Data protection declaration
Data protection declaration
Unless stated otherwise below, the provision of your personal data is neither legally nor contractually obligatory, nor required for conclusion of a contract. You are not obliged to provide your data. Not providing it will have no consequences. This only applies as long as the processing procedures below do not state otherwise.
“Personal data” is any information relating to an identified or identifiable natural person.
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. The EU Commission has issued an adequacy decision for Canada. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.
Contact
Responsible person
Contact us at any time. The person responsible for data processing is: GbR David Obiefuna & Daniel Obiefuna, Römerstraße 13, 68259 Mannheim Deutschland, 015731643663, d2obiefunagbr@gmail.com
Orders
Your data may be transferred to third countries outside the EU, in particular to Canada and the USA, and processed there. The EU Commission has issued an adequacy decision for Canada. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations that are comparable to those of the EU Commission's standard contractual clauses.
Evaluations Advertising
Data collection when you post a comment or a review
When you comment on/review an article or post, we collect your personal data (name, email address, comment text) only in the scope provided by you. The processing serves to allow you to comment/review and to display comments/reviews.
By submitting the comment/review, you agree to the processing of the transmitted data. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. Your personal data will then be deleted.
When your comment/review is published the name and email address you have enteredwill be published.
We use the service of Klaviyo Inc. (125 Summer St Floor 7, Boston, MA 02111, USA; "Klaviyo") for newsletter dispatch as part of order processing.
We pass on the information provided by you during the newsletter registration (e-mail address, first and last name if applicable) to Klaviyo. The data processing serves the purpose of sending the newsletter and its statistical evaluation.
In order to evaluate newsletter campaigns, the newsletters sent contain a 1x1 pixel graphic (tracking pixel) or a tracking link. This enables us to determine whether you have opened the newsletter and whether you have clicked any integrated links. Within this context, we collect your personal data such as IP address, browser type and device as well as the time. A usage profile can be generated from this data under a pseudonym. The data collected will not be used to identify you personally. The collected data is only used for statistical analysis to improve newsletter campaigns.
Your data is usually transmitted to Klaviyo servers in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Klaviyo has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in a targeted, effective advertising and user-friendly newsletter system. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you.
You can find more information on data protection at Klaviyo at https://www.klaviyo.com/legal/privacy-notice and at https://www.klaviyo.com/legal/data-processing-agreement.
Payment service providers
The use of PayPal Check-Out
We use the PayPal Check-Out payment service of PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the payment service. With the selection and use of payment via PayPal, credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, the data required for payment processing is transmitted to PayPal in order to be able to fulfill the contract with you with the selected payment method. This processing is based on Art. 6 para. 1 lit. b DSGVO.
Cookies may be stored that enable your browser to be recognised. The resulting data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our legitimate interest in a customer-oriented range of varying payment methods. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you.
Credit card via PayPal, direct debit via PayPal & "Pay later" via PayPal.
For individual payment methods such as credit card via PayPal, direct debit via PayPal or "Pay later" via PayPal, PayPal reserves the right, if necessary, to obtain credit information on the basis of mathematical-statistical methods using credit agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of a payment default for a weighed decision on the establishment, implementation or termination of the contractual relationship. The credit information may include probability values (score values), which are calculated on the basis of scientifically recognized mathematical-statistical methods and in the calculation of which, among other things, address data are included. Your interests worthy of protection are taken into account in accordance with the statutory provisions. The data processing serves the purpose of credit assessment for a contract initiation. The processing is carried out on the basis of Art. 6 (1) lit. f DSGVO for our overriding legitimate interest in protecting against payment default when PayPal makes advance payments.
You have the right to object at any time to this processing of personal data relating to you based on Art. 6 (1) (f) DSGVO for reasons arising from your particular situation by notifying PayPal. The provision of the data is necessary for the conclusion of the contract with the payment method requested by you. Failure to provide it will result in the contract not being concluded with the payment method you have chosen.
