Data protection
Unless otherwise stated below, the provision of your personal data is not required by law or contract, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to do so has no consequences. This only applies if no other information is provided in the subsequent processing operations.
“Personal data” means any information relating to an identified or identifiable natural person.
Server log files
You can visit our website without providing any personal information.
Every time you access our website, usage data is transmitted to us or our web host / IT service provider by your Internet browser and stored in log data (so-called server log files). This stored data includes, for example, the name of the page accessed, the date and time of access, the IP address, the amount of data transferred and the requesting provider. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR based on our overriding legitimate interest in ensuring the trouble-free operation of our website and improving our offering.
Your data may be transferred to third countries outside the European Union for which the EU Commission has issued an adequacy decision. If there is no adequacy decision by the EU Commission, such as for example for transfers to the USA, the data transfers are based, among other things, on standard contractual clauses as suitable guarantees for the protection of personal data, available at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de
Contact
Person responsible
Contact us on request. The person responsible for data processing is: Ralf Natale, Im Oberried 15, 61194 Niddatal Germany, 0179/3923757, ralf.natale@corentos.com
Proactive contact of the customer by e-mail
If you contact us by e-mail on your own initiative, we will only collect your personal data (name, e-mail address, message text) to the extent provided by you. The purpose of data processing is to process and respond to your contact request.
If the establishment of contact serves the implementation of pre-contractual measures (e.g. advice in the event of an interest in purchasing, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR. 1 lit. b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in processing and responding to your request. In this case, you have the right, for reasons arising from your particular situation, to exercise this right at any time on the basis of Art. 6 para. 1 lit. f GDPR to the processing of personal data concerning you.
We will only use your e-mail address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when using the contact form
When you use the contact form, we collect your personal data (name, e-mail address, message text) only to the extent that you provide. The data processing serves the purpose of establishing contact.
If the establishment of contact serves the implementation of pre-contractual measures (e.g. advice in the event of an interest in purchasing, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR. 1 lit. b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in processing and responding to your request. In this case, you have the right, for reasons arising from your particular situation, to exercise this right at any time on the basis of Art. 6 para. 1 lit. f GDPR to the processing of personal data concerning you.
We will only use your e-mail address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Customer account Orders
Customer account
When you open a customer account, we collect your personal data to the extent specified there. The purpose of data processing is to improve your shopping experience and simplify order processing. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can withdraw your consent at any time by notifying us without affecting the lawfulness of processing based on consent before its withdrawal. Your customer account will then be deleted.
Collection, processing and disclosure of personal data for orders
When you place an order, we collect and process your personal data only to the extent necessary to fulfill and process your order and to process your inquiries. The provision of the data is necessary for the conclusion of the contract. Failure to do so means that no contract can be concluded. The processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR and is necessary for the performance of a contract with you.
Your data will be passed on, for example, to the shipping companies and dropshipping providers you have selected, payment service providers, service providers for order processing and IT service providers. In all cases, we strictly observe the legal requirements. The scope of data transmission is limited to a minimum.
Your data may be transferred to third countries outside the European Union for which the EU Commission has issued an adequacy decision. If there is no adequacy decision by the EU Commission, such as for example for transfers to the USA, the data transfers are based, among other things, on standard contractual clauses as suitable guarantees for the protection of personal data, available at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de
reviews
Advertising
Use of the e-mail address for sending newsletters
We use your e-mail address independently of the contract processing exclusively for our own advertising purposes for sending newsletters, provided you have expressly consented to this. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your e-mail address will then be removed from the mailing list.
Your data will be passed on to a service provider for e-mail marketing as part of order processing. It will not be passed on to other third parties.
Payment service provider
Use of PayPal Check-Out
We use the PayPal Check-Out payment service of PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; “PayPal”) on our website. The purpose of data processing is to be able to offer you payment via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or “Pay later” via PayPal, the data required for payment processing will be transmitted to PayPal in order to fulfill the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Credit card via PayPal, direct debit via PayPal & “Pay later” via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or “Pay later” via PayPal, PayPal reserves the right to obtain credit information on the basis of mathematical-statistical procedures using credit agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the information received on the statistical probability of a payment default for a balanced decision on the establishment, execution or termination of the contractual relationship. The credit report may contain probability values (score values) that are calculated on the basis of scientifically recognized mathematical-statistical procedures and whose calculation includes address data, among other things. Your interests worthy of protection are taken into account in accordance with the statutory provisions. The purpose of data processing is to check creditworthiness in order to initiate a contract. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in protection against non-payment if PayPal makes advance payments.
