Privacy policy

Unless stated otherwise below, the provision of your personal data is neither legally nor contractually obligatory, nor required for conclusion of a contract. You are not obliged to provide your data. Not providing it will have no consequences. This only applies as long as the processing procedures below do not state otherwise.

"Personal data" is any information relating to an identified or identifiable natural person.

Server log files

You can use our websites without submitting personal data.

Every time our website is accessed, user data is transferred to us or our web hosts/IT service providers

  • Shopify International Limited, 2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Irland
  • Aut O’Mattic Ltd., Grand Canal Dock, 25 Herbert Pl, Dublin, D02 AY86, Ireland
  • Zendesk, Inc., 1019 Market Street, San Francisco, CA 94103, USA
  • maxcluster GmbH, Lise-Meitner-Str. 1b, D-33104 Paderborn, Germany
  • Cloudflare Inc., 101 Townsend St, San Francisco, CA 94107, USA
  • Findify AB, Asogatan 198, 11632 Stockholm, Sweden
  • Klaviyo Inc., 125 Summer St Floor 7, Boston, MA 02111, USA
  • OneTrust LLC., 1200 Abernathy Rd NE, Sandy Springs, GA 30328, USA
  • Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
  • IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany

by your internet browser and stored in server log files. This stored data includes for example the name of the site called up, date and time of the request, the IP address, amount of data transferred and the provider making the request. The processing is carried out on the basis of Article 6(1) f) GDPR due to our legitimate interests in ensuring the smooth operation of our website as well as improving our services.

Your data will be transferred to Canada, among other countries. Data transfers to Canada are subject to an adequacy decision by the EU Commission.

Our service providers are located and/or use servers in the USA. For the USA, there is an adequacy decision of the EU Commission.

Contact

Responsible person/Data protection officer

Contact us at any time. The person responsible for data processing is:
AFEW GmbH
Oststr. 36
40211 Düsseldorf
Deutschland
+49 (0)211 - 22 96 08 66
datenschutz@afew-store.com

You can contact our data protection officers directly at:
@-yet GmbH
- Franziska Wilms -
Schloß Eicherhof
42799 Leichlingen
Germany
datenschutz@afew-store.com

Proactive contact of the customer by e-mail

If you make contact with us proactively via email, we shall collect your personal data (name, email address, message text) only to the extent provided by you. The purpose of the data processing is to handle and respond to your contact request.

If the initial contact serves to implement pre-contractual measures (e.g. consultation in the case of purchase interest, order creation) or concerns an agreement already concluded between you and us, this data processing takes place on the basis of Article 6(1)(b) GDPR.

If the initial contact occurs for other reasons, this data processing takes place on the basis of Article 6(1)(f) GDPR for the purposes of our overriding, legitimate interest in handling and responding to your request. In this case, on grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you and carried out on the basis of Article 6(1)(f) GDPR.

We will only use your email address to process your request. Your data will subsequently be deleted in compliance with statutory retention periods, unless you have agreed to further processing and use.

Use of the CRM-system Zendesk

We deploy the CRM system Zendesk to process user inquiries by e-mail. The provider is Zendesk, Inc., 1019 Market Street in San Francisco, CA 94103 USA. We use Zendesk to be able to respond to your inquiries promptly and efficiently. This constitutes a legitimate interest as defined in Art. 6(1)(f) GDPR.

In order to be able to submit inquiries, you must provide your e-mail address and name.

The messages addressed to us remain with us until you request deletion, or the data storage purpose no longer applies (e.g. after completed processing of your request). Mandatory statutory provisions, in particular retention periods, remain unaffected.

Zendesk has Binding Corporate Rules (BCR) which have been approved by the Irish Data Protection Authority. These are binding corporate rules that legitimize the transfer of data within the company to third countries outside the EU and EEA. Details can be found here: https://www.zendesk.de/company/agreements-and-terms/privacy-notice/#supplemental-information-for-the-eea-switzerland-and-the-uk.

