic com­mu­ni­ca­tion trans­ac­tions, for the pro­vi­sion of cer­tain func­tions you want to use (e.g., for the shop­ping cart func­tion) or those that are nec­es­sary for the opti­miza­tion (required cook­ies) of the web­site (e.g., cook­ies that pro­vide mea­sur­able insights into the web audi­ence), shall be stored on the basis of Art. 6(1)(f) GDPR, unless a dif­fer­ent legal basis is cit­ed. The oper­a­tor of the web­site has a legit­i­mate inter­est in the stor­age of required cook­ies to ensure the tech­ni­cal­ly error-free and opti­mized pro­vi­sion of the operator’s ser­vices. If your con­sent to the stor­age of the cook­ies and sim­i­lar recog­ni­tion tech­nolo­gies has been request­ed, the pro­cess­ing occurs exclu­sive­ly on the basis of the con­sent obtained (Art. 6(1)(a) GDPR and § 25 (1) TTDSG); this con­sent may be revoked at any time.

You have the option to set up your brows­er in such a man­ner that you will be noti­fied any time cook­ies are placed and to per­mit the accep­tance of cook­ies only in spe­cif­ic cas­es. You may also exclude the accep­tance of cook­ies in cer­tain cas­es or in gen­er­al or acti­vate the delete-func­tion for the auto­mat­ic erad­i­ca­tion of cook­ies when the brows­er clos­es. If cook­ies are deac­ti­vat­ed, the func­tions of this web­site may be lim­it­ed.

Which cook­ies and ser­vices are used on this web­site can be found in this pri­va­cy pol­i­cy.

Consent with Borlabs Cookie

Our web­site uses the Bor­labs con­sent tech­nol­o­gy to obtain your con­sent to the stor­age of cer­tain cook­ies in your brows­er or for the use of cer­tain tech­nolo­gies and for their data pri­va­cy pro­tec­tion com­pli­ant doc­u­men­ta­tion. The provider of this tech­nol­o­gy is Bor­labs GmbH, Rübenkamp 32, 22305 Ham­burg, Ger­many (here­inafter referred to as Bor­labs).

When­ev­er you vis­it our web­site, a Bor­labs cook­ie will be stored in your brows­er, which archives any dec­la­ra­tions or revo­ca­tions of con­sent you have entered. These data are not shared with the provider of the Bor­labs tech­nol­o­gy.

The record­ed data shall remain archived until you ask us to erad­i­cate them, delete the Bor­labs cook­ie on your own or the pur­pose of stor­ing the data no longer exists. This shall be with­out prej­u­dice to any reten­tion oblig­a­tions man­dat­ed by law. To review the details of Bor­labs’ data pro­cess­ing poli­cies, please vis­it https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

We use the Bor­labs cook­ie con­sent tech­nol­o­gy to obtain the dec­la­ra­tions of con­sent man­dat­ed by law for the use of cook­ies. The legal basis for the use of such cook­ies is Art. 6(1)© GDPR.

Contact form

If you sub­mit inquiries to us via our con­tact form, the infor­ma­tion pro­vid­ed in the con­tact form as well as any con­tact infor­ma­tion pro­vid­ed there­in will be stored by us in order to han­dle your inquiry and in the event that we have fur­ther ques­tions. We will not share this infor­ma­tion with­out your con­sent.

The pro­cess­ing of these data is based on Art. 6(1)(b) GDPR, if your request is relat­ed to the exe­cu­tion of a con­tract or if it is nec­es­sary to car­ry out pre-con­trac­tu­al mea­sures. In all oth­er cas­es the pro­cess­ing is based on our legit­i­mate inter­est in the effec­tive pro­cess­ing of the requests addressed to us (Art. 6(1)(f) GDPR) or on your agree­ment (Art. 6(1)(a) GDPR) if this has been request­ed; the con­sent can be revoked at any time.