Local third-party providers
When paying via the payment method of a local third-party provider, the data required for payment processing is transmitted to PayPal. This processing takes place on the basis of Art. 6 para. 1 lit. b DSGVO. For the execution of this payment method, the data may then be forwarded by PayPal to the respective provider. This processing takes place on the basis of Art. 6 para. 1 lit. b DSGVO. Local third-party providers may be, for example:
- Sofort (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany).
- giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main, Germany)
Purchase on account via PayPal
When paying via the payment method purchase on account, the data required to process the payment is first transmitted to PayPal. For the execution of this payment method, the data is then transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to be able to fulfill the contract with you with the selected payment method. This processing is based on Art. 6 para. 1 lit. b DSGVO. Ratepay may conduct a credit check on the basis of mathematical-statistical methods using credit agencies according to the procedure already described above. The data processing serves the purpose of credit assessment for contract initiation. The processing is carried out on the basis of Art. 6 (1) lit. f DSGVO from our overriding legitimate interest in protecting against payment default when Ratepay makes advance payments. For more information on data protection and which credit agencies Ratpay uses, please visit https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.
For more information on data processing when using PayPal, please see the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Use of the payment service provider Stripe
On our website we use the Stripe payment service of Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland). The data processing serves the purpose of offering you payment via the payment service. By selecting and using Stripe, the data required for payment processing is transmitted to Stripe in order to be able to fulfil the contract with you with of the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If required, Stripe reserves the right to obtain a credit report on the basis of mathematical-statistical procedures using credit rating agencies. For this purpose, Stripe transmits the personal data required for credit assessment to a credit rating agency and uses the obtained information on the statistical probability of payment default in order to reach a reasonable decision on the establishment, implementation or termination of the contractual relationship. The credit report may contain probability values (score values) which are calculated on the basis of scientifically recognised mathematical-statistical methods and include, among other things, address data. Your legitimate interests will be taken into account in accordance with the legal requirements. The data processing serves the purpose of a credit check for contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default if Stripe pays in advance.
For reasons that arise from your particular situation, you have the right to object to the processing of your personal data carried out on the basis of Art. 6 para. 1 lit. f GDPR at any time by notifying Stripe. The provision of the data is necessary for the conclusion of the contract with the payment method of your choice. Failure to provide such data shall mean that the contract cannot be concluded with the payment method you have selected.
All Stripe transactions are subject to Stripe Privacy Policy. You can find these at https://stripe.com/de/privacy
Cookies
Our website uses cookies. Cookies are small text files which are saved in a user’s internet browser or by the user’s internet browser on their computer system. When a user calls up a website, a cookie may be saved on the user’s operating system. This cookie contains a characteristic character string which allows the browser to be clearly identified when the website is called up again.
Cookies will be stored on your computer. You therefore have full control over the use of cookies. By choosing corresponding technical settings in your internet browser, you can be notified before the setting of cookies and you can decide whether to accept this setting in each individual case as well as prevent the storage of cookies and transmission of the data they contain. Cookies which have already been saved may be deleted at any time. We would, however, like to point out that this may prevent you from making full use of all the functions of this website.
Using the links below, you can find out how to manage cookies (or deactivate them, among other things) in major browsers:
Chrome Browser: https://support.google.com/accounts/answer/61416?hl=en
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09
Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac
technically necessary cookies
Insofar as no other information is given in the data protection declaration below we use only these technically necessary cookies cookies to make our offering more user-friendly, effective and secure. Cookies also allow our systems to recognise your browser after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. These services require the browser to be recognised again after a page change.
The use of cookies or comparable technologies is carried out on the basis of Art. 25 para. 2 TDDDG. Processing is carried out on the basis of art. 6 (1) lit. f GDPR due to our largely justified interest in ensuring the optimal functionality of the website as well as a user-friendly and effective design of our range of services.
You have the right to veto this processing of your personal data according to art. 6 (1) lit. f GDPR, for reasons relating to your personal situation.
Use of GDPR Legal Cookie
On our website, we use the consent management tool GDPR Legal Cookie from iubenda s.r.l (Via San Raffaele 1, 20121 Milan, Italy; „iubenda“).