Collection and processing in case of applications via e-mail

In case of interest, website visitors may apply to vacancies advertised on our website by e-mail. We only collect your personal data to the extent provided by you. This includes your contact details (e.g., name, e-mail address, telephone number), details of your professional qualifications and training, details of further professional training and performance-specific evidence. The purpose of this data processing is to contact you and to decide on the establishment of an employment relationship with you. The provision of the data is necessary to carry out the application procedure. The processing of your personal data takes place on the basis of Art. 6 para. 1(b) GDPR in conjunction with Art. 26 para. 1 Federal Data Protection Act (BDSG) for the implementation of pre-contractual measures (undergoing the application procedure as an initiation of the employment contract). If you have given us permission for the processing of personal data for the inclusion in our pool of applicants, e.g., by checking a checkbox, the processing takes place on the basis of Art. 6 par. 1(a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until the revocation. If specific categories of personal data within the meaning of Art. 9 para. 1 of the GDPR are requested from the applicants, such as information on the degree of severe disability, this is carried out on the basis of Art. 9 para. 2(b) GDPR, so that we can exercise the rights arising from labor law and the social security and social protection legislation and fulfill our obligations in this regard. We will store your personal data as long as this is necessary for the decision about your application. Your data will then be deleted after six months at the latest, provided that you have not consented to further processing and use. If an employment relationship is established following the application procedure, the data provided will be further processed and then transferred to the personnel file for the purposes of implementing the employment relationship pursuant to Art. 6 para. 1 (b) GDPR in conjunction with Art. 26 Para. 1 of the Federal Data Protection Act (BDSG).

Customer account / Orders

Customer account

When you open a customer account, we will collect your personal data in the scope given there. The data processing is for the purpose of improving your shopping experience and simplifying order processing. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. Your customer account will then be deleted.

Collection, processing, and transfer of personal data in orders

When you submit an order we only collect and use your personal data insofar as this is necessary for the fulfilment and handling of your order as well as processing of your queries. The provision of data is necessary for conclusion of a contract. Failure to provide it will prevent the conclusion of any contract. The processing will occur on the basis of Article 6(1) b) GDPR and is required for the fulfilment of a contract with you.

Your data is transferred here for example to the shipping companies and dropshipping providers, payment service providers, service providers for handling the order and IT service providers that you have selected. We will comply strictly with legal requirements in every case. The scope of data transmission is restricted to a minimum.

Your data will be transferred to Canada, among other countries. Data transfers to Canada are subject to an adequacy decision by the EU Commission.

Participation in Raffles

As far as personal data of participants are collected in the context of a Raffle, these data are collected, processed and used exclusively for the purpose of the Raffle. The participant explicitly agrees to this. The participant can revoke this permission at any time by letter or e-mail. The participant is responsible for the correctness and completeness of his/her submitted data.

The Raffles are not affiliated with Instagram and are in no way sponsored, endorsed or organized by Instagram. The recipient of the information provided by the participant is not Instagram, but AFEW GmbH, Oststr. 36, 40211 Düsseldorf, Germany.

Advertising

Use of your email address for mailing of newsletters

We use your email address outside of contractual processing exclusively to send you a newsletter for our own marketing purposes, if you have explicitly agreed to this. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal. You can unsubscribe from the newsletter at any time using the relevant link in the newsletter or by contacting us. Your email address will then be removed from the distributor.

Use of Klaviyo

We use the service of Klaviyo Inc. (125 Summer St Floor 7, Boston, MA 02111, USA; "Klaviyo") for newsletter dispatch as part of order processing. We pass on the information provided by you during the newsletter registration (e-mail address, first and last name if applicable) to Klaviyo. The data processing serves the purpose of sending the newsletter and its statistical evaluation. In order to evaluate newsletter campaigns, the newsletters sent contain a 1x1 pixel graphic (tracking pixel) or a tracking link. This enables us to determine whether you have opened the newsletter and whether you have clicked any integrated links. Within this context, we collect your personal data such as IP address, browser type and device as well as the time. A usage profile can be generated from this data under a pseudonym. The data collected will not be used to identify you personally. The collected data is only used for statistical analysis to improve newsletter campaigns.

Your data is usually transmitted to Klaviyo servers in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Klaviyo has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.

The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in a targeted, effective advertising and user-friendly newsletter system. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you.

You can find more information on data protection at Klaviyo at https://www.klaviyo.com/legal/privacy-notice and at https://www.klaviyo.com/legal/data-processing-agreement.