You have the right to object to this processing at any time for reasons arising from your particular situation on the basis of Art. 6 para. 1 lit. f GDPR by notifying PayPal of your objection to the processing of personal data concerning you. The provision of the data is necessary for the conclusion of the contract with the payment method requested by you. Failure to do so means that the contract cannot be concluded with the payment method you have selected.
Third-party provider
When paying via the payment method of a third-party provider, the data required for payment processing is transmitted to PayPal. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. PayPal may then forward the data to the respective provider in order to process this payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Local third-party providers can be, for example:
– Sofort (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany)
– giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main
Purchase on account via PayPal
When paying via the payment method purchase on account, the data required for payment processing is first transmitted to PayPal. For the execution of this payment method, the data will then be transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; “Ratepay”) in order to fulfill the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Ratepay may carry out a credit check on the basis of mathematical-statistical procedures (probability or score values) using credit agencies in accordance with the procedure described above. The purpose of data processing is to check creditworthiness in order to initiate a contract. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in protection against payment default if Ratepay makes advance payments. Further information on data protection and which credit agencies Ratpay uses can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.
Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Cookies
Our website uses cookies. Cookies are small text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.
Cookies are stored on your computer. You therefore have full control over the use of cookies. By selecting the appropriate technical settings in your Internet browser, you can be notified before cookies are set and decide whether to accept them individually and prevent the storage of cookies and transmission of the data they contain. Cookies that have already been saved can be deleted at any time. However, we would like to point out that you may then not be able to use all the functions of this website to their full extent.
You can find out how to manage (including deactivating) cookies in the most important browsers by clicking on the links below:
Chrome: https://support.google.com/accounts/answer/61416?hl=de
Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac
Technically necessary cookies
Unless otherwise stated below in the privacy policy, we only use these technically necessary cookies for the purpose of making our website more user-friendly, effective and secure. Furthermore, cookies enable our systems to recognize your browser even after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. This requires the browser to be recognized even after a page change.
The use of cookies or comparable technologies takes place on the basis of § 25 para. 2 TTDSG. The processing of your personal data takes place on the basis of Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offer.
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you.
Use of Consentmanager
We use the consent management tool Consentmanager from Consentmanager AB (Håltegelvägen 1b, 72348 Västerås, Sweden; “Consentmanager”) on our website.
The tool enables you to give your consent to data processing via the website, in particular the setting of cookies, and to make use of your right to withdraw consent you have already given.
The purpose of data processing is to obtain and document the necessary consent for data processing and thus to comply with legal obligations.
Cookies can be used for this purpose. The following information may be collected and transmitted to Consentmanager: Date and time of the page view, information about the browser you are using and the device you are using, anonymized IP address, opt-in and opt-out data. This data will not be passed on to other third parties.
The data processing is carried out to fulfill a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR.
You can find more information on data protection at Consentmanager at: https://www.consentmanager.net/privacy.php
Advertising tracking analysis
Use of Adobe Analytics
We use the web analysis service Adobe Analytics from Adobe Systems Incorporated (345 Park Avenue, San Jose, CA 95110, USA; “Adobe”) on our website.
The data processing serves the purpose of analyzing this website and the user behavior of its visitors as well as for marketing and advertising purposes. Cookies are used for this purpose, which enable the browser to be recognized and thus provide more precise statistics. The following information may be collected and transmitted to Adobe: IP address, date and time of the page view, click path, information about the browser and device you are using, information about the operating system used, pages visited, referrer URL (website from which you accessed our website), location data, purchase activities. Adobe uses the information obtained on our behalf to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator.
The data collected is usually transferred to Adobe servers in the USA and stored there. There is no adequacy decision by the EU Commission for the USA. Data is transferred on the basis of standard contractual clauses as suitable guarantees for the protection of personal data. We will provide you with a copy of the standard contractual clauses on request.