The tool enables you to give your consent to data processing via the website, in particular to set cookies, as well as to make use of your right of revocation for consents already given. The data processing serves the purpose of obtaining and documenting necessary consents to data processing and thus to comply with legal obligations. Cookies may be deployed for this purpose. The following information may be collected and transmitted to iubenda: anonymous IP address, date and time of consent, URL from which consent was sent, anonymous, random, encrypted key, consent status. This data will not be passed on to any other third parties.
The data processing is carried out on the basis of Article 6(1)(c) GDPR to comply with a legal obligation.
For more information on terms of use and data protection at iubenda, please visit: https://www.iubenda.com/nutzungsbedingungen/31059378 and https://gdpr-legal-cookie.com/pages/datenschutzerklarung.
Advertising tracking
Use of Meta Pixel
We use Meta Pixel from Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "Meta") on our website.
Meta and we are jointly responsible for the collection of your data and the transfer of this data to Meta when the service is integrated. The basis for this is an agreement between us and Meta on the joint processing of personal data, in which the respective responsibilities are defined. The agreement is available at https://de-de.facebook.com/legal/terms/businesstools. According to this agreement, we are responsible in particular for the fulfilment of the information obligations in accordance with Arts 13 and 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for compliance with the obligations in accordance with Arts 33 and 34 GDPR, insofar as a violation of the protection of personal data affects our obligations under the agreement on joint processing. Meta is responsible for enabling the rights of the data subject in accordance with Arts 15-20 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the security of the service, and for complying with the obligations of Arts 33 and 34 GDPR, insofar as a breach of personal data protection concerns Meta's obligations under the joint processing agreement.
The application serves to address the visitor to the website with interest-related advertising on the social networks Facebook and Instagram. We have implemented Meta’s remarketing tag on our website for this purpose. This tag sets up a direct connection to Meta’s servers when you visit our website. This informs the Meta server which of our web pages you have visited. Meta assigns this information to your personal Facebook and/or Instagram user account. When you visit the social networks Facebook or Instagram, you will then be shown personalised, interest-related ads.
The application also serves the purpose of creating conversion statistics. This allows us to find out the total number of users who have clicked our adverts and were forwarded to a page equipped with a conversion tracking tag as well as what actions are taken after being redirected to this website. However, they do not receive any information which could be used to personally identify users.
Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
For this purpose, you can deactivate the remarketing function “Custom Audiences”. You can find more detailed information on Meta’s collection and use of data and your associated rights and options for protecting your privacy in Meta’s privacy policy: https://www.facebook.com/about/privacy/.
Use of TikTok Pixel
On our website we use TikTok Pixel by TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland; “TikTok Ireland”) and by TikTok Information Technologies UK Limited (6th Floor, One London Wall, London, EC2Y 5EB, United Kingdom; “TikTok UK”). Both companies are the joint controllers (hereinafter referred to as “TikTok”).
The purpose of the data processing is to identify and analyze our customers' website access and to better target our customers by running targeted ads and to evaluate the effectiveness of ads on TikTok. TikTok uses technologies such as cookies and pixels that allow your browser to be recognized. Among others, the following information can be collected and transmitted to TikTok: Date and time of the visit, information about the browser and device type you are using, screen resolution, IP address. TikTok can associate this information with your personal TikTok user account. Using pseudonyms, user profiles can be created from the data collected in this way. However, it is not possible to personally identify the users in this way.
Your data may be transferred to third countries such as the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). TikTok is not certified under the TAPF. The data transfer takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en.
The use of cookies or comparable technologies takes place with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1(a) GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1(a) GDPR. You can revoke the consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
For more information on data protection please visit: https://www.tiktok.com/legal/page/eea/privacy-policy/de and https://ads.tiktok.com/i18n/official/policy/controller-to-controller.
Rights of persons affected and storage duration
Königstrasse 10 a
70173 Stuttgart
Tel.: +49 711 6155410
Fax: +49 711 61554115
E-Mail: poststelle@lfdi.bwl.de
Unless stated otherwise below, the provision of your personal data is neither legally nor contractually obligatory, nor required for conclusion of a contract. You are not obliged to provide your data. Not providing it will have no consequences. This only applies as long as the processing procedures below do not state otherwise.
“Personal data” is any information relating to an identified or identifiable natural person.
