Privacy Policy
Privacy Policy
Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor necessary for entering into a contract. You are not obliged to provide the data. Failure to provide it will have no consequences. This applies only insofar as no other information is given in the following processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.
Contact
Controller
Contact us if you wish. The data controller is: Anna Konopa, Beeskowerstr. 4, 15234 Frankfurt (O) Germany, +49 335 401 46485, info@konsystem.de
Customer-initiated contact via email
If you initiate business contact with us via email, we collect your personal data (name, email address, message text) only to the extent provided by you. Data processing serves the purpose of handling and responding to your contact request.
If the contact serves to carry out pre-contractual measures (e.g., consultation for purchase interest, offer creation) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If the contact is made for other reasons, this data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in processing and responding to your request. In this case, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6 para. 1 lit. f GDPR.
We will only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when using the contact form
When using the contact form, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves the purpose of contacting you.
If the contact serves to carry out pre-contractual measures (e.g., consultation for purchase interest, offer creation) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If the contact is made for other reasons, this data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in processing and responding to your request. In this case, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6 para. 1 lit. f GDPR.
We will only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
If you contact us for business purposes via WhatsApp, we use the WhatsApp Business version provided by WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "WhatsApp"). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
Data processing serves to process and respond to your contact request. For this purpose, we collect and process your mobile number stored with WhatsApp, your name if provided, and other data to the extent provided by you. We use a mobile device for the service in whose address book only data of users who have contacted us via WhatsApp are stored. Personal data is therefore not passed on to WhatsApp unless you have already consented to this with WhatsApp.
Your data will be transmitted by WhatsApp to servers of Meta Platforms Inc. in the USA. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. has certified itself under the TADPF and thereby committed to complying with European data protection principles. If the contact serves to carry out pre-contractual measures (e.g., consultation for purchase interest, offer creation) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If the contact is made for other reasons, this data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in providing quick and easy contact and in responding to your request. In this case, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6 para. 1 lit. f GDPR.
We will only use your personal data to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Further information on terms of use and data protection when using WhatsApp can be found at https://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy.
Customer Account Orders
Customer Account
When opening a customer account, we collect your personal data to the extent specified there. Data processing serves to improve your shopping experience and simplify order processing. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until revocation. Your customer account will then be deleted.
Reviews Advertising
Trustami Customer Review
The Trustami seal of approval is integrated into this website to display collected reviews and social media feedback. This serves to implement our legitimate interests in optimally marketing our offer on our own website in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. When the Trustami seal of approval is called up, the web server automatically stores data (access data) in the form of a server log file, which contains the name of the retrieved website, the file, the date and time of retrieval, your IP address in abbreviated form, the amount of data transferred, the message about successful retrieval, the browser type, the user's operating system, the referrer URL (the previously visited page) and the requesting provider. This access data is not evaluated and is automatically overwritten at the latest seven days after the end of your visit to the page. The Trustami seal of approval and the services advertised with it are an offer of Trustami GmbH, Schröderstraße 5, 10115 Berlin. For the processing of the data collected by Trustami, the data protection declaration of Trustami at www.trustami.com/datenschutz applies.
We use your personal data (name, address) that we received in connection with the sale of a product or service to send you postal advertising, unless you have objected to this use. The provision of this data is necessary for the conclusion of the contract. Failure to provide it means that a contract cannot be concluded.
The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in direct marketing. You can object to this use of your address data at any time by notifying us. You can find the contact details for exercising your right to object in the imprint.
Use of email address for sending newsletters
We use your email address to send you information and offers via newsletter, provided you have expressly consented to this. The data processing serves exclusively the purpose of advertising. For this purpose, we process your email address and, if applicable, other data that you voluntarily provided when subscribing to our newsletter.
The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the distribution list. Despite removal from the distribution list, we may still store your email address in a so-called blacklist to prevent you from receiving newsletter emails from us in the future. This storage is based on Art. 6 para. 1 lit. f GDPR from our and your legitimate interest in preventing the re-use of your email address for sending our newsletter. You have the right to object at any time, on grounds relating to your particular situation, to this processing of personal data concerning you.
Use of email address for sending direct advertising
We use your email address, which we have received in the context of the sale of a good or service, for the electronic sending of advertising for our own goods or services that are similar to those you have already purchased from us, unless you have objected to this use. The provision of the email address is necessary for the conclusion of the contract. Failure to provide it means that a contract cannot be concluded. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in direct advertising. You can object to this use of your email address at any time by notifying us. You can find the contact details for exercising your right to object in the imprint. You can also use the designated link in the advertising email. No costs other than the transmission costs according to the basic rates will be incurred for this.
Disclosure of email address to shipping companies for information on shipping status
We pass on your email address to the transport company as part of the contract processing, provided you have expressly consented to this in the order process. The transfer serves the purpose of informing you by email about the shipping status. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us or the transport company, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Use of an external merchandise management system
We use a merchandise management system for contract processing within the framework of order processing. For this purpose, your personal data collected during the order will be transmitted to
plentysystems AG, Johanna-Waescher-Straße 7, 34131 Kassel.
The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Payment Service Provider
Use of PayPal Express
We use the payment service PayPal Express from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of enabling you to pay via the PayPal Express payment service.
To integrate this payment service, it is necessary for PayPal to collect, store and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when the website is accessed. Cookies may also be used for this purpose. The cookies enable the recognition of your browser.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
By selecting and using PayPal Express, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Further information on data processing when using the PayPal Express payment service can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS
Use of PayPal Checkout
We use the payment service PayPal Checkout from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of enabling you to pay via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Cookies may be stored here, which enable the recognition of your browser. The data processing thereby taking place is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offer of various payment methods. You have the right to object at any time, on grounds relating to your particular situation, to this processing of personal data concerning you.