Adobe has activated IP obfuscation. As a result, your IP address will be irreversibly anonymized by Adobe within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You can find more information on data processing and data protection at Adobe Analytics at https://www.adobe.com/de/privacy.html, at https://www.adobe.com/de/analytics/general-data-protection-regulation.html and at https://docs.adobe.com/content/help/de-DE/analytics/technotes/privacy-overview.html
Use of Google Analytics
We use the web analysis service Google Analytics from Google Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves the purpose of analyzing this website and its visitors as well as for marketing and advertising purposes. For this purpose, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The following information may be collected in the process: IP address, date and time of the page view, click path, information about the browser you are using and the device you are using, pages visited, referrer URL (website from which you accessed our website), location data, purchase activities. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
Google Analytics uses technologies such as cookies, web storage in the browser and tracking pixels that enable your use of the website to be analyzed. The information generated about your use of this website is usually transferred to a Google server in the USA and stored there. There is no adequacy decision by the EU Commission for the USA. The data transfer takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks and https://business.safety.google/adsprocessorterms/. Both Google and US government authorities have access to your data. Your data can be linked by Google with other data, such as your search history, your personal accounts, your usage data from other devices and all other data that Google has about you.
IP anonymization is activated on this website. As a result, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information on terms of use and data protection can be found at https://www.google.com/analytics/terms/de.html or at https://www.google.de/intl/de/policies/ and at https://policies.google.com/technologies/cookies?hl=de.
Use of the Facebook Pixel
We use the remarketing function “Custom Audiences” of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland “Facebook”) on our website.
Meta Platforms Ireland and we are jointly responsible for the collection of your data when the service is integrated and the transmission of this data to Facebook. The basis for this is an agreement between us and Meta Platforms Ireland on the joint processing of personal data, in which the respective responsibilities are defined. The agreement is available at https://www.facebook.com/legal/controller_addendum. Accordingly, we are responsible in particular for compliance with the information obligations pursuant to Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service and for compliance with the obligations pursuant to Art. 33, 34 GDPR, insofar as a breach of the protection of personal data affects our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling the rights of data subjects pursuant to Art. 15 – 20 GDPR, complying with the security requirements of Art. 32 GDPR with regard to the security of the Service and the obligations under Art. 33, 34 GDPR to the extent that a personal data breach affects Meta Platforms Ireland’s obligations under the Joint Processing Agreement.
The purpose of the application is to target visitors to the website with interest-based advertising on the Facebook social network. The Facebook remarketing tag was implemented on the website for this purpose. This tag is used to establish a direct connection to the Facebook servers when you visit the website. This tells the Facebook server which of our pages you have visited. Facebook assigns this information to your personal Facebook user account. When you visit the Facebook social network, you will then be shown personalized, interest-based Facebook ads. Your data may be transferred to the USA. There is no adequacy decision by the EU Commission for the USA. Data is transferred on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://www.facebook.com/legal/EU_data_transfer_addendum.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
For more information on the collection and use of data by Facebook, your rights in this regard and options for protecting your privacy, please refer to Facebook’s privacy policy at https://www.facebook.com/about/privacy/.
Use of Google Ads conversion tracking
We use the online advertising program “Google Ads” on our website and in this context conversion tracking (visit action evaluation). Google Conversion Tracking is an analysis service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; Google).
If you click on an advertisement placed by Google, a cookie for conversion tracking is stored on your computer. These cookies have a limited validity, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you have clicked on the ad and have been redirected to this page. Each Google Ads customer receives a different cookie. This means that there is no possibility that cookies can be tracked via the websites of Ads customers.
The information collected with the help of the conversion cookie is used to create conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, we do not receive any information with which users can be personally identified.
Your data may be transmitted to the servers of Google LLC in the USA. There is no adequacy decision by the EU Commission for the USA. The data transfer takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks and https://business.safety.google/adscontrollerterms/.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You can find more information and Google’s privacy policy at: https://www.google.de/policies/privacy/
Use of Google AdSense
We use the AdSense function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website. The purpose of data processing is to rent out advertising space on the website and to target visitors to the website with interest-based advertising. This function is used to display personalized, interest-based advertisements from the Google Display Network to visitors to the provider’s website. Google uses cookies that enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. There is no adequacy decision by the EU Commission for the USA. The data transfer takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks and https://business.safety.google/adscontrollerterms/. Google may transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You can find more information and Google’s privacy policy at: https://www.google.com/policies/technologies/ads/ and https://www.google.de/policies/privacy/
Use of the remarketing or “similar target groups” function of Google Inc.
We use the remarketing or “similar target groups” function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The application serves the purpose of analyzing visitor behavior and visitor interests. Google uses cookies to analyze website usage, which forms the basis for the creation of interest-based advertisements. Cookies are used to record visits to the website and anonymized data on the use of the website. No personal data of visitors to the website is stored. If you subsequently visit another website in the Google Display Network, you will be shown advertisements that are highly likely to take into account previously accessed product and information areas.
