Terms of service

    TERMS AND CONDITIONS & PRIVACY POLICY

    1) Information on the collection of personal data and contact details of the Controller

    1.1 We are pleased that you are visiting our website and thank you for your interest. In the following we inform you about the handling of your personal data when using our website. Personal data is any data that can be used to identify you personally.

    1.2   The person responsible for the data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Tobias Gierlings, Fischergasse 14, 65375 Oestrich-Winkel, Germany, Tel. : 0231/97100600, email: kontakt@tobias-gierlings.de. The person responsible for the processing of personal data is the natural or legal person who, alone or jointly with others, decides on the purposes and means of the processing of personal data.

    2) Data collection when you visit our website

    If you use our website for informational purposes only, i.e. if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to our server (so-called “data release”). “Server log files”). When you visit our website, we collect the following data, which are technically necessary for us to display the website to you:

    Our website visited

    Date and time at the time of access

    Amount of data sent in bytes

    Source/reference from which you came to the page

    Browser used

    Operating system used

    IP address used (if applicable: in anonymized form)

    The processing is carried out in accordance with Art. 6 Abs. 1 bed. f GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.

    3) Hosting

    Hosting durch Shopify

    We use the shop system of the service provider Shopify International Limited, Victoria Buildings, 2. Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (“Shopify”), for the purpose of hosting and displaying the online shop on the basis of processing on our behalf. All data collected on our website is processed on Shopify’s servers. As part of the aforementioned Shopify services, data may also be processed as part of further processing on behalf of Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc .or Shopify (USA) Inc. In the case of the transmission of data to Shopify Inc. in Canada, the appropriate level of data protection is guaranteed by the European Commission’s adequacy decision. Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc. and Shopify (USA) Inc. in the USA are certified for the US-European data protection agreement “Privacy Shield”, which ensures compliance with the data protection level applicable in the EU.

    For more information about Shopify’s privacy, please visit the following website: https://www.shopify.de/legal/datenschutz

    Further processing on servers other than Shopify’s servers mentioned above will only take place to the extent communicated below.

    4) Cookies

    In order to make a visit to our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your end device. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called. session cookies). Other cookies remain on your end device and enable your browser to be recognized on your next visit (so-called cookies). persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data as well as IP address values to an individual extent. Persistent cookies are automatically deleted after a specified period, which can vary depending on the cookie. The duration of the respective cookie storage can be found in the overview of the cookie settings of your web browser.

    In some cases, cookies are used to simplify the ordering process by storing settings (e.g. remembering the contents of a virtual shopping cart for a later visit to the website). If individual cookies used by us also process personal data, the processing takes place in accordance with Art. 6 Abs. 1 bed. b GDPR either for the execution of the contract, in accordance with Art. 6 Abs. 1 bed. a DSGVO in the case of a given consent or according to Art. 6 Abs. 1 bed. f GDPR to safeguard our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the page visit.

    Please note that you can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies in certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. These can be found for the respective browsers under the following links:

    Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies

    Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

    Chrome: https://support.google.com/chrome/answer/95647?hl=de& hlrm=en

    Safari: https://support.apple.com/de-de/guide/safari/sfri11471/12.0/mac/10.14

    Opera: https://help.opera.com/de/latest/web-preferences/#cookies

    Please note that if you do not accept cookies, the functionality of our website may be limited.

    5) Contacting us

    When contacting us (e.g. via contact form or e-mail), personal data is collected. Which data is collected in the case of a contact form can be seen from the respective contact form. These data are used exclusively for the purpose of answering your request. stored and used for establishing contact and the associated technical administration. The legal basis for processing this data is our legitimate interest in answering your request in accordance with Art. 6 Abs. 1 bed. f DSGVO. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 Abs. 1 bed. b DSGVO. Your data will be deleted once your request has been processed. This is the case if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

    6) Data processing when opening a customer account and for the execution of the contract

    Pursuant to Art. 6 Abs. 1 bed. b GDPR, personal data will continue to be collected and processed if you provide it to us to execute a contract or open a customer account. Which data is collected can be seen from the respective input forms. A deletion of your customer account is possible at any time and can be done by sending a message to the above address of the person responsible. We store and use the data you provide to process the contract. After the contract has been fully executed or your customer account has been deleted, your data will be blocked in consideration of retention periods under tax and commercial law and deleted after these periods have expired, unless you have expressly consented to further use of your data or a legally permitted further use of data has been reserved by us.

    7) Data processing for order processing

    7.1 In order to process your order, we work with the following service provider(s) who support us in whole or in part in the execution of concluded contracts. Certain personal data will be transmitted to these service providers in accordance with the following information.

