Privacy Policy
Privacy Policy
Unless otherwise stated below, the provision of your personal data is not required by law or contract, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide the data will have no consequences. This applies only insofar as no other information is given in the following processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.
Contact
Controller
Contact us if you wish. The controller for data processing is: YOVANA GmbH, Ruhrorter Str. 112, 45478 Mülheim an der Ruhr Germany, 0208 - 444 78 98 1, info@yogabox.de
Proactive customer contact by email
If you proactively contact us for business purposes by email, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves to process and answer your contact request.
If the contact serves to carry out pre-contractual measures (e.g., advice on purchase interest, quote generation) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If the contact is made for other reasons, this data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right to object at any time to the processing of personal data concerning you based on Art. 6 para. 1 lit. f GDPR for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when using the contact form
When using the contact form, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves the purpose of contacting you.
If the contact serves to carry out pre-contractual measures (e.g., advice on purchase interest, quote generation) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If the contact is made for other reasons, this data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right to object at any time to the processing of personal data concerning you based on Art. 6 para. 1 lit. f GDPR for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Use of address validation from Endereco
We use the address validation service of Endereco UG (haftungsbeschränkt) (Balthasar-Neumann-Str. 4b, 97236 Randersacker, Germany; "Endereco") on our website.
The data processing serves the purpose of checking your entries in our address forms for input and spelling errors in real time, and, if necessary, to complete missing data. In the event of incorrectly entered data, alternative suggestions for correcting the data are displayed.
Among other things, the following information can be transmitted to Endereco and processed there: postal addresses (country, city, postal code, street, house number), email address, telephone number.
The processing of your personal data is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in accurate data for fulfilling our contractual obligations. You have the right to object at any time to this processing of personal data concerning you for reasons arising from your particular situation.
The data is processed separately by the provider and not merged with other data. It is deleted by the provider as soon as the status of the entered data has been determined, but no later than after 30 days.
Further information on data protection at Endereco can be found at: https://www.endereco.de/datenschutzerklaerung/.
If you contact us via WhatsApp for business purposes, we use the WhatsApp Business version of WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "WhatsApp"). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and answer your contact request. For this purpose, we collect and process your mobile phone number stored on WhatsApp, and if provided, your name and other data to the extent provided by you. For the service, we use a mobile device whose address book only stores data of users who have contacted us via WhatsApp. No personal data is therefore passed on to WhatsApp without your prior consent to WhatsApp.
Your data will be transmitted by WhatsApp to Meta Platforms Inc. servers in the USA. For the USA, an adequacy decision of the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. has certified itself under the TADPF and has thus committed to complying with European data protection principles. If the contact serves to carry out pre-contractual measures (e.g., advice on purchase interest, quote generation) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If the contact is made for other reasons, this data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in providing a quick and easy way to contact us and in answering your request. In this case, you have the right to object at any time to the processing of personal data concerning you based on Art. 6 para. 1 lit. f GDPR for reasons arising from your particular situation.
We only use your personal data to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Further information on terms of use and data protection when using WhatsApp can be found at https://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy.
Customer Account Orders
Customer Account
When opening a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the lawfulness of the processing carried out on the basis of the consent until revocation. Your customer account will then be deleted.
Reviews Advertising
Data collection when writing a comment or review
When commenting on or reviewing an article or post, we collect your personal data (name, email address, comment text) only to the extent provided by you. The processing serves the purpose of enabling commenting/reviewing and displaying comments/reviews.
For the purpose of verifying your review/comment, we also collect the following data: order number, , invoice number, .
By submitting the comment/review, you consent to the processing of the transmitted data. The processing is based on Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out based on the consent until revocation. Your personal data will then be deleted.
When your comment/review is published, only the name you provided will be published.
Disclosure of email address to shipping companies for information on shipping status
We pass on your email address to the transport company as part of contract processing, provided you have expressly agreed to this during the ordering process. The transfer serves the purpose of informing you about the shipping status by email. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us or the transport company, without affecting the legality of the processing carried out based on the consent until revocation.
Use of an external merchandise management system
We use a merchandise management system as part of order processing to fulfill contracts. For this purpose, your personal data collected during the order process is transmitted to
plentysystems AG, Johanna-Waescher-Straße 7, 34131 Kassel.