Your data may be transmitted to servers of Google LLC in the USA. There is no adequacy decision by the EU Commission for the USA. Data is transferred on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You can find more information about Google Remarketing and the associated privacy policy at: https://www.google.com/privacy/ads/
Plug-ins and miscellaneous
Use of the Google Tag Manager
We use the Google Tag Manager of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
This application is used to manage JavaScript tags and HTML tags that are used to implement tracking and analysis tools in particular. Data processing serves the purpose of designing and optimizing our website in line with requirements.
The Google Tag Manager itself neither stores cookies nor does it process personal data. However, it enables the triggering of other tags that can collect and process personal data.
Further information on terms of use and data protection can be found here.
Use of the Facebook single sign-on function
We use the single sign-on function (formerly Facebook Connect) of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “Facebook”) on our website.
Meta Platforms Ireland and we are jointly responsible for the collection of your data when the service is integrated and the transmission of this data to Facebook. The basis for this is an agreement between us and Meta Platforms Ireland on the joint processing of personal data, in which the respective responsibilities are defined. The agreement is available at https://www.facebook.com/legal/controller_addendum. Accordingly, we are responsible in particular for compliance with the information obligations pursuant to Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service and for compliance with the obligations pursuant to Art. 33, 34 GDPR, insofar as a breach of the protection of personal data affects our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling the rights of data subjects pursuant to Art. 15 – 20 GDPR, complying with the security requirements of Art. 32 GDPR with regard to the security of the Service and the obligations under Art. 33, 34 GDPR to the extent that a personal data breach affects Meta Platforms Ireland’s obligations under the Joint Processing Agreement.
This function enables website visitors to log in to the website using their existing Facebook account. Data processing serves the purpose of verification during registration, personalization and interest-based advertising.
In order to offer the function on the website, a connection to the Facebook server is established. Cookies are used for this purpose. The following information may be collected and transmitted to Facebook: IP address, browser information, referrer URL (website from which you accessed our website), location data. This applies regardless of whether you are registered or logged in to the social network. Transmission also takes place for users who are not registered or not logged in. If you are connected to one or more of your social network accounts at the same time, the information collected can also be assigned to your corresponding profiles. You can prevent this assignment by logging out of your social media accounts before visiting our website and before activating the buttons. Your data may be transferred to the USA. There is no adequacy decision by the EU Commission for the USA. Data is transferred on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://www.facebook.com/legal/EU_data_transfer_addendum.
When using the single sign-on function, the website visitor’s Facebook profile is linked to a customer account for this website. Here we receive personal data of the user from Facebook, as specified in the login process. This may include, but is not limited to, the following information: Name, address, public profile information (e.g. name, profile picture, age, gender), e-mail address, friends lists, “Like” information.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
For more information on the collection and use of data by Facebook, your rights in this regard and options for protecting your privacy, please refer to Facebook’s privacy policy at https://www.facebook.com/about/privacy/.
Data subject rights and storage duration
Duration of storage
After the contract has been fully processed, the data will initially be stored for the duration of the warranty period, then in accordance with statutory retention periods, in particular under tax and commercial law, and then deleted after this period has expired, unless you have consented to further processing and use.
Rights of the data subject
If the legal requirements are met, you have the following rights in accordance with Art. 15 to 20 GDPR: Right to information, to rectification, to erasure, to restriction of processing, to data portability.
In addition, according to Art. 21 para. 1 GDPR to object to the processing based on Art. 6 para. 1 f GDPR, as well as against processing for the purpose of direct marketing.
Right to lodge a complaint with the supervisory authority
In accordance with Art. 77 GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that your personal data is being processed unlawfully.
You can lodge a complaint with the supervisory authority responsible for us, which you can reach using the following contact details:
Hessian Commissioner for Data Protection and Freedom of Information
P.O. Box 3163
65021 Wiesbaden
Phone: +49 611 14080
Fax: +49 611 1408900 or +49 611 1408901
E-mail: poststelle@datenschutz.hessen.de
Right of objection
If the personal data processing listed here is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, you have the right to object to this processing at any time with effect for the future on grounds relating to your particular situation.
After an objection has been made, the processing of the data concerned will be terminated unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defense of legal claims.
last update: 10.01.2022
Unless otherwise stated below, the provision of your personal data is not required by law or contract, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to do so has no consequences. This only applies if no other information is provided in the subsequent processing operations.