The infor­ma­tion you have entered into the con­tact form shall remain with us until you ask us to erad­i­cate the data, revoke your con­sent to the archiv­ing of data or if the pur­pose for which the infor­ma­tion is being archived no longer exists (e.g., after we have con­clud­ed our response to your inquiry). This shall be with­out prej­u­dice to any manda­to­ry legal pro­vi­sions, in par­tic­u­lar reten­tion peri­ods.

Communication via WhatsApp

For com­mu­ni­ca­tion with our cus­tomers and oth­er third par­ties, one of the ser­vices we use is the instant mes­sag­ing ser­vice What­sApp. The provider is What­sApp Ire­land Lim­it­ed, 4 Grand Canal Square, Grand Canal Har­bour, Dublin 2, Ire­land.

The com­mu­ni­ca­tion is encrypt­ed end-to-end (peer-to-peer), which pre­vents What­sApp or oth­er third par­ties from gain­ing access to the com­mu­ni­ca­tion con­tent. How­ev­er, What­sApp does gain access to meta­da­ta cre­at­ed dur­ing the com­mu­ni­ca­tion process (for exam­ple, sender, recip­i­ent, and time). We would also like to point out that What­sApp has stat­ed that it shares per­son­al data of its users with its U.S.-based par­ent com­pa­ny Meta. Fur­ther details on data pro­cess­ing can be found in the What­sApp pri­va­cy pol­i­cy at: https://www.whatsapp.com/legal/#privacy-policy.

The use of What­sApp is based on our legit­i­mate inter­est in com­mu­ni­cat­ing as quick­ly and effec­tive­ly as pos­si­ble with cus­tomers, inter­est­ed par­ties and oth­er busi­ness and con­trac­tu­al part­ners (Art. 6(1)(f) GDPR). If a cor­re­spond­ing con­sent has been request­ed, data pro­cess­ing is car­ried out exclu­sive­ly on the basis of the con­sent; this con­sent may be revoked at any time with effect for the future.

The com­mu­ni­ca­tion con­tent exchanged between you and us on What­sApp remains with us until you request us to delete it, revoke your con­sent to stor­age or the pur­pose for which the data is stored ceas­es to apply (e.g. after your request has been processed). Manda­to­ry legal pro­vi­sions, in par­tic­u­lar reten­tion peri­ods, remain unaf­fect­ed.

The com­pa­ny is cer­ti­fied in accor­dance with the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment between the Euro­pean Union and the US, which is intend­ed to ensure com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­cess­ing in the US. Every com­pa­ny cer­ti­fied under the DPF is oblig­ed to com­ply with these data pro­tec­tion stan­dards. For more infor­ma­tion, please con­tact the provider under the fol­low­ing link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt00000011sfnAAA&status=Active

Registration with Google

Instead of reg­is­ter­ing direct­ly on this web­site, you can reg­is­ter with Google. The provider of this ser­vice is Google Ire­land Lim­it­ed (“Google”), Gor­don House, Bar­row Street, Dublin 4, Ire­land.

To reg­is­ter with Google, you must only enter your Google name and pass­word. Google will iden­ti­fy you and con­firm your iden­ti­ty to our web­site.

When you sign in with Google, we may be able to use cer­tain infor­ma­tion in your account to com­plete your pro­file with us. You decide whether you want this infor­ma­tion to be used and if so, which infor­ma­tion it is, with­in the frame­work of your Google secu­ri­ty set­tings, which you can find here: https://myaccount.google.com/security and https://myaccount.google.com/permissions.

The data pro­cess­ing asso­ci­at­ed with Google’s reg­is­tra­tion is based on our legit­i­mate inter­est in mak­ing the reg­is­tra­tion process as sim­ple as pos­si­ble for our users (Art. 6(1)(f) GDPR). Since the use of the reg­is­tra­tion func­tion is vol­un­tary and the users them­selves can decide on the respec­tive access options, no con­flict­ing pre­dom­i­nant rights of the data sub­jects are appar­ent.