Use of the Webgains affiliate network

This website uses Webgains, a service provided by ad pepper media GmbH, FrankenStraße 150C, FrankenCampus, 90461 Nürnberg, Germany. Through the Webgains network we work with cooperation partners who advertise our products on various platforms on the internet ("Affiliate Marketing"). By clicking on the advertisement you will be redirected to our website. The cooperation partners receive a fee for this placement activity. In order to calculate the fee, we record the sales initiated by the cooperation partner, together with the data relevant for the calculation of the fee. This includes the value of the products purchased, product information, an internal ID, the relevant currency and details of the compensation model agreed with the cooperation partner as well as details of the agent himself. The exact calculation of the compensation for the cooperation partners is carried out by our service provider Webgains, which processes this data on our behalf in accordance with Art. 28 DSGVO. Legal basis for data processing: Art. 6 (1) (1) (b) DSGVO. In addition, you will be asked to accept a cookie for this purpose. This cookie will be placed on your terminal device with your consent (Art. 6 (1) (1) (a) DSGVO) in order to allow the transfer of the resulting data to our cooperation partners.

The above-mentioned data will be stored for verification purposes after the payment has been processed in accordance with the provisions of tax and commercial law. This is also carried out by our service provider Webgains. Legal basis: Art. 6 Paragraph 1 Clause 1 lit. c) DSGVO.

In the event of ambiguities in the processing of the brokered sale, further information on the brokered sale can be provided by our cooperation partner to clarify the facts of the case. Legal basis: Art. 6 Paragraph 1 Clause 1 lit. f) DSGVO.

If you participate in a cashback program, we will provide the program provider with the necessary data for payment of the remuneration. For further information, please also see the data protection guidelines of the respective programs.

To read more please refer to their privacy policy: https://www.webgains.com/public/en/privacy/

Use of Sovendus GmbH for voucher offers

In order to select a voucher offer that is currently of interest to you, the hash value of your e-mail address and your IP address will be transmitted to Sovendus GmbH, Hermann-Veit-Str. 6, 76135 Karlsruhe (Sovendus) in a pseudonymized and encrypted form after you have given your consent (Art. 6 (1) a) GDPR). The pseudonymized hash value of the e-mail address is used by Sovendus to take into account a possible existing objection to advertising (Art. 21 ( 3), Art. 6 (1) c) GDPR). The IP address is used by Sovendus exclusively for data security purposes and is usually anonymized after seven days (Art. 6 (1) f) GDPR).

In addition, for billing purposes, we transmit pseudonymized order number, order value with currency, session ID, coupon code and time stamp to Sovendus (Art. 6 (1) f) GDPR). If you are interested in a voucher offer from Sovendus, have given your consent via the cookie banner, there is no advertising objection to your e-mail address and clicked on the voucher banner displayed, only in this case we will transmit your e-mail address in encrypted form to Sovendus for the preparation of the voucher (Art. 6 (1) b), f) GDPR).

For more information on the processing of your data by Sovendus, please refer to the online privacy policy at www.sovendus.de/datenschutz.

Shipping companies / Merchandise management

Forwarding of your email address to shipping companies for information on shipping status

We forward your email address to the shipping company in the course of contractual processing, if you have explicitly agreed to this in the order process. The forwarding is for the purpose of informing you by email on the shipping status of your order. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us or the transport company without affecting the legality of the processing carried out with your consent up to the withdrawal.

DHL Paket GmbH
Sträßchensweg 10
53113 Bonn
Germany

DHL Express Germany GmbH
Heinrich-Brüning Str 5
53113 Bonn
Germany

FedEx Express Germany GmbH
Langer Kornweg 34 k
65451 Kelsterbach
Germany

Use of an external merchandise management system

We use a merchandise management system in the course of order processing for the purposes of contractual processing. For this purpose your personal data as collected in the course of the order will be sent to

JTL-Software-GmbH
Rheinstr. 7
41836 Hückelhoven
Germany

YBM-Deutschland
Yotta Byte Manager GmbH
Obere Müsterstr. 4
44575 Castrop-Rauxel
Germany

DATEV eG
Paumgartnerstr. 6 - 14
90429 Nürnberg
Germany

Payment service providers

Use of PayPal

On our website we use the PayPal payment service of PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal"). The data processing serves the purpose of offering you payment via the payment service. By selecting and using payment via PayPal, the data required for processing the payment will be transmitted to PayPal in order to enable us to fulfil the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.

All PayPal transactions are subject to PayPal Privacy Policy. You can find these at https://www.paypal.com/de/webapps/mpp/ua/privacy-full

Use of PayPal Express

Our website uses the payment service PayPal Express from PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal, L-2449 Luxembourg; "PayPal").