“Personal data” means any information relating to an identified or identifiable natural person.
Server log files
You can visit our website without providing any personal information.
Every time you access our website, usage data is transmitted to us or our web host / IT service provider by your Internet browser and stored in log data (so-called server log files). This stored data includes, for example, the name of the page accessed, the date and time of access, the IP address, the amount of data transferred and the requesting provider. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR based on our overriding legitimate interest in ensuring the trouble-free operation of our website and improving our offering.
Your data may be transferred to third countries outside the European Union for which the EU Commission has issued an adequacy decision. If there is no adequacy decision by the EU Commission, such as for example for transfers to the USA, the data transfers are based, among other things, on standard contractual clauses as suitable guarantees for the protection of personal data, available at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de
Contact
Person responsible
Contact us on request. The person responsible for data processing is: Ralf Natale, Im Oberried 15, 61194 Niddatal Germany, 0179/3923757, ralf.natale@corentos.com
Proactive contact of the customer by e-mail
If you contact us by e-mail on your own initiative, we will only collect your personal data (name, e-mail address, message text) to the extent provided by you. The purpose of data processing is to process and respond to your contact request.
If the establishment of contact serves the implementation of pre-contractual measures (e.g. advice in the event of an interest in purchasing, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR. 1 lit. b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in processing and responding to your request. In this case, you have the right, for reasons arising from your particular situation, to exercise this right at any time on the basis of Art. 6 para. 1 lit. f GDPR to the processing of personal data concerning you.
We will only use your e-mail address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when using the contact form
When you use the contact form, we collect your personal data (name, e-mail address, message text) only to the extent that you provide. The data processing serves the purpose of establishing contact.
If the establishment of contact serves the implementation of pre-contractual measures (e.g. advice in the event of an interest in purchasing, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR. 1 lit. b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in processing and responding to your request. In this case, you have the right, for reasons arising from your particular situation, to exercise this right at any time on the basis of Art. 6 para. 1 lit. f GDPR to the processing of personal data concerning you.
We will only use your e-mail address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Customer account Orders
Customer account
When you open a customer account, we collect your personal data to the extent specified there. The purpose of data processing is to improve your shopping experience and simplify order processing. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can withdraw your consent at any time by notifying us without affecting the lawfulness of processing based on consent before its withdrawal. Your customer account will then be deleted.
Collection, processing and disclosure of personal data for orders
When you place an order, we collect and process your personal data only to the extent necessary to fulfill and process your order and to process your inquiries. The provision of the data is necessary for the conclusion of the contract. Failure to do so means that no contract can be concluded. The processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR and is necessary for the performance of a contract with you.
Your data will be passed on, for example, to the shipping companies and dropshipping providers you have selected, payment service providers, service providers for order processing and IT service providers. In all cases, we strictly observe the legal requirements. The scope of data transmission is limited to a minimum.
Your data may be transferred to third countries outside the European Union for which the EU Commission has issued an adequacy decision. If there is no adequacy decision by the EU Commission, such as for example for transfers to the USA, the data transfers are based, among other things, on standard contractual clauses as suitable guarantees for the protection of personal data, available at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de
reviews
Advertising
Use of the e-mail address for sending newsletters
We use your e-mail address independently of the contract processing exclusively for our own advertising purposes for sending newsletters, provided you have expressly consented to this. The processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR with your consent. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your e-mail address will then be removed from the mailing list.
Your data will be passed on to a service provider for e-mail marketing as part of order processing. It will not be passed on to other third parties.
Payment service provider
Use of PayPal Check-Out
We use the PayPal Check-Out payment service of PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal L-2449, Luxembourg; “PayPal”) on our website. The purpose of data processing is to be able to offer you payment via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or “Pay later” via PayPal, the data required for payment processing will be transmitted to PayPal in order to fulfill the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
Credit card via PayPal, direct debit via PayPal & “Pay later” via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or “Pay later” via PayPal, PayPal reserves the right to obtain credit information on the basis of mathematical-statistical procedures using credit agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit agency and uses the information received on the statistical probability of a payment default for a balanced decision on the establishment, execution or termination of the contractual relationship. The credit report may contain probability values (score values) that are calculated on the basis of scientifically recognized mathematical-statistical procedures and whose calculation includes address data, among other things. Your interests worthy of protection are taken into account in accordance with the statutory provisions. The purpose of data processing is to check creditworthiness in order to initiate a contract. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in protection against non-payment if PayPal makes advance payments.
