Privacy policy


Privacy

We have written this data protection declaration (version 29.06.2020-311190283) in order to explain to you in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 what information we collect, how we use data and what decision options you have as a visitor to this website.

Unfortunately, it is in the nature of things that these explanations sound very technical, but we tried to describe the most important things as simply and clearly as possible.

Automatic data storage

When you visit websites these days, certain information is automatically created and saved, including on this website.

If you visit our website as you are now, our web server (computer on which this website is stored) automatically stores data such as

The address (URL) of the website accessed

Browser and browser version

The operating system used

The address (URL) of the previously visited page (referrer URL)

The host name and the IP address of the device from which access is being made

Date and Time

In files (web server log files).

As a rule, web server log files are saved for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out that this data will be viewed in the event of illegal behaviour

Cookies

Our website uses HTTP cookies to store user-specific data.

In the following we explain what cookies are and why they are used so that you can better understand the following data protection declaration.

What exactly are cookies?

Whenever you surf the Internet, use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites save small text files in your browser. These files are called cookies.

One thing cannot be denied: Cookies are really useful helpers. Almost all websites use cookies. More specifically, they are HTTP cookies because there are also other cookies for other areas of application. HTTP cookies are small files that our website stores on your computer. These cookie files are automatically placed in the cookie folder, the "brain" of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data about you, such as language or personal page settings. When you visit our site again, your browser transmits the "user-related" information back to our site. Thanks to cookies, our website knows who you are and offers you your usual standard setting. In some browsers, each cookie has its own file; in others, such as Firefox, all cookies are stored in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our website, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie is to be assessed individually, since each cookie stores different data. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “pests”. Cookies also cannot access information from your PC.

For example, cookie data can look like this:

Name: _ga

Expiry time: 2 years

Use: Differentiation of website visitors

Example value: GA1.2.1326744211.152311190283

A browser should support the following minimum sizes:

 

A cookie should contain at least 4096 bytes

At least 50 cookies should be saved per domain

A total of at least 3000 cookies should be saved

 

What types of cookies are there?

The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies.

There are 4 types of cookies:

Strictly necessary cookies

These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed if a user places a product in the shopping cart, then surfs on other pages and only later checks out. These cookies do not delete the shopping cart, even if the user closes his browser window.

Functional cookies

These cookies collect information about user behaviour and whether the user receives any error messages. In addition, these cookies are used to measure the loading time and behaviour of the website in different browsers.

Targeted cookies

These cookies improve user-friendliness. For example, entered locations, font sizes or form data are saved.

Advertising cookies

These cookies are also called targeting cookies. They serve to deliver customized advertising to the user. This can be very practical, but it can also be very annoying.

When you visit a website for the first time, you are usually asked which of these types of cookies you want to allow. And of course this decision is also saved in a cookie.

How can I delete cookies?

You decide how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option of deleting cookies, only partially allowing or deactivating them. For example, you can block third-party cookies but allow all other cookies.

If you want to determine which cookies have been saved in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: delete, activate and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: delete cookies to remove data that websites have stored on your computer

Internet Explorer: delete and manage cookies

Microsoft Edge: delete and manage cookies

If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. For each individual cookie, you can decide whether you want to allow the cookie or not. The procedure differs depending on the browser. It is best to search for the instructions in Google with the search terms "Delete cookies Chrome" or "Deactivate cookies Chrome" in the case of a Chrome browser or exchange the word "Chrome" for the name of your browser, e.g. Edge, Firefox, Safari off.

What about my data protection?

The so-called "Cookie Policy" has been in existence since 2009. This states that the storage of cookies requires your consent. However, there are still very different reactions to these guidelines within the EU countries. In Germany, the cookie guidelines were not implemented as national law. Instead, this directive was largely implemented in Section 15 (3) of the Telemedia Act (TMG).

If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments by the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.

Storage of personal data

Personal data that you transmit to us electronically on this website, such as name, email address, address or other personal information in the context of the transmission of a form or comments in the blog, will be collected by us together with the time and the IP address. Address used only for the specified purpose, kept safe and not passed on to third parties.

We therefore use your personal data only for communication with those visitors who expressly request contact and for the processing of the services and products offered on this website. We will not pass on your personal data without consent, but we cannot rule out that this data will be viewed in the event of illegal behaviour.

If you send us personal data by e-mail - thus outside of this website - we cannot guarantee secure transmission and protection of your data. We recommend that you never send confidential data unencrypted by email.

The legal basis according to Article 6 Paragraph 1 a GDPR (lawfulness of processing) is that you give us your consent to the processing of the data you have entered. You can revoke this consent at any time - an informal email is sufficient, you will find our contact details in the imprint.

Rights under the General Data Protection Regulation

According to the provisions of the GDPR, you have the following basic rights:

Right to rectification (Article 16 GDPR)

Right to erasure ("right to be forgotten") (Article 17 GDPR)

Right to restriction of processing (Article 18 GDPR)

Right to notification - notification obligation in connection with the correction or deletion of personal data or the restriction of processing (Article 19 GDPR)

Right to data portability (Article 20 GDPR)

Right to object (Article 21 GDPR)

Right not to be subject to a decision based solely on automated processing - including profiling (Article 22 GDPR)

If you believe that the processing of your data violates data protection law or your data protection claims have otherwise been violated in any way, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).