The processing of data enables us to offer you the option of paying via the PayPal Express payment service.

To integrate this payment service it is essential that PayPal collects, stores, and analyses data when you access the website (e.g. IP address, device type, operating system, browser type, device location). Cookies may be used for this purpose. Cookies allow your internet browser to be recognised.

The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR out of our overriding legitimate interest in a customer-oriented offer of different payment methods. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you.

By selecting and using "PayPal Express", the data required for payment processing will be submitted to PayPal to execute the agreement with you using the selected payment method. The data is processed on the basis of Article 6(1)(b) GDPR.

Further information on data processing when using the Paypal Express payment service can be found here here in the associated data privacy policy.

Use of Amazon Payments

We use Amazon Payments payment service on our website, from Amazon Payments Europe s.c.a. (38 avenue John F. Kennedy, L-1855 Luxembourg; "Amazon Payments").

The processing of data enables you to pay using the Amazon Payments payment service.

To integrate this payment service it is essential that Amazon Payments collects, stores, and analyses data when accessing the website (e.g. IP address, device type, operating system, browser type, device location). Cookies may be used for this purpose. Cookies allow your internet browser to be recognised.

The use of cookies or comparable technologies is based on § 15 para. 3 p. 1 TMG. The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR out of our overriding legitimate interest in a customer-oriented offer of different payment methods. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you.

By selecting and using "Amazon Payments", the data required for payment processing will be submitted to Amazon Payments to execute the agreement with you using the selected payment method. The data is processed on the basis of Article 6(1)(b) GDPR.

Further information on data processing when using the Amazon Payments payment service can be found in the associated data privacy policy at: https://pay.amazon.com/de/help/201212490

Use of SOFORT

On our website we use the payment service provider SOFORT GmbH, (Theresienhöhe 12, 80339 Munich, Germany; "SOFORT") for payment processing. Sofort GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). The data processing serves the purpose of allowing us to offer you various payment methods by processing payments via the payment service provider SOFORT. Once you have chosen the payment option, the data required to process the payment will be transmitted to SOFORT. This data processing is carried out on the basis of Article 6 para. 1 lit. b GDPR. For more information on data processing in connection with the use of the payment service provider SOFORT, please visit https://www.sofort.com/1.0/shared/content/legal/terms/de-DE/SOFORT/ and https://www.klarna.com/sofort/.

Use of Shopify Payments

The provider of this payment service in the EU is Shopify International Limited, 2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (hereinafter "Shopifys Payment"). For details, please see Shopify Payments' privacy policy: https://www.shopify.de/legal/datenschutz.

Use of Apple Pay

Provider of the payment service is Apple Inc, Infinite Loop, Cupertino, CA 95014, USA. Apple's privacy policy can be found at: https://www.apple.com/legal/privacy/de-ww/.

Use of Google Pay

The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google's privacy policy can be found here: https://policies.google.com/privacy.

Use of VISA

The provider of this payment service is Visa Europe Services Inc, London Branch, 1 Sheldon Square, London W2 6TT, United Kingdom (hereinafter "VISA").

The United Kingdom is considered a secure third country under data protection law. This means that the United Kingdom has a level of data protection equivalent to the level of data protection in the European Union.

VISA may transfer data to its parent company in the USA. The data transfer to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here: https://www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung/mitteilung-zu-zustandigkeitsfragen-fur-den-ewr.html

For more information, please refer to VISA's privacy policy: https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html

Use of Mastercard

The provider of this payment service is Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium (hereinafter "Mastercard").

Mastercard may transfer data to its parent company in the USA. The data transfer to the USA is based on Mastercard's Binding Corporate Rules.

Details can be found here: https://www.mastercard.de/de-de/datenschutz.html and https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf.

Use of American Express

The provider of this payment service is American Express Europe S.A., Theodor-Heuss-Allee 112, 60486 Frankfurt am Main, Germany (hereinafter "American Express"). American Express may transfer data to its parent company in the USA. The data transfer to the USA is based on the Binding Corporate Rules. Details can be found here: https://www.americanexpress.com/en-pl/company/legal/privacy-centre/european-implementing-principles/

For more information, please refer to the American Express privacy policy: https://www.americanexpress.com/de/legal/online-datenschutzerklarung.html

Cookies

Our website uses cookies. Cookies are small text files which are saved in a user's internet browser or by the user's internet browser on their computer system. When a user calls up a website, a cookie may be saved on the user's operating system. This cookie contains a characteristic character string which allows the browser to be clearly identified when the website is called up again.

