We will only collect and process the personal data (such as your name, address, e-mail address, telephone number, payment details) you provide when ordering goods, opening a customer account or for other purposes if and to the extent that you have consented to the processing thereof or other permission pursuant to Art. 6 General Data Protection Regulation (GDPR) exists.
The IP address of the user will also be logged on our website for technical reasons.
We process and use the personal data collected in order to perform the service you requested (Art. 6 (1) letter b) GDPR), to process your enquires (Art. 6 (1) letter b) GDPR), on the basis of your express consent to perform a credit check if you want us to make an advance performance, such as when purchasing on account (Art. 6 (1) letter a) GDPR), to issue an invoice (Art. 6 (1) letter b) GDPR), in order to ensure compliance with laws and regulations, particularly the retention requirements pursuant to Section 257 German Commercial Code (HGB) (Art. 6 (1) letter c) GDPR) and in order to assert (legal) claims (Art. 6 (1) letter f) GDPR).
Subject to your separate consent, we will also use the personal data we store in order to inform you about products and other services in our newsletter. We will only send you our newsletter by e-mail if you have provided your express consent in the double opt-in procedure. You can also unsubscribe to our newsletter at any time by clicking on the link at the end of our newsletter.
2. DISCLOSURE OF PERSONAL DATA
For the purposes mentioned in Section 1, we reserve the right to transfer your personal data within the European Union and other States party to the Agreement on the European Economic Area to service providers engaged by us. They are obliged to treat your personal data confidentially and to only use them in compliance with applicable data protection provisions in order to render the requested services.
We work with the following categories of service provider:
- E-commerce agency and web host for the running of our website and our webshop
- Fulfillment service provider for shipping
- Hotline service provider for customer service
- Shipping providers for goods shipment
- Payment services provider for clearing, factoring and payment processing
- Banks for payment processing
- Tax advisors for financial accounting
- IT service providers for the technical support of our IT systems
- Online marketing agencies and newsletter senders for customer communication
- Online analyse agencies for IP allocation und tracking
If you are not the recipient of the services, you are obliged to obtain the consent of the recipient to the processing of their personal data before providing them to us.
Apart from such cases, we will only disclose the personal data we store to third parties if you have expressly authorised us to do so (Art. 6 (1) letter a) GDPR) or we are obliged to do so by law (Art. 6 (1) letter c) GDPR), or such a transfer is necessary in order to assert or protect our rights (Art. 6 (1) letter f) GDPR).
3. DURATION OF STORAGE OF YOUR PERSONAL DATA
To fulfil our retention obligations pursuant to Section 257 of the German Commercial Code (HGB), we will store your personal data collected within the scope of a goods order for 10 years from the last invoice or credit note issued to you. If you have not settled all payment claims due to us within the 10-year period, we will continue storing your personal data until all our outstanding payment claims are settled. We will store data collected within the scope of other contracts for 6 years from our last response (Section 257(4) HGB).
If you have requested our newsletter, we will store your personal data until you unsubscribe our newsletter or object to the further processing of your personal data to send the newsletter.
4. YOUR RIGHTS
You can send an e-mail to firstname.lastname@example.org at any time in order to enquire about the personal information we have stored, add to your personal data and request the rectification of incorrect personal data. We will process your enquiry promptly.
You can of course send an e-mail to email@example.com to request the erasure pursuant to Art. 17 GDPR or the restriction of processing pursuant to Art. 18 GDPR of the personal data we have stored. We will then immediately erase or restrict the processing of your personal data we have stored. The erasure or restriction of processing shall in any case only take place once all existing contracts and other legal relationships with you have been completed. Data may only be erased once we are no longer required to retain them by law. Please note that once we have erased or restricted the processing of the data, we can no longer access the data you have provided and may not be able to process any pending enquiries. Insofar as we are required by law to retain personal data, we will make them subject to a non-disclosure notice and no longer use them for communication.
Insofar as we process your personal data, you are entitled to request a copy of those data in writing or electronically. We shall send you the first copy of your personal data or forward this to the third party appointed by you free of charge.
Insofar as you have consented to the processing of your personal data and we have not yet stored these, we shall provide these to you or to a third party appointed by you at your request.
Should you believe that the processing of your personal data constitutes a breach of the GDPR, you also have the right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR.
If the data processing takes place on the basis of your consent (particularly in order to perform a credit check and if applicable to send our newsletter), you can revoke consent at any time.
You have the right to object to the processing of your personal data for the purposes of the legitimate interests pursued by us or a third party pursuant to Art. 6 (1) letter f) GDPR pursuant to Art. 21 GDPR. Upon your objection, we shall suspend the data processing on the basis of Art. 6 (1) letter f) GDPR, unless we can demonstrate compelling and legitimate grounds for the processing, particularly if you have not yet settled all our outstanding payment claims.