The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is based on Art. 6 para. 1 lit. b GDPR.
Payment service providers
Use of PayPal Express
We use the payment service PayPal Express from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. Data processing serves the purpose of offering you payment via the PayPal Express payment service.
To integrate this payment service, it is necessary for PayPal to collect, store and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when the website is accessed. Cookies may also be used for this purpose. Cookies enable your browser to be recognized.
The use of cookies or similar technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
By selecting and using PayPal Express, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Further information on data processing when using the PayPal Express payment service can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS
Use of PayPal Check-Out
We use the payment service PayPal Check-Out from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. Data processing serves the purpose of offering you payment via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Cookies may be stored here, which enable your browser to be recognized. The data processing that takes place as a result is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offer of various payment methods. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation.
Credit card via PayPal, direct debit via PayPal & "Pay later" via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, PayPal reserves the right to obtain a credit report if necessary on the basis of mathematical-statistical procedures using credit agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution or termination of the contractual relationship. The credit report may contain probability values (score values) which are calculated on the basis of scientifically recognized mathematical-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit checking for contract initiation. The processing is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when PayPal makes advance payments.
You have the right to object to this processing of your personal data based on Art. 6 para. 1 lit. f GDPR at any time for reasons arising from your particular situation by notifying PayPal. The provision of data is required for the conclusion of the contract with the payment method you desire. Failure to provide it means that the contract cannot be concluded with the payment method you have chosen.
Third-party providers
When paying via a third-party payment method, the data required for payment processing is transmitted to PayPal. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. To carry out this payment method, the data may then be passed on by PayPal to the respective provider. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Local third-party providers can be, for example:
Purchase on account via PayPal
When paying via the invoice purchase payment method, the data required for payment processing is first transmitted to PayPal. To carry out this payment method, the data is then transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Ratepay may carry out a credit check based on mathematical-statistical procedures (probability or score values) using credit agencies according to the procedure already described above. The data processing serves the purpose of credit checking for contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when Ratepay makes advance payments. Further information on data protection and which credit agencies Ratepay uses can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.
Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Cookies
Our website uses cookies. Cookies are small text files that are stored in the internet browser or by the internet browser on a user's computer system. If a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.
Storage Period
After complete contract processing, the data will first be stored for the duration of the warranty period, then taking into account statutory retention periods, in particular tax and commercial law retention periods, and then deleted after the expiry of the period, unless you have consented to further processing and use.
Rights of the Data Subject
If the legal requirements are met, you have the following rights under Art. 15 to 20 GDPR: Right to information, to rectification, to erasure, to restriction of processing, to data portability.
In addition, under Art. 21 (1) GDPR, you have a right to object to processing based on Art. 6 (1) (f) GDPR, as well as to processing for the purpose of direct marketing.
Right to Lodge a Complaint with the Supervisory Authority
According to Art. 77 GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that the processing of your personal data is not lawful.
You can lodge a complaint, among others, with the supervisory authority responsible for us, which you can reach at the following contact details:
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
Postfach 20 04 44
40102 Düsseldorf
Tel.: +49 211 384240
Fax: +49 211 38424999
E-Mail: poststelle@ldi.nrw.de
Right to Object
If the personal data processing listed here is based on our legitimate interest according to Art. 6 (1) (f) GDPR, you have the right to object to this processing at any time with effect for the future for reasons arising from your particular situation.
After an objection has been made, the processing of the data concerned will be terminated, unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.
Last updated: 22.10.2024
Unless otherwise stated below, the provision of your personal data is not required by law or contract, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide the data will have no consequences. This applies only insofar as no other information is given in the following processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.
Server Log Files
You can visit our websites without providing any personal information.
Each time you access our website, usage data is transmitted to us or our web host / IT service provider by your internet browser and stored in log data (so-called server log files). This stored data includes, for example, the name of the page accessed, the date and time of access, the IP address, the amount of data transferred and the requesting provider.
The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in ensuring the trouble-free operation of our website and to improve our offer.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. For Canada, an adequacy decision of the EU Commission exists. For the USA, an adequacy decision of the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations comparable to those of the standard contractual clauses of the EU Commission.The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in ensuring the trouble-free operation of our website and to improve our offer.