Cookies will be stored on your computer. You therefore have full control over the use of cookies. By choosing corresponding technical settings in your internet browser, you can be notified before the setting of cookies and you can decide whether to accept this setting in each individual case as well as prevent the storage of cookies and transmission of the data they contain. Cookies which have already been saved may be deleted at any time. We would, however, like to point out that this may prevent you from making full use of all the functions of this website.

Using the links below, you can find out how to manage cookies (or deactivate them, among other things) in major browsers:

Chrome Browser: https://support.google.com/accounts/answer/61416?hl=en
Internet Explorer: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac

technically necessary cookies

Insofar as no other information is given in the data protection declaration below we use only these technically necessary cookies cookies to make our offering more user-friendly, effective and secure. Cookies also allow our systems to recognise your browser after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. These services require the browser to be recognised again after a page change.

The use of cookies or comparable technologies is carried out on the basis of Art. 25 para. 2 TTDSG. Processing is carried out on the basis of art. 6 (1) lit. f GDPR due to our largely justified interest in ensuring the optimal functionality of the website as well as a user-friendly and effective design of our range of services.

You have the right to veto this processing of your personal data according to art. 6 (1) lit. f GDPR, for reasons relating to your personal situation.

Cookie-Consent-Tool CookiePro

This website uses the cookie consent-tool "CookiePro" provided by OneTrust LLC, 1200 Abernathy Rd NE, Sandy Springs, GA 30328, USA ("OneTrust") to obtain valid user consent for cookies and cookie-based applications requiring consent.

Your data may be transferred to the USA. For the U.S., there is an adequacy decision from the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF).

By including a JavaScript code, users will be presented with a banner when they visit the site, in which consent for certain cookies and/or cookie-based applications can be given by ticking the appropriate box. The tool blocks the setting of all cookies requiring consent until the respective user gives his consent by ticking the appropriate box. This ensures that such cookies are only set on the respective user's terminal device if consent has been granted.

To enable the Cookie Consent-Tool to uniquely assign page views to individual users and to individually record, log and store the consent settings made by the user for the duration of a session, certain user information (including the IP address) is collected by the Cookie Consent-Tool when our website is accessed, transmitted to OneTrust servers and stored there.

This data processing is carried out in accordance with Art. 6 para. 1 letter f DSGVO on the basis of our legitimate interest in a legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website.

A further legal basis for the data processing described is Art. 6 Para. 1 lit. c DSGVO. As the responsible party, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.

For more information about OneTrust's use of data, please see OneTrust's privacy policy at https://www.cookiepro.com/privacy-notice/.

Analysis / Advertising tracking / Communication

Use of Google Analytics 4

We use the Google Analytics web analytics service provided by Google Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.

The data processing serves the purpose of analyzing this website and its visitors as well as for marketing and advertising purposes. To this end, Google will use the information obtained on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.

In this context, the following information may be collected, among others: IP address, date and time of page view, click path, information about the browser you are using and the device you are using (device), pages visited, referrer URL (website from which you accessed our website), location data, purchase activity. The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google.

Google uses technologies such as cookies, web storage in the browser and tracking pixels that enable an analysis of your use of the website.

The information generated by this about your use of this website is usually transferred to a Google server in the USA and stored there. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.

When using Google Analytics 4, the IP address transmitted by your website is automatically collected and processed in anonymized form. The IP address is shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.

The use of cookies or similar technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a DSGVO. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a DSGVO. You may revoke your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation.

For more information on terms of use and data protection, please visit https://policies.google.com/technologies/partner-sites and https://policies.google.com/privacy?hl=de&gl=de.

We also use the Google Signals service in this context. Google Signals enables cross-device tracking. Hence, your data can be analysed across devices if you have enabeled "personalised advertising" in your account settings and your end devices are linked to your Google account. This makes it possible to identify which device is searching for products and then return to complete purchases on another device, such as a tablet.The cross-device reports created in this context contain only aggregated data. We therefore only receive statistics generated on the basis of Google Signals. To prevent Google Signals from collecting and storing data across devices, you can deactivate the "personalised advertising" function in your Google Account settings. For more information, please visit https://support.google.com/ads/answer/2662922?hl=de. For more information on data processing and data protection for Google Signals, please visit https://support.google.com/analytics/answer/7532985?hl=en.