If you have any questions on data protection, you can send us an e-mail at firstname.lastname@example.org. We will be happy to answer your questions free of charge. Instead of e-mail, you can of course also contact the responsible office pursuant to section 11 by post or by fax.
5. INTEGRATION OF THE USE OF THE TRUSTED SHOPS TRUSTBAGDE
The Trusted Shops Trustbadge is integrated into this website to show our Trusted Shops seal of approval and ratings collected, as well as to offer Trusted Shops products to buyers after they have placed an order.
In balancing the various interests, this serves to safeguard our legitimate interests in the best possible marketing of our products and services in accordance with Art. 6(1) letter f) GDPR. The Trustbadge and the services promoted with it are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany.
When the Trustbadge is called up, the web server automatically saves a so-called server log file, which contains, for example, your IP address, the date and time of access, the volume of data transmitted and the requesting provider (access data) and documents the access. These access data are not analysed and will be automatically overwritten seven days after the end of your visit to the site.
Further personal data will only be transferred to Trusted Shops if you have given your consent to this, if you decide to use Trusted Shops products, after completing an order or if you have already registered to use them. In this case, the contractual agreement concluded between you and Trusted Shops applies.
7. FUNCTIONS OF AND DATA COLLECTION BY SOCIAL NETWORKS
Our services use social network functions (plugins): Plugins with a white "f" on a blue tile or "thumbs up" or "like" operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook").
If you enter a website we operate that uses such plugins, your browser will connect with servers of the plugin provider, which may be in the USA. The content of the plugins is transferred directly by the plugin providers to your browser and integrated in the page. We have no control over the extent of the data that the plugin provider collects. According to the representations of the platforms, personal data of non-members, of logged in or non-logged in members, including their IP addresses, will be collected, processed and transferred to servers in the USA and other locations.
If you are logged into the particular social network, this can directly assign the visit to our website to your profile. If you interact with the plugins (such as by clicking on the "like" button or making a comment), this information (including your IP address) will also be transferred directly to a server of the plugin provider, which may be in the USA, and stored there.
Facebook users should also note that the "Website Custom Audiences ("WCA") communication tool provided by Facebook is used. To this end, Facebook pixels are integrated in our website, which anonymously flag you as a user of our website without identifying you personally. If you subsequently log into Facebook, a non-reversible and also non-personal checksum (profile) of your usage data is transferred to Facebook for analysis and marketing purposes. For further information on the purpose and scope of data collection and the further processing and use of the data by Facebook as well as your settings options to protect your privacy, please read the Facebook data protection guidelines, which can be found at https://www.facebook.com/ads/website_custome_audiences/ and https://www.facebook.com/privacy/explanation. If you wish to object to the use of WCA, you can do so at: https://www.facebook.com/ads/website_custome_audiences/.
If you are a member of the relevant network, but do not wish the provider to link the data collected from our website to your profile, you can take the following measures:
- Always log out of the relevant network completely before visiting other websites and delete any corresponding cookies;
- Hide the plugins via your ad blocker. You can find information on this at: http://www.antispam-ev.de/wiki/Werbeblocker_für_Browser
Our presence on social networks and platforms serves to better and more actively communicate with our customers and prospects. We inform you about our products and current promotions there.
When visiting our online social media sites, your information may be collected and stored automatically for marketing research and promotional purposes. From this data, usage profiles are created using pseudonyms. These can be used e.g. to place advertisements within and outside the platforms are presumed to be in line with your interests. For this purpose, cookies are usually used on your device. These cookies store visitor behaviour and user interests. In balancing the various interests, this serves to safeguard our legitimate interests in the best possible presentation of our products and services as well as more effective communication with our customers and interested parties in accordance with Art. 6(1) letter f) GDPR. If you are asked by the respective social media platform operators to consent to the data processing, e.g. by ticking a checkbox, the legal basis for data processing is Art. 6(1) letter a) GDPR. As far as the aforementioned social media platforms are headquartered in the US, the following applies: for the US, there is a decision on adequacy of the European Commission. This is based on the EU-US Privacy Shield. The current certificate for the company in question can be viewed here.
8. GOOGLE ANALYTICS
You can also refuse the logging of the data generated by the cookie in relation to your use of the website (incl. your IP address) for Google and the processing of this data by Google by downloading and installing the browser plugin available on the following link: http://tools.google.com/dlpage/gaoptout?hl=de
Please click here to disable Google Analytics tracking.
