Skip to main content Skip to search Skip to navigation

Data protection

The protection of your personal data is very important to us. In order to ensure that all data processing operations on our website and in our services are transparent and comprehensible for you as a visitor and user (hereinafter referred to as “User”) of our website, this privacy policy informs you about the nature, scope, and purpose of the processing of your personal data on our website.
You can save or print this privacy policy by selecting the “Print” or “Save page as” commands in your browser, or by printing or saving the PDF version provided here. To open the PDF version, you will need a special program for PDF files (e.g., Adobe Reader).

Currency and Changes to this Privacy Policy

This privacy policy is currently valid and reflects the status as of May 2018. Further development of our website and services or changes to legal or regulatory requirements may make it necessary to amend this privacy policy. The currently valid privacy policy can be accessed and printed at any time on our website at: https://www.b2b.xtrem.shop/datenschutz.

Explanation of Terms

Below we explain the terms pursuant to Art. 4 of the EU General Data Protection Regulation (hereinafter “GDPR”) used in this privacy policy:

  • “Personal data” (hereinafter “data”) means any information relating to an identified or identifiable natural person (hereinafter “data subject”). A person is identifiable if they can be identified directly or indirectly, in particular by reference to certain identifiers or characteristics. Personal data therefore includes, for example, names, addresses, email addresses, job titles, dates of birth, telephone numbers, user behavior, IP addresses, location data, genetic data, health data, etc.

  • “Processing” means any operation or set of operations performed on personal data, such as collecting, recording, organizing, structuring, storing, adapting or altering, retrieving, consulting, using, disclosing by transmission, disseminating, making available, aligning or combining, restricting, erasing, or destroying personal data.

  • “Restriction of processing” means the marking of stored personal data with the aim of limiting its future processing.

  • “Pseudonymization” means processing personal data in such a manner that it can no longer be attributed to a specific data subject without the use of additional information. It must be ensured that such additional information is kept separately and that the personal data is not assigned to an identified or identifiable person.

  • “Controller” means a natural or legal person, public authority, agency, or other body which alone or jointly with others determines the purposes and means of the processing of personal data.

  • “Processor” means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

  • “Recipient” means a natural or legal person, public authority, agency, or other body to which personal data is disclosed, whether a third party or not.

  • “Third party” means a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons authorized to process the personal data under the direct authority of the controller or processor.

  • “Consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.

General Information

Controller

The controller responsible for processing personal data on this website is:

b2b.xtrem.shop powered by
XTREM Toys & Sports GmbH
Blocksbergstrasse 173
66955 Pirmasens
Germany
Tel.: 06331 / 6888 410
Fax: 06331 / 6 08 95 19
Email: backoffice@xtrem.shop

Data Protection Inquiries

Please address all inquiries regarding the processing of your personal data or the exercise of your rights listed below by email, fax, or post to:

b2b.xtrem.shop powered by
XTREM Toys & Sports GmbH
Blocksbergstrasse 173
66955 Pirmasens
Germany
Tel.: 06331 / 6888 410
Fax: 06331 / 6 08 95 19
Email: backoffice@xtrem.shop

General Notes on the Processing of Personal Data

Types of Data Processed

On our website we collect and process inventory data (e.g., names, addresses), contact data (e.g., email addresses, telephone numbers, fax numbers, postal address), usage data (e.g., visited web pages, clicked links, interest in content, access times, access locations), and metadata and communication data (e.g., device information, browser information, IP addresses).

Categories of Data Subjects

Data subjects affected by the processing of personal data are all visitors and users of our website.

Purpose of Processing

We collect and process the personal data of users of our website in order to communicate with you and inform you (e.g., contact and other inquiries, newsletter), to generate statistics, measure reach, and carry out analyses (e.g., using marketing and analytics tools), so that we can better design, optimize, and improve content and functions, and in order to technically manage and optimize the website and close security vulnerabilities.

Legal Bases for Processing Personal Data

We process personal data only if we are entitled to do so on the basis of a legal basis. Below, we will specify these legal bases individually. Otherwise, we are entitled to process personal data if the data subject has given consent (see Art. 6(1)(a), Art. 7 GDPR), if we are required to fulfill contractual or pre-contractual obligations (see Art. 6(1)(b) GDPR), if we must comply with legal obligations (see Art. 6(1)(c) GDPR), or if we pursue our legitimate interests (see Art. 6(1)(f) GDPR).