Credit Card via PayPal, Direct Debit via PayPal & "Pay Later" via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, PayPal reserves the right to obtain a credit report based on mathematical-statistical procedures using credit agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution or termination of the contractual relationship. The credit report may contain probability values (score values) that are calculated on the basis of scientifically recognized mathematical-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit assessment for contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protecting against payment default when PayPal makes advance payments.
You have the right to object at any time, on grounds relating to your particular situation, to this processing of personal data concerning you which is based on Art. 6 para. 1 lit. f GDPR, by notifying PayPal. The provision of the data is necessary for the conclusion of the contract with your desired payment method. Failure to provide it means that the contract cannot be concluded with your chosen payment method.
Third-party providers
When paying via a third-party payment method, the data required for payment processing is transmitted to PayPal. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. To carry out this payment method, the data may then be passed on by PayPal to the respective provider. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Local third-party providers may include, for example:
Invoice purchase via PayPal
When paying via invoice purchase, the data required for payment processing is first transmitted to PayPal. For the execution of this payment method, the data is then transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Ratepay may carry out a credit assessment based on mathematical-statistical procedures (probability or score values) using credit agencies according to the procedure already described above. The data processing serves the purpose of credit assessment for contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protecting against payment default when Ratepay makes advance payments. Further information on data protection and which credit agencies Ratpay uses can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.
Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Use of Shopify Payments
On our website, we use the payment service "Shopify Payments" provided by Shopify International Limited (2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify"). Payment processing in this case is handled by the payment service provider Stripe Payments Europe, Ltd. (1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland; "Stripe"). Data processing serves the purpose of offering you payment via the Shopify Payments service. By selecting and using a corresponding "Shopify Payments" payment method, the data required for payment processing is transmitted to Stripe in order to fulfill the contract with you using the chosen payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Stripe reserves the right to obtain a credit report based on mathematical-statistical procedures using credit agencies. For this purpose, Stripe transmits the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution or termination of the contractual relationship. The credit report may contain probability values (score values) that are calculated on the basis of scientifically recognized mathematical-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit assessment for contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protecting against payment default when Stripe makes advance payments.
You have the right to object at any time, on grounds relating to your particular situation, to this processing of personal data concerning you which is based on Art. 6 para. 1 lit. f GDPR, by notifying Stripe. The provision of the data is necessary for the conclusion of the contract with your desired payment method. Failure to provide it means that the contract cannot be concluded with your chosen payment method.
Further information on data processing when using the Shopify Payments service can be found in Shopify's privacy policy at: https://www.shopify.com/de/legal/datenschutz.
Further information on data processing when processing payments via the payment service provider Stripe can be found in Stripe's privacy policy at: https://stripe.com/de/privacy.
Cookies
Our website uses cookies. Cookies are small text files that are stored in the internet browser or by the internet browser on a user's computer system. If a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables unique identification of the browser when the website is called up again.
We use the consent tool “Shopify Privacy & Compliance” from Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website. Shopify is an affiliated company of Shopify Inc. (151 O’Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The tool allows you to give consent to data processing via the website, in particular the setting of cookies, and to exercise your right of withdrawal for already given consents. The data processing serves the purpose of obtaining and documenting necessary consents to data processing and thus complying with legal obligations. Cookies may be used for this purpose. User information, including your IP address, is collected and transmitted to Shopify.
Your data may be transferred to and processed in third countries outside the EU, in particular Canada and the USA. For Canada, an adequacy decision by the EU Commission exists. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations comparable to the EU Commission's standard contractual clauses.
The data processing is carried out to fulfill a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR.
Further information on data protection at Shopify can be found at https://www.shopify.com/de/legal/datenschutz.
Analysis Communication AI Tools
Use of Google Analytics 4
We use the web analytics service Google Analytics from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The data processing serves the purpose of analyzing this website and its visitors, as well as for marketing and advertising purposes. For this purpose, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide other services related to website use and internet use to the website operator.
This may include collecting the following information: IP address, date and time of page view, click path, information about the browser and device you are using, pages visited, referrer URL (website from which you accessed our website), location data, purchase activities. Your data may be linked by Google with other data, such as your search history, your personal accounts, your usage data from other devices and all other data Google has about you.
Your IP address is truncated by us on our own servers beforehand. Google thus only receives pseudonymized data.
Google uses technologies such as cookies, web storage in the browser and counting pixels, which enable an analysis of your use of the website. The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR.
The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
We use the advanced implementation of consent mode (Advanced Consent Mode). Even if consent is not granted, user data is transmitted to Google in the form of "pings". These pings may contain, among other things, the following information: IP address for deriving the IP country (the IP address is not logged), date and time of page view, URL of the visited pages, user agent, referrer URL (website from which our website was accessed) or information about triggering website events such as a conversion. Based on this information, Google models user data to enable a comprehensive usage analysis despite the denial of consent.
The information generated about your use of this website is usually transmitted to a Google server in the USA and stored there. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and thereby committed to complying with European data protection principles. Both Google and US government agencies have access to your data.
Further information on terms of use and data protection can be found at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/privacy?hl=de&gl=de.
Use of Hotjar
We use the analytics tool from Hotjar Ltd. (Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julians STJ1000, Malta; "Hotjar") on our website.
Data processing serves the purpose of needs-based design, optimization and analysis of our website.
The tool randomly records movements of page visitors on the website. This creates a log of mouse movements, scrolling behavior, dwell time and clicks on the website (so-called heatmap).
For this purpose, Hotjar uses cookies, among other things. The following information may be collected: IP address (in anonymized form), information about the device you are using (screen size, device, unique device identifier), information about the browser you are using, location data (only for the country), preferred language for displaying the website, operating system used. Detailed information on the cookies used, their function and storage period can be found here: https://help.hotjar.com/hc/en-us/articles/115011789248-Hotjar-Cookies.
User profiles are created from this data under a pseudonym. The data is not used to personally identify the website visitor and is not merged with personal data of the bearer of the pseudonym. Hotjar is contractually prohibited from selling the collected data to other third parties.