Use of Facebook Pixel

Our website uses the remarketing function "Custom Audiences" by Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland "Facebook").

Meta Platforms Ireland and we are jointly responsible for the collection of your data and the transfer of this data to Facebook when the service is integrated. The basis for this is an agreement between us and Meta Platforms Ireland on the joint processing of personal data, in which the respective responsibilities are defined. The agreement is available at https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible in particular for the fulfilment of the information obligations in accordance with Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for compliance with the obligations in accordance with Art. 33, 34 GDPR, insofar as a violation of the protection of personal data affects our obligations under the agreement on joint processing. Meta Platforms Ireland is responsible for enabling the rights of the data subject in accordance with articles 15-20 of the GDPR, for complying with the security requirements of article 32 of the GDPR with regard to the security of the service, and for complying with the obligations of articles 33, 34 of the GDPR, insofar as a breach of personal data protection concerns Meta Platforms Ireland's obligations under the joint processing agreement.

This application serves to address the visitor to the website with interest-related advertising on the social network Facebook.

We have implemented Facebook's remarketing tag on our website for this purpose. This tag sets up a direct connection to Facebook's servers when you visit our website. This informs the Facebook server which of our web pages you have visited. Facebook assigns this information to your personal Facebook user account. When you visit the social network Facebook you will then be shown personalised, interest-related Facebook ads.

Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.

The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal. You can find more detailed information on Facebook's collection and use of data and your associated rights and options for protecting your privacy in Facebook's privacy policy: https://www.facebook.com/about/privacy/.

Use of Google Ads conversion tracking

Our website uses the online marketing program "Google Ads", including conversion tracking (evaluation of user actions). Google conversion tracking is a service operated by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google").

If you click on adverts placed by Google, a cookie is placed on your computer for conversion tracking. These cookies have limited validity, do not contain any personal data and thus cannot be used for personal identification. If you visit certain pages on our website and the cookie has not yet expired, we and Google can recognise that you have clicked on the advert and were forwarded to this page. Every Google Ads customer receives a different cookie. It is therefore not possible to track cookies relating to the websites of Ads customers.

The information collected using the conversion cookie serves the purpose of producing conversion statistics. This allows us to find out the total number of users who have clicked on our adverts and were forwarded to a page equipped with a conversion tracking tag. However, they do not receive any information with which could be used to personally identify users.

Your data may be transmitted to Google LLC servers in the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.

The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.

You will find more information as well as Google's data privacy policy at: https://www.google.com/policies/privacy/

Use of the remarketing or "similar target groups" function by Google Inc.

Our website uses the remarketing or "similar target groups" function by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google").

This application serves to analyse visitor behaviour and visitor interests.

Google uses cookies to analyse website use, forming the basis for producing interest-related adverts. Cookies allow for the recording of website visits as well as anonymised data on the use of the website. The personal data of website visitors is not saved. If you then visit another website in the Google display network you will then be shown adverts which are more likely to take previous areas of product and information interest into account.

Your data may be transmitted to Google LLC servers in the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.

The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.

You can find more detailed information on Google remarketing as well as the associated data privacy policy at: https://www.google.com/privacy/ads/

Use of the "Zendesk Chat" live chat system

Our website uses Zendesk Inc.'s live chat system (1019 Market Street, 6th Floor, San Francisco, California 94103, USA; "Zendesk").

The system serves to facilitate communication between you and us in our role as provider. A usage profile can be generated from this data under a pseudonym. Cookies are used for this purpose. Cookies facilitate recognition of your internet browser.

Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Zendesk has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.

The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.

You can find more detailed information on Zendesk's collection and use of data and your associated rights and options for protecting your privacy in Zendesk's privacy policy at: https://www.zendesk.com/company/customers-partners/privacy-policy/.

Use of the Minubo e-commerce BI software

In order to gain a detailed insight into our sales, marketing and purchasing activities and to be able to analyze them, we use the services of minubo GmbH, Rödingsmarkt 9, 20459 Hamburg, Germany as part of a data processing agreement. The following data is processed: Information on orders, customers, products and marketing activities.