Recipients of Personal Data

In part, we transmit personal data to processors or other third parties (e.g., payment service providers, hosting agencies, newsletter services, shipping companies, etc.) with whom we cooperate. We are entitled to do so if the data subject has given consent (see Art. 6(1)(a), Art. 7 GDPR), if this is required to fulfill contractual or pre-contractual obligations (see Art. 6(1)(b) GDPR), if this is required to comply with a legal obligation (see Art. 6(1)(c) GDPR), or if we pursue our legitimate interests (see Art. 6(1)(f) GDPR). We conclude a data processing agreement with processors in accordance with Art. 28 GDPR, under which they also commit to compliance with data protection requirements.

Hosting

This website is hosted on the servers of Agilos GmbH, Sulzbachtalstr. 264, 66280 Sulzbach/Saar, Germany. The hosting services we use serve to provide the following services: infrastructure and platform services, computing capacity, storage space and database services, security services, and technical maintenance services, which we use for the purpose of operating this website. The legal basis for using the hosting services is our legitimate interests in the analysis, optimization, and the economic and secure operation of our website (see Art. 6(1) sentence 1(f) GDPR). Furthermore, the cooperation with the hosting provider is based on the conclusion of a data processing agreement in accordance with Art. 28 GDPR.
In this context, we and/or our hosting provider process inventory data, contact data, content data, contract data, usage data, and metadata and communication data of all users of this website on this basis.
The data is stored for as long as there is a purpose for doing so. Thereafter, the data is deleted unless statutory retention obligations prevent deletion.

Processing of Personal Data in Third Countries

If we transfer data to a third country because, for example, we commission service providers there, we are entitled to do so if the data subject has given consent (see Art. 6(1)(a), Art. 7 GDPR), if this is required to fulfill contractual or pre-contractual obligations (see Art. 6(1)(b) GDPR), if this is required to comply with a legal obligation (see Art. 6(1)(c) GDPR), or if we pursue our legitimate interests (see Art. 6(1)(f) GDPR). A third country is any country outside the European Union (EU) or the European Economic Area (EEA). When transferring data to third countries, we ensure compliance with Art. 44 et seq. GDPR, the existence of safeguards or EU findings regarding an adequate level of data protection in the third country, and the conclusion of any necessary agreements, e.g., standard contractual clauses.

Contact

When you contact us by email, fax, telephone, or post, we process the data you provide (e.g., email address, name, telephone number, fax number, address) in order to answer your inquiries. We are entitled to do so pursuant to Art. 6(1)(b) GDPR. User data may also be stored in a customer relationship management system (“CRM system”) or comparable databases.
We delete all data once storage is no longer necessary, or restrict processing if statutory retention obligations exist. The necessity of storing the data is reviewed at least every two years.

Contact Form

When you contact us using our contact/callback form, we process the data you provide (e.g., email address, name, telephone number, fax number, address) in order to answer your inquiries. We are entitled to do so pursuant to Art. 6(1)(b), (f) GDPR. User data may also be stored in a CRM system or comparable databases.
The minimum data you must provide so that we can process your inquiries results from the mandatory fields of the form. You may provide additional data optionally.
Your data is transmitted in encrypted form in accordance with the state of the art.
We delete all data once storage is no longer necessary, or restrict processing if statutory retention obligations exist. The necessity of storing the data is reviewed at least every two years.

Deletion/Blocking of Your Personal Data

We store your personal data only for as long as necessary to achieve the purposes stated here. In addition, we store your data only if statutory retention obligations require this (e.g., 6 years pursuant to § 257(1) German Commercial Code (HGB) and 10 years pursuant to § 147(1) German Fiscal Code (AO) for commercial and business correspondence, invoices, offers, etc.). After the purpose no longer applies or after these periods expire, the data will be blocked or deleted in accordance with statutory provisions pursuant to Art. 17, 18 GDPR.

Encrypted Transmission of Your Data

All personal data that you enter on our website and send to us is transmitted on our website in encrypted form in accordance with the state of the art.
Furthermore, we secure our website and the associated IT systems by means of technical and organizational measures against loss, destruction, access, alteration, or disclosure of your personal data by unauthorized persons.

Collection of Access Data and Web Server Log Files

On the basis of our legitimate interests in the analysis, optimization, and economic operation of our website pursuant to Art. 6(1)(f) GDPR, we collect the following data for each access to our website (so-called web server log files):

  • User’s IP address

  • Name of the accessed web page

  • File, date and time of access

  • Amount of data transferred (Body Bytes Sent)

  • Message about successful access

  • Browser type and version

  • Htaccess user

  • Domain name of the requesting internet service provider

  • Accessed URL/subpage

  • Protocol (e.g., HTTP 2.0)

  • Status

  • Referrer URL (previously visited website)

  • User agent

  • User’s operating system

The data is used for statistical evaluations for the purpose of operating, securing, and optimizing the website. For security reasons (e.g., to investigate fraud/abuse cases), the data is stored short-term/for the duration of ……………….. The IP address is stored only in anonymized form. If longer retention is required for evidentiary purposes, the data will be deleted after the matter has been conclusively clarified.