Your data may be transmitted to the USA. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Hotjar is not certified under the TADPF. The data transfer takes place, among other things, on the basis of appropriate safeguards. Hotjar will provide you with further information on the measures taken upon request.
The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on data protection when using Hotjar can be found here: https://www.hotjar.com/legal/policies/privacy#enduserenglish.
Use of Shopify Statistics
We use the statistics and analysis functions of Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of a commissioned processing arrangement. Shopify is an affiliated company of Shopify Inc. (151 O’Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
Data processing serves the purpose of analyzing this website and its visitors. For this purpose, data is stored for marketing and optimization purposes and provided in reports, analyses and statistics. The following device information, among others, is collected and processed: information about the web browser, IP address, time zone, and some of the cookies installed on your device. When you navigate the website, information about viewed web pages or products, the referrer URL (website from which you accessed our website), and information about how you interact with the website is also collected. For this purpose, technologies such as cookies, web beacons, tags, and pixels (electronic files for collecting information about how you navigate the website) are used.
Your data may be transferred to and processed in third countries outside the EU, in particular Canada and the USA. For Canada, an adequacy decision by the EU Commission exists. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations comparable to the EU Commission's standard contractual clauses.
The use of cookies or comparable technologies is carried out with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on data protection at Shopify can be found at https://www.shopify.com/de/legal/datenschutz, information on the order processing agreement at https://www.shopify.com/de/legal/dpa and information on the cookies used at https://www.shopify.com/de/legal/cookies.
Plugins and Others
We use the function for embedding YouTube videos from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube") on our website. YouTube is an affiliated company of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google").
The function displays videos stored on YouTube in an iFrame on the website. The "extended data protection mode" option is activated. This means that YouTube does not store any information about website visitors. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transferred to the USA. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself under the TADPF and thereby committed to complying with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on the collection and use of data by YouTube and Google, on your rights in this regard and options for protecting your privacy can be found in the privacy policy of YouTube at https://www.youtube.com/t/privacy.
Integration of the Händlerbund Member Logo
The Händlerbund member logo (Händlerbund e.V., Kohlgartenstraße 11 - 13, 04315 Leipzig) is integrated into our website. When you access our website, information is automatically sent to the server of Händlerbund e.V. by the browser used on your device. This information is temporarily stored in a so-called server log file for 7 days. The following information is collected without your intervention and stored until automated deletion:
Integration of the "FairCommerce" Initiative Logo
The logo of the "FairCommerce" initiative (Händlerbund e.V., Kohlgartenstraße 11 - 13, 04315 Leipzig) is integrated into our website. When you access our website, information is automatically sent to the server of Händlerbund e.V. by the browser used on your device. This information is temporarily stored in a so-called server log file for 7 days. The following information is collected without your intervention and stored until automated deletion:
Use of Google Fonts
We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
Data processing serves the purpose of uniform display of fonts on our website. To load the fonts, a connection to Google's servers is established when the page is accessed. Cookies may be used here. Among other things, your IP address and information about the browser you are using are processed and transmitted to Google. This data is not linked to your Google account.
Your data may be transferred to the USA. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and thereby committed to complying with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on data processing and data protection can be found at https://www.google.de/intl/de/policies/ and at https://developers.google.com/fonts/faq.
Duration of Storage
After complete contract processing, the data will first be stored for the duration of the warranty period, then taking into account legal, in particular tax and commercial law, retention periods and then deleted after the expiry of the period, unless you have consented to further processing and use.
Rights of the Data Subject
If the legal requirements are met, you have the following rights according to Art. 15 to 20 GDPR: Right to information, to rectification, to erasure, to restriction of processing, to data portability.
In addition, according to Art. 21 para. 1 GDPR, you have a right to object to processing based on Art. 6 para. 1 lit. f GDPR, as well as to processing for the purpose of direct marketing.
Right to complain to the supervisory authority
According to Art. 77 GDPR, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not lawful.
You can lodge a complaint, among others, with the supervisory authority responsible for us, which you can reach at the following contact details:
State Commissioner for Data Protection and for the Right to Inspect Files
Stahnsdorfer Damm 77
14532 Kleinmachnow
Tel.: +49 33203 3560
Fax: +49 33203 35649
E-Mail: poststelle@lda.brandenburg.de
Right to Object
If the personal data processing listed here is based on our legitimate interest according to Art. 6 para. 1 lit. f GDPR, you have the right to object to this processing at any time with effect for the future, on grounds relating to your particular situation.
After an objection, the processing of the data concerned will be terminated, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.
If personal data is processed for direct marketing purposes, you can object to this processing at any time by notifying us. After an objection, we will stop processing the data concerned for direct marketing purposes.
Last updated: 22.10.2024
Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor necessary for entering into a contract. You are not obliged to provide the data. Failure to provide it will have no consequences. This applies only insofar as no other information is given in the following processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.
Server Log Files
You can visit our websites without providing any personal information.
Each time you access our website, usage data is transmitted to us or our web host / IT service provider by your internet browser and stored in log data (so-called server log files). This stored data includes, for example, the name of the page accessed, the date and time of access, the IP address, the amount of data transferred, and the requesting provider.
The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in ensuring the undisturbed operation of our website and improving our offer.
Your data may be transferred to and processed in third countries outside the EU, in particular Canada and the USA. For Canada, an adequacy decision by the EU Commission exists. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations comparable to the EU Commission's standard contractual clauses.The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in ensuring the undisturbed operation of our website and improving our offer.
Contact
Controller
Contact us if you wish. The data controller is: Anna Konopa, Beeskowerstr. 4, 15234 Frankfurt (O) Germany, +49 335 401 46485, info@konsystem.de
Customer-initiated contact via email
If you initiate business contact with us via email, we collect your personal data (name, email address, message text) only to the extent provided by you. Data processing serves the purpose of handling and responding to your contact request.