Contact
Controller
Contact us if you wish. The controller for data processing is: YOVANA GmbH, Ruhrorter Str. 112, 45478 Mülheim an der Ruhr Germany, 0208 - 444 78 98 1, info@yogabox.de
Proactive customer contact by email
If you proactively contact us for business purposes by email, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves to process and answer your contact request.
If the contact serves to carry out pre-contractual measures (e.g., advice on purchase interest, quote generation) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If the contact is made for other reasons, this data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right to object at any time to the processing of personal data concerning you based on Art. 6 para. 1 lit. f GDPR for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when using the contact form
When using the contact form, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves the purpose of contacting you.
If the contact serves to carry out pre-contractual measures (e.g., advice on purchase interest, quote generation) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If the contact is made for other reasons, this data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right to object at any time to the processing of personal data concerning you based on Art. 6 para. 1 lit. f GDPR for reasons arising from your particular situation.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when using the revocation button
If you have concluded a contract via our online presence, we provide you with a revocation function (revocation button) through which you can submit your declaration of revocation directly.
When using the revocation function, we collect your personal data (name, email address, information to identify the contract or part of the contract you wish to revoke, as well as the time (date and time) of sending the declaration of revocation) only to the extent provided by you. The data processing serves the purpose of providing you with the legally required option to revoke your contract and for the proper processing of your revocation.
If the contact concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Otherwise, the data processing is carried out on the basis of Art. 6 para. 1 lit. c GDPR, as we are legally obliged to provide you with a revocation function on our online presence.
We only use your email address to process your declaration of revocation. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
The processing of your personal data serves the purpose of legally complying with the statutory requirements for the design of the revocation function and is carried out on the basis of Art. 6 para. 1 lit. c GDPR. This data processing is also carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in being able to provide you with a user-friendly revocation option. In this case, you have the right to object at any time to the processing of personal data concerning you based on Art. 6 para. 1 lit. f GDPR for reasons arising from your particular situation.
We use the address validation service of Endereco UG (haftungsbeschränkt) (Balthasar-Neumann-Str. 4b, 97236 Randersacker, Germany; "Endereco") on our website.
The data processing serves the purpose of checking your entries in our address forms for input and spelling errors in real time, and, if necessary, to complete missing data. In the event of incorrectly entered data, alternative suggestions for correcting the data are displayed.
Among other things, the following information can be transmitted to Endereco and processed there: postal addresses (country, city, postal code, street, house number), email address, telephone number.
The processing of your personal data is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in accurate data for fulfilling our contractual obligations. You have the right to object at any time to this processing of personal data concerning you for reasons arising from your particular situation.
The data is processed separately by the provider and not merged with other data. It is deleted by the provider as soon as the status of the entered data has been determined, but no later than after 30 days.
Further information on data protection at Endereco can be found at: https://www.endereco.de/datenschutzerklaerung/.
Use of address validation from Google Maps API
We use the address validation service of Google (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland "Google") on our website.
The data processing serves the purpose of checking your entries in our address forms for input and spelling errors in real time, and, if necessary, to complete missing data. In the event of incorrectly entered data, alternative suggestions for correcting the data are displayed. For this purpose, the address data you entered is transmitted to the provider, stored there and evaluated.
Among other things, the following information can be transmitted to Google and processed there: postal addresses (country, city, postal code, street, house number), email address, telephone number.
Your data may also be transferred to the USA. For the USA, an adequacy decision of the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The processing of your personal data is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in accurate data for fulfilling our contractual obligations. You have the right to object at any time to this processing of personal data concerning you for reasons arising from your particular situation.
The data is processed separately by the provider and not merged with other data. It is deleted by the provider as soon as the status of the entered data has been determined, but no later than after 30 days.
Further information on terms of use and data protection at Google can be found at: https://cloud.google.com/maps-platform/terms and https://www.google.de/policies/privacy/.
WhatsApp BusinessWe use the address validation service of Google (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland "Google") on our website.
The data processing serves the purpose of checking your entries in our address forms for input and spelling errors in real time, and, if necessary, to complete missing data. In the event of incorrectly entered data, alternative suggestions for correcting the data are displayed. For this purpose, the address data you entered is transmitted to the provider, stored there and evaluated.
Among other things, the following information can be transmitted to Google and processed there: postal addresses (country, city, postal code, street, house number), email address, telephone number.