Your Rights as a Data Subject

You have the right at any time to obtain information and a copy of your personal data stored by us free of charge (see Art. 15 GDPR).
You have the right to rectification or completion of any data stored by us that may be incorrect (see Art. 16 GDPR).
You also have the right to restriction of processing (see Art. 18 GDPR) and the right to erasure (see Art. 17 GDPR). Erasure is not possible insofar as we are obliged to continue storing the data for contract processing or due to other statutory retention obligations. Instead of erasure, we will block your data.
You also have the right to receive your data stored by us and to transfer it to another company or to have it transferred by us (see Art. 20 GDPR).
You also have the right to object to future processing of your data (see Art. 21 GDPR).
Furthermore, you have the right to revoke any consent granted with effect for the future (see Art. 7(3) GDPR).

To exercise the above rights, please contact the above address for data protection inquiries.
In addition, you may lodge a complaint with the competent data protection supervisory authority (see Art. 77 GDPR).

Cookies

When using our website, cookies are stored on your computer. Cookies are small text files that make it possible to store specific information related to the device on the user’s access device (PC, smartphone). They serve to improve user-friendliness of websites (e.g., saving login data), to collect statistical data on website usage and to analyze it for the purpose of improving the website. Cookies cannot execute programs or transmit viruses to your computer.

You can prevent the storage of all or only certain cookies by adjusting your browser’s security settings accordingly. Cookies already stored can be deleted in the browser. In these cases, however, use of the website may be restricted.

This website uses the following types of cookies:

  • transient (temporary) cookies

  • persistent (permanent) cookies

  • third-party cookies

Transient cookies are automatically deleted when you close the browser or log out. These include, in particular, session cookies. They store a so-called session ID, with which various requests of your browser can be assigned to the shared session. This allows your computer to be recognized when you return to our website.

Persistent cookies are automatically deleted after a specified duration, which may vary depending on the cookie. You can delete cookies at any time in your browser’s security settings.

Both types of cookies may come from us (“first-party cookies”) or from third-party providers (“third-party cookies”).

General Objection to Marketing Cookies

You can generally object to the use of cookies used for reach measurement and advertising purposes via the opt-out page of the Network Advertising Initiative (http://optout.networkadvertising.org/) and additionally the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

Furthermore, cookies can be prevented from being stored by changing your browser settings. However, it may then not be possible to use all functions of this website.

These options apply to all cookies and analytics tools used for marketing purposes on this website as mentioned below.

Tracking Tools

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The legal basis for data processing is our legitimate interests in the analysis, optimization and economic operation of our website (see Art. 6(1) sentence 1(f) GDPR).

We use Google Analytics only with activated IP anonymization, i.e., IP addresses are processed only in shortened form in order to exclude direct identification. For this purpose, your IP address is shortened by Google within the member states of the EU or the EEA. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.

Google Analytics stores cookies on your computer to collect and analyze data about your use of our website. This data is generally transmitted to a Google server in the USA and stored there.

Google is certified under the Privacy Shield agreement and has thereby committed itself to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google processes the data collected on our behalf in order to evaluate your use of our website, to compile reports on your activities on our website, and to provide us with further services associated with website and internet usage. User data is stored for a period of 12 months. After that it is deleted or anonymized.

The IP address transmitted by your browser as part of Google Analytics is not merged with other data held by Google. You can prevent the storage of cookies by adjusting your browser software settings; in this case, however, not all functions of this website may be usable.

You can also object to the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) and to the processing of this data by Google for the future by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de or https://www.google.com/settings/ads/plugin.

Alternatively (or when using the website via a mobile browser), you can prevent the processing of your data by Google Analytics by clicking the following link (<a onclick="alert('Google Analytics wurde deaktiviert');" href="javascript:gaOptout()">Disable Google Analytics</a>). Clicking the link stores an opt-out cookie on your computer. If you delete cookies on your device, you must click the link again.

Alternatively, you can generally disable marketing cookies from third-party providers by using the options mentioned above under “general objection to marketing cookies”.