If the contact serves to carry out pre-contractual measures (e.g., consultation for purchase interest, offer creation) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If the contact is made for other reasons, this data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in processing and responding to your request. In this case, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6 para. 1 lit. f GDPR.
We will only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when using the contact form
When using the contact form, we collect your personal data (name, email address, message text) only to the extent provided by you. The data processing serves the purpose of contacting you.
If the contact serves to carry out pre-contractual measures (e.g., consultation for purchase interest, offer creation) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If the contact is made for other reasons, this data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in processing and responding to your request. In this case, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6 para. 1 lit. f GDPR.
We will only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Use of address validation from Google Maps API
We use the address validation service of the provider Google (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland "Google") on our website.
The data processing serves the purpose of checking your entries in our address forms in real time for input and spelling errors, and supplementing missing data where necessary. In the event of incorrectly entered data, alternative suggestions for correcting the data are displayed. For this purpose, the address data entered by you is transmitted to the provider, stored and evaluated there.
Among other things, the following information can be transmitted to Google and processed there: postal addresses (country, city, postcode, street, house number), email address, telephone number.
Your data may also be transferred to the USA. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and thereby committed to complying with European data protection principles.
The processing of your personal data is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in correct data for the fulfillment of our contractual obligations. You have the right to object at any time, on grounds relating to your particular situation, to this processing of personal data concerning you.
The data is processed separately by the provider and not merged with other data. It will be deleted by the provider as soon as the status of the entered data has been determined, but at the latest after 30 days.
Further information on terms of use and data protection at Google can be found at https://cloud.google.com/maps-platform/terms and https://www.google.de/policies/privacy/.
WhatsApp BusinessWe use the address validation service of the provider Google (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland "Google") on our website.
The data processing serves the purpose of checking your entries in our address forms in real time for input and spelling errors, and supplementing missing data where necessary. In the event of incorrectly entered data, alternative suggestions for correcting the data are displayed. For this purpose, the address data entered by you is transmitted to the provider, stored and evaluated there.
Among other things, the following information can be transmitted to Google and processed there: postal addresses (country, city, postcode, street, house number), email address, telephone number.
Your data may also be transferred to the USA. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and thereby committed to complying with European data protection principles.
The processing of your personal data is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in correct data for the fulfillment of our contractual obligations. You have the right to object at any time, on grounds relating to your particular situation, to this processing of personal data concerning you.
The data is processed separately by the provider and not merged with other data. It will be deleted by the provider as soon as the status of the entered data has been determined, but at the latest after 30 days.
Further information on terms of use and data protection at Google can be found at https://cloud.google.com/maps-platform/terms and https://www.google.de/policies/privacy/.
If you contact us for business purposes via WhatsApp, we use the WhatsApp Business version provided by WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "WhatsApp"). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
Data processing serves to process and respond to your contact request. For this purpose, we collect and process your mobile number stored with WhatsApp, your name if provided, and other data to the extent provided by you. We use a mobile device for the service in whose address book only data of users who have contacted us via WhatsApp are stored. Personal data is therefore not passed on to WhatsApp unless you have already consented to this with WhatsApp.
Your data will be transmitted by WhatsApp to servers of Meta Platforms Inc. in the USA. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. has certified itself under the TADPF and thereby committed to complying with European data protection principles. If the contact serves to carry out pre-contractual measures (e.g., consultation for purchase interest, offer creation) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If the contact is made for other reasons, this data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in providing quick and easy contact and in responding to your request. In this case, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6 para. 1 lit. f GDPR.
We will only use your personal data to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Further information on terms of use and data protection when using WhatsApp can be found at https://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy.
Customer Account Orders
Customer Account
When opening a customer account, we collect your personal data to the extent specified there. Data processing serves to improve your shopping experience and simplify order processing. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until revocation. Your customer account will then be deleted.
Collection, processing and disclosure of personal data when placing orders
When placing an order, we collect and process your personal data only to the extent necessary for the fulfillment and processing of your order and for handling your inquiries. The provision of the data is necessary for the conclusion of the contract. Failure to provide it means that a contract cannot be concluded. The processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR and is necessary for the fulfillment of a contract with you.
Your data may be passed on to shipping companies, dropshipping or fulfillment providers, payment service providers, service providers for order processing, and IT service providers. In all cases, we strictly adhere to legal requirements. The scope of data transmission is limited to a minimum.
Your data may be transferred to and processed in third countries outside the EU, in particular Canada and the USA. For Canada, an adequacy decision by the EU Commission exists. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations comparable to the EU Commission's standard contractual clauses.Reviews Advertising
Trustami Customer Review
The Trustami seal of approval is integrated into this website to display collected reviews and social media feedback. This serves to implement our legitimate interests in optimally marketing our offer on our own website in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. When the Trustami seal of approval is called up, the web server automatically stores data (access data) in the form of a server log file, which contains the name of the retrieved website, the file, the date and time of retrieval, your IP address in abbreviated form, the amount of data transferred, the message about successful retrieval, the browser type, the user's operating system, the referrer URL (the previously visited page) and the requesting provider. This access data is not evaluated and is automatically overwritten at the latest seven days after the end of your visit to the page. The Trustami seal of approval and the services advertised with it are an offer of Trustami GmbH, Schröderstraße 5, 10115 Berlin. For the processing of the data collected by Trustami, the data protection declaration of Trustami at www.trustami.com/datenschutz applies.
Review Reminder
After your order, we would like to ask you to rate your purchase with us.
For this purpose, we use your personal data (name, email address, order information) independently of the contract processing to send you a review reminder by email after a placed order, provided you have expressly consented to this.
The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by using the corresponding link in the email or by notifying us, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Use of your personal data for sending postal advertisingAfter your order, we would like to ask you to rate your purchase with us.
For this purpose, we use your personal data (name, email address, order information) independently of the contract processing to send you a review reminder by email after a placed order, provided you have expressly consented to this.