Your data may also be transferred to the USA. For the USA, an adequacy decision of the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The processing of your personal data is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in accurate data for fulfilling our contractual obligations. You have the right to object at any time to this processing of personal data concerning you for reasons arising from your particular situation.
The data is processed separately by the provider and not merged with other data. It is deleted by the provider as soon as the status of the entered data has been determined, but no later than after 30 days.
Further information on terms of use and data protection at Google can be found at: https://cloud.google.com/maps-platform/terms and https://www.google.de/policies/privacy/.
If you contact us via WhatsApp for business purposes, we use the WhatsApp Business version of WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "WhatsApp"). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and answer your contact request. For this purpose, we collect and process your mobile phone number stored on WhatsApp, and if provided, your name and other data to the extent provided by you. For the service, we use a mobile device whose address book only stores data of users who have contacted us via WhatsApp. No personal data is therefore passed on to WhatsApp without your prior consent to WhatsApp.
Your data will be transmitted by WhatsApp to Meta Platforms Inc. servers in the USA. For the USA, an adequacy decision of the EU Commission exists, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. has certified itself under the TADPF and has thus committed to complying with European data protection principles. If the contact serves to carry out pre-contractual measures (e.g., advice on purchase interest, quote generation) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If the contact is made for other reasons, this data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in providing a quick and easy way to contact us and in answering your request. In this case, you have the right to object at any time to the processing of personal data concerning you based on Art. 6 para. 1 lit. f GDPR for reasons arising from your particular situation.
We only use your personal data to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Further information on terms of use and data protection when using WhatsApp can be found at https://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy.
Customer Account Orders
Customer Account
When opening a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the lawfulness of the processing carried out on the basis of the consent until revocation. Your customer account will then be deleted.
Collection, processing and transfer of personal data when placing orders
When placing an order, we collect and process your personal data only to the extent necessary to fulfill and process your order and to handle your inquiries. The provision of data is necessary for the conclusion of a contract. Failure to provide data will result in no contract being concluded. The processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR and is necessary for the fulfillment of a contract with you.
Your data may be passed on to, for example, shipping companies, dropshipping or fulfillment providers, payment service providers, service providers for order processing, and IT service providers. In all cases, we strictly adhere to legal requirements. The scope of data transfer is limited to a minimum.
Your data may be transmitted to and processed in third countries outside the EU, particularly Canada and the USA. An adequacy decision exists for Canada from the EU Commission. For the USA, an adequacy decision from the EU Commission is available, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place based on contractual obligations comparable to those of the EU Commission's standard contractual clauses.Reviews Advertising
Data collection when writing a comment or review
When commenting on or reviewing an article or post, we collect your personal data (name, email address, comment text) only to the extent provided by you. The processing serves the purpose of enabling commenting/reviewing and displaying comments/reviews.
For the purpose of verifying your review/comment, we also collect the following data: order number, , invoice number, .
By submitting the comment/review, you consent to the processing of the transmitted data. The processing is based on Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out based on the consent until revocation. Your personal data will then be deleted.
When your comment/review is published, only the name you provided will be published.
Shopauskunft customer review
We use the review tool "shopauskunft.de" from Händlerbund Management AG (Kohlgartenstraße 11 - 13, 04315 Leipzig; "Shopauskunft") for our website.
After your order, we would like to ask you to review and comment on your purchase with us. For this purpose, we will contact you by e-mail, using the technical system "Rechtssichere Bewertungsanfrage (RBA)" (Legally compliant review request). In doing so, we process your order data (order number/invoice number, purchase value and shipping costs) as well as your e-mail address. We may also use this data for the purpose of verifying your review.
We use the review tool "shopauskunft.de" from Händlerbund Management AG (Kohlgartenstraße 11 - 13, 04315 Leipzig; "Shopauskunft") for our website.
After your order, we would like to ask you to review and comment on your purchase with us. For this purpose, we will contact you by e-mail, using the technical system "Rechtssichere Bewertungsanfrage (RBA)" (Legally compliant review request). In doing so, we process your order data (order number/invoice number, purchase value and shipping costs) as well as your e-mail address. We may also use this data for the purpose of verifying your review.
The processing is based on Art. 6 para. 1 lit. a GDPR with your consent, provided you have expressly agreed to the transfer of your data and the receipt of the review request.