The com­pa­ny is cer­ti­fied in accor­dance with the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment between the Euro­pean Union and the US, which is intend­ed to ensure com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­cess­ing in the US. Every com­pa­ny cer­ti­fied under the DPF is oblig­ed to com­ply with these data pro­tec­tion stan­dards. For more infor­ma­tion, please con­tact the provider under the fol­low­ing link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

The comment function on this website

When you use the com­ment func­tion on this web­site, infor­ma­tion on the time the com­ment was gen­er­at­ed and your e‑mail-address and, if you are not post­ing anony­mous­ly, the user­name you have select­ed will be archived in addi­tion to your com­ments.

Storage of the IP address

Our com­ment func­tion stores the IP address­es of all users who enter com­ments. Giv­en that we do not review the com­ments pri­or to pub­lish­ing them, we need this infor­ma­tion in order to take action against the author in the event of rights vio­la­tions, such as defama­tion or pro­pa­gan­da.

Storage period for comments

Com­ments and any affil­i­at­ed infor­ma­tion shall be stored by us and remain on this web­site until the con­tent the com­ment per­tained to has been delet­ed in its entire­ty or if the com­ments had to be delet­ed for legal rea­sons (e.g., insult­ing com­ments).

Legal basis

Com­ments are stored on the basis of your con­sent (Art. 6(1)(a) GDPR). You have the right to revoke at any time any con­sent you have already giv­en us. To do so, all you are required to do is sent us an infor­mal noti­fi­ca­tion via e‑mail. This shall be with­out prej­u­dice to the law­ful­ness of any data col­lec­tion that occurred pri­or to your revo­ca­tion.

5. Social media

Facebook

We have inte­grat­ed ele­ments of the social net­work Face­book on this web­site. The provider of this ser­vice is Meta Plat­forms Ire­land Lim­it­ed, 4 Grand Canal Square, Dublin 2, Ire­land. Accord­ing to Facebook’s state­ment the col­lect­ed data will be trans­ferred to the USA and oth­er third-par­ty coun­tries too.

An overview of the Face­book social media ele­ments is avail­able under the fol­low­ing link: https://developers.facebook.com/docs/plugins/.

If the social media ele­ment has been acti­vat­ed, a direct con­nec­tion between your device and the Face­book serv­er will be estab­lished. As a result, Face­book will receive infor­ma­tion con­firm­ing your vis­it to this web­site with your IP address. If you click on the Face­book Like but­ton while you are logged into your Face­book account, you can link con­tent of this web­site to your Face­book pro­file. Con­se­quent­ly, Face­book will be able to allo­cate your vis­it to this web­site to your user account. We have to empha­size that we as the provider of the web­site do not receive any infor­ma­tion on the con­tent of the trans­ferred data and its use by Face­book. For more infor­ma­tion, please con­sult the Data Pri­va­cy Pol­i­cy of Face­book at: https://de-de.facebook.com/privacy/explanation.

If your approval (con­sent) has been obtained the use of the above­men­tioned ser­vice shall occur on the basis of Art. 6 Sect. 1 lit. a GDPR and § 25 TTDSG (Ger­man Telecom­mu­ni­ca­tions Act). Such con­sent may be revoked at any time. If your con­sent was not obtained, the use of the ser­vice will occur on the basis of our legit­i­mate inter­est in mak­ing our infor­ma­tion as com­pre­hen­sive­ly vis­i­ble as pos­si­ble on social media.

Inso­far as per­son­al data is col­lect­ed on our web­site with the help of the tool described here and for­ward­ed to Face­book, we and Meta Plat­forms Ire­land Lim­it­ed, 4 Grand Canal Square, Grand Canal Har­bour, Dublin 2, Ire­land are joint­ly respon­si­ble for this data pro­cess­ing (Art. 26 DSGVO). The joint respon­si­bil­i­ty is lim­it­ed exclu­sive­ly to the col­lec­tion of the data and its for­ward­ing to Face­book. The pro­cess­ing by Face­book that takes place after the onward trans­fer is not part of the joint respon­si­bil­i­ty. The oblig­a­tions incum­bent on us joint­ly have been set out in a joint pro­cess­ing agree­ment. The word­ing of the agree­ment can be found under: https://www.facebook.com/legal/controller_addendum. Accord­ing to this agree­ment, we are respon­si­ble for pro­vid­ing the pri­va­cy infor­ma­tion when using the Face­book tool and for the pri­va­cy-secure imple­men­ta­tion of the tool on our web­site. Face­book is respon­si­ble for the data secu­ri­ty of Face­book prod­ucts. You can assert data sub­ject rights (e.g., requests for infor­ma­tion) regard­ing data processed by Face­book direct­ly with Face­book. If you assert the data sub­ject rights with us, we are oblig­ed to for­ward them to Face­book.