You have the right to object to this processing at any time for reasons arising from your particular situation on the basis of Art. 6 para. 1 lit. f GDPR by notifying PayPal of your objection to the processing of personal data concerning you. The provision of the data is necessary for the conclusion of the contract with the payment method requested by you. Failure to do so means that the contract cannot be concluded with the payment method you have selected.
Third-party provider
When paying via the payment method of a third-party provider, the data required for payment processing is transmitted to PayPal. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. PayPal may then forward the data to the respective provider in order to process this payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Local third-party providers can be, for example:
– Sofort (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany)
– giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main
Purchase on account via PayPal
When paying via the payment method purchase on account, the data required for payment processing is first transmitted to PayPal. For the execution of this payment method, the data will then be transmitted by PayPal to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; “Ratepay”) in order to fulfill the contract with you with the selected payment method. This processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR. Ratepay may carry out a credit check on the basis of mathematical-statistical procedures (probability or score values) using credit agencies in accordance with the procedure described above. The purpose of data processing is to check creditworthiness in order to initiate a contract. The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in protection against payment default if Ratepay makes advance payments. Further information on data protection and which credit agencies Ratpay uses can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/.
Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Cookies
Our website uses cookies. Cookies are small text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.
Cookies are stored on your computer. You therefore have full control over the use of cookies. By selecting the appropriate technical settings in your Internet browser, you can be notified before cookies are set and decide whether to accept them individually and prevent the storage of cookies and transmission of the data they contain. Cookies that have already been saved can be deleted at any time. However, we would like to point out that you may then not be able to use all the functions of this website to their full extent.
You can find out how to manage (including deactivating) cookies in the most important browsers by clicking on the links below:
Chrome: https://support.google.com/accounts/answer/61416?hl=de
Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac
Technically necessary cookies
Unless otherwise stated below in the privacy policy, we only use these technically necessary cookies for the purpose of making our website more user-friendly, effective and secure. Furthermore, cookies enable our systems to recognize your browser even after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. This requires the browser to be recognized even after a page change.
The use of cookies or comparable technologies takes place on the basis of § 25 para. 2 TTDSG. The processing of your personal data takes place on the basis of Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offer.
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you.
Use of Consentmanager
We use the consent management tool Consentmanager from Consentmanager AB (Håltegelvägen 1b, 72348 Västerås, Sweden; “Consentmanager”) on our website.
The tool enables you to give your consent to data processing via the website, in particular the setting of cookies, and to make use of your right to withdraw consent you have already given.
The purpose of data processing is to obtain and document the necessary consent for data processing and thus to comply with legal obligations.
Cookies can be used for this purpose. The following information may be collected and transmitted to Consentmanager: Date and time of the page view, information about the browser you are using and the device you are using, anonymized IP address, opt-in and opt-out data. This data will not be passed on to other third parties.
The data processing is carried out to fulfill a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR.
You can find more information on data protection at Consentmanager at: https://www.consentmanager.net/privacy.php
Advertising tracking analysis
Use of Adobe Analytics
We use the web analysis service Adobe Analytics from Adobe Systems Incorporated (345 Park Avenue, San Jose, CA 95110, USA; “Adobe”) on our website.
The data processing serves the purpose of analyzing this website and the user behavior of its visitors as well as for marketing and advertising purposes. Cookies are used for this purpose, which enable the browser to be recognized and thus provide more precise statistics. The following information may be collected and transmitted to Adobe: IP address, date and time of the page view, click path, information about the browser and device you are using, information about the operating system used, pages visited, referrer URL (website from which you accessed our website), location data, purchase activities. Adobe uses the information obtained on our behalf to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator.
The data collected is usually transferred to Adobe servers in the USA and stored there. There is no adequacy decision by the EU Commission for the USA. Data is transferred on the basis of standard contractual clauses as suitable guarantees for the protection of personal data. We will provide you with a copy of the standard contractual clauses on request.