Further information about Google Analytics data protection can be found at: https://policies.google.com/technologies/ads, https://policies.google.com/privacy or https://adssettings.google.com/. You can view Google’s privacy policy at: https://policies.google.com/privacy/update?hl=de or https://policies.google.com/privacy?hl=de. Further information on data protection and terms of use from Google can be found here: https://policies.google.com/?hl=de.

Google Remarketing

This website uses Google Remarketing, a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The legal basis for data processing within the scope of this application is our legitimate interests in the analysis, optimization and economic operation of our website (see Art. 6(1) sentence 1(f) GDPR).

Google Remarketing is an application that enables us to address you again after you have visited our website.

With this application, Google can detect your visit to our website and your clicks on certain content on our website and display our ads in a targeted manner during your further internet use (so-called remarketing). This is done by means of cookies stored in your browser, through which your usage behavior is recorded and evaluated by Google when visiting various websites.

According to Google, the data collected as part of remarketing is not merged with your personal data that may be stored by Google. In particular, according to Google, pseudonymization is used for remarketing, whereby the data is processed only in relation to cookies as part of pseudonymous user profiles. The data processed by Google is stored on servers in the USA.

Google is certified under the Privacy Shield agreement and has thereby committed itself to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

You can permanently deactivate the use of cookies by Google by following the link below and downloading and installing the plug-in provided there: https://www.google.com/settings/ads/plugin.

Alternatively, you can generally disable marketing cookies from third-party providers by using the options mentioned above under “general objection to marketing cookies”.

Further information on Google Remarketing can be found at: https://policies.google.com/technologies/ads?hl=de. You can view Google’s privacy policy at: https://policies.google.com/privacy/update?hl=de or https://policies.google.com/privacy?hl=de. Further information on data protection and terms of use from Google can be found here: https://policies.google.com/?hl=de.

DoubleClick by Google

This website uses DoubleClick by Google, a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The legal basis for data processing within the scope of this application is our legitimate interests in the analysis, optimization and economic operation of our website (see Art. 6(1) sentence 1(f) GDPR).

Within the scope of DoubleClick, cookies and/or pixels are used to present ads relevant to you. Your browser is assigned a pseudonymous identification number (ID) in order to check which ads are displayed in your browser and which ads are accessed. The cookies do not contain personal information. Google and its partner websites are thereby only enabled to place ads based on previous visits to our or other websites. The information generated by the cookies is transmitted to a Google server in the USA for evaluation and stored there.

Google is certified under the Privacy Shield agreement and has thereby committed itself to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

According to Google, data is transferred by Google to third parties only on the basis of legal regulations or within the scope of commissioned processing. Under no circumstances, according to Google, will Google combine your data with other data collected by Google.

You can prevent the storage of cookies by adjusting your browser software settings. You can also prevent the collection of the data generated by the cookies and related to your use of the websites and the processing of this data by Google by downloading and installing the browser plugin available at the following link under “DoubleClick Deactivation Extension”: https://www.google.de/settings/ads/onweb#display_optout.

Here you can find tips from Google on how to deactivate displayed advertisements: https://support.google.com/ads/answer/2662922?hl=de.

Alternatively, you can generally disable marketing cookies from third-party providers by using the options mentioned above under “general objection to marketing cookies”.

Further information on DoubleClick by Google can be found here: https://www.doubleclickbygoogle.com/de/.

You can view Google’s privacy policy at: https://policies.google.com/privacy/update?hl=de or https://policies.google.com/privacy?hl=de. Further information on data protection and terms of use from Google can be found here: https://policies.google.com/?hl=de.

Google AdWords and Conversion Tracking

This website uses Google AdWords, a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The legal basis for data processing within the scope of this application is our legitimate interests in the analysis, optimization and economic operation of our website (see Art. 6(1) sentence 1(f) GDPR).

Google AdWords is an online advertising program with which we place ads in search engines. Within the scope of this program, we also use conversion tracking. Google conversion tracking is an analytics service provided by Google. When you click on an ad placed by Google, a cookie for conversion tracking is stored on your computer. These cookies expire after 30 days, contain no personal data and therefore do not serve to personally identify individuals.
If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on our ad and were redirected to our website. Each Google AdWords customer receives a different cookie. This means that cookies cannot be tracked across the websites of AdWords customers.
The information obtained using the conversion cookie is processed in order to create conversion statistics for AdWords customers such as us. We learn the total number of users who clicked on our ad and were redirected to a page tagged with a conversion tracking tag. However, we do not receive any information that could be used to personally identify users.

The information generated by the cookies is transmitted to a Google server in the USA for evaluation and stored there.