The processing of your personal data is based on Art. 6 para. 1 lit. f GDPR out of our overriding legitimate interest in optimizing our business processes and our offers.

The privacy policy of Minubo you can find here: https://www.minubo.com/en/privacy-policy

Plug-ins

Use of the Google Tag Manager

Our website uses the Google Tag Manager from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google"). This application manages JavaScript tags and HTML tags which are used in particular to implement tracking and analysis tools. The data processing serves to facilitate the needs-based design and optimisation of our website. The Google Tag Manager itself neither stores cookies nor processes personal data. It does, however, enable the triggering of further tags which may collect and process personal data. You can find more detailed information on the terms and conditions of use and data protection at https://www.google.com/intl/de/tagmanager/use-policy.html

Use of social plug-ins

Our website uses social network plug-ins. The integration of social plug-ins and the data processing associated with this serves the purpose of optimising the advertising for our products.

The integration of social plug-ins involves a connection between your computer and the servers of the service provider of the social network which then instructs your web browser to display the plug-in on that web page, provided you have expressly consented to this. In this process, both your IP address as well as the information on which web pages you have visited will be transmitted to the provider's servers. This happens regardless of whether you are registered with or logged into the social network. The information is transferred even if users are not registered or logged in. Should you be connected simultaneously with one or more of your social network accounts, the collected information may also be assigned to your corresponding profiles. When using the plug-in functions (e.g. by pressing the appropriate button), this information will also be assigned to your user account. You can therefore prevent this assignment by logging yourself out before visiting our website and before activating the button for your social media accounts.

The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.

The following social networks are integrated in our website through social plug-ins. You can find more detailed information on the scope and purpose of collection and use of the data and your associated rights and options for protecting your privacy in the provider's privacy policy via the link.

Facebook by Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland).

Meta Platforms Ireland and we are jointly responsible for the collection of your data and the transfer of this data to Facebook when the service is integrated. The basis for this is an agreement between us and Meta Platforms Ireland on the joint processing of personal data, in which the respective responsibilities are defined. The agreement is available at https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible in particular for the fulfilment of the information obligations in accordance with Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for compliance with the obligations in accordance with Art. 33, 34 GDPR, insofar as a violation of the protection of personal data affects our obligations under the agreement on joint processing. Meta Platforms Ireland is responsible for enabling the rights of the data subject in accordance with articles 15-20 of the GDPR, for complying with the security requirements of article 32 of the GDPR with regard to the security of the service, and for complying with the obligations of articles 33, 34 of the GDPR, insofar as a breach of personal data protection concerns Meta Platforms Ireland's obligations under the joint processing agreement.

Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.

For more information on data protection please visit: https://www.facebook.com/about/privacy/.

Instagram by Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland): https://help.instagram.com/155833707900388

Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.

Pinterest by Pinterest Inc. (635 High Street, Palo Alto, CA, 94301, USA) https://policy.pinterest.com/en/privacy-policy

Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Pinterest is not certified under the TADPF.

Twitter de Twitter Inc. (1355 Market Street, Suite 900, San Francisco, CA 94107, EE. UU.) https://twitter.com/privacy

Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Twitter is not certified under the TADPF.

Use of Linkin.bio for Instagram

We use Linkin.bio for Instagram by the provider Later, 88 E Pender Street, #500, Vancouver, British Columbia, Canada. The Instagram feed is loaded by Later with Linkin.bio or transmitted via Linkin.bio. The use is based on our legitimate interests, i.e. interest in a secure and efficient provision, analysis and optimisation of our Instagram offer pursuant to Art. 6 para. 1 lit. f. GDPPR. Linkin.bio for Instagram by Later processes IP addresses and device information to enable Instagram feed illustration and to determine statistical data, such as call-up figures. This data is anonymised or pseudonymised before being stored in Later.com Linkin.bio database, unless it is necessary for the provision of Instagram posts. Further information and objection options can be found in the Later.com privacy policy: https://later.com/privacy/.

Use of Google reCAPTCHA

Our website uses the reCAPTCHA service by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google").

The request serves to distinguish whether the input was made by a human or automatic machine processing. For this purpose your input will be transmitted to Google and used by them further. In addition, the IP address and any other data required by Google for the reCAPTCHA service will be transferred to Google.

This data will be processed by Google within the EU and potentially also in the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.