9. GOOGLE ADWORDS REMARKETING
Google AdWords promotes this website in Google's search results and on third-party websites. For this purpose, when visiting our website, the remarketing cookie is set by Google, which uses a pseudonymous cookie ID to automatically enable interest-based advertising based on the pages you visit. In balancing the various interests, this serves to safeguard our legitimate interests in the best possible marketing of our website in accordance with Art. 6(1) letter f) GDPR. After the expiration and end of the use of Google AdWords remarketing by us, the data collected in this context will be deleted.
Additional processing will only take place if you have agreed with Google that your web and app browsing history will be linked to your Google account by Google and that information from your Google account will be used to personalise the ads you are shown on the web. In this case, when you sign in to Google while you are visiting our website, Google uses your data together with Google Analytics data to create and define target audience lists for cross-device remarketing. To this end, Google will temporarily associate your personal information with Google Analytics data to create target audiences.
Google AdWords remarketing is a service offered by Google LLC (www.google.com). Google LLC is headquartered in the US and is certified under the EU-US Privacy Shield. The current certificate can be viewed here. Under the agreement between the US and the European Commission, the latter has established an appropriate level of data protection for companies certified under the Privacy Shield.
You can disable the remarketing cookie through this link. In addition, you can obtain information about the setting of cookies and make corresponding settings at the Digital Advertising Alliance.
10. BINGADS REMARKETING
BingAds promotes this website in Bing, Yahoo and MSN's search results and on third-party websites. For this purpose, when visiting our website, a cookie is set, which uses a pseudonymous cookie ID to automatically enable interest-based advertising based on the pages you visit. In balancing the various interests, this serves to safeguard our legitimate interests in the best possible marketing of our website in accordance with Art. 6(1) letter f) GDPR. After the expiration and end of the use of BingAds remarketing by us, the data collected in this context will be deleted.
BingAds is a service offered by the Microsoft Corporation (www.microsoft.com). The Microsoft Corporation is headquartered in the US and is certified under the EU-US Privacy Shield. The current certificate can be viewed here. Under the agreement between the US and the European Commission, the latter has established an appropriate level of data protection for companies certified under the Privacy Shield. You can disable the remarketing cookie through this link. In addition, you can obtain information about the setting of cookies and make corresponding settings at the Digital Advertising Alliance.
11. GOOGLE MAPS
This website uses Google Maps for the visual presentation of geographic information. Google Maps is operated by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (hereafter: Google). In balancing the various interests, this serves to safeguard our legitimate interests in the best possible presentation of our products and services as well as easier accessibility of our locations in accordance with Art. 6(1) letter f) GDPR.
When using Google Maps, Google transmits or processes data about the use of the Maps features by website visitors, which may include, in particular, the IP address and location data. We have no influence on this data processing.
Google is certified under the EU-US Privacy Shield. The current certificate can be viewed here. Under the agreement between the US and the European Commission, the latter has established an appropriate level of data protection for companies certified under the Privacy Shield.
In order to deactivate the Google Maps service and thus prevent the transmission of data to Google, you must deactivate the Java Script function in your browser. In this case Google Maps can be used only to a limited extent or not at all.
On this website, technologies of Hurra Communications GmbH (www.hurra.com) collect and store data on your user behaviour on our website for optimisation and marketing purposes. These data are used to analyse the conduct of visitors and are used to create pseudonymous usage profiles. For this purpose, cookies which allow the recognition of an Internet browser when revisiting the website are used. However, usage profiles collected by hurra.com technologies are not associated with personal data on the bearer of the pseudonym without the express consent of the visitor. The IP addresses of visitors are shortened prior to storage in order to prevent personal identification and any association of usage profiles with IP addresses.
You will find further information in the hurra.com privacy statement. Visitors to the website can refuse the data collection and storage by hurra.com technology for this website at any time with future effect by opting out.
13. DATA SECURITY
In the order process, your personal data will be transmitted over the Internet using SSL encryption. We secure our website and other systems with technical and organisational measures against loss, destruction, access, changes or the distribution of your data by unauthorised persons. Access to your customer account is only possible by entering your personal password.
You should always treat your access information confidentially and close the browser window if you have finished communicating with us, particularly when you are using a shared computer.
15. MINIMUM AGE
We offer our services and products to users who are at least 16 years of age.
16. CONTACT PERSON FOR DATA PROTECTION
For any questions on the collection, processing or use of your personal data, for information, rectification, blocking or erasure of data and to revoke any consent granted, please contact our data protection officer, Mr. René Rautenberg by e-mail at email@example.com or under our postal address with the addition: “data protection officer“.
The controller as defined by the General Data Protection Regulation is:
COEUR DE LION Schmuckdesign GmbH
Krefelder Str. 32
phone: +49 (0)711-55 37 55 0
fax: +49 (0)711-55 37 55 10
Our external Data Protection Officer is:
ER Secure GmbH
In der Knackenau 4