Server log files
You can use our websites without submitting personal data.
Every time our website is accessed, user data is transferred to us or our web hosts/IT service providers by your internet browser and stored in server log files. This stored data includes for example the name of the site called up, date and time of the request, the IP address, amount of data transferred and the provider making the request. The processing is carried out on the basis of Article 6(1) f) GDPR due to our legitimate interests in ensuring the smooth operation of our website as well as improving our services.
Contact
Responsible person
Contact us at any time. The person responsible for data processing is: GbR David Obiefuna & Daniel Obiefuna, Römerstraße 13, 68259 Mannheim Deutschland, 015731643663, d2obiefunagbr@gmail.com
Proactive contact of the customer by e-mail
If you make contact with us proactively via email, we shall collect your personal data (name, email address, message text) only to the extent provided by you. The purpose of the data processing is to handle and respond to your contact request.
If the initial contact serves to implement pre-contractual measures (e.g. consultation in the case of purchase interest, order creation) or concerns an agreement already concluded between you and us, this data processing takes place on the basis of Article 6(1)(b) GDPR.
If the initial contact occurs for other reasons, this data processing takes place on the basis of Article 6(1)(f) GDPR for the purposes of our overriding, legitimate interest in handling and responding to your request. In this case, on grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you and carried out on the basis of Article 6(1)(f) GDPR.
We will only use your email address to process your request. Your data will subsequently be deleted in compliance with statutory retention periods, unless you have agreed to further processing and use.
Collection and processing when using the contact form
When you use the contact form we will only collect your personal data (name, email address, message text) in the scope provided by you. The data processing is for the purpose of making contact.
We will only use your email address to process your request. Finally your data will be deleted, unless you have agreed to further processing and use.
If the initial contact serves to implement pre-contractual measures (e.g. consultation in the case of purchase interest, order creation) or concerns an agreement already concluded between you and us, this data processing takes place on the basis of Article 6(1)(b) GDPR.
If the initial contact occurs for other reasons, this data processing takes place on the basis of Article 6(1)(f) GDPR for the purposes of our overriding, legitimate interest in handling and responding to your request. In this case, on grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you and carried out on the basis of Article 6(1)(f) GDPR.We will only use your email address to process your request. Finally your data will be deleted, unless you have agreed to further processing and use.
Orders
Collection, processing, and transfer of personal data in orders
When you submit an order we only collect and use your personal data insofar as this is necessary for the fulfilment and handling of your order as well as processing of your queries. The provision of data is necessary for conclusion of a contract. Failure to provide it will prevent the conclusion of any contract. The processing will occur on the basis of Article 6(1) b) GDPR and is required for the fulfilment of a contract with you.
Your data is transferred here for example to the shipping companies and dropshipping providers, payment service providers, service providers for handling the order and IT service providers that you have selected. We will comply strictly with legal requirements in every case. The scope of data transmission is restricted to a minimum.
Evaluations Advertising
Data collection when you post a comment or a review
When you comment on/review an article or post, we collect your personal data (name, email address, comment text) only in the scope provided by you. The processing serves to allow you to comment/review and to display comments/reviews.
By submitting the comment/review, you agree to the processing of the transmitted data. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. Your personal data will then be deleted.
When your comment/review is published the name and email address you have enteredwill be published.
Use of your email address for mailing of newsletters
We use your email address outside of contractual processing exclusively to send you a newsletter for our own marketing purposes, if you have explicitly agreed to this. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal. You can unsubscribe from the newsletter at any time using the relevant link in the newsletter or by contacting us. Your email address will then be removed from the distributor.
Use of KlaviyoWe use the service of Klaviyo Inc. (125 Summer St Floor 7, Boston, MA 02111, USA; "Klaviyo") for newsletter dispatch as part of order processing.
We pass on the information provided by you during the newsletter registration (e-mail address, first and last name if applicable) to Klaviyo. The data processing serves the purpose of sending the newsletter and its statistical evaluation.