Evaluation of visitor behaviour

In the following data protection declaration we inform you whether and how we evaluate data from your visit to this website. The data collected is generally evaluated anonymously, and we cannot conclude that you are a person based on your behaviour on this website.

You can find out more about the possibilities of contradicting this evaluation of the visit data in the following data protection declaration.

TLS encryption with https

We use https to transfer data securely on the Internet (data protection through technology design Article 25 paragraph 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission over the Internet, we can ensure the protection of confidential data. You can recognize the use of this data protection by the small lock symbol in the top left of the browser and the use of the https scheme (instead of http) as part of our Internet address.

Newsletter privacy policy

When you sign up for our newsletter, you submit the above-mentioned personal data and give us the right to contact you by email. We use the data stored as part of the registration for the newsletter exclusively for our newsletter and do not pass it on. If you unsubscribe from the newsletter - you will find the link for this at the bottom of every newsletter - we will delete all data that was saved when you subscribed to the newsletter.

Sofortüberweisung Privacy Policy

We offer the payment method "Sofortüberweisung" of the company Sofort GmbH for cashless payment on our website. Sofort GmbH has been part of the Swedish company Klarna since 2014, but is based in Germany, Theresienhöhe 12, 80339 Munich. If you choose this payment method, personal data will also be transmitted to Sofort GmbH or Klarna, stored and processed there. With this data protection text we give you an overview of the data processing by Sofort GmbH. What is an "instant transfer"? Sofortüberweisung is an online payment system that enables you to place an order via online banking. The payment processing is carried out by Sofort GmbH and we immediately receive information about the payment made. Anyone who has an active online banking account with PIN and TAN can use this method. Only a few banks do not yet support this payment method.

Why do we use "Sofortüberweisung" on our website?

Our goal with our website and our integrated online shop is to offer you the best possible service. In addition to the overall experience on the website and our offers, this also includes smooth, fast and secure payment processing of your orders. To ensure this, we use "Sofortüberweisung" as a payment system.

What data is saved by "Sofortüberweisung"?

If you carry out an immediate transfer via the Sofort / Klarna service, data such as name, account number, bank code, subject, amount and date are stored on the company's servers. We also receive this information via the payment confirmation.

As part of the account coverage check, Sofort GmbH checks whether your account balance and overdraft facility cover the payment contribution. In some cases it is also checked whether instant transfers have been successfully carried out in the last 30 days. Furthermore, your user identification (such as the owner number or contract number) will be collected and saved in a shortened ("hashed") form and your IP address. BIC and IBAN are also saved for SEPA transfers.

According to the company, no other personal data (such as account balances, sales data, credit limits, account lists, mobile phone numbers, authentication certificates, security codes or PIN / TAN) are collected, stored or passed on to third parties.

Sofortüberweisung also uses cookies to make your own service more user-friendly. When you order a product, you will be redirected to the Sofort or Klarna website. After successful payment you will be redirected to our thank you page. The following three cookies are set here:

Name: SOFUEB

Value: e8cipp378mdscn9e17kajlfhv7311190283-5 Purpose: This cookie stores your session ID. Expiration date: after ending the browser session Name: User [user_cookie_rules] Value: 1 Purpose: This cookie stores your consent to the use of cookies. Expiry date: after 10 years 

Name: _ga

Value: GA1.2.69759879.1589470706 Purpose: By default, analytics.js uses the _ga cookie to store the user ID. Basically, it serves to differentiate between website visitors. This is a Google Analytics cookie. Expiry date: after 2 years

Note: The cookies listed here do not claim to be complete. It may always be the case that Sofortüberweisung also uses other cookies.

How long and where is the data stored?

All data collected are stored within the legal retention requirement. This obligation can last between three and ten years.

Klarna / Sofort GmbH only tries to save data within the EU or the European Economic Area (EEA). If data is transferred outside of the EU / EEA, the data protection must comply with the GDPR, the country must make an adequacy decision by the EU or hold the US Privacy Shield certificate.

How can I delete my data or prevent data storage?

You can withdraw your consent for Klarna to process personal data at any time. You also always have the right to information, correction and deletion of your personal data. You can simply contact the company's data protection team by email at datenschutz@sofort.com. You can manage, delete or deactivate possible cookies that Sofortüberweisung uses. This works differently depending on your preferred browser. The following instructions show how to manage cookies in the most common browsers:

Chrome: delete, activate and manage cookies in Chrome (https://support.google.com/chrome/answer/95647?tid=311190286)

Safari: Manage cookies and website data with Safari (https://support.apple.com/de-at/guide/safari/sfri11471/mac?tid=311190286)

Firefox: delete cookies to remove data that websites have stored on your computer (https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen?tid=311190286)

Internet Explorer: Deleting and managing cookies (https://support.microsoft.com/de-at/help/17442/windows-internet-explorer-delete-manage-cookies?tid=311190286)

Microsoft Edge: Deleting and managing cookies (https://support.microsoft.com/de-at/help/4027947/microsoft-edge-delete-cookies?tid=311190286)

If you would like to learn more about data processing through the "Sofortüberweisung" from Sofort GmbH, we recommend the data protection declaration at https://www.sofort.de/datenschutz.html

Source: Created with the data protection generator from AdSimple in cooperation with hashtagmann.de