Google is certified under the Privacy Shield agreement and has thereby committed itself to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

You can prevent the storage of these cookies by adjusting your browser software settings. You will then not be included in the conversion tracking statistics.

Alternatively, you can generally disable marketing cookies from third-party providers by using the options mentioned above under “general objection to marketing cookies”.

Further information on Google AdWords can be found here: https://adwords.google.com/intl/de_de/home/.

You can view Google’s privacy policy at: https://policies.google.com/privacy/update?hl=de or https://policies.google.com/privacy?hl=de. Further information on data protection and terms of use from Google can be found here: https://policies.google.com/?hl=de.

Google Tag Manager

This website uses Google AdSense, a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The legal basis for data processing within the scope of this application is our legitimate interests in the analysis, optimization and economic operation of our website (see Art. 6(1) sentence 1(f) GDPR).

Google Tag Manager is a tag management system that allows us to update tags and code snippets on our website quickly and easily.

Google Tag Manager is a solution that allows marketers to manage website tags via an interface. The Tag Manager tool itself (which implements the tags) is a cookieless domain and does not collect personal data. The tool triggers other tags which may in turn collect data. Google Tag Manager does not access this data. If deactivation has been made at the domain or cookie level, it remains effective for all tracking tags implemented with Google Tag Manager.

Tags are small code elements on our website that are used, among other things, to measure traffic and visitor behavior, record the impact of online advertising and social channels, use remarketing and targeting, and test and optimize our website.

When a user visits our website, the current tag configuration is sent to the user’s browser. It contains instructions on which tags are to be triggered.

Further information about Google Tag Manager can be found here: https://support.google.com/tagmanager/answer/6102821?hl=de&topic=2574304&ctx=topic&visit_id=0-636625104013641252-4131606024&rd=2.

You can view Google’s privacy policy at: https://policies.google.com/privacy/update?hl=de or https://policies.google.com/privacy?hl=de. Further information on data protection and terms of use from Google can be found here: https://policies.google.com/?hl=de.

Amazon Partner Program

This website participates in the Amazon Partner Program provided by Amazon EU S.à.r.l., 5 Rue Plaetis, L-2338 Luxembourg (www.amazon.de). The legal basis for data processing within the scope of this application is our legitimate interests in the analysis, optimization and economic operation of our website (see Art. 6(1) sentence 1(f) GDPR).

The Amazon Partner Program serves to install advertisements and links to the website www.amazon.de on external websites. Participants in the partner program earn money in the form of advertising cost reimbursements by integrating advertisements and links into their websites (so-called affiliate system). Amazon uses cookies for this purpose in order to trace the origin of orders. Among other things, Amazon can recognize that a user clicked the partner link on this website and subsequently purchased a product on Amazon.

You can generally disable marketing cookies from third-party providers by using the options mentioned above under “general objection to marketing cookies”.

Further information on Amazon’s data use and objection options can be found in the privacy policy: https://www.amazon.de/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=3312401.

Integration of the Trusted Shops Trustbadge

To display our Trusted Shops seal of approval and any reviews collected, as well as to offer Trusted Shops products to buyers after an order, the Trusted Shops Trustbadge is integrated on this website.

This serves to safeguard our overriding legitimate interests in an optimal marketing of our offer within the framework of a balancing of interests in accordance with Art. 6(1) sentence 1(f) GDPR. The Trustbadge and the services advertised with it are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany.

When the Trustbadge is accessed, the web server automatically stores a so-called server log file, which contains, for example, your IP address, date and time of access, amount of data transferred and the requesting provider (access data) and documents the access. This access data is not evaluated and is automatically overwritten no later than seven days after the end of your page visit.

Further personal data is transmitted to Trusted Shops only insofar as you have consented to this, decide to use Trusted Shops products after completing an order, or have already registered for use. In this case, the contractual agreement concluded between you and Trusted Shops applies.

Data Processing in Relation to Our Online Shop

General Information

To conclude and/or process orders via our online shop, we require certain data from you. Without processing this data, it is not possible to conclude or perform contracts.

You have the option of either opening a customer account with us or placing an order as a guest.

The legal basis for these processing operations for pre-contractual and contractual purposes is Art. 6(1)(b) GDPR.

In addition, we process your data based on our legitimate interest (i.e., among other things, economic interests such as advertising purposes or maintaining existing and new customers). The legal basis for this type of processing is Art. 6(1)(f) GDPR.

Furthermore, we process your personal data to fulfill legal obligations, such as commercial and tax retention obligations. In this case, the legal basis is the respective statutory provisions in conjunction with Art. 6(1)(c) GDPR.