You can revoke your consent at any time by using the corresponding link in the email or by notifying us, without affecting the legality of the processing carried out based on the consent until revocation.
Further information on data protection when using Shopauskunft can be found at:
https://www.shopauskunft.de/datenschutz.
You can revoke your consent at any time by using the corresponding link in the email or by notifying us, without affecting the legality of the processing carried out based on the consent until revocation.
Further information on data protection when using Shopauskunft can be found at:
https://www.shopauskunft.de/datenschutz.
Shopauskunft Widget
The Shopauskunft widget is integrated into our website. This serves the purpose of displaying and advertising the number and results of our reviews received via Shopauskunft.
To display the widget, it is technically necessary for your internet browser to transmit usage data to the Shopauskunft server and to store it in log files (so-called server log files) for 7 days. This stored data includes the name and URL of the retrieved file, date and time of retrieval, the IP address of the requesting computer, the website from which access is made (referrer URL), the browser used and, if applicable, the operating system of your computer, as well as the name of your access provider.
The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in promoting our offers by displaying the customer reviews already received. This data is not stored together with other personal data.
Use of email address for availability notifications
We offer a product availability notification service on our website. If an item is temporarily unavailable, you have the option to enter your email address for the respective item and to be informed by email when it becomes available, provided you have consented to this. You will receive a one-time email notification about the availability of the respective item when it becomes available. The processing is based on Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time, without affecting the legality of the processing carried out based on the consent until revocation. You can unsubscribe from the availability notification at any time by notifying us. Your email address will then be removed from the distribution list.
Shipping service providers Inventory Management We offer a product availability notification service on our website. If an item is temporarily unavailable, you have the option to enter your email address for the respective item and to be informed by email when it becomes available, provided you have consented to this. You will receive a one-time email notification about the availability of the respective item when it becomes available. The processing is based on Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time, without affecting the legality of the processing carried out based on the consent until revocation. You can unsubscribe from the availability notification at any time by notifying us. Your email address will then be removed from the distribution list.
Disclosure of email address to shipping companies for information on shipping status
We pass on your email address to the transport company as part of contract processing, provided you have expressly agreed to this during the ordering process. The transfer serves the purpose of informing you about the shipping status by email. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us or the transport company, without affecting the legality of the processing carried out based on the consent until revocation.
Use of an external merchandise management system
We use a merchandise management system as part of order processing to fulfill contracts. For this purpose, your personal data collected during the order process is transmitted to
plentysystems AG, Johanna-Waescher-Straße 7, 34131 Kassel.
The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is based on Art. 6 para. 1 lit. b GDPR.
Payment service providers
Use of PayPal Express
We use the payment service PayPal Express from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. Data processing serves the purpose of offering you payment via the PayPal Express payment service.
To integrate this payment service, it is necessary for PayPal to collect, store and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when the website is accessed. Cookies may also be used for this purpose. Cookies enable your browser to be recognized.
The use of cookies or similar technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
By selecting and using PayPal Express, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Further information on data processing when using the PayPal Express payment service can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS
Use of PayPal Check-Out
We use the payment service PayPal Check-Out from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. Data processing serves the purpose of offering you payment via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Cookies may be stored here, which enable your browser to be recognized. The data processing that takes place as a result is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offer of various payment methods. You have the right to object to this processing of your personal data at any time for reasons arising from your particular situation.
Credit card via PayPal, direct debit via PayPal & "Pay later" via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, PayPal reserves the right to obtain a credit report if necessary on the basis of mathematical-statistical procedures using credit agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution or termination of the contractual relationship. The credit report may contain probability values (score values) which are calculated on the basis of scientifically recognized mathematical-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit checking for contract initiation. The processing is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when PayPal makes advance payments.
You have the right to object to this processing of your personal data based on Art. 6 para. 1 lit. f GDPR at any time for reasons arising from your particular situation by notifying PayPal. The provision of data is required for the conclusion of the contract with the payment method you desire. Failure to provide it means that the contract cannot be concluded with the payment method you have chosen.