Adobe has activated IP obfuscation. As a result, your IP address will be irreversibly anonymized by Adobe within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You can find more information on data processing and data protection at Adobe Analytics at https://www.adobe.com/de/privacy.html, at https://www.adobe.com/de/analytics/general-data-protection-regulation.html and at https://docs.adobe.com/content/help/de-DE/analytics/technotes/privacy-overview.html
Use of Google Analytics
We use the web analysis service Google Analytics from Google Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves the purpose of analyzing this website and its visitors as well as for marketing and advertising purposes. For this purpose, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The following information may be collected in the process: IP address, date and time of the page view, click path, information about the browser you are using and the device you are using, pages visited, referrer URL (website from which you accessed our website), location data, purchase activities. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
Google Analytics uses technologies such as cookies, web storage in the browser and tracking pixels that enable your use of the website to be analyzed. The information generated about your use of this website is usually transferred to a Google server in the USA and stored there. There is no adequacy decision by the EU Commission for the USA. The data transfer takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks and https://business.safety.google/adsprocessorterms/. Both Google and US government authorities have access to your data. Your data can be linked by Google with other data, such as your search history, your personal accounts, your usage data from other devices and all other data that Google has about you.
IP anonymization is activated on this website. As a result, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information on terms of use and data protection can be found at https://www.google.com/analytics/terms/de.html or at https://www.google.de/intl/de/policies/ and at https://policies.google.com/technologies/cookies?hl=de.
Use of the Facebook Pixel
We use the remarketing function “Custom Audiences” of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland “Facebook”) on our website.
Meta Platforms Ireland and we are jointly responsible for the collection of your data when the service is integrated and the transmission of this data to Facebook. The basis for this is an agreement between us and Meta Platforms Ireland on the joint processing of personal data, in which the respective responsibilities are defined. The agreement is available at https://www.facebook.com/legal/controller_addendum. Accordingly, we are responsible in particular for compliance with the information obligations pursuant to Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service and for compliance with the obligations pursuant to Art. 33, 34 GDPR, insofar as a breach of the protection of personal data affects our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling the rights of data subjects pursuant to Art. 15 – 20 GDPR, complying with the security requirements of Art. 32 GDPR with regard to the security of the Service and the obligations under Art. 33, 34 GDPR to the extent that a personal data breach affects Meta Platforms Ireland’s obligations under the Joint Processing Agreement.
The purpose of the application is to target visitors to the website with interest-based advertising on the Facebook social network. The Facebook remarketing tag was implemented on the website for this purpose. This tag is used to establish a direct connection to the Facebook servers when you visit the website. This tells the Facebook server which of our pages you have visited. Facebook assigns this information to your personal Facebook user account. When you visit the Facebook social network, you will then be shown personalized, interest-based Facebook ads. Your data may be transferred to the USA. There is no adequacy decision by the EU Commission for the USA. Data is transferred on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://www.facebook.com/legal/EU_data_transfer_addendum.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
For more information on the collection and use of data by Facebook, your rights in this regard and options for protecting your privacy, please refer to Facebook’s privacy policy at https://www.facebook.com/about/privacy/.
Use of Google Ads conversion tracking
We use the online advertising program “Google Ads” on our website and in this context conversion tracking (visit action evaluation). Google Conversion Tracking is an analysis service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; Google).
If you click on an advertisement placed by Google, a cookie for conversion tracking is stored on your computer. These cookies have a limited validity, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you have clicked on the ad and have been redirected to this page. Each Google Ads customer receives a different cookie. This means that there is no possibility that cookies can be tracked via the websites of Ads customers.
The information collected with the help of the conversion cookie is used to create conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, we do not receive any information with which users can be personally identified.
Your data may be transmitted to the servers of Google LLC in the USA. There is no adequacy decision by the EU Commission for the USA. The data transfer takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks and https://business.safety.google/adscontrollerterms/.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You can find more information and Google’s privacy policy at: https://www.google.de/policies/privacy/
Use of Google AdSense
We use the AdSense function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website. The purpose of data processing is to rent out advertising space on the website and to target visitors to the website with interest-based advertising. This function is used to display personalized, interest-based advertisements from the Google Display Network to visitors to the provider’s website. Google uses cookies that enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. There is no adequacy decision by the EU Commission for the USA. The data transfer takes place, among other things, on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks and https://business.safety.google/adscontrollerterms/. Google may transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You can find more information and Google’s privacy policy at: https://www.google.com/policies/technologies/ads/ and https://www.google.de/policies/privacy/
Use of the remarketing or “similar target groups” function of Google Inc.
We use the remarketing or “similar target groups” function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The application serves the purpose of analyzing visitor behavior and visitor interests. Google uses cookies to analyze website usage, which forms the basis for the creation of interest-based advertisements. Cookies are used to record visits to the website and anonymized data on the use of the website. No personal data of visitors to the website is stored. If you subsequently visit another website in the Google Display Network, you will be shown advertisements that are highly likely to take into account previously accessed product and information areas.