In order to evaluate newsletter campaigns, the newsletters sent contain a 1x1 pixel graphic (tracking pixel) or a tracking link. This enables us to determine whether you have opened the newsletter and whether you have clicked any integrated links. Within this context, we collect your personal data such as IP address, browser type and device as well as the time. A usage profile can be generated from this data under a pseudonym. The data collected will not be used to identify you personally. The collected data is only used for statistical analysis to improve newsletter campaigns.
Your data is usually transmitted to Klaviyo servers in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Klaviyo has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in a targeted, effective advertising and user-friendly newsletter system. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you.
You can find more information on data protection at Klaviyo at https://www.klaviyo.com/legal/privacy-notice and at https://www.klaviyo.com/legal/data-processing-agreement.
Payment service providers
The use of PayPal Check-Out
We use the PayPal Check-Out payment service of PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the payment service. With the selection and use of payment via PayPal, credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, the data required for payment processing is transmitted to PayPal in order to be able to fulfill the contract with you with the selected payment method. This processing is based on Art. 6 para. 1 lit. b DSGVO.
Cookies may be stored that enable your browser to be recognised. The resulting data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our legitimate interest in a customer-oriented range of varying payment methods. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you.
Credit card via PayPal, direct debit via PayPal & "Pay later" via PayPal.
For individual payment methods such as credit card via PayPal, direct debit via PayPal or "Pay later" via PayPal, PayPal reserves the right, if necessary, to obtain credit information on the basis of mathematical-statistical methods using credit agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of a payment default for a weighed decision on the establishment, implementation or termination of the contractual relationship. The credit information may include probability values (score values), which are calculated on the basis of scientifically recognized mathematical-statistical methods and in the calculation of which, among other things, address data are included. Your interests worthy of protection are taken into account in accordance with the statutory provisions. The data processing serves the purpose of credit assessment for a contract initiation. The processing is carried out on the basis of Art. 6 (1) lit. f DSGVO for our overriding legitimate interest in protecting against payment default when PayPal makes advance payments.
You have the right to object at any time to this processing of personal data relating to you based on Art. 6 (1) (f) DSGVO for reasons arising from your particular situation by notifying PayPal. The provision of the data is necessary for the conclusion of the contract with the payment method requested by you. Failure to provide it will result in the contract not being concluded with the payment method you have chosen.
Local third-party providers
When paying via the payment method of a local third-party provider, the data required for payment processing is transmitted to PayPal. This processing takes place on the basis of Art. 6 para. 1 lit. b DSGVO. For the execution of this payment method, the data may then be forwarded by PayPal to the respective provider. This processing takes place on the basis of Art. 6 para. 1 lit. b DSGVO. Local third-party providers may be, for example:
- Sofort (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany).
- giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main, Germany)
Purchase on account via PayPal
When paying via the payment method purchase on account, the data required to process the payment is first transmitted to PayPal. For the execution of this payment method, the data is then transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to be able to fulfill the contract with you with the selected payment method. This processing is based on Art. 6 para. 1 lit. b DSGVO. Ratepay may conduct a credit check on the basis of mathematical-statistical methods using credit agencies according to the procedure already described above. The data processing serves the purpose of credit assessment for contract initiation. The processing is carried out on the basis of Art. 6 (1) lit. f DSGVO from our overriding legitimate interest in protecting against payment default when Ratepay makes advance payments. For more information on data protection and which credit agencies Ratpay uses, please visit https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.
For more information on data processing when using PayPal, please see the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Use of the payment service provider Stripe
On our website we use the Stripe payment service of Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland). The data processing serves the purpose of offering you payment via the payment service. By selecting and using Stripe, the data required for payment processing is transmitted to Stripe in order to be able to fulfil the contract with you with of the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If required, Stripe reserves the right to obtain a credit report on the basis of mathematical-statistical procedures using credit rating agencies. For this purpose, Stripe transmits the personal data required for credit assessment to a credit rating agency and uses the obtained information on the statistical probability of payment default in order to reach a reasonable decision on the establishment, implementation or termination of the contractual relationship. The credit report may contain probability values (score values) which are calculated on the basis of scientifically recognised mathematical-statistical methods and include, among other things, address data. Your legitimate interests will be taken into account in accordance with the legal requirements. The data processing serves the purpose of a credit check for contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protection against payment default if Stripe pays in advance.