As soon as your personal data is no longer required for the purposes stated above, it will be deleted. However, it may happen that personal data is retained for the period during which claims against our company can be asserted (statutory limitation period of three up to thirty years). If you create a customer account with us, we store your data at least until the account is deleted.

In addition, we store your personal data insofar as we are legally obliged to do so. Corresponding proof and retention obligations arise in particular from the German Commercial Code (HGB), the Fiscal Code (AO) and the Money Laundering Act. The retention periods are then up to ten years.

If we intend to process your personal data for a purpose not mentioned above, we will inform you in advance in accordance with statutory provisions.

Order Processing

To process the order, we generally require the following data from you:

  • Salutation

  • First and last name

  • Street and house number

  • Postal code

  • City

  • Country

  • Delivery/billing address

  • Telephone number

  • Email address

  • Bank details

  • Credit card details

  • Selected shipping service provider

  • If applicable, company

  • If applicable, VAT ID

We require your telephone number so that we can reach you by phone to arrange delivery appointments for freight shipments or in case of queries regarding your order. We use your email address to send you, among other things, your order details, invoice, cancellation policy, etc.

Disclosure of Data

We only pass on your data if this is permitted under German or European data protection law. We work closely with certain service providers, for example in customer service (e.g., hotline service providers), with technical service providers (e.g., operation of data centers), or with logistics companies (e.g., postal companies such as DHL). These service providers may generally process your data on our behalf only under specific conditions. If we use them as processors, they receive access to your data only to the extent and for the period required to provide the respective service.

Payment Services

We offer you various payment methods in online commerce – in particular advance payment, credit card, PayPal or invoice.

PayPal

If you choose to pay via PayPal, you will be redirected to the PayPal website at the end of the ordering process. PayPal is responsible for processing this data. PayPal’s privacy notices can be found here: https://www.paypal.com/de/webapps/mpp/ua/privacy-prev.

Amazon Pay

If you select the payment method “Amazon Pay”, payment processing is carried out via the payment service provider Amazon Payments Europe s.c.a., 5 Rue Plaetis, L-2338 Luxembourg (“Amazon Payments”), to whom we pass on the information you provide during the ordering process, together with information about your order, pursuant to Art. 6(1)(b) GDPR. Your data is transferred exclusively for the purpose of payment processing with Amazon Payments and only insofar as necessary for this purpose. Further information on Amazon Payments’ data protection provisions can be found at: https://pay.amazon.com/de/help/201751600.

Reviews

You have the option to review purchased items on our website. We welcome any feedback. Your data is not used for advertising purposes. If you consent to publication of your review, the publication will be anonymous or, if you entered your name, under your name. In order to evaluate reviews and improve our service accordingly, we require your email address and, if applicable, your name (voluntary). Processing is carried out on the basis of our legitimate interest within the meaning of Art. 6(1)(f) GDPR.

Further Offers on Our Website

Newsletter

We offer a newsletter on our website in which we provide monthly information about our goods and services as well as about sales and, if applicable, exhibitions. For sending the newsletter we collect and process personal data which is used exclusively for this purpose. By subscribing to our newsletter, you consent to the processing of your data.

The newsletter contains information about the goods and services we offer and about events. The newsletter is published approx. 12 times per year. Subscribers may also be informed by email about circumstances relevant to the service or registration (e.g., changes to the newsletter offer or technical reasons).

To register for the newsletter, your email address is sufficient (mandatory field). Optionally, you may also provide your name in order to receive a personalized newsletter.

To verify that registration is actually carried out by the owner of the email address entered, we use the “double opt-in” procedure. After you submit your email address, you will receive a confirmation email from us, in which you must confirm your newsletter subscription by clicking a link. Only after this confirmation will you be stored in the newsletter distribution list. As proof, we log the newsletter registration, the sending of the confirmation email, and the receipt of the requested confirmation. The registration and confirmation time and your IP address are stored. Changes to your data stored with the shipping service provider are also logged.
No further data is collected. All data collected is processed exclusively for sending the newsletter.

The data is stored for the duration of the newsletter subscription and deleted after you unsubscribe from the newsletter, unless statutory retention obligations require longer storage. In addition, we may retain the data for up to three years after unsubscribing for the purpose of proving that consent was given. Likewise, in the event of an incomplete registration, your data will be deleted by us within six months. Earlier deletion is possible upon request, provided you also confirm the existence of former consent. These processes are also logged.