The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by using the corresponding link in the email or by notifying us, without affecting the legality of the processing carried out on the basis of the consent until revocation.
We use your personal data (name, address) that we received in connection with the sale of a product or service to send you postal advertising, unless you have objected to this use. The provision of this data is necessary for the conclusion of the contract. Failure to provide it means that a contract cannot be concluded.
The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in direct marketing. You can object to this use of your address data at any time by notifying us. You can find the contact details for exercising your right to object in the imprint.
Use of email address for sending newsletters
We use your email address to send you information and offers via newsletter, provided you have expressly consented to this. The data processing serves exclusively the purpose of advertising. For this purpose, we process your email address and, if applicable, other data that you voluntarily provided when subscribing to our newsletter.
The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the distribution list. Despite removal from the distribution list, we may still store your email address in a so-called blacklist to prevent you from receiving newsletter emails from us in the future. This storage is based on Art. 6 para. 1 lit. f GDPR from our and your legitimate interest in preventing the re-use of your email address for sending our newsletter. You have the right to object at any time, on grounds relating to your particular situation, to this processing of personal data concerning you.
Use of email address for sending direct advertising
We use your email address, which we have received in the context of the sale of a good or service, for the electronic sending of advertising for our own goods or services that are similar to those you have already purchased from us, unless you have objected to this use. The provision of the email address is necessary for the conclusion of the contract. Failure to provide it means that a contract cannot be concluded. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in direct advertising. You can object to this use of your email address at any time by notifying us. You can find the contact details for exercising your right to object in the imprint. You can also use the designated link in the advertising email. No costs other than the transmission costs according to the basic rates will be incurred for this.
Use of email address for availability notifications
We offer a product availability notification service on our website. If an item is temporarily unavailable, you have the option to enter your email address for the respective item and be informed by us via email when it becomes available, provided you have consented to this. You will receive a one-time email notification of the availability of the respective item when it is in stock. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation. You can unsubscribe from the availability notification at any time by notifying us. Your email address will then be removed from the distribution list.
Shipping Service Provider Warehouse Management We offer a product availability notification service on our website. If an item is temporarily unavailable, you have the option to enter your email address for the respective item and be informed by us via email when it becomes available, provided you have consented to this. You will receive a one-time email notification of the availability of the respective item when it is in stock. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation. You can unsubscribe from the availability notification at any time by notifying us. Your email address will then be removed from the distribution list.
Disclosure of email address to shipping companies for information on shipping status
We pass on your email address to the transport company as part of the contract processing, provided you have expressly consented to this in the order process. The transfer serves the purpose of informing you by email about the shipping status. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can revoke your consent at any time by notifying us or the transport company, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Use of an external merchandise management system
We use a merchandise management system for contract processing within the framework of order processing. For this purpose, your personal data collected during the order will be transmitted to
plentysystems AG, Johanna-Waescher-Straße 7, 34131 Kassel.
The processing of your personal data serves the purpose of fulfilling the contract concluded with you and is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Payment Service Provider
Use of PayPal Express
We use the payment service PayPal Express from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of enabling you to pay via the PayPal Express payment service.
To integrate this payment service, it is necessary for PayPal to collect, store and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when the website is accessed. Cookies may also be used for this purpose. The cookies enable the recognition of your browser.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
By selecting and using PayPal Express, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Further information on data processing when using the PayPal Express payment service can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS
Use of PayPal Checkout
We use the payment service PayPal Checkout from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of enabling you to pay via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Cookies may be stored here, which enable the recognition of your browser. The data processing thereby taking place is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offer of various payment methods. You have the right to object at any time, on grounds relating to your particular situation, to this processing of personal data concerning you.
Credit Card via PayPal, Direct Debit via PayPal & "Pay Later" via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or "Pay Later" via PayPal, PayPal reserves the right to obtain a credit report based on mathematical-statistical procedures using credit agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution or termination of the contractual relationship. The credit report may contain probability values (score values) that are calculated on the basis of scientifically recognized mathematical-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit assessment for contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protecting against payment default when PayPal makes advance payments.
You have the right to object at any time, on grounds relating to your particular situation, to this processing of personal data concerning you which is based on Art. 6 para. 1 lit. f GDPR, by notifying PayPal. The provision of the data is necessary for the conclusion of the contract with your desired payment method. Failure to provide it means that the contract cannot be concluded with your chosen payment method.
Third-party providers
When paying via a third-party payment method, the data required for payment processing is transmitted to PayPal. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. To carry out this payment method, the data may then be passed on by PayPal to the respective provider. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Local third-party providers may include, for example:
- Apple Pay (Apple Distribution International Ltd., Hollyhill Industrial Estate, Hollyhill, Cork, Ireland)
- Google Pay (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland)
Invoice purchase via PayPal
When paying via invoice purchase, the data required for payment processing is first transmitted to PayPal. For the execution of this payment method, the data is then transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Ratepay may carry out a credit assessment based on mathematical-statistical procedures (probability or score values) using credit agencies according to the procedure already described above. The data processing serves the purpose of credit assessment for contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protecting against payment default when Ratepay makes advance payments. Further information on data protection and which credit agencies Ratpay uses can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.
Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Use of Shopify Payments
On our website, we use the payment service "Shopify Payments" provided by Shopify International Limited (2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify"). Payment processing in this case is handled by the payment service provider Stripe Payments Europe, Ltd. (1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland; "Stripe"). Data processing serves the purpose of offering you payment via the Shopify Payments service. By selecting and using a corresponding "Shopify Payments" payment method, the data required for payment processing is transmitted to Stripe in order to fulfill the contract with you using the chosen payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Stripe reserves the right to obtain a credit report based on mathematical-statistical procedures using credit agencies. For this purpose, Stripe transmits the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of a payment default for a balanced decision on the establishment, execution or termination of the contractual relationship. The credit report may contain probability values (score values) that are calculated on the basis of scientifically recognized mathematical-statistical procedures and whose calculation includes, among other things, address data. Your legitimate interests are taken into account in accordance with legal provisions. The data processing serves the purpose of credit assessment for contract initiation. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in protecting against payment default when Stripe makes advance payments.