Your data may be transmitted to servers of Google LLC in the USA. There is no adequacy decision by the EU Commission for the USA. Data is transferred on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You can find more information about Google Remarketing and the associated privacy policy at: https://www.google.com/privacy/ads/
Plug-ins and miscellaneous
Use of the Google Tag Manager
We use the Google Tag Manager of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
This application is used to manage JavaScript tags and HTML tags that are used to implement tracking and analysis tools in particular. Data processing serves the purpose of designing and optimizing our website in line with requirements.
The Google Tag Manager itself neither stores cookies nor does it process personal data. However, it enables the triggering of other tags that can collect and process personal data.
Further information on terms of use and data protection can be found here.
Use of the Facebook single sign-on function
We use the single sign-on function (formerly Facebook Connect) of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “Facebook”) on our website.
Meta Platforms Ireland and we are jointly responsible for the collection of your data when the service is integrated and the transmission of this data to Facebook. The basis for this is an agreement between us and Meta Platforms Ireland on the joint processing of personal data, in which the respective responsibilities are defined. The agreement is available at https://www.facebook.com/legal/controller_addendum. Accordingly, we are responsible in particular for compliance with the information obligations pursuant to Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service and for compliance with the obligations pursuant to Art. 33, 34 GDPR, insofar as a breach of the protection of personal data affects our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling the rights of data subjects pursuant to Art. 15 – 20 GDPR, complying with the security requirements of Art. 32 GDPR with regard to the security of the Service and the obligations under Art. 33, 34 GDPR to the extent that a personal data breach affects Meta Platforms Ireland’s obligations under the Joint Processing Agreement.
This function enables website visitors to log in to the website using their existing Facebook account. Data processing serves the purpose of verification during registration, personalization and interest-based advertising.
In order to offer the function on the website, a connection to the Facebook server is established. Cookies are used for this purpose. The following information may be collected and transmitted to Facebook: IP address, browser information, referrer URL (website from which you accessed our website), location data. This applies regardless of whether you are registered or logged in to the social network. Transmission also takes place for users who are not registered or not logged in. If you are connected to one or more of your social network accounts at the same time, the information collected can also be assigned to your corresponding profiles. You can prevent this assignment by logging out of your social media accounts before visiting our website and before activating the buttons. Your data may be transferred to the USA. There is no adequacy decision by the EU Commission for the USA. Data is transferred on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://www.facebook.com/legal/EU_data_transfer_addendum.
When using the single sign-on function, the website visitor’s Facebook profile is linked to a customer account for this website. Here we receive personal data of the user from Facebook, as specified in the login process. This may include, but is not limited to, the following information: Name, address, public profile information (e.g. name, profile picture, age, gender), e-mail address, friends lists, “Like” information.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 p. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
For more information on the collection and use of data by Facebook, your rights in this regard and options for protecting your privacy, please refer to Facebook’s privacy policy at https://www.facebook.com/about/privacy/.
Data subject rights and storage duration
Duration of storage
After the contract has been fully processed, the data will initially be stored for the duration of the warranty period, then in accordance with statutory retention periods, in particular under tax and commercial law, and then deleted after this period has expired, unless you have consented to further processing and use.
Rights of the data subject
If the legal requirements are met, you have the following rights in accordance with Art. 15 to 20 GDPR: Right to information, to rectification, to erasure, to restriction of processing, to data portability.
In addition, according to Art. 21 para. 1 GDPR to object to the processing based on Art. 6 para. 1 f GDPR, as well as against processing for the purpose of direct marketing.
Right to lodge a complaint with the supervisory authority
In accordance with Art. 77 GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that your personal data is being processed unlawfully.
You can lodge a complaint with the supervisory authority responsible for us, which you can reach using the following contact details:
Hessian Commissioner for Data Protection and Freedom of Information
P.O. Box 3163
65021 Wiesbaden
Phone: +49 611 14080
Fax: +49 611 1408900 or +49 611 1408901
E-mail: poststelle@datenschutz.hessen.de
Right of objection
If the personal data processing listed here is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, you have the right to object to this processing at any time with effect for the future on grounds relating to your particular situation.
After an objection has been made, the processing of the data concerned will be terminated unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defense of legal claims.
last update: 10.01.2022
© corentos IT-Systems 2025