You can revoke your consent to the storage of your personal data and its use for sending the newsletter at any time with effect for the future. Each newsletter contains a corresponding unsubscribe link. You can also unsubscribe directly on this website at any time or notify us of your request using the contact option mentioned above.

The legal basis for sending the newsletter is your consent pursuant to Art. 6(1)(a), Art. 7 GDPR in conjunction with § 107(2) TKG, or on the basis of the statutory permission pursuant to § 107(2) and (3) TKG. The legal basis for logging the above data is our legitimate interests in the analysis, optimization and economic operation of our website pursuant to Art. 6(1)(f) GDPR.

Newsletter Performance Measurement

In order to improve our newsletter, we collect data for statistical evaluation and performance measurement of the newsletter. The legal basis for this is our legitimate interests in the analysis, optimization and economic operation of our website and the newsletter pursuant to Art. 6(1)(f) GDPR.

For these purposes, the newsletters contain a so-called “web beacon”, i.e., a pixel-sized file that is retrieved from our server or the server of our shipping service provider when the newsletter is opened. As part of this retrieval, technical information such as information about the browser and your operating system, your IP address, and the time the newsletter is retrieved are collected. In addition, information about technical data, target groups, reading behavior, access locations (which can be determined using the IP address) and access times is collected. The statistical surveys also include determining whether newsletters are opened, when they are opened, and which links are clicked.

This data is used to improve the newsletter technically or in terms of content based on the reading behavior of newsletter recipients. For technical reasons, the data may be assigned to individual newsletter recipients. However, it is neither our intention to monitor individual users.

The collected data is also retained for up to three years after unsubscribing from the newsletter. Earlier deletion is possible upon request, provided you also confirm the existence of former consent.

Integration of Third-Party Services and Content

Within our website, we use content or service offers from third-party providers on the basis of our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our website pursuant to Art. 6(1)(f) GDPR) in order to integrate their content and services, such as videos or fonts (hereinafter collectively referred to as “content”).

This always requires that the third-party providers of this content perceive the users’ IP address, since they could not send the content to the users’ browser without it. The IP address is therefore required for the display of this content. We endeavor to use only such content whose respective providers use the IP address solely to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also referred to as “web beacons”) for statistical or marketing purposes. Through the pixel tags, information such as visitor traffic on the pages of this website can be evaluated. The pseudonymous information may also be stored in cookies on the users’ device and may contain, among other things, technical information about the browser and operating system, referring websites, visit time and further information about the use of our online offer, and may also be combined with such information from other sources.

Google Webfonts

This website uses script libraries and font libraries with fonts from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google Fonts”, https://www.google.com/webfonts/) in order to display the website content in a visually appealing way. The legal basis for data processing within the scope of this application is our legitimate interests in the analysis, optimization and the economic and secure operation of our website (see Art. 6(1) sentence 1(f) GDPR).

Within the scope of this application, your browser loads the required files into the cache, provided it supports this; otherwise, the website content is displayed in a standard font on your computer.

Accessing script or font libraries automatically triggers a connection to the operator of the library. In theory, it is possible—although currently unclear whether and for what purposes—that operators of such libraries collect personal data.

Google’s privacy policy can be found here: https://policies.google.com/privacy/update?hl=de.
An opt-out option can be found here: https://adssettings.google.com/authenticated.

YouTube Videos

We have integrated YouTube videos into our online offering, which are stored at www.YouTube.com and can be played directly from our website. These are all integrated in “enhanced privacy mode”, meaning that no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos is at least your IP address transmitted. We have no influence on this data transfer. This occurs regardless of whether YouTube provides a user account through which you are logged in, or whether no user account exists. If you are logged in to Google, your data is directly assigned to your account. If you do not want this assignment to your YouTube profile, you must log out before activating the button. YouTube stores your data as user profiles and uses it for purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide demand-oriented advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles; to exercise this right you must contact YouTube. By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.
Further information on the purpose and scope of data collection and its processing by YouTube as well as objection options can be found here:
• Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-out: https://www.google.com/settings/ads/.

Social Media and Social Plugins

We maintain online presences within social networks and platforms in order to communicate with customers, interested parties and users active there and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and data processing guidelines of the respective operators apply.

Unless otherwise stated in this privacy policy, we process users’ data insofar as they communicate with us within social networks and platforms, e.g., by posting on our online presences or sending us messages.