You have the right to object at any time, on grounds relating to your particular situation, to this processing of personal data concerning you which is based on Art. 6 para. 1 lit. f GDPR, by notifying Stripe. The provision of the data is necessary for the conclusion of the contract with your desired payment method. Failure to provide it means that the contract cannot be concluded with your chosen payment method.
Further information on data processing when using the Shopify Payments service can be found in Shopify's privacy policy at: https://www.shopify.com/de/legal/datenschutz.
Further information on data processing when processing payments via the payment service provider Stripe can be found in Stripe's privacy policy at: https://stripe.com/de/privacy.
Cookies
Our website uses cookies. Cookies are small text files that are stored in the internet browser or by the internet browser on a user's computer system. If a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables unique identification of the browser when the website is called up again.
Cookies are stored on your computer. Therefore, you have full control over the use of cookies. By selecting appropriate technical settings in your internet browser, you can be notified before cookies are set and decide individually whether to accept them, as well as prevent the storage of cookies and the transmission of the data they contain. Already stored cookies can be deleted at any time. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
You can find out how to manage (including deactivating) cookies in the most important browsers using the links below:
Chrome: https://support.google.com/accounts/answer/61416?hl=de
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Technically necessary cookies
Unless otherwise stated below in the privacy policy, we only use these technically necessary cookies for the purpose of making our offer more user-friendly, effective and secure. Furthermore, cookies enable our systems to recognize your browser even after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized again even after a page change.
The use of cookies or comparable technologies is based on Section 25 (2) TDDDG. The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offer.
You have the right to object at any time, on grounds relating to your particular situation, to this processing of personal data concerning you.
Use of the Shopify Consent Tool (Shopify Privacy & Compliance)We use the consent tool “Shopify Privacy & Compliance” from Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website. Shopify is an affiliated company of Shopify Inc. (151 O’Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
The tool allows you to give consent to data processing via the website, in particular the setting of cookies, and to exercise your right of withdrawal for already given consents. The data processing serves the purpose of obtaining and documenting necessary consents to data processing and thus complying with legal obligations. Cookies may be used for this purpose. User information, including your IP address, is collected and transmitted to Shopify.
Your data may be transferred to and processed in third countries outside the EU, in particular Canada and the USA. For Canada, an adequacy decision by the EU Commission exists. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations comparable to the EU Commission's standard contractual clauses.
The data processing is carried out to fulfill a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR.
Further information on data protection at Shopify can be found at https://www.shopify.com/de/legal/datenschutz.
Analysis Communication AI Tools
Use of Google Analytics 4
We use the web analytics service Google Analytics from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The data processing serves the purpose of analyzing this website and its visitors, as well as for marketing and advertising purposes. For this purpose, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide other services related to website use and internet use to the website operator.
This may include collecting the following information: IP address, date and time of page view, click path, information about the browser and device you are using, pages visited, referrer URL (website from which you accessed our website), location data, purchase activities. Your data may be linked by Google with other data, such as your search history, your personal accounts, your usage data from other devices and all other data Google has about you.
Your IP address is truncated by us on our own servers beforehand. Google thus only receives pseudonymized data.
Google uses technologies such as cookies, web storage in the browser and counting pixels, which enable an analysis of your use of the website. The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR.
The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
We use the advanced implementation of consent mode (Advanced Consent Mode). Even if consent is not granted, user data is transmitted to Google in the form of "pings". These pings may contain, among other things, the following information: IP address for deriving the IP country (the IP address is not logged), date and time of page view, URL of the visited pages, user agent, referrer URL (website from which our website was accessed) or information about triggering website events such as a conversion. Based on this information, Google models user data to enable a comprehensive usage analysis despite the denial of consent.
The information generated about your use of this website is usually transmitted to a Google server in the USA and stored there. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and thereby committed to complying with European data protection principles. Both Google and US government agencies have access to your data.
Further information on terms of use and data protection can be found at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/privacy?hl=de&gl=de.
Use of Hotjar
We use the analytics tool from Hotjar Ltd. (Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julians STJ1000, Malta; "Hotjar") on our website.
Data processing serves the purpose of needs-based design, optimization and analysis of our website.
The tool randomly records movements of page visitors on the website. This creates a log of mouse movements, scrolling behavior, dwell time and clicks on the website (so-called heatmap).
For this purpose, Hotjar uses cookies, among other things. The following information may be collected: IP address (in anonymized form), information about the device you are using (screen size, device, unique device identifier), information about the browser you are using, location data (only for the country), preferred language for displaying the website, operating system used. Detailed information on the cookies used, their function and storage period can be found here: https://help.hotjar.com/hc/en-us/articles/115011789248-Hotjar-Cookies.
User profiles are created from this data under a pseudonym. The data is not used to personally identify the website visitor and is not merged with personal data of the bearer of the pseudonym. Hotjar is contractually prohibited from selling the collected data to other third parties.
Your data may be transmitted to the USA. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Hotjar is not certified under the TADPF. The data transfer takes place, among other things, on the basis of appropriate safeguards. Hotjar will provide you with further information on the measures taken upon request.
The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on data protection when using Hotjar can be found here: https://www.hotjar.com/legal/policies/privacy#enduserenglish.
Use of Shopify Statistics
We use the statistics and analysis functions of Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of a commissioned processing arrangement. Shopify is an affiliated company of Shopify Inc. (151 O’Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
Data processing serves the purpose of analyzing this website and its visitors. For this purpose, data is stored for marketing and optimization purposes and provided in reports, analyses and statistics. The following device information, among others, is collected and processed: information about the web browser, IP address, time zone, and some of the cookies installed on your device. When you navigate the website, information about viewed web pages or products, the referrer URL (website from which you accessed our website), and information about how you interact with the website is also collected. For this purpose, technologies such as cookies, web beacons, tags, and pixels (electronic files for collecting information about how you navigate the website) are used.