    The personal data collected by us will be passed on to the transport company commissioned with the delivery as part of the execution of the contract, insofar as this is necessary for the delivery of the goods. We pass on your payment data to the commissioned credit institute as part of the payment process, provided this is necessary for the payment process. If payment service providers are used, we will explicitly inform you of this below. The legal basis for the transfer of data is Art. 6 Abs. 1 bed. b DSGVO.

    7.2 Use of special service providers for order processing and processing

    – Billbee

    Orders are processed by the service provider “Billbee” (Billbee GmbH, Paulinenstrasse 54, 32756 Detmold). Name, address and any other personal data will be processed in accordance with Art. 6 Abs. 1 bed. b DSGVO passed on to Billbee exclusively for processing the online order. Your data will only be passed on to the extent that this is actually necessary to process the order. Details of Billbee’s privacy policy and privacy policy can be found on Billbee’s website under “billbee.io”.

    – DHL Fulfillment

    Orders are processed by the service provider DHL Home Delivery GmbH, Sträßchensweg 10, 53113 Bonn, Germany, as part of “Shipping by DHL Fulfillment”. Your personal data will only be processed for the purpose of processing the online order in accordance with Art. 6 Abs. 1 bed. b GDPR to DHL Fulfillment.

    7.3 Use of payment service providers (payment services)

    – Apple Pay

    If you choose the “Apple Pay” payment method from Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, the payment will be processed via the “Apple Pay” function of your device operated with iOS, watchOS or macOS by debiting a payment card stored with “Apple Pay”. Apple Pay uses security features built into your device’s hardware and software to protect your transactions. In order to approve a payment, it is therefore necessary to enter a code previously defined by you and to verify it using the “Face ID” or “Touch ID” function of your device.

    For the purpose of payment processing, the information you provide during the ordering process will be transmitted to Apple in encrypted form, along with the information about your order. Apple then encrypts this data again with a developer-specific key before the data is sent to the payment service provider of the payment card stored in Apple Pay to carry out the payment. The encryption ensures that only the website through which the purchase was made can access the payment details. After the payment is made, Apple sends your device account number and a transaction-specific, dynamic security code to the source website to confirm the payment success.

    Insofar as personal data is processed during the transfers described, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 Abs. 1 bed. b DSGVO.

    Apple retains anonymized transaction data, including the approximate purchase amount, approximate date and time, and whether the transaction was successfully completed. The anonymization completely excludes any personal reference. Apple uses the anonymized data to improve Apple Pay and other Apple products and services.

    When you use Apple Pay on your iPhone or Apple Watch to complete a purchase you made through Safari on your Mac, your Mac and authorization device communicate over an encrypted channel on Apple’s servers. Apple does not process or store any of this information in a format that personally identifies you. You can disable the ability to use Apple Pay on your Mac in your iPhone’s settings. Go to Wallet & Apple Pay and turn off Allow Payments on Mac.

    For more information on Apple Pay privacy, please visit the following web address: https://support.apple.com/de-de/HT203027

    – Google Pay

    If you opt for the payment method “Google Pay” of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), the payment processing takes place via the “Google Pay” application of your mobile device operated with at least Android 4.4 (“KitKat”) and has an NFC function by debiting a payment card stored with Google Pay or a payment system verified there (e.g. PayPal). In order to approve a payment via Google Pay in the amount of more than €25, it is necessary to unlock your mobile device beforehand using the verification measure set up in each case (such as facial recognition, password, fingerprint or pattern).

    For the purpose of payment processing, the information you provide during the ordering process will be passed on to Google, along with the information about your order. Google then transmits your payment information stored in Google Pay in the form of a unique transaction number to the source website, which is used to verify that the payment has been made. This transaction number does not contain any information about the real payment data of your means of payment stored with Google Pay, but is created and transmitted as a uniquely valid numeric token. For all transactions via Google Pay, Google only acts as an intermediary to process the payment process. The transaction is carried out exclusively in the relationship between the user and the source website by debiting the means of payment stored with Google Pay.

    Insofar as personal data is processed during the transfers described, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 Abs. 1 bed. b DSGVO.

    Google reserves the right to collect, store and evaluate certain transaction-specific information for each transaction made via Google Pay. This includes the date, time, and amount of the transaction, merchant location and description, a description provided by the merchant of the goods or services purchased, photographs you included with the transaction, the name and email addresses of the seller and buyer, or of the sender and recipient, the payment method used, your description of the reason for the transaction and, if applicable, the offer associated with the transaction.

    According to Google, this processing is carried out exclusively in accordance with Art. 6 Abs.1 lit. f GDPR on the basis of the legitimate interest in proper invoicing, verification of transaction data and the optimisation and maintenance of the Google Pay service.

    Google also reserves the right to merge the processed transaction data with other information that is collected and stored by Google when using other Google services.