For reasons that arise from your particular situation, you have the right to object to the processing of your personal data carried out on the basis of Art. 6 para. 1 lit. f GDPR at any time by notifying Stripe. The provision of the data is necessary for the conclusion of the contract with the payment method of your choice. Failure to provide such data shall mean that the contract cannot be concluded with the payment method you have selected.
All Stripe transactions are subject to Stripe Privacy Policy. You can find these at https://stripe.com/de/privacy
Use of the payment service provider Mollie
We use the payment service provider Mollie B.V. (Keizersgracht 313, 1016 EE Amsterdam, The Netherlands; "Mollie") for payment processing on our website. The purpose of the data processing is to be able to offer you different payment methods through the payment processing via the payment service provider Mollie. If you have chosen one of the payment options of the payment service provider Mollie, the data required for payment processing will be transmitted to Mollie. This includes your payment data (for example, bank account number or credit card number), your IP address, your Internet browser and device type, and in some cases your first and last name, address data and information about the product or service you purchased from us. This data processing is based on Art. 6 para. 1 lit. b DSGVO. For more information on data processing when using the payment service provider Mollie, please refer to the associated privacy policy https://www.mollie.com/de/privacy.
Cookies
Our website uses cookies. Cookies are small text files which are saved in a user’s internet browser or by the user’s internet browser on their computer system. When a user calls up a website, a cookie may be saved on the user’s operating system. This cookie contains a characteristic character string which allows the browser to be clearly identified when the website is called up again.
Cookies will be stored on your computer. You therefore have full control over the use of cookies. By choosing corresponding technical settings in your internet browser, you can be notified before the setting of cookies and you can decide whether to accept this setting in each individual case as well as prevent the storage of cookies and transmission of the data they contain. Cookies which have already been saved may be deleted at any time. We would, however, like to point out that this may prevent you from making full use of all the functions of this website.
Using the links below, you can find out how to manage cookies (or deactivate them, among other things) in major browsers:
Chrome Browser: https://support.google.com/accounts/answer/61416?hl=en
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09
Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac
technically necessary cookies
Insofar as no other information is given in the data protection declaration below we use only these technically necessary cookies cookies to make our offering more user-friendly, effective and secure. Cookies also allow our systems to recognise your browser after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. These services require the browser to be recognised again after a page change.
The use of cookies or comparable technologies is carried out on the basis of Art. 25 para. 2 TDDDG. Processing is carried out on the basis of art. 6 (1) lit. f GDPR due to our largely justified interest in ensuring the optimal functionality of the website as well as a user-friendly and effective design of our range of services.
You have the right to veto this processing of your personal data according to art. 6 (1) lit. f GDPR, for reasons relating to your personal situation.
Use of GDPR Legal Cookie
On our website, we use the consent management tool GDPR Legal Cookie from iubenda s.r.l (Via San Raffaele 1, 20121 Milan, Italy; „iubenda“).
The tool enables you to give your consent to data processing via the website, in particular to set cookies, as well as to make use of your right of revocation for consents already given. The data processing serves the purpose of obtaining and documenting necessary consents to data processing and thus to comply with legal obligations. Cookies may be deployed for this purpose. The following information may be collected and transmitted to iubenda: anonymous IP address, date and time of consent, URL from which consent was sent, anonymous, random, encrypted key, consent status. This data will not be passed on to any other third parties.
The data processing is carried out on the basis of Article 6(1)(c) GDPR to comply with a legal obligation.
For more information on terms of use and data protection at iubenda, please visit: https://www.iubenda.com/nutzungsbedingungen/31059378 and https://gdpr-legal-cookie.com/pages/datenschutzerklarung.
Advertising tracking
Use of Meta Pixel
We use Meta Pixel from Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "Meta") on our website.