Data trans­mis­sion to the US is based on the Stan­dard Con­trac­tu­al Claus­es (SCC) of the Euro­pean Com­mis­sion. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://de-de.facebook.com/help/566994660333381 and https://www.facebook.com/policy.php.

The com­pa­ny is cer­ti­fied in accor­dance with the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment between the Euro­pean Union and the US, which is intend­ed to ensure com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­cess­ing in the US. Every com­pa­ny cer­ti­fied under the DPF is oblig­ed to com­ply with these data pro­tec­tion stan­dards. For more infor­ma­tion, please con­tact the provider under the fol­low­ing link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active

6. Newsletter

Newsletter data

If you would like to sub­scribe to the newslet­ter offered on this web­site, we will need from you an e‑mail address as well as infor­ma­tion that allow us to ver­i­fy that you are the own­er of the e‑mail address pro­vid­ed and con­sent to the receipt of the newslet­ter. No fur­ther data shall be col­lect­ed or shall be col­lect­ed only on a vol­un­tary basis. We shall use such data only for the send­ing of the request­ed infor­ma­tion and shall not share such data with any third par­ties.

The pro­cess­ing of the infor­ma­tion entered into the newslet­ter sub­scrip­tion form shall occur exclu­sive­ly on the basis of your con­sent (Art. 6(1)(a) GDPR). You may revoke the con­sent you have giv­en to the archiv­ing of data, the e‑mail address, and the use of this infor­ma­tion for the send­ing of the newslet­ter at any time, for instance by click­ing on the “Unsub­scribe” link in the newslet­ter. This shall be with­out prej­u­dice to the law­ful­ness of any data pro­cess­ing trans­ac­tions that have tak­en place to date.

The data deposit­ed with us for the pur­pose of sub­scrib­ing to the newslet­ter will be stored by us until you unsub­scribe from the newslet­ter or the newslet­ter ser­vice provider and delet­ed from the newslet­ter dis­tri­b­u­tion list after you unsub­scribe from the newslet­ter or after the pur­pose has ceased to apply. We reserve the right to delete or block e‑mail address­es from our newslet­ter dis­tri­b­u­tion list at our own dis­cre­tion with­in the scope of our legit­i­mate inter­est in accor­dance with Art. 6(1)(f) GDPR.

Data stored for oth­er pur­pos­es with us remain unaf­fect­ed.

After you unsub­scribe from the newslet­ter dis­tri­b­u­tion list, your e‑mail address may be stored by us or the newslet­ter ser­vice provider in a black­list, if such action is nec­es­sary to pre­vent future mail­ings. The data from the black­list is used only for this pur­pose and not merged with oth­er data. This serves both your inter­est and our inter­est in com­ply­ing with the legal require­ments when send­ing newslet­ters (legit­i­mate inter­est with­in the mean­ing of Art. 6(1)(f) GDPR). The stor­age in the black­list is indef­i­nite. You may object to the stor­age if your inter­ests out­weigh our legit­i­mate inter­est.

7. eCommerce and payment service providers

Data transfer upon closing of contracts for online stores, retailers, and the shipment of merchandise

When­ev­er you order mer­chan­dise from us, we will share your per­son­al data with the trans­porta­tion com­pa­ny entrust­ed with the deliv­ery as well as the pay­ment ser­vice com­mis­sioned to han­dle the pay­ment trans­ac­tions. Only the data these respec­tive ser­vice providers require to meet their oblig­a­tions will be shared. The legal basis for this shar­ing is Art. 6 (1)(b) GDPR, which per­mits the pro­cess­ing of data for the ful­fill­ment of con­trac­tu­al or pre-con­trac­tu­al oblig­a­tions. If you give us your respec­tive con­sent pur­suant to Art. 6 (1)(a) GDPR, we will share your email address with the trans­porta­tion com­pa­ny entrust­ed with the deliv­ery so that this com­pa­ny can noti­fy you on the ship­ping sta­tus for your order via email. You have the option to revoke your con­sent at any time.