We offer you the option to use so-called “social media buttons” (social plugins) on our website. To protect your data, we use the “Shariff” solution for implementation. This means that these buttons are integrated on the website only as a graphic that contains a link to the corresponding website of the button provider. By clicking the graphic, you will be forwarded to the services of the respective providers. Only then will your data be sent to the respective providers. If you do not click the graphic, no exchange takes place between you and the providers of the social media buttons. Information about the collection and use of your data in social networks can be found in the respective terms of use of the relevant providers. More information about the Shariff solution can be found here: http://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html

Facebook Social Plugin

We use social plugins (“plugins”) of the social network facebook.com on the basis of our legitimate interests (i.e., interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6(1)(f) GDPR), which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). The plugins may represent interaction elements or content (e.g., videos, graphics or text posts) and can be recognized by one of the Facebook logos (white “f” on a blue tile, the terms “Like”, “Gefällt mir” or a “thumbs up” sign) or are marked with the addition “Facebook Social Plugin”. The list and appearance of Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins/.

Facebook is certified under the Privacy Shield agreement and thereby provides a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

When a user accesses a function of this online offer that contains such a plugin, their device establishes a direct connection to Facebook’s servers. The content of the plugin is transmitted by Facebook directly to the user’s device and integrated into the online offer. In doing so, user profiles may be created from the processed data. We therefore have no influence on the scope of the data that Facebook collects with the help of this plugin and therefore inform users according to our level of knowledge.

By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page of the online offer. If the user is logged in to Facebook, Facebook can assign the visit to their Facebook account. If users interact with the plugins, for example by pressing the Like button or leaving a comment, the corresponding information is transmitted directly from their device to Facebook and stored there. If a user is not a member of Facebook, there is still a possibility that Facebook obtains and stores their IP address. According to Facebook, only an anonymized IP address is stored in Germany.

The purpose and scope of data collection and further processing and use of the data by Facebook as well as the relevant rights and settings options to protect users’ privacy can be found in Facebook’s privacy notices: https://www.facebook.com/about/privacy/.

If a user is a Facebook member and does not want Facebook to collect data about them via this online offer and link it to their membership data stored on Facebook, they must log out of Facebook before using our online offer and delete their cookies. Further settings and objections regarding the use of data for advertising purposes are possible within Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/. The settings are platform-independent, i.e., they are applied to all devices, such as desktop computers or mobile devices.

Instagram

Within our online offer, functions and content of the Instagram service, offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA, may be integrated. This may include, for example, content such as images, videos or text and buttons with which users can express their liking of the content, subscribe to the authors of the content or our posts. If users are members of the Instagram platform, Instagram can assign access to the above content and functions to the users’ profiles there. Instagram privacy policy: http://instagram.com/about/legal/privacy/.

Twitter

Within our online offer, functions and content of the Twitter service, offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, may also be integrated. This may include, for example, content such as images, videos or text and buttons with which users can express their liking of various content, subscribe to the authors of the content or our posts. If users are members of the Twitter platform, Twitter can assign access to the above content and functions to the users’ profiles there. Twitter is certified under the Privacy Shield agreement and thereby provides a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active). Privacy policy: https://twitter.com/de/privacy, Opt-out: https://twitter.com/personalization.

Pinterest

In addition, functions and content of the Pinterest service may be integrated on our website. These services are offered by Pinterest Inc., 635 High Street, Palo Alto, CA 94301, USA. This may include, for example, content such as images, videos or text and buttons with which users can express their liking of the content, subscribe to the authors of the content or our posts. If users are members of the Pinterest platform, Pinterest can assign access to the above content and functions to the users’ profiles there. Pinterest’s privacy policy can be found at: https://about.pinterest.com/de/privacy-policy.

Use of WhatsApp

Buttons of the WhatsApp service are used on this website. These buttons are provided by WhatsApp Ireland Limited Company, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The service can be recognized by the green button with a stylized white telephone receiver icon. By using the button, it is possible to share a post or page of this offer via WhatsApp. The prerequisite is that users have installed and activated the WhatsApp app on a mobile device. Further information on WhatsApp data protection can be found at: https://www.whatsapp.com/legal/?lang=de#privacy-policy.
The legal basis for processing users’ personal data is Art. 6(1)(f) GDPR.
If a user accesses a website of this online presence on a mobile device that contains such a button, their browser establishes a direct connection to WhatsApp’s servers. The content of the WhatsApp buttons is transmitted by WhatsApp directly to the user’s browser. We therefore have no influence on the scope of the data that WhatsApp collects with the help of this plugin and inform users according to our level of knowledge.
We also have no influence on the duration of storage by WhatsApp. If users do not want WhatsApp to associate the data collected via our website directly with their WhatsApp account, they must log out of WhatsApp before visiting our website.