Meta and we are jointly responsible for the collection of your data and the transfer of this data to Meta when the service is integrated. The basis for this is an agreement between us and Meta on the joint processing of personal data, in which the respective responsibilities are defined. The agreement is available at https://de-de.facebook.com/legal/terms/businesstools. According to this agreement, we are responsible in particular for the fulfilment of the information obligations in accordance with Arts 13 and 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for compliance with the obligations in accordance with Arts 33 and 34 GDPR, insofar as a violation of the protection of personal data affects our obligations under the agreement on joint processing. Meta is responsible for enabling the rights of the data subject in accordance with Arts 15-20 GDPR, for complying with the security requirements of Art. 32 GDPR with regard to the security of the service, and for complying with the obligations of Arts 33 and 34 GDPR, insofar as a breach of personal data protection concerns Meta's obligations under the joint processing agreement.
The application serves to address the visitor to the website with interest-related advertising on the social networks Facebook and Instagram. We have implemented Meta’s remarketing tag on our website for this purpose. This tag sets up a direct connection to Meta’s servers when you visit our website. This informs the Meta server which of our web pages you have visited. Meta assigns this information to your personal Facebook and/or Instagram user account. When you visit the social networks Facebook or Instagram, you will then be shown personalised, interest-related ads.
The application also serves the purpose of creating conversion statistics. This allows us to find out the total number of users who have clicked our adverts and were forwarded to a page equipped with a conversion tracking tag as well as what actions are taken after being redirected to this website. However, they do not receive any information which could be used to personally identify users.
Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.
The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.
For this purpose, you can deactivate the remarketing function “Custom Audiences”. You can find more detailed information on Meta’s collection and use of data and your associated rights and options for protecting your privacy in Meta’s privacy policy: https://www.facebook.com/about/privacy/.
Use of TikTok Pixel
On our website we use TikTok Pixel by TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland; “TikTok Ireland”) and by TikTok Information Technologies UK Limited (6th Floor, One London Wall, London, EC2Y 5EB, United Kingdom; “TikTok UK”). Both companies are the joint controllers (hereinafter referred to as “TikTok”).
The purpose of the data processing is to identify and analyze our customers' website access and to better target our customers by running targeted ads and to evaluate the effectiveness of ads on TikTok. TikTok uses technologies such as cookies and pixels that allow your browser to be recognized. Among others, the following information can be collected and transmitted to TikTok: Date and time of the visit, information about the browser and device type you are using, screen resolution, IP address. TikTok can associate this information with your personal TikTok user account. Using pseudonyms, user profiles can be created from the data collected in this way. However, it is not possible to personally identify the users in this way.
Your data may be transferred to third countries such as the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). TikTok is not certified under the TAPF. The data transfer takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en.
The use of cookies or comparable technologies takes place with your consent on the basis of Art. 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1(a) GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1(a) GDPR. You can revoke the consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation.
For more information on data protection please visit: https://www.tiktok.com/legal/page/eea/privacy-policy/de and https://ads.tiktok.com/i18n/official/policy/controller-to-controller.
Rights of persons affected and storage duration
Duration of storage
After contractual processing has been completed, the data is initially stored for the duration of the warranty period, then in accordance with the retention periods prescribed by law, especially tax and commercial law, and then deleted after the period has elapsed, unless you have agreed to further processing and use.
Rights of the affected person
If the legal requirements are fulfilled, you have the following rights according to art. 15 to 20 GDPR: Right to information, correction, deletion, restriction of processing, data portability. You also have a right of objection against processing based on art. 6 (1) GDPR, and to processing for the purposes of direct marketing, according to art. 21 (1) GDPR.
Right to complain to the regulatory authority
You have the right to complain to the regulatory authority according to art. 77 GDPR if you believe that your data is not being processed legally.
You can lodge a complaint with, among others, the supervisory authority responsible for us, which you may reach at the following contact details:Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-WürttembergKönigstrasse 10 a
70173 Stuttgart
Tel.: +49 711 6155410
Fax: +49 711 61554115
E-Mail: poststelle@lfdi.bwl.de
Right to object
If the data processing outlined here is based on our legitimate interests in accordance with Article 6(1)f) GDPR, you have the right for reasons arising from your particular situation to object at any time to the processing of your data with future effect.
If the objection is successful, we will no longer process the personal data, unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests or rights and freedoms, or the processing is intended for the assertion, exercise or defence of legal claims.
last update: 29.11.2023