Payment services

We inte­grate pay­ment ser­vices of third-par­ty com­pa­nies on our web­site. When you make a pur­chase from us, your pay­ment data (e.g. name, pay­ment amount, bank account details, cred­it card num­ber) are processed by the pay­ment ser­vice provider for the pur­pose of pay­ment pro­cess­ing. For these trans­ac­tions, the respec­tive con­trac­tu­al and data pro­tec­tion pro­vi­sions of the respec­tive providers apply. The use of the pay­ment ser­vice providers is based on Art. 6(1)(b) GDPR (con­tract pro­cess­ing) and in the inter­est of a smooth, con­ve­nient, and secure pay­ment trans­ac­tion (Art. 6(1)(f) GDPR). Inso­far as your con­sent is request­ed for cer­tain actions, Art. 6(1)(a) GDPR is the legal basis for data pro­cess­ing; con­sent may be revoked at any time for the future.

We use the fol­low­ing pay­ment ser­vices / pay­ment ser­vice providers with­in the scope of this web­site:

PayPal

The provider of this pay­ment ser­vice is Pay­Pal (Europe) S.à.r.l. et Cie, S.C.A., 22–24 Boule­vard Roy­al, L‑2449 Lux­em­bourg (here­inafter “Pay­Pal”).

Data trans­mis­sion to the US is based on the Stan­dard Con­trac­tu­al Claus­es (SCC) of the Euro­pean Com­mis­sion. Details can be found here: https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.

Details can be found in PayPal’s pri­va­cy pol­i­cy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Stripe

The provider for cus­tomers with­in the EU is Stripe Pay­ments Europe, Ltd,1 Grand Canal Street Low­er, Grand Canal Dock, Dublin, Ire­land (here­inafter “Stripe”).

Data trans­mis­sion to the US is based on the Stan­dard Con­trac­tu­al Claus­es (SCC) of the Euro­pean Com­mis­sion. Details can be found here: https://stripe.com/de/privacy and https://stripe.com/de/guides/general-data-protection-regulation.

Details can be found in Stripe’s Pri­va­cy Pol­i­cy at the fol­low­ing link: https://stripe.com/de/privacy.

Mastercard

The provider of this pay­ment ser­vice is the Mas­ter­card Europe SA, Chaussée de Ter­vuren 198A, B‑1410 Water­loo, Bel­gium (here­inafter “Mas­ter­card”).

Mas­ter­card may trans­fer data to its par­ent com­pa­ny in the US. The data trans­fer to the US is based on Mas­ter­card’s Bind­ing Cor­po­rate Rules. Details can be found here: https://www.mastercard.de/de-de/datenschutz.html and https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf.

VISA

The provider of this pay­ment ser­vice is the Visa Europe Ser­vices Inc, Lon­don Branch, 1 Shel­don Square, Lon­don W2 6TT, Unit­ed King­dom (here­inafter “VISA”).

Great Britain is con­sid­ered a secure non-EU coun­try as far as data pro­tec­tion leg­is­la­tion is con­cerned. This means that the data pro­tec­tion lev­el in Great Britain is equiv­a­lent to the data pro­tec­tion lev­el of the Euro­pean Union.

VISA may trans­fer data to its par­ent com­pa­ny in the US. The data trans­fer to the US is based on the stan­dard con­trac­tu­al claus­es of the EU Com­mis­sion. Details can be found here: https://www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung/mitteilung-zu-zustandigkeitsfragen-fur-den-ewr.html.

For more infor­ma­tion, please refer to VISA’s pri­va­cy pol­i­cy: https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.

Shopping Cart
Scroll to Top
This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.