Your data may be transferred to and processed in third countries outside the EU, in particular Canada and the USA. For Canada, an adequacy decision by the EU Commission exists. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations comparable to the EU Commission's standard contractual clauses.
The use of cookies or comparable technologies is carried out with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on data protection at Shopify can be found at https://www.shopify.com/de/legal/datenschutz, information on the order processing agreement at https://www.shopify.com/de/legal/dpa and information on the cookies used at https://www.shopify.com/de/legal/cookies.
Use of Shopify Inbox
We use the live chat system Shopify Inbox from Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of commissioned processing. Shopify is an affiliated company of Shopify Inc. (151 O’Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
Data processing serves the purpose of direct and efficient communication between you and us as provider. Data is stored and processed for the operation of the system and for the purpose of optimizing the service.
To operate the live chat system, cookies may be used that enable the recognition of the browser. The following information may be collected and processed: IP address and personal data provided by you when using the chat system.
Your data may be transferred to and processed in third countries outside the EU, in particular Canada and the USA. For Canada, an adequacy decision by the EU Commission exists. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations comparable to the EU Commission's standard contractual clauses.
The use of cookies or comparable technologies is carried out with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on data protection at Shopify can be found at https://www.shopify.com/de/legal/datenschutz and https://www.shopify.com/de/legal/dpa.
We use the live chat system Shopify Inbox from Shopify International Ltd. (Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland; "Shopify") on our website as part of commissioned processing. Shopify is an affiliated company of Shopify Inc. (151 O’Connor Street, Ground Floor, Ottawa, Ontario, K2P 2L8, Canada).
Data processing serves the purpose of direct and efficient communication between you and us as provider. Data is stored and processed for the operation of the system and for the purpose of optimizing the service.
To operate the live chat system, cookies may be used that enable the recognition of the browser. The following information may be collected and processed: IP address and personal data provided by you when using the chat system.
Your data may be transferred to and processed in third countries outside the EU, in particular Canada and the USA. For Canada, an adequacy decision by the EU Commission exists. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer takes place on the basis of contractual obligations comparable to the EU Commission's standard contractual clauses.
The use of cookies or comparable technologies is carried out with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on data protection at Shopify can be found at https://www.shopify.com/de/legal/datenschutz and https://www.shopify.com/de/legal/dpa.
Use of the AI-powered chat system "ChatGPT"
We use the "ChatGPT" chat system from OpenAI Ireland Limited, with registered office at 1st Floor, The Liffey Trust Centre, 117-126 Sheriff Street Upper, Dublin 1, D01 YC43, Ireland ("OpenAI"), on our website. ChatGPT is an automated system based on artificial intelligence. The systems used are based on Large Language Models (LLMs) that have been trained with machine learning methods. An overview of how it works:
• Text inputs are converted into numerical representations ("token vectors"),
• the model calculates the most probable next tokens based on probabilistic methods (transformer architecture, deep learning),
• the answer is generated step by step from these probabilities.
This is therefore stochastic text generation, not "human thinking". Content may be incorrect or incomplete. We do not perform human control in real time.
In accordance with Art. 52 AI-VO, we point out that you are interacting with an AI system. The answers generated by ChatGPT may contain errors or be incomplete. Please check the content critically and do not rely exclusively on the chatbot's output for legally binding matters.
The system serves the purpose of automated communication and to simplify and speed up the answering of customer inquiries, in particular regarding order status, product features and shipment tracking. We ask you not to enter any personal, business or confidential data into the chatbot. However, your inputs into OpenAI are not used to train the OpenAI models.
Your IP address, date and time of page view, click path, information about the browser and device you are using, visited pages, referrer URL (website from which you accessed our website), location data, as well as your chat input and the answers generated by the chatbot are collected and processed. These are stored in order to be able to provide information on this at a later date in the event of inquiries or information requested by you. Your authentication takes place explicitly only with an existing order number and a matching postcode.
For this purpose, cookies are used. The cookies enable the recognition of the internet browser. Your data may be transmitted to the USA. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). OpenAI is not certified under the TADPF. The data transfer takes place, among other things, on the basis of standard contractual clauses as appropriate safeguards for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de
The use of cookies or comparable technologies is carried out with your consent on the basis of Section 25 (1) sentence 1 TTDSG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on the collection and use of data by OpenAI, on your rights in this regard and options for protecting your privacy can be found in the privacy policy of OpenAI at https://openai.com/policies/privacy-policy/
Use of "Shopify Network Intelligence"
In our online shop, we use the security and analysis function "Shopify Network Intelligence" from Shopify Inc., Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland. Shopify Network Intelligence is an automated system based on artificial intelligence. This system serves network security, fraud detection, and optimization of shop performance.
Shopify Network Intelligence monitors network access and user behavior to detect and prevent fraudulent activities (e.g., credit card misuse, bot attacks) early on. In addition, data is used for technical stability and performance analysis.
In accordance with Art. 52 AI-VO, we point out that you are interacting with an AI system. The responses generated by Shopify Network Intelligence may contain errors or be incomplete. Please critically check the content and do not rely exclusively on the chatbot outputs for legally binding matters.
Shopify Network Intelligence serves us to ensure IT security and fraud prevention, the availability of the online shop, and the analysis and optimization of shop performance.
For this purpose, cookies are used. The cookies enable the recognition of the internet browser. Your data may be transmitted to Canada. For Canada, an adequacy decision by the EU Commission exists, which covers data processing by companies subject to the Personal Information Protection and Electronic Documents Act (PIPEDA). Shopify, headquartered in Canada, is subject to PIPEDA and is obliged to comply with the data protection principles under PIPEDA.