Third-party providers
When paying via a third-party payment method, the data required for payment processing is transmitted to PayPal. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. To carry out this payment method, the data may then be passed on by PayPal to the respective provider. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Local third-party providers can be, for example:
- Apple Pay (Apple Distribution International Ltd., Hollyhill Industrial Estate, Hollyhill, Cork, Ireland)
- Google Pay (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland)
Purchase on account via PayPal
When paying via the invoice purchase payment method, the data required for payment processing is first transmitted to PayPal. To carry out this payment method, the data is then transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Ratepay may carry out a credit check based on mathematical-statistical procedures (probability or score values) using credit agencies according to the procedure already described above. The data processing serves the purpose of credit checking for contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default when Ratepay makes advance payments. Further information on data protection and which credit agencies Ratepay uses can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.
Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Use of the payment service provider Mollie
We use the payment service provider Mollie B.V. (Keizersgracht 313, 1016 EE Amsterdam, Netherlands; "Mollie") for payment processing on our website. The data processing serves the purpose of being able to offer you various payment methods through payment processing via the payment service provider Mollie. If you have chosen one of the payment options of the payment service provider Mollie, the data required for payment processing will be transmitted to Mollie. This includes your payment data (e.g. bank account number or credit card number), your IP address, your internet browser and device type, and in some cases your first and last name, your address data and information about the product or service you have purchased from us. This data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Further information on data processing when using the payment service provider Mollie can be found in the associated privacy policy https://www.mollie.com/de/legal/privacy
We use the payment service provider Mollie B.V. (Keizersgracht 313, 1016 EE Amsterdam, Netherlands; "Mollie") for payment processing on our website. The data processing serves the purpose of being able to offer you various payment methods through payment processing via the payment service provider Mollie. If you have chosen one of the payment options of the payment service provider Mollie, the data required for payment processing will be transmitted to Mollie. This includes your payment data (e.g. bank account number or credit card number), your IP address, your internet browser and device type, and in some cases your first and last name, your address data and information about the product or service you have purchased from us. This data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Further information on data processing when using the payment service provider Mollie can be found in the associated privacy policy https://www.mollie.com/de/legal/privacy
Cookies
Our website uses cookies. Cookies are small text files that are stored in the internet browser or by the internet browser on a user's computer system. If a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.
Cookies are stored on your computer. Therefore, you have full control over the use of cookies. By selecting appropriate technical settings in your internet browser, you can be notified before cookies are set and decide individually whether to accept them, as well as prevent the storage of cookies and the transmission of the data contained therein. Already stored cookies can be deleted at any time. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
You can find out how to manage (including deactivate) cookies in the most important browsers under the following links:
Chrome: https://support.google.com/accounts/answer/61416?hl=de
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Technically necessary cookies
Unless otherwise stated below in the privacy policy, we only use these technically necessary cookies for the purpose of making our offer more user-friendly, effective and secure. Furthermore, cookies enable our systems to recognize your browser even after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized again even after a page change.
The use of cookies or similar technologies is based on Section 25 (2) TDDDG. The processing of your personal data is based on Art. 6 (1) (f) GDPR due to our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our services.
You have the right to object to the processing of your personal data at any time for reasons arising from your particular situation.
Data Subject Rights and Storage PeriodStorage Period
After complete contract processing, the data will first be stored for the duration of the warranty period, then taking into account statutory retention periods, in particular tax and commercial law retention periods, and then deleted after the expiry of the period, unless you have consented to further processing and use.
Rights of the Data Subject
If the legal requirements are met, you have the following rights under Art. 15 to 20 GDPR: Right to information, to rectification, to erasure, to restriction of processing, to data portability.
In addition, under Art. 21 (1) GDPR, you have a right to object to processing based on Art. 6 (1) (f) GDPR, as well as to processing for the purpose of direct marketing.
Right to Lodge a Complaint with the Supervisory Authority
According to Art. 77 GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that the processing of your personal data is not lawful.
You can lodge a complaint, among others, with the supervisory authority responsible for us, which you can reach at the following contact details:
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
Postfach 20 04 44
40102 Düsseldorf
Tel.: +49 211 384240
Fax: +49 211 38424999
E-Mail: poststelle@ldi.nrw.de
Right to Object
If the personal data processing listed here is based on our legitimate interest according to Art. 6 (1) (f) GDPR, you have the right to object to this processing at any time with effect for the future for reasons arising from your particular situation.
After an objection has been made, the processing of the data concerned will be terminated, unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.
Last updated: 22.10.2024