    Google Pay’s terms of service can be found here:

    https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0& ldt=googlepaytos&ldl=de

    Further information on data protection for Google Pay can be found at the following web address:

    https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0& ldt=privacynotice&ldl=de

    – Klarna

    If you select a Klarna payment service, the payment will be processed by Klarna Bank AB (publ) [https://www.klarna.com/de], Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter referred to as “Klarna”). In order to enable the payment to be processed, your personal data (first and last name, street, house number, postal code, city, gender, e-mail address, telephone number and IP address) as well as data relating to the order will be processed (e.g. B. Invoice amount, item, delivery method) for the purpose of identity and creditworthiness check to Klarna, provided that you hereby according to Art. 6 Abs. 1 bed. a DSGVO have expressly consented to this during the ordering process. You can see which credit agencies your data can be forwarded to here:

    https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies

    The credit report may contain probability values (so-called “São Paulo”). score values). As far as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical process. Among other things, but not exclusively, address data is included in the calculation of the score values. Klarna uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, implementation or termination of the contractual relationship.

    You can withdraw your consent at any time by sending a message to the data controller or to Klarna. However, Klarna may remain continues to be entitled to process your personal data insofar as this is necessary for the processing of payments in accordance with the contract.

    Your personal data will be processed in accordance with the applicable data protection regulations and in accordance with the information in Klarna’s Privacy Policy for Data Subjects based in Germany https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy

    1. for data subjects based in Austria https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy

    Behendel.

    – PayPal

    When paying via PayPal, credit card via PayPal, direct debit via PayPal or – if offered – “purchase on account” or “installment payment” via PayPal, we pass on your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as “PayPal”) as part of payment processing. The transfer takes place in accordance with Art. 6 Abs. 1 bed. b GDPR and only to the extent necessary for payment processing.

    PayPal reserves the right to carry out a credit report for the payment methods credit card via PayPal, direct debit via PayPal or – if offered – “purchase on account” or “installment payment” via PayPal. For this purpose, your payment data may be processed in accordance with Art. 6 Abs. 1 bed. f DSGVO on the basis of PayPal’s legitimate interest in determining your solvency to credit agencies. PayPal uses the result of the credit check in relation to the statistical probability of payment default for the purpose of deciding whether to provide the respective payment method. The credit report may contain probability values (so-called score values). As far as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical process. Among other things, but not exclusively, address data is included in the calculation of the score values. Further information on data protection, including the credit agencies used, can be found in PayPal’s privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

    You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may remain continues to be entitled to process your personal data insofar as this is necessary for the processing of payments in accordance with the contract.

    – SOFORT

    If you select the payment method “SOFORT”, payment processing will be carried out by the payment service provider SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter referred to as “SOFORT”), to whom we will send your information provided during the ordering process along with the information about your order in accordance with Art. 6 Abs. 1 bed. b GDPR. Sofort GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). Your data will only be passed on for the purpose of payment processing with the payment service provider SOFORT and only to the extent that it is necessary for this. You can find more information about SOFORT’s privacy policy at the following Internet address: https://www.klarna.com/sofort/datenschutz.

    8) Online-Marketing

    Facebook Pixel for Creating Custom Audiences with Advanced Data Matching

    Within our online offer, the so-called “Facebook Pixel” of the social network Facebook in the mode of extended data synchronization, which is operated by Facebook Ireland Limited, 4 Grand Canal Quare, Dublin 2, Ireland (“Facebook”).

    On the basis of their explicit consent, when a user clicks on an advertisement displayed on Facebook and placed by us, an addition is added to the URL of our linked page by Facebook Pixel. After forwarding, this URL parameter is then written to the user’s browser via cookie, which our linked page sets itself. In addition, specific customer data such as the e-mail address, which we collect on our website linked to the Facebook ad for transactions such as purchases, account logins or registrations, is recorded by this cookie (extended data comparison). The cookie is then read by Facebook Pixel and enables the data, including specific customer data, to be forwarded to Facebook.

    With the help of the Facebook pixel with extended data synchronization, Facebook is able, on the one hand, to identify visitors to our online offering as a target group for the display of advertisements (so-called “cookies”). “Facebook Ads”) to be precisely determined. Accordingly, we use the Facebook pixel with extended data synchronization in order to only display the Facebook ads we have placed to those Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products, which determined based on the websites visited), which we transmit to Facebook (so-called „Custom Audiences“). With the help of the Facebook pixel with extended data comparison, we also want to ensure that our Facebook ads correspond to the potential interest of the user and are not annoying. In this way, we can further evaluate the effectiveness of the Facebook ads for statistical and market research purposes by understanding whether users were redirected to our website after clicking on a Facebook ad (so-called. „Conversion“). Compared to the standard version of Facebook Pixel, Advanced Data Matching helps us better measure the effectiveness of our ad campaigns by tracking more attributed conversions.

    All transmitted data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook Data Use Policy (https://www.facebook.com/about/privacy/). The data may enable Facebook and its partners to place advertisements on and off Facebook.