The use of cookies or comparable technologies is carried out with your consent on the basis of Section 25 (1) sentence 1 TTDSG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on data processing can be found in Shopify's privacy policy at https://www.shopify.com/de/legal/datenschutz
Plugins and Others
Use of Google Tag Manager
We use the Google Tag Manager from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This application manages JavaScript tags and HTML tags, which are used to implement tracking and analysis tools in particular. Data processing serves the purpose of tailoring and optimizing our website to user needs.
The Google Tag Manager itself does not store cookies or process personal data. However, it enables the triggering of other tags that can collect and process personal data.
Further information on terms of use and data protection can be found here.
We use the Google Tag Manager from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This application manages JavaScript tags and HTML tags, which are used to implement tracking and analysis tools in particular. Data processing serves the purpose of tailoring and optimizing our website to user needs.
The Google Tag Manager itself does not store cookies or process personal data. However, it enables the triggering of other tags that can collect and process personal data.
Further information on terms of use and data protection can be found here.
Use of Google reCAPTCHA
We use the reCAPTCHA service from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website. The query serves to distinguish input by a human from automated, mechanical processing. For this purpose, your input is transmitted to Google and used there. In addition, the IP address and any other data required by Google for the reCAPTCHA service are transmitted to Google. This data is processed by Google within the European Union and may also be transmitted to Google LLC servers in the USA. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and thereby committed to complying with European data protection principles.
The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on Google reCAPTCHA and the associated privacy policy can be found at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy.
Use of YouTube We use the function for embedding YouTube videos from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube") on our website. YouTube is an affiliated company of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google").
The function displays videos stored on YouTube in an iFrame on the website. The "extended data protection mode" option is activated. This means that YouTube does not store any information about website visitors. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transferred to the USA. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself under the TADPF and thereby committed to complying with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on the collection and use of data by YouTube and Google, on your rights in this regard and options for protecting your privacy can be found in the privacy policy of YouTube at https://www.youtube.com/t/privacy.
Integration of the Händlerbund Member Logo
The Händlerbund member logo (Händlerbund e.V., Kohlgartenstraße 11 - 13, 04315 Leipzig) is integrated into our website. When you access our website, information is automatically sent to the server of Händlerbund e.V. by the browser used on your device. This information is temporarily stored in a so-called server log file for 7 days. The following information is collected without your intervention and stored until automated deletion:
- IP address of the requesting computer,
- Date and time of access,
- Name and URL of the retrieved file,
- Website from which access is made (referrer URL),
- Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider.
Integration of the "FairCommerce" Initiative Logo
The logo of the "FairCommerce" initiative (Händlerbund e.V., Kohlgartenstraße 11 - 13, 04315 Leipzig) is integrated into our website. When you access our website, information is automatically sent to the server of Händlerbund e.V. by the browser used on your device. This information is temporarily stored in a so-called server log file for 7 days. The following information is collected without your intervention and stored until automated deletion:
- IP address of the requesting computer,
- Date and time of access,
- Name and URL of the retrieved file,
- Website from which access is made (referrer URL),
- Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider.
Use of Google Fonts
We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
Data processing serves the purpose of uniform display of fonts on our website. To load the fonts, a connection to Google's servers is established when the page is accessed. Cookies may be used here. Among other things, your IP address and information about the browser you are using are processed and transmitted to Google. This data is not linked to your Google account.
Your data may be transferred to the USA. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and thereby committed to complying with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on data processing and data protection can be found at https://www.google.de/intl/de/policies/ and at https://developers.google.com/fonts/faq.
Use of Google Translate
We use the translation service of
Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) on our website via an API integration.
The data processing serves the purpose of displaying the information provided on the website in other languages. For the translation to be displayed automatically in your chosen national language, the browser you are using connects to Google's servers. Cookies may be used here. Among other things, the following information may be collected and processed: IP address, URL of the visited page, date and time.
Your data may be transmitted to the USA. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and thereby committed to complying with European data protection principles.
Your data may be transmitted to the USA. For the USA, an adequacy decision by the EU Commission is in place, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and thereby committed to complying with European data protection principles.
The use of cookies or comparable technologies is carried out with your consent on the basis of Section 25 (1) sentence 1 TDDDG in conjunction with Art. 6 (1) lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.
Further information on the collection and use of your data by Google can be found at: https://www.google.com/policies/privacy/.
Data Subject Rights and Storage PeriodDuration of Storage
After complete contract processing, the data will first be stored for the duration of the warranty period, then taking into account legal, in particular tax and commercial law, retention periods and then deleted after the expiry of the period, unless you have consented to further processing and use.
Rights of the Data Subject
If the legal requirements are met, you have the following rights according to Art. 15 to 20 GDPR: Right to information, to rectification, to erasure, to restriction of processing, to data portability.
In addition, according to Art. 21 para. 1 GDPR, you have a right to object to processing based on Art. 6 para. 1 lit. f GDPR, as well as to processing for the purpose of direct marketing.
Right to complain to the supervisory authority
According to Art. 77 GDPR, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not lawful.
You can lodge a complaint, among others, with the supervisory authority responsible for us, which you can reach at the following contact details:
State Commissioner for Data Protection and for the Right to Inspect Files
Stahnsdorfer Damm 77
14532 Kleinmachnow
Tel.: +49 33203 3560
Fax: +49 33203 35649
E-Mail: poststelle@lda.brandenburg.de
Right to Object
If the personal data processing listed here is based on our legitimate interest according to Art. 6 para. 1 lit. f GDPR, you have the right to object to this processing at any time with effect for the future, on grounds relating to your particular situation.
After an objection, the processing of the data concerned will be terminated, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.
If personal data is processed for direct marketing purposes, you can object to this processing at any time by notifying us. After an objection, we will stop processing the data concerned for direct marketing purposes.
Last updated: 22.10.2024