Processing is carried out on the basis of Article 6(1)f) GDPR due to our legitimate interest in protecting our website from automated spying, misuse and SPAM. On grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you and carried out in accordance with Article 6(1)(f) GDPR.

You can find more detailed information on Google reCAPTCHA and the associated data protection declaration at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy.

Use of Cloudflare

On our website, we use the Content Delivery Network, Cloudflare CDN of Cloudflare Inc. (101 Townsend St, San Francisco, CA 94107, USA; "Cloudflare"). This is a supraregional network of servers in different data centres with which our web server connects and via which certain contents of our website are delivered.

The purpose of the data processing is to optimise the loading times of our website in order to make our offer more user-friendly.

This can involve the collection of, among other things, the following information: IP address, system configuration information, information about the traffic from and to customer websites (server log files).

Your data may be transferred to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Cloudflare has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.

Processing is carried out on the basis of Article 6(1)(f) GDPR for the purposes of our legitimate interest in needs-based and targeted design of the website. On grounds relating to your particular situation, you have the right to object at any time to this processing of your personal data and carried out on the basis of Article 6(1)(f) GDPR.

For more information about privacy when using Cloudflare, please visit https://www.cloudflare.com/de-de/privacypolicy/.

Use of GoogleMaps

Our website uses the function for embedding Google Maps by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland, "Google")

This feature visually represents geographical information and interactive maps. Google also collects, processes and uses data on visitors to the website when they call up pages with embedded Google maps.

Your data may also be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.

The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal. Further information on the data collected and used by Google, your rights and privacy can be found in Google's privacy policy at https://www.google.com/privacypolicy.html You also have the option of changing your settings in the data protection centre, allowing you to administer and protect the data processed by Google.

Use of YouTube

Our website uses the function for embedding YouTube videos by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube"). YouTube is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google").

This feature shows YouTube videos in an iFrame on the website. The option "advanced privacy mode" is enabled here. This prevents YouTube from storing information on visitors to the website. It is only if you watch a video that information is transmitted to and stored by YouTube.

Your data may be transmitted to the USA. For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself in accordance with the TADPF and has thus undertaken to comply with European data protection principles.

The use of cookies or comparable technologies is carried out with your consent on the basis of Art. 25 para. 1 p. 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal. Further information on the data collected and used by YouTube and Google and your associated rights and options for protecting your privacy can be found in YouTube’s privacy policy (https://www.youtube.com/t/privacy).

Use of Findify for product discovery

For product discovery, especially search and navigation, we use the services of Findify AB ("Findify"), Asogatan 198, 11632 Stockholm, Schweden, a technology company that attempts to respond to personal needs and preferences through data analysis. If you have given your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR, cookies are used to store information about the website user and various data are transmitted to the service provider, including in particular the user's IP address and browser identification, as well as related behavior data such as search queries, visited categories, selected filters, viewed and purchased Products. This helps us to understand which products interest our users the most and to optimize the shopping experience for them. The privacy policy of Findify you can find here: https://www.maropost.com/legal/privacy-policy/

Rights of persons affected and storage duration

Duration of storage

After contractual processing has been completed, the data is initially stored for the duration of the warranty period, then in accordance with the retention periods prescribed by law, especially tax and commercial law, and then deleted after the period has elapsed, unless you have agreed to further processing and use.

Rights of the affected person

If the legal requirements are fulfilled, you have the following rights according to art. 15 to 20 GDPR: Right to information, correction, deletion, restriction of processing, data portability. You also have a right of objection against processing based on art. 6 (1) GDPR, and to processing for the purposes of direct marketing, according to art. 21 (1) GDPR.

Right to complain to the regulatory authority

You have the right to complain to the regulatory authority according to art. 77 GDPR if you believe that your data is not being processed legally.

You can lodge a complaint with, among others, the supervisory authority responsible for us, which you may reach at the following contact details:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Postfach 20 04 44
40102 Düsseldorf
Tel.: +49 211 384240
Fax: +49 211 38424999
E-Mail: poststelle@ldi.nrw.de

Right to object

If the data processing outlined here is based on our legitimate interests in accordance with Article 6(1)f) GDPR, you have the right for reasons arising from your particular situation to object at any time to the processing of your data with future effect.

If the objection is successful, we will no longer process the personal data, unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests or rights and freedoms, or the processing is intended for the assertion, exercise or defence of legal claims.