    These processing operations will only take place if explicit consent is given in accordance with Art. 6 Abs. 1 bed. and DSGVO.

    Consent to the use of the Facebook pixel may only be given by users who are older than 13 years. If you are younger, please ask your legal guardians for permission.

    The information generated by Facebook is usually transmitted to a Facebook server and stored there, which may also result in a transmission to the servers of Facebook Inc. in the USA. Facebook Inc., based in the USA, is certified for the US-European data protection agreement “Privacy Shield”, which ensures compliance with the data protection level applicable in the EU.

    You can revoke your consent at any time by deactivating Facebook pixel tracking. For this purpose, you can set an opt-out cookie by clicking on the link below, which deactivates Facebook pixel tracking:

    Disable Facebook pixel

    This opt-out cookie only works in that browser and only for that domain. If you delete your cookies in this browser, you will need to click on the link above again.

    9) Rights of the data subject

    9.1 The applicable data protection law grants you comprehensive rights as a data subject vis-à-vis the controller with regard to the processing of your personal data (rights of information and intervention), of which we inform you below:

    Right of access pursuant to Art. 15 GDPR: In particular, you have a right to information about your personal data processed by us, the processing purposes, the categories of personal data processed, the recipients or categories of recipients to whom your data was or will be disclosed, the planned storage period or the criteria for determining the storage period, the existence of a right to correction, deletion, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if they were not collected from you by us, the existence of an automated decision-making including profiling and Meaningful information about the logic involved and the scope and intended effects of such processing on you, as well as your right to information about the guarantees pursuant to Art. 46 GDPR in the event of the transfer of your data to third countries;

    Right to rectification pursuant to Art. 16 GDPR: You have the right to have incorrect data concerning you corrected without undue delay and/or to have your incomplete data stored by us completed;

    Right to erasure pursuant to Art. 17 GDPR: You have the right to have your personal data deleted if the requirements of Art. 17 Abs. 1 GDPR. However, this right does not apply, in particular, where the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;

    Right to restriction of processing pursuant to Art. 18 GDPR: You have the right to request the restriction of the processing of your personal data as long as the accuracy of your data, which you contest, is verified, if you oppose the deletion of your data due to inadmissible data processing and instead request the restriction of the processing of your data, if you need your data to assert, exercise or defend legal claims, after we no longer need this data after the purpose has been achieved or if you have lodged an objection for reasons of your particular situation, as long as it has not yet been determined whether our legitimate reasons prevail;

    Right to information pursuant to Art. 19 GDPR: If you have asserted the right to correction, deletion or restriction of processing against the person responsible, he is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction of processing, it unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients.

    Right to data portability pursuant to Art. 20 GDPR: You have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller, insofar as this is technically feasible;

    Right to withdraw consent pursuant to Art. 7 Abs. 3 GDPR: You have the right to revoke your consent to the processing of data at any time with effect for the future. In the event of revocation, we will delete the data concerned immediately, unless further processing can be based on a legal basis for processing without consent. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent before its withdrawal;

    Right to lodge a complaint pursuant to Art. 77 GDPR: If you believe that the processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, without prejudice to any other administrative or judicial remedy.

    9.2 RIGHT TO OBJECT

    IF, AS PART OF A BALANCING OF INTERESTS, WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME WITH EFFECT FOR THE FUTURE ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION.

    IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO FURTHER PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OUTWEIGH YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL CLAIMS.

    IF YOUR PERSONAL DATA IS PROCESSED BY US FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.

    IF YOU MAKE USE OF YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

    10) Duration of storage of personal data

    The duration of the storage of personal data is determined by the respective legal basis, the purpose of the processing and – if relevant – additionally by the respective statutory retention period (e.g. retention periods under commercial and tax law).

    When processing personal data on the basis of explicit consent pursuant to Art. 6 Abs. 1 bed. a GDPR, this data will be stored until the data subject withdraws his or her consent.

    Are there statutory retention periods for data that is stored in the context of legal transactions or obligations similar to legal transactions on the basis of Art. 6 Abs. 1 bed. b GDPR, this data will be routinely deleted after the expiry of the retention periods, provided that they are no longer required for the fulfilment or initiation of a contract and/or there is no legitimate interest on our part in the further storage.

    When processing personal data on the basis of Art. 6 Abs. 1 bed. f GDPR, this data is stored until the data subject exercises his right of objection in accordance with Art. 21 Abs. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

    In the case of the processing of personal data for the purpose of direct marketing on the basis of Art. 6 Abs. 1 bed. f GDPR, this data is stored until the data subject exercises his right of objection in accordance with Art. 21 Abs. 2 GDPR.

    Unless otherwise stated in the other information in this statement on specific processing situations, stored personal data will be deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.